Error inserting GUID into uniqueidentifier column

jascook

Hi,

I have a simple web form with a dropdown list fed by a datasource from an SQL table.

The user (me) selects a doctor's login name from the dropdown list, and the selection populates the dropdown list's datavaluefield with the doctor's userID (from the usual ASP Membership schema in my database).

I then want to write the doctor's userID to a column in a new table I have created. The column is defined as uniqueidentifier type. My code appears below.

The query doesn't work, as I receive a debug error (Microsoft Vis Web Dev 2008 Express) of "Operator '&' is not defined for types 'String' and 'System.GUID'." This appears on the INSERT INTO line. (I know I'm not using parameters against injection attacks, I'm the only person with access to this app and the page sits behind a user login).

There is another dropdown list as you can see, which has the same problem. The table 'doctors' has the doctorID column defined as uniqueidentifier, 16 characters etc.

Any suggestions gratefully received!

Jas.

[code]Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click

Dim docID As New Guid(DropDownList1.DataValueField)
Dim docFirstName As String = TextBox1.Text.ToString
Dim docLastName As String = TextBox2.Text.ToString
Dim docPractice As New Guid(DropDownList2.DataValueField.ToString)
'Create the connection
Dim strConnString As String = ConfigurationManager.ConnectionStrings("dbconnect").ConnectionString
Dim myConnection As New SqlClient.SqlConnection(strConnString)

'Create the command to do the insert
Dim strCommandText As String = "INSERT INTO doctors (doctorID, doctorFirstName, doctorLastName, doctorPractice) VALUES ('" & docID & "','" & docFirstName & "','" & docLastName & "','" & docPractice & "')"
Dim myCommand As New SqlClient.SqlCommand(strCommandText, myConnection)

'Open the connection
myConnection.Open()

'Create the table
myCommand.ExecuteNonQuery()

'Close the connection
myConnection.Close()

End Sub[/code]