从字符串转换日期时,SQL / C#转换失败
[英]SQL / C# Conversion failed when converting date from character string
问题描述
I changed the whole code. 
我更改了整个代码。 But now It appears an error.. 但是现在看来出现了错误。
Conversion failed when converting date from character string
And if i change DTP3.Value.Date to DTP3.Value.DateTime() gives me a different error. 如果我将DTP3.Value.Date更改为DTP3.Value.DateTime(),则会给我一个不同的错误。
However if you leave on today, it inserts data. 但是,如果您今天离开,它将插入数据。 But if they change and bring other data, then gives me that error. 但是,如果它们更改并带来其他数据,则会给我这个错误。
cn.Open();
cmd.CommandText = "INSERT INTO info(fac,dom,spec,data,form_invat,nume_prenume,cod_legitimatie,localitate,judet,tara,strada,numar,bloc,scara,etaj,apartament,sector,cod_postal,data_n,loc_nastere,judet_n,tara_n,sexul,stare_civila,cetatenie,cetatenie_op,etnie,incadrare,cnp,serie,numar_cnp,eliberat_de_catre,data_eliberare,studii,unitate_invatamant,specializare,oras_studii,judet_studii,tara_studii,forma_invatamant,media,durata_studii,data_absolvirii,tipul_diploma,serie_diploma,numar_diploma,emis,data_emiterii,numarul_foii_matricole,diploma_original,adeverinta_absolvire_original,adeverinta_absolvire_copielegalizata,atestat_original,atestat_legalizat,certificat_nastere,certificat_casatorie,foto_3_4_da,foto_3_4_nu,adeverinta_med_da,adeverinta_med_nu,copie_buletin_da,copie_buletin_nu,foaie_matricola_da,foaie_matricola_nu,taxa_achitata_da,taxa_achitata_nu,introducere_date,semnatura) values('" + C1.Text + "','" + T1.Text + "','" + T2.Text + "','" + DTP1.Value.Date + "','" + C2.Text + "','" + T3.Text + "','" + T4.Text + "','" + T5.Text + "','" + T6.Text + "','" + T7.Text + "','" + T8.Text + "','" + T9.Text + "','" + T10.Text + "','" + T11.Text + "','" + T12.Text + "','" + T13.Text + "','" + T14.Text + "','" + T15.Text + "','" + DTP2.Value.Date + "','" + T16.Text + "','" + T17.Text + "','" + T18.Text + "','" + C3.Text + "','" + C4.Text + "','" + C5.Text + "','" + T19.Text + "','" + T20.Text + "','" + C6.Text + "','" + T21.Text + "','" + T22.Text + "','" + T23.Text + "','" + T24.Text + "','" + DTP3.Value.Date + "','" + C7.Text + "','" + T25.Text + "','" + T26.Text + "','" + T27.Text + "','" + T28.Text + "','" + T29.Text + "','" + C8.Text + "','" + T30.Text + "','" + C9.Text + "','" + DTP4.Value.Date + "','" + C10.Text + "','" + T31.Text + "','" + T32.Text + "','" + T33.Text + "','" + DTP5.Value.Date + "','" + T34.Text + "','" + diploma_org + "','" + adeverinta_ab + "','" + adeverinta_ab_leg + "','" + at_original + "','" + "','" + at_leg + cert_nastere_leg + "','" + cert_cas_leg + "','" + foto_3_4_da + "','" + foto_3_4_nu + "','" + adv_med_da + "','" + adv_med_nu + "','" + copie_ci_da + "','" + copie_ci_nu + "','" + foaie_matr_da + "','" + foaie_matr_nu + "','" + bon_taxa_da + "','" + bon_taxa_nu + "','" + T35.Text + "','" + T36.Text + "')";
cmd.ExecuteNonQuery();
cmd.Clone();
MessageBox.Show("Adaugat cu succes !");
C1.Text = "";
T1.Text = "";
T2.Text = "";
And database tabel 和数据库表
CREATE TABLE [dbo].[info] (
[Id] INT IDENTITY (1, 1) NOT NULL,
[fac] VARCHAR (50) NULL,
[dom] VARCHAR (50) NULL,
[spec] VARCHAR (50) NULL,
[data] DATE NULL,
[form_invat] VARCHAR (50) NULL,
[nume_prenume] VARCHAR (50) NULL,
[cod_legitimatie] VARCHAR (50) NULL,
[localitate] VARCHAR (50) NULL,
[judet] VARCHAR (50) NULL,
[tara] VARCHAR (50) NULL,
[strada] VARCHAR (50) NULL,
[numar] INT NULL,
[bloc] VARCHAR (50) NULL,
[scara] VARCHAR (50) NULL,
[etaj] INT NULL,
[apartament] INT NULL,
[sector] INT NULL,
[cod_postal] INT NULL,
[data_n] DATE NULL,
[loc_nastere] VARCHAR (50) NULL,
[judet_n] VARCHAR (50) NULL,
[tara_n] VARCHAR (50) NULL,
[sexul] VARCHAR (50) NULL,
[stare_civila] VARCHAR (50) NULL,
[cetatenie] VARCHAR (50) NULL,
[cetatenie_op] VARCHAR (50) NULL,
[etnie] VARCHAR (50) NULL,
[incadrare] VARCHAR (50) NULL,
[cnp] VARCHAR (13) NULL,
[serie] VARCHAR (2) NULL,
[numar_cnp] VARCHAR (6) NULL,
[eliberat_de_catre] VARCHAR (50) NULL,
[data_eliberare] DATE NULL,
[studii] VARCHAR (50) NULL,
[unitate_invatamant] VARCHAR (50) NULL,
[specializare] VARCHAR (50) NULL,
[oras_studii] VARCHAR (50) NULL,
[judet_studii] VARCHAR (50) NULL,
[tara_studii] VARCHAR (50) NULL,
[forma_invatamant] VARCHAR (50) NULL,
[media] VARCHAR (5) NULL,
[durata_studii] INT NULL,
[data_absolvirii] DATE NULL,
[tipul_diploma] VARCHAR (50) NULL,
[serie_diploma] VARCHAR (10) NULL,
[numar_diploma] VARCHAR (50) NULL,
[emis] VARCHAR (50) NULL,
[data_emiterii] DATE NULL,
[numarul_foii_matricole] INT NULL,
[diploma_original] VARCHAR (2) NULL,
[adeverinta_absolvire_original] VARCHAR (2) NULL,
[adeverinta_absolvire_copielegalizata] VARCHAR (2) NULL,
[atestat_original] VARCHAR (2) NULL,
[atestat_legalizat] VARCHAR (2) NULL,
[certificat_nastere] VARCHAR (2) NULL,
[certificat_casatorie] VARCHAR (2) NULL,
[foto_3_4_da] VARCHAR (2) NULL,
[foto_3_4_nu] VARCHAR (2) NULL,
[adeverinta_med_da] VARCHAR (2) NULL,
[adeverinta_med_nu] VARCHAR (2) NULL,
[copie_buletin_da] VARCHAR (2) NULL,
[copie_buletin_nu] VARCHAR (2) NULL,
[foaie_matricola_da] VARCHAR (2) NULL,
[foaie_matricola_nu] VARCHAR (2) NULL,
[taxa_achitata_da] VARCHAR (2) NULL,
[taxa_achitata_nu] VARCHAR (2) NULL,
[introducere_date] VARCHAR (50) NULL,
[semnatura] VARCHAR (50) NULL,
PRIMARY KEY CLUSTERED ([Id] ASC)
);
1 个解决方案
解决方案1
2 已采纳 2017-04-09 21:05:15
The problem is that you make SQL Server parse your date object, which is converted to string using .NET's default conversion method. 问题是您使SQL Server解析日期对象,该日期对象使用.NET的默认转换方法转换为string 。
Your approach introduces a much bigger problem - your code is vulnerable to SQL Injection Attack , which is very dangerous. 您的方法引入了一个更大的问题-您的代码容易受到SQL Injection Attack的攻击 ,这是非常危险的。
You can fix both problems at once by converting your SQL statement to one using parameters: 通过使用参数将SQL语句转换为一个,可以一次解决两个问题:
cmd.CommandText = "INSERT INTO info(fac,dom,spec,date,date2,...) values(@fac,@dom,@spec,@date1,@date2,...)";
cmd.Parameters.AddWithValue("@fac", C1.Text);
cmd.Parameters.AddWithValue("@dom", T1.Text);
...
cmd.Parameters.AddWithValue("@date", DTP4.Value.Date);
cmd.Parameters.AddWithValue("@date2", DTP7.Value.Date);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
将C#datetime发送到SQL Server-错误“从字符串转换日期和/或时间时转换失败” - Send C# datetime to SQL Server - error “Conversion failed when converting date and/or time from character string”
从C#中的字符串SQL转换日期和/或时间时转换失败 - Conversion failed when converting date and/or time from character string SQL in c#
从字符串 SQL (c#) 转换日期或时间时,日期时间转换失败 - datetime conversion failed when converting date or time from character string SQL (c#)
使用c#从字符串转换日期和/或时间从字符串转换时失败,以便检查SQL Server数据库中的表 - Conversion failed when converting date and/or time from character string, using c# in order to check a table in SQL Server database
从C#中的字符串转换日期时间时转换失败 - Conversion failed when converting datetime from character string in C#
从字符串转换日期和/或时间时,C#转换失败 - C# Conversion failed when converting date and/or time from character string
从字符串C#转换日期和/或时间时转换失败 - Conversion failed when converting date and/or time from character string C#
从C#中的字符串转换日期和/或时间时转换失败 - Conversion failed when converting date and/or time from character string in C#
C#“从字符串转换日期/时间时转换失败”但查询在服务器上运行时效果很好 - C# "Conversion failed when converting date/time from character string" But query works well when run on server
使用日期时间选择器从字符转换日期和/或时间时,C# 转换失败 - C# Conversion failed when converting date and/or time from character with a date time picker
相关标签