c# - SqlException: Conversion failed when converting date and/or time from character string -


i error when using c# webform "adds" users credit card details. following code button "add credit card" on aspx.cs page

protected void button1_click(object sender, eventargs e) {     //declare , initialize connection object connect database     sqlconnection conn = new sqlconnection(         webconfigurationmanager.connectionstrings["defaultconnection"].connectionstring);     sqlcommand cmd; //declare command object used send commands database.      conn.open(); //open connection database     cmd = conn.createcommand(); //create command object      cmd.commandtext = "insert creditcard values ('" +         txtccno.text + "', '" +         txtfname.text + "', '" +         txtmidinitial.text + "', '" +         txtlname.text + "', '" +         txtexpirationdate.text + "', '" + txttype.text + "', " +         txtcvc.text + ", '" + txtisdefault.text + "', '" +         session["userid"].tostring() + "')";     cmd.commandtype = commandtype.text;     cmd.executenonquery();     conn.close();      // added navigation     response.redirect("~/selectcc.aspx"); }

the following main .aspx page

<%@ page title="" language="c#" masterpagefile="~/site.master" autoeventwireup="true" codefile="addcc.aspx.cs" inherits="addcc" %> 

<table style="width: 100%;">     <tr>         <td>&nbsp;<asp:label id="label1" runat="server" text="first name"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtfname" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator1" runat="server" errormessage="first name required" controltovalidate="txtfname"></asp:requiredfieldvalidator></td>     </tr>     <tr>         <td>&nbsp;<asp:label id="label2" runat="server" text="last name"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtlname" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator2" runat="server" errormessage="last name required" controltovalidate="txtlname"></asp:requiredfieldvalidator></td>     </tr>     <tr>         <td>&nbsp;<asp:label id="label3" runat="server" text="middle initial"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtmidinitial" runat="server" maxlength="1"></asp:textbox></td>         <td>&nbsp;</td>     </tr>     <tr>         <td>&nbsp;<asp:label id="label4" runat="server" text="credit card no"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtccno" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator4" runat="server" errormessage="credit card required" controltovalidate="txtccno"></asp:requiredfieldvalidator></td>  </tr>  <tr>         <td>&nbsp;<asp:label id="label5" runat="server" text="expiration date"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtexpirationdate" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator3" runat="server" errormessage="expiration date required" controltovalidate="txtexpirationdate"></asp:requiredfieldvalidator></td>  </tr>  <tr>         <td>&nbsp;<asp:label id="label6" runat="server" text="cvc"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtcvc" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator5" runat="server" errormessage="cvc required" controltovalidate="txtcvc"></asp:requiredfieldvalidator></td>  </tr>  <tr>         <td>&nbsp;<asp:label id="label7" runat="server" text="type"></asp:label></td>         <td>&nbsp;<asp:textbox id="txttype" runat="server"></asp:textbox></td>         <td>&nbsp;<asp:requiredfieldvalidator id="requiredfieldvalidator6" runat="server" errormessage="type required" controltovalidate="txttype"></asp:requiredfieldvalidator></td> </tr>      <tr>     <td>&nbsp;<asp:label id="label8" runat="server" text="default"></asp:label></td>         <td>&nbsp;<asp:textbox id="txtisdefault" runat="server"></asp:textbox></td>         <td>&nbsp;</td>  </tr>     <tr>     <td></td>     <td>         <asp:button id="button1" runat="server" text="add credit card" onclick="button1_click" oncommand="button1_command" /></td>   <td></td>     </tr>        </table>

i believe error coming since expirationdate has datetime data type not sure how specify within aspx.cs code handled sql code.

the proper way using parametized query insert , sqlparameter class specify parameters values. take care of date formats different languages. , protect nice sql injection, 

// 1. declare command object parameter  sqlcommand cmd = new sqlcommand("select * customers city = @city", conn); // 2. define parameters used in command object sqlparameter param  = new sqlparameter(); param.parametername = "@city"; param.value = inputcity;

remember:

http://imgs.xkcd.com/comics/exploits_of_a_mom.png


-

Popular posts from this blog

html/hta mutiple file in audio player -

ok started coding .hta application , pretty html page .hta extension , adde mp3 player , did work <object data="test.mp3" type="audio/mp3" width="200" height="40"> <param name="src" value="test.mp3"> <param name="autostart" value="0"> </object> but it's 1 song playing again , again , plz there way add multiple files playlist believe it's should added "src" parameters not sure, i'm starting did add "," in between , , tried ";" none of them working i'm waiting answers :d i wanna know if can show me how become familiar tag see it's helpful , powerful activex, audio,video,pdf .... files i'm waiting impatiently [i don't know object, plz plz more clear] get inspired example hta_audio_player.hta <html> <head> <title>hackoo audio player playlist hackoo 2014</title> <hta:app...
Read more

debugging - Reference - What does this error mean in PHP? -

what this? this number of answers warnings, errors , notices might encounter while programming php , have no clue how fix. community wiki, invited participate in adding , maintaining list. why this? questions "headers sent" or "calling member of non-object" pop on stack overflow. root cause of questions same. answers questions typically repeat them , show op line change in his/her particular case. these answers not add value site because apply op's particular code. other users having same error can not read solution out of because localized. sad, because once understood root cause, fixing error trivial. hence, list tries explain solution in general way apply. what should here? if question has been marked duplicate of this, please find error message below , apply fix code. answers contain further links investigate in case shouldn't clear general answer alone. if want contribute, please add "favorite" error message, warning or notic...
Read more