VB.net Input string was not in a correct format

Question

Here is a picture of error

Keep Getting error

input string was not in correct format

strSQLStatement = "INSERT INTO Cart (CartID, ProductID, ProductName, Quantity, Price) values('" & strCartID & "', '" & Trim(lblProductNo.Text) & "', '" & lblProductName.Text & "', " & CInt(tbQuantity.Text) & ", " & decPrice & ")"

My guess is the CInt but it works in another similar application . Not sure what is going on . Here is the code

product-detail.aspx.vb

Imports System.Data
Imports System.Data.SqlClient
Partial Class HTML_Product_Detail

    Inherits System.Web.UI.Page

    Protected Sub Page_Load(sender As Object, e As EventArgs) Handles Me.Load
        If Request.QueryString("ProductID") <> "" Then
            Dim strConn As String = System.Configuration.ConfigurationManager.ConnectionStrings("ConnectionStringOnlineStore").ConnectionString
            Dim connProduct As SqlConnection
            Dim cmdProduct As SqlCommand
            Dim drProduct As SqlDataReader
            Dim strSQL As String = "Select * from Product Where ProductID = " & Request.QueryString("ProductID")
            connProduct = New SqlConnection(strConn)
            cmdProduct = New SqlCommand(strSQL, connProduct)
            connProduct.Open()
            drProduct = cmdProduct.ExecuteReader(CommandBehavior.CloseConnection)
            'drProduct.Read()
            If drProduct.Read() Then
                lblProductName.Text = drProduct.Item("ProductName")
                lblProductDescription.Text = drProduct.Item("ProductName")
                lblPrice.Text = drProduct.Item("Price")
                lblProductNo.Text = drProduct.Item("ProductNo")
                imgProduct.ImageUrl = "images/product-detail/" + Trim(drProduct.Item("ProductNo")) + ".jpg"
            End If
        End If
    End Sub
    Protected Sub btnAdd_Click(sender As Object, e As EventArgs) Handles btnAdd.Click
        ' *** get product price
        Dim dr As SqlDataReader
        Dim strSQLStatement As String
        Dim cmdSQL As SqlCommand
        Dim strConnectionString As String = System.Configuration.ConfigurationManager.ConnectionStrings("ConnectionStringOnlineStore").ConnectionString
        strSQLStatement = "SELECT * FROM Product WHERE ProductNo = '" & lblProductNo.Text & "'"
        Dim conn As New SqlConnection(strConnectionString)
        conn.Open()
        cmdSQL = New SqlCommand(strSQLStatement, conn)
        dr = cmdSQL.ExecuteReader()
        Dim decPrice As Decimal
        If dr.Read() Then
            decPrice = dr.Item("Price")
        End If
        conn.Close()
        '*** get CartID
        Dim strCartID As String
        If HttpContext.Current.Request.Cookies("CartID") Is Nothing Then
            strCartID = GetRandomCartIDUsingGUID(10)
            Dim CookieTo As New HttpCookie("CartID", strCartID)
            HttpContext.Current.Response.AppendCookie(CookieTo)
        Else
            Dim CookieBack As HttpCookie
            CookieBack = HttpContext.Current.Request.Cookies("CartID")
            strCartID = CookieBack.Value
        End If
        'Check if this product already exist in the cart
        Dim dr2 As SqlDataReader
        Dim strSQLStatement2 As String
        Dim cmdSQL2 As SqlCommand
        strSQLStatement2 = "SELECT * FROM cart WHERE CartID ='" & strCartID & "' and ProductID = '" & Trim(lblProductNo.Text) & "'"
        'Reponse.Write(strSQlStatement2)
        Dim conn2 As New SqlConnection(strConnectionString)
        cmdSQL2 = New SqlCommand(strSQLStatement2, conn2)
        conn2.Open()
        dr2 = cmdSQL2.ExecuteReader()
        If dr2.Read() Then

            Dim intQuantityNew As Integer = dr2.Item("Quantity") + CInt(tbQuantity.Text)
            strSQLStatement = ""
            cmdSQL = New SqlCommand(strSQLStatement, conn)
        Else
            Dim dr3 As SqlDataReader
            Dim strSQLStatement3 As String
            Dim cmdSQL3 As SqlCommand
            strSQLStatement = "INSERT INTO Cart (CartID, ProductID, ProductName, Quantity, Price) values('" & strCartID & "', '" & Trim(lblProductNo.Text) & "', '" & lblProductName.Text & "', " & CInt(tbQuantity.Text) & ", " & decPrice & ")"
            'Response.Write(strSQLStatement3)
            Dim conn3 As New SqlConnection(strConnectionString)
            conn3.Open()
            cmdSQL3 = New SqlCommand(strSQLStatement3, conn3)
            dr3 = cmdSQL3.ExecuteReader()
        End If
        'Response.Redirect("ViewCart.aspx")
    End Sub





    Public Function GetRandomCartIDUsingGUID(ByVal length As Integer) As String
        'Get the GUID
        Dim guidResult As String = System.Guid.NewGuid().ToString()
        'Remove the hyphens
        guidResult = guidResult.Replace("-", String.Empty)
        'Make sure length is valid
        If length <= 0 OrElse length > guidResult.Length Then
            Throw New ArgumentException("Length must be between 1 and " & guidResult.Length)
        End If
        'Return the first length bytes
        Return guidResult.Substring(0, length)
    End Function

End Class

Answer 1

The issue is almost certainly here:

CInt(tbQuantity.Text)

The exception information even says:

Conversion from string "" to type 'Integer' is not valid.

You cannot convert a String to an Integer if the text doesn't represent a valid value and an empty string obviously doesn't represent a number. Validate the data first or else validate and convert in one go using Integer.Tryparse .