I used to query: Dim a As String a = INSERT INTO tblVisitor(Name, Sex,

Question

0

Asked: May 23, 20262026-05-23T10:03:24+00:00 2026-05-23T10:03:24+00:00

I used to query: Dim a As String a = INSERT INTO tblVisitor(Name, Sex,

0

I used to query:

Dim a As String
a = "INSERT INTO tblVisitor(Name, Sex, TimeIn, EnterDate)
     VALUES('"& txtName.Text &"', '"& cboSex.Text &"', '"& Now() &"', '"& DateTime.Parse(cboEnterDate.Text) &"')"

myCommand = New SqlCommand(a, myConnection)
myCommand.ExecuteNonQuery()
........................................

Which cboEnterDate is my DateTime Picker. Then I got the message:

Conversion failed when converting date time from character string.

Please help.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-23T10:03:24+00:00

By constructing a string, you a) open yourself to SQL injection, and b) end up converting strings to datetimes to strings to datetimes.

If, instead, you use parameters:

Dim a As String
a = "INSERT INTO tblVisitor(Name, Sex, TimeIn, EnterDate)
     VALUES(@Name, @Sex, @TimeIn, @EnterDate)"

myCommand = New SqlCommand(a, myConnection)
myCommand.Parameters.AddWithValue("@Name",txtName.Text)
myCommand.Parameters.AddWithValue("@Sex",cboSex.Text)
myCommand.Parameters.AddWithValue("@TimeIn",DateTime.Now)
myCommand.Parameters.AddWithValue("@EnterDate",DateTime.Parse(cboEnterDate.Text))
myCommand.ExecuteNonQuery()

Which only performs a single conversion of string to datetime. Although, if cboEnterDate is a DateTimePicker, you can avoid treating it as a string at all:

myCommand.Parameters.AddWithValue("@EnterDate",cboEnterDate.Value)

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I used to query: Dim a As String a = INSERT INTO tblVisitor(Name, Sex,

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply