Personally, I'd use one of the technologies .Net offers for passing parameters into database queries. Use of parameters ensures that things like date formats and strings are handled correctly; they are also essential for preventing SQL injection attacks when your filter values are captured as text from a user.
Here's an old-school approach, Linq and Entity Framework offer ways to do it that are more OO but can hide what's going on between your app and the database (not always a problem, but it doesn't help when you're trying to learn concepts):
public static void DoStuff()
{
const string CONNECTION = "write me - the connection string";
const string SQL = "SELECT * "+
" FROM table "+
" WHERE date_deliv_required = @DateDelivered";
var dateDelivered = Convert.ToDateTime("01/08/2008");
DataTable dt = new DataTable();
using (var conn = new SqlConnection(CONNECTION))
{
using (var cmd = new SqlCommand(SQL, conn))
{
conn.Open();
cmd.Parameters.AddWithValue("@DateDelivered", dateDelivered);
cmd.CommandType = CommandType.Text;
using (var ada = new SqlDataAdapter(cmd))
{
ada.Fill(dt);
}
}
}
}