locked
Conversion from type 'Object' to type 'String' is not valid. RRS feed

  • Question

  • User1165693677 posted
     Dim Diff As String = con.ExecuteCommand("SELECT DATEDIFF(Day, (select [date] from companyusers where Username = '" + txtUserName.Text + "'), '" & DateTime.Now.ToString() & "')")
    If (Diff > 30) Then
    Response.Redirect("Changepassword.aspx")
    End If
    
    
    Thursday, December 22, 2011 5:33 AM

Answers

All replies

  • User197322208 posted
    Solution:


    Dim Diff as string =con.ExecuteCommand("...").ToString

    Problems , however:
    1. try to pass in the
    txtUserName
    the following
    aaa' or 1=1);

    ( not mention that I could put drop table

    Search for "sql injection"
    2.
     If (Diff > 30) Then

    it's a string or a number comparison ?
    Thursday, December 22, 2011 5:37 AM
  • User1165693677 posted

    Actually diffierence in date is more that 30 than user has to force to change their password..

    Thursday, December 22, 2011 5:39 AM
  • User269846090 posted

    U have stored the result of that query into a string variable,so u get error like that.

    Try to store the result into datatable,after that 

    check if(datatable.rows(0)(0)>30) then

    MArk as answer if it helps u!

    Thursday, December 22, 2011 5:43 AM
  • User1165693677 posted

    It's showing error like..Unable to cast object of type 'System.Object' to type 'System.Data.DataTable'.

    I declared new data table..

    dim dt as new datatable()

    dt = con.ExecuteCommand("SELECT DATEDIFF(Day, (select [date] from companyusers where Username = '" + txtUserName.Text + "'), '" & DateTime.Now.ToString() & "')")
    If (dt.Rows(0)(0) > 30) Then
    Response.Redirect("Changepassword.aspx")
    End If

    Thursday, December 22, 2011 5:48 AM
  • User269846090 posted

    Dim adapter As OleDbDataAdapter = New OleDbDataAdapter()


    adapter = con.ExecuteCommand("SELECT DATEDIFF(Day, (select [date] from companyusers where Username = '" + txtUserName.Text + "'), '" & DateTime.Now.ToString() & "')")

    Dim table As DataTable = New DataTable()

    adapter.Fill(table)

                        If (dt.Rows(0)(0) > 30) Then
                            Response.Redirect("Changepassword.aspx")
    End If

    Thursday, December 22, 2011 5:56 AM
  • User269846090 posted

    Dim adapter As SqlDataAdapter = New SqlDataAdapter()


    adapter = con.ExecuteCommand("SELECT DATEDIFF(Day, (select [date] from companyusers where Username = '" + txtUserName.Text + "'), '" & DateTime.Now.ToString() & "')")

    Dim table As DataTable = New DataTable()

    adapter.Fill(table)

                        If (dt.Rows(0)(0) > 30) Then
                            Response.Redirect("Changepassword.aspx")
    End If

    Thursday, December 22, 2011 5:57 AM
  • User1165693677 posted

    getting error like Unable to cast object of type 'System.Object' to type 'System.Data.OleDb.OleDbDataAdapter'...sorry for troubling..

    Thursday, December 22, 2011 6:00 AM
  • User269846090 posted

    U can use sqlAdapter instead of oledbAdapter.

    see my previoues one.

    Thursday, December 22, 2011 6:13 AM
  • User1165693677 posted

    Unable to cast object of type 'System.Object' to type 'client2.sqladapter'.

    Thursday, December 22, 2011 6:22 AM
  • User1165693677 posted

    Unable to cast object of type 'System.Object' to type 'client2.sqladapter'.

    Thursday, December 22, 2011 6:22 AM
  • User269846090 posted
    
    
    ok relax., 

    Complete code for ur problem here,

    Dim adapter As SqlDataAdapter
    Dim dt As New DataTable
    Dim sql As String
    Sql = "select * from Product" ---------------------Here u write ur query
    connection.Open()
    adapter = New SqlDataAdapter(Sql, connection)
    adapter.Fill(dt)
    If (Integer.TryParse(dt.Rows(0)(0)) > 30) Then
     Response.Redirect("Changepassword.aspx")
    End If

    connection.Close()

    Thursday, December 22, 2011 6:35 AM
  • User1165693677 posted
    Error 1: Overload resolution failed because no accessible 'New' can be called with these arguments:
    'Public Sub New(selectCommandText As String, selectConnection As System.Data.SqlClient.SqlConnection)': Value of type 'client2.Connection' cannot be converted to 'System.Data.SqlClient.SqlConnection'.
    'Public Sub New(selectCommandText As String, selectConnectionString As String)': Value of type 'client2.Connection' cannot be converted to 'String'.
    
    
    Error 2: 	Overload resolution failed because no accessible 'TryParse' accepts this number of arguments.	
    Thursday, December 22, 2011 6:41 AM
  • User269846090 posted
    If (Integer.TryParse(dt.Rows(0)(0).Tostring()) > 30) Then
    Thursday, December 22, 2011 7:59 AM
  • User1165693677 posted

    still showing those two errors

    Thursday, December 22, 2011 8:22 AM
  • User612574037 posted

    Hi,

    1.You may try to use the SqlDataAdapter like the below code.

            Dim adapter As New SqlDataAdapter()
            adapter.SelectCommand = New SqlCommand(sqlQueryString, connection)
            adapter.Fill(dt)
    

    http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqldataadapter.aspx#Y6410

    2.The Int.TryParse() method has more than two parameters. You may use Int.Parse(dt.Rows(0)(0)) method instead of it.

    http://msdn.microsoft.com/en-us/library/c846ws90.aspx

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, December 26, 2011 5:01 AM