Reputation: 175
How can I resolve this error an c#
I want to insert data into a database table:
myCommand.CommandText = "INSERT INTO Selectionner (IdPrestation,
IdPhrase, DegreUrgence,RisqueConcerne,rowguid,Cotation) " +
"VALUES ('" +new Guid(emp.IdPrestation) +
"', '" +new Guid(emp.IdPhrase)+ "', '" +
emp.DegreUrgence + "','" + emp.RisqueConcerne + "','" +
new Guid(emp.rowguid) + "','" + emp.Cotation + "')";
But this returns an error:
Guid should contain 32 digits with 4 dashes
(xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).
How can I resolve this error ?
Upvotes: 1
Views: 1207
Answers (3)
Reputation: 33809
One or many of your
emp.IdPrestation //Or
emp.IdPhrase //Or
emp.rowguid //Check them before creating
is/are not a GUID. That is why it is throwing an error.
EDIT: starts
How to use Guid.TryParse() which returns true if the parse operation was successful; otherwise, false.
//How to parse safely
Guid IdPrestation;
Guid IdPhrase;
Guid rowguid;
if(Guid.TryParse(emp.IdPrestation, out IdPrestation) &&
Guid.TryParse(emp.IdPhrase, out IdPhrase) &&
Guid.TryParse(emp.rowguid, out rowguid) )
{
//all variables have been parse successfully
//Execute the sql query as follows using parameters
}
EDIT: ends
Also, passing parameters as direct string with inline sql is an unsafe bad practice. Instead use a parameterised query.
myCommand.CommandText = "INSERT INTO yourTableName (c1, c2, ...)
VALUES (@p1, @p2,...)";
myCommand.Parameters.Add(new SqlParameter("p1", valueforCol1));
myCommand.Parameters.Add(new SqlParameter("p2", valueforCol2));
...
Upvotes: 6
Reputation: 3198
You cannot create GUID simply from a string ,the string needs to be guid compliant
Guid originalGuid = Guid.NewGuid();
originalGuid.ToString("B") gets converted to {81a130d2-502f-4cf1-a376-63edeb000e9f}
Similarly
"N" - xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx (32 digits)
"D" - xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx (32 digits separated by hyphens)
"B" - {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx} (same as "D" with addition of braces)
"P" - (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx) (same as "D" with addition of parentheses)
"X" - {0x00000000,0x0000,0x0000,{0x00,0x00,0x00,0x00,0x00,0x00,0x00.0x00}}
The guid itself has no format. It is just a value. Note, that you can create guids using NewGuid or using the guid's constructor. Using NewGuid, you have no control over the value of the guid. Using the guid's constructor, you can control the value. Using the constructor is useful if you already have a string representation of a guid (maybe you read it from a database) or if you want to make it easier to interpret a guid during development. You can also use the Parse, ParseExact, TryParse, and TryParseExact methods.
So, you can create guids like this:
Guid g1 = Guid.NewGuid(); //Get a Guid without any control over the contents
Guid g2 = new Guid(new string('A',32)); //Get a Guid where all digits == 'A'
Guid g3 = Guid.Parse(g1.ToString());
Guid g4 = Guid.ParseExact(g1.ToString("D"),"D");
Guid g5;
bool b1 = Guid.TryParse(g1.ToString(), out g5);
Guid g6;
bool b2 = Guid.TryParseExact(g1.ToString("D"),"D", out g6);
Upvotes: 1
Reputation: 3910
Try to use a parameterised query as a first improvement.
Then, try to use Guid.Parse(string s) instead of new Guid(string s). That way, i expect that an exception will be raised for the strings that are not compliant.
The constructor might be a little to permissive, and in this case you would want to fail-fast so that you know what field is giving you trouble.
Upvotes: 4
Related Questions
- SqlException was Unhandled
- How to solve this error in ASP.NET
- SQL Exception Error C# ASP.Net
- exception with sql and c# code
- How can I handle this error?
- Error while executing a sql command in c#
- how to fix this error?
- Can't understand error message when working with Database
- SQL error in asp.net
- SqlException was unhandled