-2

I am trying to save a float value that is changing in my C# code using windows form and sql but I have the error above.
Any ideas how to fix it?
Thank you in advance!!

my code:

string sqlQuery = "INSERT INTO floatdatareading(DateTime,tank1_volume) VALUES(" + "'" + tank1VolumeDateTime.ToString("yyyy- MM- dd HH: mm:ss") + "'" + "," + "'" + textBox5.Text.ToString() + "'" + ")";
SqlConnection con = new SqlConnection(connectionString);
  con.Open();
SqlCommand sc = new SqlCommand(sqlQuery, con);
 sc.ExecuteNonQuery();
    con.Close();

As you can see I want to save the content of textbox5 (float number) in sql database. The datetime is working but my float data not.

Note:my table in sql has declared the column of my data as float.

Zohar Peled
  • 79,642
  • 10
  • 69
  • 121
sakis
  • 19
  • 3
  • The error is quite clear, what is it about you don't understand. do you validate the user input? Have you debugged your code and looked at the value being passed? – Stu Aug 07 '23 at 10:32
  • my input value doesn't pass in the database because of this error, i dont know in which data type should convert the content of textbox5 in order to pass the float value in sql table – sakis Aug 07 '23 at 10:37
  • Change your query and just eliminate single quote for float value like `"INSERT INTO floatdatareading(DateTime,tank1_volume) VALUES(" + "'" + tank1VolumeDateTime.ToString("yyyy- MM- dd HH: mm:ss") + "'" + "," + textBox5.Text.ToString() + ")";` – Sudipto Bhattacharya Aug 07 '23 at 10:39
  • i tried that but i have an error like this: Error Unable to copy file "obj\Debug\xaml.exe" to "bin\Debug\xaml.exe". Access to the path 'bin\Debug\xaml.exe' is denied. xaml – sakis Aug 07 '23 at 10:51
  • 2
    **Security hazard!** This query is an open door for [SQL Injection](https://zoharpeled.wordpress.com/2020/07/16/back-to-basics-sql-injection/) attacks. – Zohar Peled Aug 07 '23 at 11:09
  • Lack of parametereization is the issue here. If the query was properly parameterized then you woldn't have to escape anything or add quotes. – Charlieface Aug 07 '23 at 13:21

0 Answers0