当前位置: 文江博客话题详情

获取由两个日期时间选择器选择的两天之间的记录,并在 Visual Studio C# 中用它们填充 datagridview

发布于 2024-12-12 09:20:51 字数 2332 浏览 0 评论 0原文

这是我的代码:

它位于一个名为 DBAccess 的不同类中,

public DataSet getRecords(DateTime dtpFloor,DateTime dtpCeiling)
{

   if (conn.State.ToString() == "Closed")
            {
                conn.Open();
            }

   SqlCommand newCmd = conn.CreateCommand();

   newCmd.Connection = conn;

   newCmd.CommandType = CommandType.Text;

   newCmd.CommandText = " SELECT * FROM dbo.ClientInvoice  WHERE invDate BETWEEN  '" + dtpCeiling + "' AND  '" + dtpFloor + "'";

            SqlDataAdapter da = new SqlDataAdapter(newCmd);

            DataSet dsIncome = new DataSet();

            da.Fill(dsIncome, "Client");

             conn.Close();

            return dsIncome;

}

下面的编码位于 ProfitLos 表单中,

public void btnClickFillGrid()
{

    DataSet dsIncome =     dba.getRecords(dtpFloor.Value.ToString(),    dtpCeiling.Value.ToString()); //dba is an object of DBAccess class

    dgvproIncome.DataSource = dsIncome.Tables["Client"].DefaultView;

}

btnClickFillGrid() 将在按钮单击事件中调用。

在数据库中 - invdate datetime;(invDate 是变量名称及其日期时间格式)

我像这样编辑了我的编码

public DataSet getRecords(DateTime dtpFloor,DateTime dtpCeiling)
        {
            using (SqlConnection conn = new SqlConnection("Data Source=KOSHITHA-PC;Initial Catalog=ITP;Integrated Security=True"))
            {
                 conn.Open();
                 using (SqlCommand command = conn.CreateCommand())
                 {
                     string sql = "SELECT * FROM dbo.ClientInvoice WHERE invDate BETWEEN" + "@from AND @to"; 
            command.CommandText = sql;
            command.Parameters.AddWithValue("@from",dtpFloor);
            command.Parameters.AddWithValue("@to", dtpCeiling);

            SqlDataAdapter da = new SqlDataAdapter(command);
            DataSet dataSetClient = new DataSet();
            da.Fill(dataSetClient, "Client");
            return dataSetClient;
                }
            }
        }


DataSet dataSetClient = dba.getRecords(dtpFloor.Value, dtpCeiling.Value);
                dgvproIncome.DataSource = dataSetClient.Tables["Client"].DefaultView;

,现在我在“da.Fill(dataSetClient, "Client");”中遇到异常行说 sqlException 未处理 在需要条件的上下文中指定的非布尔类型表达式,靠近“BETWEEN@from”。

我不熟悉sql查询的参数传递方法,所以找不到我遇到的问题

原文

This is my code:

This is in a different class named DBAccess

public DataSet getRecords(DateTime dtpFloor,DateTime dtpCeiling)
{

   if (conn.State.ToString() == "Closed")
            {
                conn.Open();
            }

   SqlCommand newCmd = conn.CreateCommand();

   newCmd.Connection = conn;

   newCmd.CommandType = CommandType.Text;

   newCmd.CommandText = " SELECT * FROM dbo.ClientInvoice  WHERE invDate BETWEEN  '" + dtpCeiling + "' AND  '" + dtpFloor + "'";

            SqlDataAdapter da = new SqlDataAdapter(newCmd);

            DataSet dsIncome = new DataSet();

            da.Fill(dsIncome, "Client");

             conn.Close();

            return dsIncome;

}

Below Coding is in the ProfitLos form class

public void btnClickFillGrid()
{

    DataSet dsIncome =     dba.getRecords(dtpFloor.Value.ToString(),    dtpCeiling.Value.ToString()); //dba is an object of DBAccess class

    dgvproIncome.DataSource = dsIncome.Tables["Client"].DefaultView;

}

btnClickFillGrid() will invoke at the button click event.

In the database - invdate datetime;(invDate is the variable name and its in the datetime format)

i edited my coding like this

public DataSet getRecords(DateTime dtpFloor,DateTime dtpCeiling)
        {
            using (SqlConnection conn = new SqlConnection("Data Source=KOSHITHA-PC;Initial Catalog=ITP;Integrated Security=True"))
            {
                 conn.Open();
                 using (SqlCommand command = conn.CreateCommand())
                 {
                     string sql = "SELECT * FROM dbo.ClientInvoice WHERE invDate BETWEEN" + "@from AND @to"; 
            command.CommandText = sql;
            command.Parameters.AddWithValue("@from",dtpFloor);
            command.Parameters.AddWithValue("@to", dtpCeiling);

            SqlDataAdapter da = new SqlDataAdapter(command);
            DataSet dataSetClient = new DataSet();
            da.Fill(dataSetClient, "Client");
            return dataSetClient;
                }
            }
        }


DataSet dataSetClient = dba.getRecords(dtpFloor.Value, dtpCeiling.Value);
                dgvproIncome.DataSource = dataSetClient.Tables["Client"].DefaultView;

now i m getting an exception in "da.Fill(dataSetClient, "Client");" line saying
sqlException was unhandled
An expression of non-boolean type specified in a context where a condition is expected, near 'BETWEEN@from'.

i m not familiar with the parameter passing method to sql query,so couldnt find the problem that i m having

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

初见 2024-12-19 09:20:51

看看这个调用:

dba.getRecords(dtpFloor.Value.ToString(), dtpCeiling.Value.ToString());

这显然是传入字符串作为参数。现在查看您的方法声明:

public DataSet getRecords(DateTime dtpFloor,DateTime dtpCeiling)

这些参数的类型为 DateTime,而不是字符串。因此,首先要修复的是调用:

dba.getRecords(dtpFloor.Value, dtpCeiling.Value);

现在下一个问题是您将值直接嵌入到 SQL 中。不要那样做。 永远不要这样做。在某些情况下,它可能会导致 SQL 注入攻击,而在其他情况下,它会导致数据转换问题(正如您在此处遇到的那样)。使用参数化 SQL 来代替 - 哦,使用连接池而不是尝试在多个地方使用单个连接:

public DataSet GetRecords(DateTime dtpFloor,DateTime dtpCeiling)
{
    using (SqlConnection conn = new SqlConnection(connectionString))
    {
        conn.Open();
        using (SqlCommand command = conn.CreateCommand())
        {
            string sql = "SELECT * FROM dbo.ClientInvoice WHERE invDate BETWEEN "
                       + "@from AND @to";
            command.CommandText = sql;
            command.Parameters.AddWithValue("@from", dtpFloor");
            command.Parameters.AddWithValue("@to", dtpCeiling");

            SqlDataAdapter da = new SqlDataAdapter(command);
            DataSet dataSet = new DataSet();
            da.Fill(dataSet, "Client");
            return dataSet;
        }
    }
}

Look at this call:

dba.getRecords(dtpFloor.Value.ToString(), dtpCeiling.Value.ToString());

That's clearly passing in strings as the arguments. Now look at your method declaration:

public DataSet getRecords(DateTime dtpFloor,DateTime dtpCeiling)

Those parameters are of type DateTime, not string. So the first thing to fix is the call, to:

dba.getRecords(dtpFloor.Value, dtpCeiling.Value);

Now the next problem is that you're embedding the values in the SQL directly. Don't do that. Never do that. In some cases it can lead to SQL injection attacks, and in other cases it causes data conversion issues (as you've got here). Use parameterized SQL instead - oh, and use connection pooling rather than trying to use a single connection in multiple places:

public DataSet GetRecords(DateTime dtpFloor,DateTime dtpCeiling)
{
    using (SqlConnection conn = new SqlConnection(connectionString))
    {
        conn.Open();
        using (SqlCommand command = conn.CreateCommand())
        {
            string sql = "SELECT * FROM dbo.ClientInvoice WHERE invDate BETWEEN "
                       + "@from AND @to";
            command.CommandText = sql;
            command.Parameters.AddWithValue("@from", dtpFloor");
            command.Parameters.AddWithValue("@to", dtpCeiling");

            SqlDataAdapter da = new SqlDataAdapter(command);
            DataSet dataSet = new DataSet();
            da.Fill(dataSet, "Client");
            return dataSet;
        }
    }
}
回复 原文
~没有更多了~

关于作者

守不住的情

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

已经忘了多久

文章 0 评论 0

15867725375

文章 0 评论 0

LonelySnow

文章 0 评论 0

走过海棠暮

文章 0 评论 0

轻许诺言

文章 0 评论 0

信馬由缰

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文