Reputation: 485
Operator '&' is not defined for type 'string' and 'system.guid'
I have some VB code trying to execute a sql in a function
Public Shared Function getBackgroundInfo(ByVal aID As Guid) As pd_ABC
Dim SQLCMD As New SqlCommand
Dim BackgroundInfoDS As New DataSet()
SQL = "select * from tblABC where ID = '" & aID & "'"
.....
both my ID and aID is GUID type,
but visual studio shows an error on where ID = '" & aID & "'"
I wonder if there is a better way to do this? Or do I need to use parameterized query?
Thanks for suggestions!
Upvotes: 0
Views: 4474
Answers (2)
Reputation: 41589
"select * from tblABC where ID = '" is a string, aID is a guid.
When you add aID into your string, use aID.ToString().
I would definitely recommend a parameterized version of your code though - for safety, code quality and general good practice.
Upvotes: 4
Reputation: 125650
You can call ToString() on Guid instance to get string representation of a guid:
SQL = "select * from tblABC where ID = '" & aID.ToString() & "'"
And answering your other question
Or do I need to use parameterized query?
You don't need to, but you probably should. It's safer and more readable to use parameterized queries.
Upvotes: 1
Related Questions
- SQL command error Incorrect Syntax near 'and'
- operator "&" is not defined for types "string" and "image"
- Operator '&' is not defined for types 'String' and 'Control'
- SQL error: "Incorrect syntax near AND"
- SQL Command error: "incorrect syntax near AND"
- Operator '&' is not defined for string "INSERT INTO
- Conversion from type 'Guid' to type 'String' is not valid
- VB.NET - Failed to convert parameter value from a String to a Guid issue
- Linq - Value of type 'System.Guid' cannot be converted to 'String'
- Type "GUID" is not defined