c# - SqlException: Conversion failed when converting date and/or time from character string -

i error when using c# webform "adds" users credit card details. following code button "add credit card" on aspx.cs page

protected void button1_click(object sender, eventargs e) {     //declare , initialize connection object connect database     sqlconnection conn = new sqlconnection(         webconfigurationmanager.connectionstrings["defaultconnection"].connectionstring);     sqlcommand cmd; //declare command object used send commands database.      conn.open(); //open connection database     cmd = conn.createcommand(); //create command object      cmd.commandtext = "insert creditcard values ('" +         txtccno.text + "', '" +         txtfname.text + "', '" +         txtmidinitial.text + "', '" +         txtlname.text + "', '" +         txtexpirationdate.text + "', '" + txttype.text + "', " +         txtcvc.text + ", '" + txtisdefault.text + "', '" +         session["userid"].tostring() + "')";     cmd.commandtype = commandtype.text;     cmd.executenonquery();     conn.close();      // added navigation     response.redirect("~/selectcc.aspx"); }

the following main .aspx page

<%@ page title="" language="c#" masterpagefile="~/site.master" autoeventwireup="true" codefile="addcc.aspx.cs" inherits="addcc" %>

<table style="width: 100%;">     <tr>         <td>&nbsp;<asp:label id="label1" runat="server" text="first name"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtfname" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator1" runat="server" errormessage="first name required" controltovalidate="txtfname"></asp:requiredfieldvalidator></td>     </tr>     <tr>         <td>&nbsp;<asp:label id="label2" runat="server" text="last name"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtlname" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator2" runat="server" errormessage="last name required" controltovalidate="txtlname"></asp:requiredfieldvalidator></td>     </tr>     <tr>         <td>&nbsp;<asp:label id="label3" runat="server" text="middle initial"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtmidinitial" runat="server" maxlength="1"></asp:textbox></td>         <td>&nbsp;</td>     </tr>     <tr>         <td>&nbsp;<asp:label id="label4" runat="server" text="credit card no"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtccno" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator4" runat="server" errormessage="credit card required" controltovalidate="txtccno"></asp:requiredfieldvalidator></td>  </tr>  <tr>         <td>&nbsp;<asp:label id="label5" runat="server" text="expiration date"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtexpirationdate" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator3" runat="server" errormessage="expiration date required" controltovalidate="txtexpirationdate"></asp:requiredfieldvalidator></td>  </tr>  <tr>         <td>&nbsp;<asp:label id="label6" runat="server" text="cvc"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtcvc" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator5" runat="server" errormessage="cvc required" controltovalidate="txtcvc"></asp:requiredfieldvalidator></td>  </tr>  <tr>         <td>&nbsp;<asp:label id="label7" runat="server" text="type"></asp:label></td>         <td>&nbsp;<asp:textbox id="txttype" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator6" runat="server" errormessage="type required" controltovalidate="txttype"></asp:requiredfieldvalidator></td> </tr>      <tr>     <td>&nbsp;<asp:label id="label8" runat="server" text="default"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtisdefault" runat="server"></asp:textbox></td>         <td>&nbsp;</td>  </tr>     <tr>     <td></td>     <td>         <asp:button id="button1" runat="server" text="add credit card" onclick="button1_click" oncommand="button1_command" /></td>   <td></td>     </tr>        </table>

i believe error coming since expirationdate has datetime data type not sure how specify within aspx.cs code handled sql code.

the proper way using parametized query insert , sqlparameter class specify parameters values. take care of date formats different languages. , protect nice sql injection,

// 1. declare command object parameter  sqlcommand cmd = new sqlcommand("select * customers city = @city", conn); // 2. define parameters used in command object sqlparameter param  = new sqlparameter(); param.parametername = "@city"; param.value = inputcity;

remember:

http://imgs.xkcd.com/comics/exploits_of_a_mom.png

Search This Blog

hj

c# - SqlException: Conversion failed when converting date and/or time from character string -

Popular posts from this blog

title2

title3

title3