-1

I made a programm, which shows a table from my database.

The Statement looks like that:

string sql = ("select CCase.RefNo AS Az, EventTemplate.EventCode AS
    Vorgang from ikaros.CCase join ikaros.Event on CCase.ID =
    Event.CCaseID join ikaros.EventTemplate on Event.EventTemplateID  =
    EventTemplate.ID where EventTemplate.EventCode='IRVB' and
    Event.EventDate ='2014-07-03' order by CCase.RefNo ASC");

Now with 

Event.EventDate='2014-07-03'

I get the table of that Date which is given in the SELECT Statement. But I want give the user the opportunity to give a other Date in a Textbox. The Textbox should change the Date in the Statement.

I looked here:

Try 1

Try 2

But it's not the same issue which I have. If this is a duplicate and I was just to silly to find it, please tell me.

er-sho
  • 9,581
  • 2
  • 13
  • 26
Burak
  • 235
  • 1
  • 2
  • 12
  • 3
    what exactly is your problem? [parametrizing the query](https://stackoverflow.com/a/425896/1132334) so that the date can be a variable? reading a `DateTime` [from a user interface control](https://stackoverflow.com/a/41447505/1132334)? – Cee McSharpface Dec 06 '18 at 12:28
  • you want to put selected date in your query from textbox or from datetimepicker? – er-sho Dec 06 '18 at 12:35
  • are you using sql ado.net? – er-sho Dec 06 '18 at 12:39

1 Answers1

0

The added link in question shows your are using WPF So,

If your date is coming from TextBox then you should use TextBox.Text property to read date from user input like

var date = TextBox1.Text;

OR

If you used DatePicker then you can use DatePicker.SelectedDate.Value.Date property to read user input 

 var date = DatePicker1.SelectedDate.Value.Date;

And then pass this to sql query like

string sql = ("select ... where EventTemplate.EventCode='IRVB' and
    Event.EventDate ='"+ date +"' order by CCase.RefNo ASC");

Note: Always use prepared statements (parameterized query) to prevent sql injection attack.

I m not sure that you are using ADO.NET but your paramterized query look like

string sql = ("select ... where EventTemplate.EventCode='IRVB' and
        Event.EventDate = @date order by CCase.RefNo ASC");

SqlCommand command = new SqlCommand(sql, connection);
command.Parameters.AddWithValue("@date", date);
er-sho
  • 9,581
  • 2
  • 13
  • 26
  • Visual Studio says: "Error 1 The name 'date' does not exist in the current context Z:\programmierung\IRVB\IRVB\Form1.cs 69 286 IRVB " – Burak Dec 06 '18 at 12:49
  • declare `var date` in same scope where your query. you are declaring varible ouside of scope thats why vs gives you error – er-sho Dec 06 '18 at 12:50
  • Is the OP using WinForms? WPF? UWP? Which one is this? You're recommending code which doesn't use parameterized queries and then recommending to always use parameterized queries? It's difficult to provide a good answer to a bad question. The OP needs to clarify the problem. – David Dec 06 '18 at 12:51
  • @David, i think you didn't visit OP's added link in question. OP added all link that are of related to WPF. and before adding paramterized query codeanswer to my answer someone downvoted already. – er-sho Dec 06 '18 at 12:53
  • @er-shoaib solution worked perfectly! Thank you really much u are my hero :) – Burak Dec 06 '18 at 12:54