This error stumped me for a couple of hours so I thought I’d post it here to help somebody else save two hours in the future. Sometimes, it’s the simplest of problems that is the most confusing. So true in this case.
Despite all the complicated scenarios given on StackOverflow, the problem might be as simple as missing single quotes in your sql statement.
For example, the following sql string will produce the aforementioned error:
string name = “Roger Federer”;
string sql = “SELECT * FROM Table_Player WHERE Name=” + name;
The correct syntax is to put single quotes around the string variable like so:
string sql = “SELECT * FROM Table_Player WHERE Name='” + name + “‘”;
Not doing so will make the SQL engine treat the string variable as a number and will try to convert it into a number and thus produce the error. Of course, there are better ways to create an sql statement that is secure from sql-injection attacks than the one above, but that is another problem for another day.