I Want To Display Data Datagirdview When I Select Date From Datetimepicker But It Is Giving Me Error As Operand Type Clash: Date Is Incompitable With Int

Question

0.00/5 (No votes)

See more:

SQL-Server-2012

C#

Private Sub viewrptrs_Click(sender As System.Object, e As System.EventArgs) Handles viewrptrs.Click
       Dim str As String
       Dim datefrom = DateTimePicker1.Value.Date
       Dim endfrom = DateTimePicker2.Value.Date
       Dim con As New SqlConnection("Data Source=ASHUTOSH-PC\SQLEXPRESS;Initial Catalog=Art Station Management System;Integrated Security=True")
       str = "Select sstudentid, sname, smiddlename, ssurname, ccoursename from StudentRegister WHERE sdatereg BETWEEN " & datefrom & " AND " & endfrom & ""
       Dim com As New SqlCommand(str, con)
       Dim da As New SqlDataAdapter(com)
       Dim ds As New DataSet
       da.Fill(ds, "StudentRegister") 'ERROR ON THIS LINE
       DataGridView1.DataSource = ds.Tables(0)
       da.Dispose()
   End Sub

Posted 15-Jan-16 1:25am

Ashutosh Dutondkar

Updated 15-Jan-16 1:31am

v2

Add a Solution

Comments

Richard Deeming 15-Jan-16 10:41am

Your code is vulnerable to SQL Injection[^].

NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

Ashutosh Dutondkar 15-Jan-16 12:41pm

Your solution worked for me. Very much thankful to you, i was struggling with this from 2 days which help me out today. Also your code taught me about SQL Injection Attacks, thank you sou much! :)

Ashutosh Dutondkar 15-Jan-16 12:42pm

Also it taught many things to me. :)

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Richard Deeming · Accepted Answer · 2016-01-15T04:47:00

Fixing the SQL Injection[^] vulnerability in your code will most likely solve the error message as well:

VB.NET

Private Sub viewrptrs_Click(sender As System.Object, e As System.EventArgs) Handles viewrptrs.Click
    Using con As New SqlConnection("Data Source=ASHUTOSH-PC\SQLEXPRESS;Initial Catalog=Art Station Management System;Integrated Security=True")
        Using com As New SqlCommand("Select sstudentid, sname, smiddlename, ssurname, ccoursename from StudentRegister WHERE sdatereg BETWEEN @datefrom AND @dateto", con)
            com.Parameters.AddWithValue("@datefrom", DateTimePicker1.Value.Date)
            com.Parameters.AddWithValue("@dateto", DateTimePicker2.Value.Date)
            
            Using da As New SqlDataAdapter(com)
                Dim ds As New DataSet()
                da.Fill(ds, "StudentRegister")
                DataGridView1.DataSource = ds.Tables(0)
            End Using
        End Using
    End Using
End Sub

While you're at it, do yourself a favour and give your controls meaningful names. You might remember that TextBox42 holds the "frood name" today; but when you come back to your code in six months, you'll be struggling.