1
我试图使用表单中的数据将数据输入到SQL Server 2008中。我使用一个DateTimePicker选择从一种形式的日期,进入这个数据到数据库,但是当我尝试运行的形式,我发现了以下错误:错误:将varchar数据类型转换为日期时间数据类型导致超出范围值
The conversion of a varchar data type to a datetime data type resulted in an out-of-range value.
The statement has been terminated
这是我下面的表单代码:
private void btnAddBooking_Click(object sender, EventArgs e)
{
DateTime requested = dtpRequested.Value;
DateTime pickup = dtpPickup.Value;
DateTime estDropoff = dtpEstimatedDrop.Value;
SAF.AddNewBooking(requested, pickup, estDropoff, selectedStatus.StatusId, selectedRate.RateId);
dtpRequested.CustomFormat = " ";
dtpPickup.CustomFormat = " ";
dtpEstimatedDrop.CustomFormat = " ";
cbStatus.SelectedIndex = 0;
cbRateOfPayment.SelectedIndex = 0;
MessageBox.Show("Booking Created");
tabControl2.SelectTab(2);
}
这里是在门面代码,我保存方法:
public void AddNewBooking(DateTime requestedD, DateTime pickupD, DateTime estDropOff, int statusId, int rateId)
{
dao.AddNewBooking(requestedD, pickupD, estDropOff, statusId, rateId);
}//end CreateBooking
,这是我的DAO的INSERT语句代码:
sql = "INSERT INTO [Transaction] (TransactionId, RequestedDateOfPickup, ActualDateOfPickup, EstimatedDropOffDate, StatusId, RateId)";
sql += String.Format("VALUES('{0}', '{1}', '{2}', '{3}', {4}, {5})", transactionId, requestedD, pickupD, estDropOff, statusId, rateId);
cn = new SqlConnection(Properties.Settings.Default.UKRENTALSConnectionString);
cmd = new SqlCommand(sql, cn);
cn.Open();
cmd.ExecuteNonQuery();
使用[参数](http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlparameter.aspx),可以帮助您从SQL注入中解脱出来,同时也可以解决您的错误。 – Habib
直到你决定丢弃数据类型并将所有内容当作字符串处理,这一切都将如此。正如@Habib提到的,你应该使用参数。此外,“交易”对于一个表格来说真的很差(与其他关键字一样) –