我希望将两个变量转换为日期。
我可以让SQL用于转换第一个代码(第一个代码),但是当我想要转换两个变量时,我会一直遇到错误(请参阅下面的两个尝试)。
我搜索了cast double并转换了两个变量,但是double出现了double类型,而变量有同样的问题。我应该寻找什么工作,或者我需要投入两个变量“加入”。
一个演员(工作)
cmd.CommandText =“SELECT datestart,DateEnd,runcompleted FROM [tblweeklyreports]其中Cast(datestart as date)介于''& vDateStart& “'和'”& vDateStart& “'”
- 两个演员(不工作)
sSQL = "SELECT datestart, DateEnd, runcompleted FROM [tblweeklyreports] where Cast(moduledatestart as date, moduledatecomplete as date) between '" & vDateStart & "' and '" & vDateEnd & "'"
和
sSQL = "SELECT datestart, DateEnd, runcompleted FROM [tblweeklyreports] where Cast(moduledatestart as date),(moduledatecomplete as date) between '" & vDateStart & "' and '" & vDateEnd & "'"
它必须在之前出现(我只需要一个链接,但我似乎无法寻找正确的措辞!)
-------------------根据讨论修订版--------------
Dim cn As SqlConnection = New SqlConnection()
Dim cmd As SqlCommand = New SqlCommand()
Dim dr As SqlDataReader
Dim vRunCompleted As String = ""
Dim vDateStartExist As String = ""
cn.ConnectionString = ConfigurationManager.ConnectionStrings("mySQLConnectionString").ConnectionString
cmd.Connection = cn
'Open the connection to the database
cn.Open()
Dim vDateStartDate As Date = vDateStart Dim vDateEndDate As Date = vDateEnd
cmd.CommandText = "SELECT * FROM [tblresults] where moduledatestart between @from and @to"
cmd.Parameters.AddWithValue("@from", vDateStart)
cmd.Parameters.AddWithValue("@to", vDateEnd)
Dim str As New StringBuilder
Dim vdrOkay As String
str.Append(Chr(34) & " Employee Id" & Chr(34) & "," & "Forename" & "," & Chr(34) & "Surname" & Chr(34) & "," & "Control 1" & "," & Chr(34) & "Control 2" & Chr(34) & "," & "Full code" & "," & "Class Name" & "," & "Year" & ",")
str.Append(Chr(34) & " Number" & Chr(34) & "," & "Class Start Date" & "," & Chr(34) & "Class End Date" & Chr(34) & "," & "Course Type" & "," & Chr(34) & "Provider Type" & Chr(34) & "," & "Provider" & "," & "Venue" & "," & "Evaluation" & "," & "Duration Hrs" & ",")
str.Replace(",", vbNewLine, str.Length - 1, 1) ' go to next line
dr = cmd.ExecuteReader()
If (dr.HasRows = True) Then
Label1.Text = "running"
While (dr.Read())
vdrOkay = Trim(StrConv(dr("EmployeeID"), VbStrConv.Uppercase))
str.Append("=" & Chr(34) & vdrOkay & Chr(34) & ",")
End While
Dim vFileName As String = Replace(vDateStart, "/", "_") & "_" & Replace(vDateEnd, "/", "_")
My.Computer.FileSystem.WriteAllText(("C:\sites\Examples\WeeklyReport\" & "ELearning_Report_" & vFileName & ".csv"), str.ToString, False)
Else
Label1.Text = "did not run"
End If
答案 0 :(得分:4)
如果您采用推荐的方式使用参数化查询,则无需投射任何内容,这也具有避免SQL注入的良好附加效果。
在您的情况下,这可能如下所示:
cmd.CommandText = "SELECT datestart, DateEnd, runcompleted FROM [tblweeklyreports] where datestart between @from and @to"
cmd.Parameters.AddWithValue("@from", vDateStart)
cmd.Parameters.AddWithValue("@to", vDateEnd)
问题在于构建WHERE子句的方式。在尝试时,您不能一次比较两个字段。你需要写这样的东西:
SELECT
datestart,
DateEnd,
runcompleted
FROM [tblweeklyreports]
where
moduledatestart between @from and @to and
moduledatecomplete between @from and @to
然后使用上面的SQL参数。