"Invalid operator for data type. Operator equals minus, type equals varchar."

Question

Im trying to make a code which checks my table for existing records with the same name but i am receiving an error "Invalid operator for data type. Operator equals minus, type equals varchar." I understand the error but i dont understand why i cant convert it into an int.

this is my code, any help to make it work will be appreciated!

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;


public partial class Register : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

        if (IsPostBack)
        {
            SqlConnection studConn = new SqlConnection(ConfigurationManager.ConnectionStrings["StudConnectionString"].ConnectionString);
            studConn.Open();
            string checkuser = "select count(*) from StudTable where-'" + TextBoxName.Text + "'";
            SqlCommand studCom = new SqlCommand(checkuser, studConn);
            int temp = Convert.ToInt32 (studCom.ExecuteScalar().ToString());
            studConn.Close();
            if (temp == 1)
            {
                Response.Write("User already exists");
            }

        }



    }


    protected void Button1_Click(object sender, System.EventArgs e)
    {
        try
        {
            Guid studGUID = Guid.NewGuid();

            SqlConnection studConn = new SqlConnection(ConfigurationManager.ConnectionStrings["StudConnectionString"].ConnectionString);
            studConn.Open();
            string insertQuery = "insert into StudTable (ID,Name,Email,Age,Continent,School,Password) values (@ID,@name,@email,@age,@cont,@school,@pass)";
            SqlCommand studCom = new SqlCommand(insertQuery, studConn);

            studCom.Parameters.AddWithValue("@ID", studGUID.ToString());
            studCom.Parameters.AddWithValue("@name", TextBoxName.Text);
            studCom.Parameters.AddWithValue("@email", TextBoxEmail.Text);
            studCom.Parameters.AddWithValue("@age", TextBoxAge.Text);
            studCom.Parameters.AddWithValue("@cont", DropDownCont.SelectedItem.ToString());
            studCom.Parameters.AddWithValue("@school", TextBoxSchool.Text);
            studCom.Parameters.AddWithValue("@pass", TextBoxPass.Text);

            studCom.ExecuteNonQuery();
            Response.Redirect("Backend.aspx");
            Response.Write("Your Registration is Sucessful");

            studConn.Close();
        }
        catch (Exception ex)
        {
            Response.Write("Error:" +ex.ToString());
        }
    }
}

Thanks!

Answer 1

You need to change your command text and use parameterized queries instead of string concatenation

string checkuser = "select count(*) from StudTable where Name = @Name";
SqlCommand studCom = new SqlCommand(checkuser, studConn);
studCom.Parameters.AddWithValue("@Name", TextBoxName.Text);

You should remove (-) after Where and also use equality operator = to check for equality.

Answer 2

I just got this error when making an insert command in SSMS:

I found a '-' in my sql command that I didn't realize was there (I had been putting lots of comments in my insert command in SSMS '-- and some text' after each column and had an errant minus '-' sign). Apparently this error focuses on errant minus signs.