Fatal编程技术网
  • csharp/
  • C# varchar数据类型转换为datetime数据类型导致c中的值超出范围#

C# varchar数据类型转换为datetime数据类型导致c中的值超出范围#

c# sql asp.net

C# varchar数据类型转换为datetime数据类型导致c中的值超出范围#,c#,sql,asp.net,webforms,C#,Sql,Asp.net,Webforms,我在事件日志中看到以下消息 将varchar数据类型转换为datetime数据类型导致值超出范围 请帮助我的网站是活的使用这么多的用户和下面是我的按钮点击代码。可能是这个字段类型的费用导致了错误 protected void Button1_Click(object sender, EventArgs e) { if (txt_FromDate.Text != "" && txt_ToDate.Text != "") { DateTime F

我在事件日志中看到以下消息

将varchar数据类型转换为datetime数据类型导致值超出范围

请帮助我的网站是活的使用这么多的用户和下面是我的按钮点击代码。可能是这个字段类型的费用导致了错误

protected void Button1_Click(object sender, EventArgs e)
  {
    if (txt_FromDate.Text != "" && txt_ToDate.Text != "")
    {

        DateTime Fromdate = DateTime.ParseExact(txt_FromDate.Text, "yyyy-MM-dd", CultureInfo.InvariantCulture);
        DateTime Todate = DateTime.ParseExact(txt_ToDate.Text, "yyyy-MM-dd", CultureInfo.InvariantCulture);
        Todate = Todate.Date.AddHours(23).AddMinutes(59).AddSeconds(59);
        ViewState["Fromdate"] = Fromdate;
        ViewState["Todate"] = Todate;

        GridView1.Visible = true;
        SqlConnection cn = new SqlConnection(strConn);
        cn.Open();
        string Query = ("select UserName,ProjectName,ClaimID,Type,DateOfExpense,TypeOfExpense,Amount,Narration,Bill from tbl_DetailedExpenceClaimsInfo  where DateOfExpense between '" + Fromdate + "' and '" + Todate + "' and  ClaimID  in(select ClaimID from tbl_DetailedExpenceClaimsSummaryInfo where status!='Incomplete' ) order by DateOfExpense");

        SqlCommand cmd = new SqlCommand(Query, cn);
        SqlDataAdapter da = new SqlDataAdapter(cmd);
        DataSet ds = new DataSet();
        da.Fill(ds);
        if (ds.Tables[0].Rows.Count > 0)
        {
            GridView1.DataSource = ds;
            GridView1.DataBind();
            // Button1.Visible = true;
            lbl_ErrorMsg.Visible = false;
            Button2.Visible = true;
        }
        else
        {
            Button2.Visible = false;
            GridView1.Visible = false;
            lbl_ErrorMsg.Visible = true;
            lbl_ErrorMsg.Text = "There are no Claim with given Dates !";

        }
        cn.Close();
    }

    else
    {
        lbl_ErrorMsg.Visible = true;
        lbl_ErrorMsg.Text = " Please select the dates!";
    }
}
提前感谢您的支持,非常感谢

您应该使用参数来避免此类错误以及SQL注入攻击:

const string Query = "select UserName,ProjectName,ClaimID,Type,DateOfExpense,TypeOfExpense,Amount,Narration,Bill from tbl_DetailedExpenceClaimsInfo  where DateOfExpense between @FromDate and @ToDate and ClaimID  in(select ClaimID from tbl_DetailedExpenceClaimsSummaryInfo where status!='Incomplete' ) order by DateOfExpense";

...
SqlCommand cmd = new SqlCommand(Query, cn);
cmd.Parameters.AddWithValue("FromDate", Fromdate);
cmd.Parameters.AddWithValue("ToDate", Todate);
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
...
获取您的select字符串并直接在查询窗口中运行,然后查看发生了什么。