Making the Insert in SQL Server in a float field?

Asked

Viewed 682 times

4

I have the following problem in my code, I have a textbox that receives the value 0.900, only when I’m recording this value in the bank, it’s only recording 900, and I need you to record the 0.900 and I’m not able to record this way, the field in the table sql this as float. I’m trying to do it this way float.Parse(txt_qtda.Text) and it’s not working, just records 900 and not 0.900.

SqlCommand cmd = new SqlCommand();
cmd.CommandType = CommandType.Text;
cmd.CommandText = "INSERT INTO CB0020 (CB0_FILIAL, CB0_CODETI, CB0_DTNASC, CB0_TIPO, CB0_CODPRO, CB0_QTDE, CB0_LOCAL, CB0_LOTE, CB0_DTVLD, CB0_FORNEC, CB0_LOJAFO, CB0_XLOTEF, CB0_XQTDKG, CB0_XORIGE, CB0_XDTFAB, CB0020.R_E_C_N_O_) VALUES ('01','" + txt_codbarras.Text + "', '" + txt_dtnasc.Text + "', '01', '" + txt_codprod.Text + "', '" + float.Parse(txt_qtda.Text) + "', '01', '" + txt_lotefrac.Text + "', '" + Convert.ToDateTime(txt_dtvalidfrac.Text).ToString("yyyy/MM/dd").Replace("/", "") + "', '" + txt_codfbaric.Text + "', '01', '" + txt_lotefabric.Text + "', '" + float.Parse(txt_qtda.Text) + "', '" + txt_codorig.Text + "', '" + Convert.ToDateTime(txt_dtfabricfrac.Text).ToString("yyyy/MM/dd").Replace("/", "") + "', '" + txt_recno.Text + "')";
cmd.Connection = conex;
conex.Open();
cmd.ExecuteNonQuery();
c# .net sql-server typing ado.net

  • has how you put the code snippet that inserts into the database?

  • put up the code snippet.

1 answer

4


There’s a lot of mistakes there.

This looks like money or something similar (quantity) and float should never be used for this. This is a very serious problem that causes damage.

If there is a wrong typing the application will break. The problem actually must be in the conversion or input of the data.

If the conversion is correct it is for everything to work. But if you still have any reason to change the scale just divide by 1000. Not that I’m saying that’s the case, I haven’t seen the whole thing, but I’ve seen a situation where this would be the solution. Do not use this as a gambiarra, only if it is the correct solution. It is a useful solution when actually typing the value in a different scale than desired. If to fix the previous error, do not.

You have serious security problems inserting data in this way. Parametrize the query.

These date conversions seem strange too.

The nomenclature of the columns and the table is usually bad, but this has a little taste, although almost everyone would agree that these names are unreadable.

  • Thanks for the attention, this table and a database table of Totvs, all fields are created as varchar, I do not know why this, but this will not converge and in value I am passing and yes and weight, for label printing only, then in the above case it would be 0.900kg for label printing, not value. sorry the above code is not such a suitable format, I’m starting in c# so I think I still have a lot to learn...

  • I suspected, I worked there, I was always critical of this. But it seems that now is worse than in my time. If this is not used for anything else it may just be the case to ask for the data in another way to avoid typing error. I would fix the security problem, it’s very serious.

  • I’ll check this part of security yes, thank you very much for your attention.

Browser other questions tagged c# .net sql-server typing ado.net

You are not signed in. Login or sign up in order to post.