0

I am working on .cshtm pages and on the server side coding I am facing the exception cannot implicitly convert type int to string. Code is below

@{
    var id = Request.QueryString["Id"]; //page.cshtml?id=5
    var data="";
    var query = "Select * from products where id="+id;
    data = db.Execute(query).toString();
}

string' does not contain a definition for 'Name' and no extension method 'Name' accepting a first argument of type 'string' could be found (are you missing a using directive or an assembly reference?)

Now I am facing this exception.

Billz
  • 1,067
  • 6
  • 25
  • 57
  • Is "id" an int or a string? And is it an int or a string in your database? – PhoenixReborn Dec 21 '12 at 21:03
  • Have you tried using `string.Format(...)`? Ex: `var query = string.Format("SELECT * FROM products WHERE id={0}", id);` – Frito Dec 21 '12 at 21:05
  • id should be a string it looks like then, the type needs to match the column type in the database. Im just guessing that this is a database error then? Also if your reading from a query string, it looks very much likely that your app is susceptible to SQL injection. I know its another issue, but should be looked into.. – Jordan Dec 21 '12 at 21:05
  • You have `data` declared twice.. – Khan Dec 21 '12 at 21:08

6 Answers6

2

If your variable id is of type int, you cannot add it to a string without converting to a string first: id.ToString();

Soner Gönül
  • 97,193
  • 102
  • 206
  • 364
Melanie
  • 3,021
  • 6
  • 38
  • 56
0

Assuming the result of db.Execute(query) is an integer, try calling the ToString method:

db.Execute(query).ToString();
Soner Gönül
  • 97,193
  • 102
  • 206
  • 364
Jason Whitted
  • 4,059
  • 1
  • 16
  • 16
0

Try :

var query = "Select * from products where id="+id.ToString();
Cyril F
  • 1,842
  • 2
  • 19
  • 35
0
public int Execute(string commandText, params Object[] args)

variable data is string but execute return int

var query = "Select * from products where id="+id;
int data = db.Execute(query);
//or string data = Convert.ToString(db.Execute(query), formatProvider);
burning_LEGION
  • 13,246
  • 8
  • 40
  • 52
0

You can use ToString() to convert the integer to a string.

Personally, I prefer the following because it seems to provide more control:

var query = String.Format("Select * from products where id={0}", id);
Jonathan Wood
  • 65,341
  • 71
  • 269
  • 466
0

What you are trying to do is ripe with SQL injection possibilities.

You want to use SqlCommand and use SqlParameter to prevent injection.

This method you also don't have to worry about converting the types, ADO.Net handles it for you.

Assuming you are using the SqlConnection to connect to a MSSQL database:

var id = Request.QueryString["Id"];
var query = "Select * from products where id=@id";
var data = "";

using (SqlCommand command = new SqlCommand(query, db))
{
    command.Parameters.Add(new SqlParameter("@id", id));

    data = command.ExecuteScalar().ToString();
}
Walk
  • 1,136
  • 8
  • 8
  • The type or namespace name 'SqlCommand' could not be found (are you missing a using directive or an assembly reference?) – Billz Dec 21 '12 at 21:19
  • You need to import System.Data.Sql and System.Data.SqlClient for SqlCommand to be found – Melanie Dec 21 '12 at 21:22
  • Dear How can I import it in razor syntax on .cshtml page – Billz Dec 21 '12 at 21:24
  • Here's help with importing the namespace. http://stackoverflow.com/questions/3239006/how-to-import-a-namespace-in-razor-view-page – Walk Dec 21 '12 at 22:11