Searches conditioned to sql from c #

Navigation
0

C # does not want to read the code, it marks me completely as an error, I do not know if it's because of the way I'm locking up each case.

the dtpdesde and dtphasta are controls DateTimePicker

txtbusqueda and txtmodelo are controls TextBox

cbtipo is a control ComboBox 

string sql = new SqlCommand("SELECT * FROM Inventario WHERE Fecha BETWEEN '" + dtpdesde.Text + "' AND '" + dtphasta.Text + "'  AND [Descripcion de Articulo]= '" + txtbusqueda.Text + "' AND Marca='" + txtmodelo.Text + "' AND [Tipo de Articulo]='" + cbtipo.SelectedItem + "'");

Error that shoots me:

you can not explicitly convert data to System.Data.SqlClient string

    
asked by Samuel Ignacio Susana Confesor 04.07.2017 в 18:49
source

2 answers

1

You are assigned an instance of type System.Data.SqlClient.SqlCommand to a variable that is of type System.String 

string sql = new SqlCommand("...");

Try this: 

SqlCommand sqlCommand = new SqlCommand("sql aqui");

Note: So you can protect yourself from the sql injections I recommend the Dapper library. Very fast and easy to use.

    
answered by 04.07.2017 / 19:11
source
2

You have the error in view:

  

can not be explicitly converted to string data from   System.Data.SqlClient.SqlCommand

What does this mean? what are you trying to turn something into, something it is not.

In your case, your code is: 

string sql = new SqlCommand("SELECT * FROM Inventario WHERE Fecha BETWEEN '" + dtpdesde.Text 
+ "' AND '" + 
 dtphasta.Text + "'  AND [Descripcion de Articulo]= '" 
+ txtbusqueda.Text + "' AND Marca='" + txtmodelo.Text + "' 
AND [Tipo de Articulo]='" + cbtipo.SelectedItem + "'");

and the error itself tells you. SqlCommand is not a string, it is a SqlCommand object.

Unfortunately, you put an image, and I do not know what you tried to do next, but the main error is that sql has to be of type SqlCommand.

    
answered by 04.07.2017 в 19:11
Delay sending SMS How could I add blank spaces to a string? [closed]