vb.net - Data type to be used to store 10 digit mobile number? -


in current vb.net (visual studio 2010) project dealing sql server ce data base.
storing mobile numbers, using nvarchar data type mobile_no field.

while testing have entered 1234567890 in field mobile_no successfully..

but @ time of retrieval getting error :
expression evaluation caused overflow. [name of function (if known)=]

so should store mobile numbers in sql ce data base ?

edit :
code insert :

dim sqlquery string dim enumber string enumber = 1234567890 insqertsql = "insert tbl_cust(c_id,mobile_no) values(@cid, @phno)"             dim cmd new sqlcecommand(insqertsql, con)             cmd.parameters.add("@cid", c_id)             cmd.parameters.add("@phno", enumber)             cmd.executenonquery()   


query retrieval :

sqlquery = "select * tbl_cust ephone =" & txt_number.text

the problem in string concatenation in retrieve query.

sqlquery = "select * tbl_cust ephone =" & txt_number.text 

here, miss single quotes should enclose string value when used condition. however, in insert query use parameterized approach, why don't use same approach select?

sqlquery = "select * tbl_cust ephone = @number" dim cmd new sqlcecommand(sqlquery, con) cmd.parameters.add("@number", txt_number.text) sqlcedatareader reader = cmd.executereader()   ........ 

if use parameterized query, proper handling of string quotes, decimal numbers , date formatting passed underlying framework code knows better , me how pass these values database engine. also, parameterized query remove possibilities of sql injection.


Comments

Popular posts from this blog

css - Which browser returns the correct result for getBoundingClientRect of an SVG element? -

gcc - Calling fftR4() in c from assembly -

.htaccess - Matching full URL in RewriteCond -