Home/ Questions/Q 8294347
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T14:10:52+00:00

string queryStr = SELECT * from Task_Report_Table where convert(varchar, date, 105) between ‘ +

  • 0
string queryStr = "SELECT * from Task_Report_Table where convert(varchar, date, 105) between '" + txtStartDate.Text.ToString() + "' and '" + txtEndDate.Text.ToString() + "'  ";

This is the Query I am Using for Retriving the Value from database.

In database table Task_Report_Table have the coloums date,Name,Task and Hours.Here Date is Datetime datatype ,So In Query Convert into String and Iam matching th

I have an UI With Start date and End Date .By giving the date in UI .The above Mention Query Will have to display the Records.

If Iam Giving Start date 07-07-2012 and end date as 12-07-2012.It displays the Values in between 07-07-2012 and 12-07-2012 values.But The Thing is that It displaying Next month and previous months Records and Next year and previous year records also If the records present in database.

The Prob’s is It validating day only.but not Month and Year.
I need to validate for day,month,year Which iam Giving in the UI.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You do NOT want to ever write the SQL like that, don’t concat strings together, it’s so easy to hack (with SQL injection) a site with this kind of code.

    Try this:

    SELECT * from Task_Report_Table where date between @startdate and @enddate

    and then add startdate and enddate as SqlParameter to the SqlCommand you’re using, like so:

    SqlCommand command = new SqlCommand(yourSQL, connection);
command.Parameters.Add(new SqlParameter("startdate", DateTime.Parse(txtStartDate.Text)));
command.Parameters.Add(new SqlParameter("enddate", DateTime.Parse(txtEndDate.Text)));
    • 0