Error: String or binary data would be truncated. The statement has been terminated. aspx

28,654

There are many problems in your code, not just the one that raises the current exception.

First: You have text fields with a precise size, you cannot insert more characters than the size of the field. We don't know anything about the value passed for the SupplierName but the string WebCustomer is 11 chars and you try to insert it in a field with space only for 10 chars.

Second: Using nchar means that your fields are always filled with spaces to reach the length required. Of course this is inefficient with a lot of records, not to mention the work required to trim away those spaces when you need to show your data.

Third: ExecuteNonQuery returns the number of rows affected by your command. In this case it is always 1, you don't get the return value of SELECT SCOPE_IDENTITY(). Use ExecuteScalar.

Fourth: Some of your fields are numeric, you insert strings for them. This means that the database engine try to convert them back to the correct datatype. Usually, for integers, you can go away freely, but with floats there is a higher chance that you get a datatype mismatch error caused by difference between the locale settings of your code and the locale settings of your database. Fix for that in the next point.

Fifth: You should use parameters not string concatenation. This avoids the Sql Injection hack or the parsing error caused by automatic conversion of a string back to a numeric value. A mismatch from the locale settings used in your code and the database setting will cause errors. With a parameter you specify the type and do not convert the value. The database engine is happy.

So.....(after changing to nvarchar and after checking the length of the values)

string cmdText = @"insert into tbl_Transaction_Master 
    (Supplier_ID,Order_Price,Unique_ID,
     Supplier_Name,He_Is_a,Transaction_Date) values 
    (@webid, @price,@sessionid,@user,'WebCust.',getdate()); 
    SELECT SCOPE_IDENTITY()";

SqlCommand cmd2 = new SqlCommand(cmdText, conn);
cmd2.Parameters.Add("@webid", SqlDbType.Int).Value = WebUserID 
cmd2.Parameters.Add("@price", SqlDbType.Decimal).Value = Session["Order_Price"];
cmd2.Parameters.Add("@sessionid", SqlDbType.Int).Value = Session["WebUserid"];
cmd2.Parameters.Add("@user", SqlDbType.NVarChar).Value =User;
int temp = Convert.ToInt32(cmd2.ExecuteScalar());
Session["order_ID"] = temp;

28,654

Iqra

Updated on July 09, 2022

Comments

Iqra almost 2 years
i want to insert data into my tbl_Transaction_Master table. here is my database table tbl_Transaction_Master

and my query for database insert command is
```
 SqlCommand cmd2 = new SqlCommand("insert into tbl_Transaction_Master(Supplier_ID,Order_Price,Unique_ID,Supplier_Name,He_Is_a,Transaction_Date) values ('" + WebUserID + "','" + Session["Order_Price"] + "','" + Session["WebUserid"] + "','"+User+"','WebCustomer',getdate()); SELECT SCOPE_IDENTITY()", conn);
                int temp = cmd2.ExecuteNonQuery();
                Session["order_ID"] = temp;
```
i am getting the error as mentioned above.
- Eric S almost 8 years
  
  It looks like you are trying to insert a String that is longer which is allowed in your database. I would suggest increasing the length of your database columns.
- Abdellah OUMGHAR almost 8 years
  
  Possible duplicate : stackoverflow.com/questions/15690642/…
- Steve almost 8 years
  
  It is right before your eyes: WebCustomer is 11 chars
Iqra almost 8 years

i didn't use parameters ever in my query, as i am a beginner in asp. the query is showing error with INT and NVarChar.