1

I have this line of code in asp.net through which inserting date into a table

CMPI_EFF_DATE = cc.GetDataSet("SELECT TRM_EFF_STDT as TRM_EFF_STDT FROM TRM_MST WHERE TRM_CODE = " + ddlTrm.SelectedValue + "").Tables[0].Rows[0]["TRM_EFF_STDT"].ToString(),

and i am using oracle database . but while inserting data into it it show's an error 

 literal does not match format string
Improve this question
1
  • You should be using parameterized queries, which would probably solve this issue in addition to closing a potential SQL Injection vulnerability. Commented May 31, 2014 at 6:55

2 Answers 2

Reset to default
2

Is ddlTrm.SelectedValue string value? if it's true, I thing you should put value in quotes like this

"'" + ddlTrm.SelectedValue+"'"

Full example:

CMPI_EFF_DATE = cc.GetDataSet("SELECT TRM_EFF_STDT as TRM_EFF_STDT FROM TRM_MST WHERE TRM_CODE = '" + ddlTrm.SelectedValue+"'").Tables[0].Rows[0]["TRM_EFF_STDT"].ToString()
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

I think you are wrong here ddlTrm.SelectedValue + "")

It should be ddlTrm.SelectedValue )

CMPI_EFF_DATE = cc.GetDataSet("SELECT TRM_EFF_STDT as TRM_EFF_STDT FROM TRM_MST WHERE TRM_CODE = " + ddlTrm.SelectedValue).Tables[0].Rows[0]["TRM_EFF_STDT"].ToString(),
Improve this answer

2 Comments

Still ... same error literal does not match format string
if the selected value is string and trm_code is string then you need to use' in your query.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.