MVC - How to solve "SqlException: The conversion of a datetime2 data type to a datetime data type resulted in an out-of-range value."

Question

I have a model which has a DateTime property which stores the date in which the object is created.

public class UserProfile
{
    public int Id { get; set; }

    public string Name { get; set; }

    [Required]
    [DataType(DataType.Date)]
    public DateTime DateCreated { get; set; }
}

When a User Profile is created, the DateCreated is set in the create method like this :

profile.DateCreated = DateTime.Now.Date;

But in my edit method, I don't want this DateCreated value to be changed so I removed it from the Include attribute.

Even so, a DateTime value of 01/01/0001 is being passed to the model, even though I don't want that field being updated. This is what is causing the SqlException but I dont know how to stop it.

[HttpPost]
    [ValidateAntiForgeryToken]
    public ActionResult Edit([Bind(Include = "Id,Name")] UserProfile profile)
    {
        if (ModelState.IsValid)
        {
            db.Entry(profile).State = EntityState.Modified;
            db.SaveChanges();
            return RedirectToAction("Index");
        }
        return View(profile);
    }

I tried removing the [Required] attribute but still not resolved.

I made DateCreated nullable by adding a ? in front of DateTime

public DateTime? DateCreated { get; set; }

But that caused the DateCreated to become null when ever I edited the UserProfile.

Possible duplicate of [How to update one field of specific records using Entity Framework?](https://stackoverflow.com/questions/21350818/how-to-update-one-field-of-specific-records-using-entity-framework) — mjwills, Jul 10 '17 at 13:15
Do not use data models in your views especially when editing data. Use a view model (which will not include a property for the create date). In the POST method get you data model based on the ID and update its properties then save it — , Jul 10 '17 at 13:16
If you wish to use the data model, you can keep the include and add a `@Html.HiddenFor(...)` in your view so you keep the value — Rafalon, Jul 10 '17 at 13:17
@Rafalon "...add a @Html.HiddenFor(...) in your view so you keep the value" won't keep the value if the user is malicious. In general it's bad practice to rely on a client for this. — Joe, Jul 10 '17 at 13:23
@Joe that's true, if you don't know your users and/or don't trust them. It's why I said that only if the OP wishes to keep the include and doesn't want to create a model for every view. Anyway, +1 for pointing this issue out — Rafalon, Jul 10 '17 at 13:28
This is actually two bad practices in one. As @StephenMuecke indicated, you should not use entities as view models, but even that wouldn't be an issue if the OP wasn't directly saving the posted entity, which is always a horrible idea. You should always start with a fresh entity instance (either newed up or fetched from the database) and then map the posted values onto that instance, before finally saving *that* instance. This ensures 1) that the entity is property bound to the context and 2) that only those values you wish to be editable are editable. — Chris Pratt, Jul 10 '17 at 14:55
If you explicitly control which values actually make it onto the entity (through the mapping process) then there is absolutely no way, not matter what, that a user can do anything to manipulate something they shouldn't. — Chris Pratt, Jul 10 '17 at 14:56
Okay so basically I should find the object first by using the id, update the properties i wish to be updated and then save? Feel free to put that as a answer so I can mark it as correct. — , Jul 10 '17 at 15:26
So something like this 'UserProfile u = db.UserProfile.Find(profile.Id); u.Name = profile.Name;' @ChrisPratt — , Jul 10 '17 at 15:30

MVC - How to solve "SqlException: The conversion of a datetime2 data type to a datetime data type resulted in an out-of-range value."

0 Answers0