Getting error Input string was not in a correct format when updating via MySQL

Question

I am getting error "Input string was not in a correct format" when trying to update a table via the MySQL .NET connector.

The update statement works fine when run via MySQL workbench, but not via code and I am hoping someone can tell me why.

Code is:

MySqlCommand command = new MySqlCommand();
command.Connection = conn;
command.CommandText = "update fulfilled_shipments_data set addedCustomer=1 where amazonOrderId like '" + amazonOrderId + "%';";
command.ExecuteNonQuery();

I have tried both executing as a non query, and as ExecuteReader(); with no luck.

I am sure this is a simple mistake I am making, but I can't seem to find it for the life of me so any help would be greatly appreciated.

-- Edit -- I have tried the following with no luck:

MySqlCommand command = new MySqlCommand();
command.Connection = conn;
command.CommandText = "update fulfilled_shipments_data set addedCustomer=1 where amazonOrderId like '@amazonOrderId';";
command.Parameters.AddWithValue("@amazonOrderId", amazonOrderId);

also changed CommandText to:

 command.CommandText = "update fulfilled_shipments_data set addedCustomer=1 where convert(varchar(50), amazonOrderId) like '" + amazonOrderId + "';";

and

 command.CommandText = "update fulfilled_shipments_data set addedCustomer=1 where amazonOrderId = '@amazonOrderId';";

and

command.CommandText = "update fulfilled_shipments_data set addedCustomer=1 where amazonOrderId = @amazonOrderId;";

-- Resolution --

My resolution was actually found in another piece of code. After running through the debugger several times it became apparent that a MySqlConnection object was trying to be instantiated twice - with the same name etc. I removed the second instantiation and it has resolved the issue. It's too bad the error was misleading.

I appreciate everyone's responses as I feel they have made my code better and as such I have given +1's to Jon, Steve and Chris. Thanks for the help!

Answer 1

Is the variable amazonOrderId numeric? If so, you can't + a string to it without calling ToString() on the variable.

amazonOrderId.ToString() + "%"

Is amazonOrderId numeric in the database? If so, have you tried convert(varchar)?

MySqlCommand command = new MySqlCommand(); 
command.Connection = conn; 
command.CommandText = "update fulfilled_shipments_data set addedCustomer=1 where convert(varchar(50), amazonOrderId) like @OrderID;"; 
command.Parameters.AddWithValue("@orderID", amazonOrderId + "%");  
command.ExecuteNonQuery(); 

But I'm not sure why you need LIKE with %. Would this also update:

1001 - amazon order id
10010
10011
10012
10013 
etc.

Is that what you really want?

If not, then use equal instead, without single quotes.

MySqlCommand command = new MySqlCommand(); 
command.Connection = conn; 
command.CommandText = "update fulfilled_shipments_data set addedCustomer=1 where amazonOrderId = @OrderId;"; 
command.Parameters.AddWithValue("@orderID", amazonOrderId);  
command.ExecuteNonQuery(); 

If it IS what you want, then why not use between or greater than?

MySqlCommand command = new MySqlCommand(); 
command.Connection = conn; 
command.CommandText = "update fulfilled_shipments_data set addedCustomer=1 where amazonOrderId > @OrderId;"; 
command.Parameters.AddWithValue("@orderID", int.Parse(amazonOrderId.ToString() + "0"));  
command.ExecuteNonQuery(); 

Answer 2

Probably you need to use parameters

MySqlCommand command = new MySqlCommand(); 
command.Connection = conn; 
command.CommandText = "update fulfilled_shipments_data set addedCustomer=1 where amazonOrderId like @orderID"; 
command.Parameters.AddWithValue("@orderID", amazonOrderId + "%");
command.ExecuteNonQuery(); 

This will avoid errors when the parameter value is a string and contains single quotes and prevent SqlInjection attacks . The code above assumes that amazonOrderID field on the database is a text datatype and amazonOrderID variable is of string type.

However, the error message says that it doesn't recognize the input string.
This leads to the real problem . What kind of column is amazonOrderID in the database table? It's varchar (or other text type)? or is a numeric datatype?.

If it is a text type then the syntax with like and parameters should work provided that the amazonOrderID var in code is also a string.
If the column is of a numeric datatype then the LIKE has no sense and you should change the query using = operator and also be sure that the amazonOrderID var is of numeric type.

MySqlCommand command = new MySqlCommand(); 
command.Connection = conn; 
command.CommandText = "update fulfilled_shipments_data set addedCustomer=1 where amazonOrderId = @orderID"; 
command.Parameters.AddWithValue("@orderID", amazonOrderId);
command.ExecuteNonQuery(); 

Answer 3

My resolution was actually found in another piece of code. After running through the debugger several times it became apparent that a MySqlConnection object was trying to be instantiated twice - with the same name etc. I removed the second instantiation and it has resolved the issue. It's too bad the error was misleading.