Friday, March 9, 2012

problem when insert DateTime to DataBase

the column type of stime and etime in Dabase both are datetime

------------------------------

public DateTime loginTime
{
get
{

//got user enter page's time
return DateTime.Now;
}

}

//record user's using time when user click exit button

protected void Button1_Click(object sender, EventArgs e)
{

int Member_No = Int32.Parse(cls_login2.GetCurrent_login_Member_no(this.Page));
int Lesson_No = Int32.Parse(Lesson_no);
int Prestep = 1;
string RemoteIp = Request.ServerVariables["REMOTE_ADDR"].ToString();

string sqlConn = "Insert into pro_Study_log (Member_no,Lesson_no,Study_log_stepid,Study_log_stime,Study_log_etime,Study_log_ip) ";
sqlConn += "values(" + Member_No + "," + Lesson_No + "," + Prestep + "," + loginTime + ", getdate(), '" + RemoteIp + "')";
SqlConnection connLog = new SqlConnection(StrConn);

SqlCommand cmdLog = new SqlCommand(sqlConn, connLog);
cmdLog.CommandType = CommandType.Text;
connLog.Open();
cmdLog.ExecuteNonQuery();
connLog.Close();

--------

and then I got error message on column Study_log_stime

I also trid set the dateimt tostring , still doesn't work..

I don't know where I did wrong... pleae help

many thanks

You need to put quotes around logintime. Also, I'd recommend using Parameterized Queries rather than concatenating strings. With what you have now there is a high potential for SQL Injection attacks.

|||

it's helpless if we just put quotes around logintime ( cause another error message)

problem has been resolved by use stored procedure...

thank you very much

No comments:

Post a Comment