On the server, the date format is mm-dd-yyyy. On my local machine, the date format is mm/dd/yyyy.
I have the following code:
DateTime FrDate, Todate;
string yy = "2020";
string mm = "04";
string dd = "01";
DateTime.TryParse(mm + "/" + dd + "/" + yy, out FrDate);
And then I am trying to run this query:
select * from helpdesk_tranactions where compl_date `= '" + FrDate.ToShortDateString() + "'
This is working fine when I run on my local machine, where the date format is mm/dd/yyyy.
However, when this code is deployed to the server, the same query is not working (since the date format is mm-dd-yyyy).
The error I get is:
The conversion of a varchar data type to a datetime data type resulted in an out-of-range value.
The statement has been terminated.
How can I write this query in such a way that it will work regardless of the system date formatting?
Noooooooo! If you're worried about string formats for SQL date values something has already gone horribly wrong.
The column in your database should be a Date, Timestamp, or DateTime rather than varchar field, and if that's true there is no human-readable format! The data is binary. What you see is a convenience shown to you by your management tool or connection library. If you're not using one of the date types for the column column, you should fix the schema, because it really is broken.
Once you have confirmed or fixed the column so you know it is a DateTime value, you should also be using DateTime variables in the C# code. And once you're doing that, the correct way to include those values in a query looks like this (assuming MySql because of the backtick, but you should also tag the question with the correct database engine):
string sql = "select * from helpdesk_tranactions where compl_date = #compl_date";
using (var cn = new MySqlConnection("connection string here"))
using (var cmd = new MySqlCommand(sql, cn))
{
cmd.Parameters.Add("#compl_date", MySqlDbType.DateTime).Value = FrDate;
cn.Open();
// ...
}
Notice this assigns the FrDate field directly to the query parameter. There's no conversion in your code to worry about.
This technique is also the best and only truly safe way to avoid certain other types of problem with sql.
Related
I'm trying to get the records between two dates. Specifically between the start of the day and the time now. This is my query but it doesn't work for me. I have a MYSQL database
var query = (SELECT * FROM `jobs` WHERE `EventTime` < NOW() AND `EventTime` >= '" + dtstartofday + "' AND `PersonSel` = '" + personassigned + "' AND `PersonID` = '" + id + "'");
dtstartofday is of DateTime type.
You're using string concatenation to put query values directly into your SQL string. Don't do this, for a variety of reasons, one of which is the problem you're seeing here - how c# chooses to format the date as string, according to your regional preferences, and how MySQL chooses to parse the string as a date will have direct consequences for how the query runs. As a coarse example, if your date goes in as '2/3/2000' meaning third of feb, you could be using a mysql that interprets it as second of March. Alternatively you might find that c# is representing the date as something mysql doesn't recognise as a date so it is instead converting the EventTime date to a string and then comparing the strings, which is very unlikely to work out (and slow, because of all the conversions)
Either adjust your query so the start of day calculation is done by the db, and parameterize the other elements of your query:
var query = "SELECT * FROM `jobs` WHERE `EventTime` < NOW() AND `EventTime` >= CURDATE() AND `PersonSel` = #personSel AND `PersonID` = #personID"
Or parameterize the start date properly rather than passing its value as a string:
var query = "SELECT * FROM `jobs` WHERE `EventTime` < NOW() AND `EventTime` >= #eventTimeFrom AND `PersonSel` = #personSel AND `PersonID` = #personID"
To add values for the parameters you declare its name, type and value:
var cmd = new MySqlCommand(query, connection);
cmd.Parameters.Add("#eventTime", MySqlDbType.DateTime).Value = dtstartofday; //dtstartofday is a c# datetime representing midnight today e.g DateTime.Date
cmd.Parameters.Add("#personSel", MySqlDbType.Int).Value = personassigned;
cmd.Parameters.Add("#personID", MySqlDbType.DateTime).Value = id;
var x = cmd.ExecuteReader();
It is important to appreciate the difference between having the server do the time and your local machine do the time, especially if they are in different zones, but even if their clocks drift just a little. At some moment what each machine thinks of as "today" will differ. Consider it carefully
Later, when you're bored of writing this kind of code endlessly, you can install Dapper, an extension that does it for you. Take a look at http://dapper-tutorial.net for examples of how it will reduce code like this to just two lines; query and variables in, usable objects out.
In my C# project I need system date time to another specific date time format.
My system datetime format is like "15/03/2017 9:25 AM" --->that can be changed according to computer wich my program run.
But I need to parse that datetime format to another date time format something like "2017-03-15 9:25 AM"----> save date in SQL datebase accept this format only.
I need Assign this to variable to Datetime Variable not need save in String variable.
I tried this code but not working
string datetimesss = DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss")
It returns
// value of datetimesss="2017-03-15 09:33:25"
Then i parse again to date time format
DateTime dates = DateTime.Parse(datetimesss);
It returns
// value of dates ="15/03/2017 9:42:43 AM"
Convert back to my computer datetime format .How can I convert any datetime format to DateTime "yyyy-MM-dd hh:mm:ss"
Thank You!
You should avoid strings and just keep your data in DateTime variables. ADO.Net already knows how to translate between .NETs DateTime and SQL Server's datetime - and neither of these has a format (both of them, internally, are just numbers. .NETs DateTime is a count of 100ns intervals since 01/01/0001. SQL Server's datetime is a count of whole and fractional days since 01/01/1900).
Something like:
var updateCommand = new SqlCommand(
"UPDATE [User] SET Last_loign_date =#LastLoginDate"
,conn); //Assume conn is an SqlConnection object
updateCommand.Parameters.Add("#LastLoginDate",SqlDbType.DateTime).Value = DateTime.Now
or, in the alternative, why not use the database server time rather than passing it:
string sqlupdatepassword = "UPDATE [User] SET Last_loign_date =current_timestamp";
If sql server language is set as us-english then your date - > '15/03/2017 9:25 AM' will be considered as text and converting into date will not give correct results. You need create date based on day,month and year from your given date by using string functions. Use the below code to get required output :
declare #date varchar(30) = '15/03/2017 9:25 AM'
select cast(left(parsename(replace(#date,'/','.'),1),4) +
parsename(replace(#date,'/','.'),2) +
parsename(replace(#date,'/','.'),3) as datetime) +
ltrim(stuff(parsename(replace(#date,'/','.'),1),1,4,''))
Finaly I got the point,
I parse DateTime to String
string sqlupdatepassword = "UPDATE [User] SET Last_loign_date ='" + DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss tt") + "'";
In SQl database "Last_loign_date" is datetime format.
this may not correct, but this worked for me.
thanks!
I am making project in c# .net where I am badly stuck in a database query.
I have a date column in my table of my database in which i have stored the date with datatype varchar(50) and passed (convert(varchar(8),getdate(),5) as default so it gives me a date in dd-MM-YY e.g 28-03-17.
Now the user input a month format MM and year format YY" in textbox only (NOT DAY) and in case if the user entries (month,year) are equal to month and year of database table then show the all data.
I know I have to first extract month and year from table date and then compare with user input. From searching I came to know that by using Year(DateField) I can extract year and Month Month(Date Field) from date field.
I am using below query but it isn't right at all.
"select * from table1
where YEAR(Time=convert(varchar(8),getdate(),5))='" + textBox1.Text +
"' AND MONTH(Time=convert(varchar(8),getdate(),5))='" + textBox2.Text + "'";
Where 'Time' is the name of my date field in database.The big problem is that I don't know how to compare year and month in this format that I have used.
You need to convert the value of Time column to DateTime and get the YEAR out of it.
You will get the year value in four digits, like 2017. To convert it to two digits you need to divide it by 100 using modulo operator.
//Preparing parameterized query to avoid SQL injection.
var sqlQuery = "select * from Tokens where (YEAR(Convert(datetime,Time,5)) % 100) = #year AND MONTH(Convert(datetime,Time,5)) = #month";
//Preparing command and adding parameters with the values.
var sqlCommand = new SqlCommand();
sqlCommand.CommandText = sqlQuery;
sqlCommand.Parameters.Add("#year", textBox1.Text);
sqlCommand.Parameters.Add("#month", textBox2.Text);
Now you can use this command to retrieve the data from the database.
First, sql server has a datetime data type so you should not be storing dates in your database as a string.
If you did do that, you would do something like:
select * from table1
where YEAR(Time)=" + textBox1.Text +
" AND MONTH(Time)=" + textBox2.Text;
Year and time both return ints so you do not need to delimit the text from your textboxes with a single quote.
One more thing, previous commenters are right, you should never directly take the text from a textbox and inject it into a sql string. It opens you up for sql injection attacks. Instead you should be using parameters.
Assuming that the date in the VARCHAR column is stored as dd-MM-YY (as you mentioned) then this query should work:
SELECT * FROM TABLE
WHERE SUBSTRING(-DateColumn-,4,2) = textBox1.text
AND SUBSTRING(-DateColumn-,7,2) = textBox2.text
Since you're storing the date as text, there's no need to convert anything. You should just be able to do a string comparison.
Which date format does T-SQL use? Does it rely on the system date? How can I be sure that my parameters are passed on correctly regardless of system date format. This question comes because of error:
Error converting data type nvarchar to datetime.
The SQL script in part:
CREATE PROCEDURE [dbo].[sz_pipeline04_pipelUpdte_inventory]
-- Add the parameters for the stored procedure here
#myFixDte datetime,
#doInsert bit
AS
BEGIN
The calling c# code:
public static DataTable GridInventory(string strdProcedureName, DateTime fixDate, bool execInsertYN)
{
DataTable dtbl_inventory = null;
try
{
dtbl_inventory = new DataTable();
using (var conn = new SqlConnection(cls_connRegistry.GetConnStrFull()))
using (var command = new SqlCommand(strdProcedureName, conn)
{
CommandType = CommandType.StoredProcedure
})
{
command.Parameters.Add("#myFixDte", SqlDbType.DateTime).Value = DateTime.Parse(fixDate.ToShortDateString());
command.Parameters.Add("#doInsert", SqlDbType.Bit).Value = execInsertYN;
conn.Open();
SqlDataReader dr = command.ExecuteReader();
dtbl_inventory.Load(dr);
conn.Close();
}
}
catch (Exception datawalile)
{ dtbl_inventory = null; }
return dtbl_inventory;
}
edited question.
The code you've now posted looks correct - except for one thing:
command.Parameters.Add("#myFixDte", SqlDbType.DateTime).Value = DateTime.Parse(fixDate.ToShortDateString());
As I've said in the comments, issues only come up around formatting when you convert to strings. So just do:
command.Parameters.Add("#myFixDte", SqlDbType.DateTime).Value = fixDate;
DateTimes (C#) and datetime (T-SQL) don't have a format. You get formatting issues when you convert them into strings. In their native representation, they're usually just a count of a number of events (ticks, milliseconds, etc) since some fixed point in the past. ADO.Net knows how to convert a DateTime into a SQL Server datetime.
If you have remaining conversion issues, it's in code you've not yet shown. But it will, again, be because you're converting away from the correct data type (datetime) and using strings.
This is not valid DATETIME format DD-MM-YYYY.
You can use CONVERT It in following:
DECLARE #myFixDte DATETIME
SET #myFixDte = CONVERT(DATE, N'30-12-2012', 104)
SELECT #myFixDte
Or you can SET It without converting in other format like YYYY-MM-DD
Try this:
#myFixDte = convert(datetime, '30-12-2012', 105)
And check the link provided by #N.Molderf
SQL Server recognizes one format always in same way, regardless which culture it using, and that format is YYYYMMDD.
So you can always use your dates in format 20120202 or 20151225, and SQL Server will parse that parameter using same mask.
Why you didnt tell as above c# datetime, here is a simple example for you how to solve this problem in your case it will be something like this
DateTime myDateTime = DateTime.Now;
string sqlFormattedDate = myDateTime.ToString("dd-MM-yyyy HH:mm:ss");
or this one
DateTime myDateTime = DateTime.Now;
string sqlFormattedDate = myDateTime.ToString("yyyy-MM-dd HH:mm:ss");
second one is a default
I get a timestamp from Facebook in the below code
cust_updated_time = obj["updated_time"].ToString();//2013-08-01T02:55:31+0000
abccusttime = cust_updated_time.Substring(0, cust_updated_time.ToString().Length - 3);//2013-08-01T02:55:31+0
Here I'm trying to insert into Oracle table
to_date('" + abccusttime + "', 'mm-dd-yyyy hh24:mi:ss')
but I get an error "not a valid month"
Any ideas? Thanks in advance.
if this is your date:
2013-08-01T02:55:31+0
It should look like this:
2013-08-01 02:55:31
Than you can use TO_DATE function (with correct mask format):
to_date('" + abccusttime + "', 'yyyy-mm-dd hh24:mi:ss')
When you try to map:
2013-08-01T02:55:31+0
with the format:
mm-dd-yyyy hh24:mi:ss
it's not going to work simply because your date components are in the wrong place. It's expecting a two-digit month at the start but you're giving it the century of 20, which is most definitely not a valid month.
You need to either change your data or your mapping so that they match.
It's probably easier to parameterize your query, but in this case you've got your time format wrong. To match;
2013-08-01T02:55:31+0000
you need a format like;
yyyy-MM-dd"T"hh24:mi:ss"+0000"
or, if you want the preprocessed format with a single zero;
yyyy-MM-dd"T"hh24:mi:ss"+0"
Sample;
SELECT TO_DATE('2013-08-01T02:55:31+0000', 'yyyy-MM-dd"T"hh24:mi:ss"+0000"') FROM DUAL;
> August, 01 2013 02:55:31+0000
Oracle date format reference.
You could also match/process the time zone information, but since it's not clear what result you'd like if it were set, I left it out (TZH and TZM will help there)
A rather trivial SQLfiddle.
The Oracle date format you want is mm-dd-yyyy, but the facebook timestamp is yyyy-mm-dd.
You should do something like this instead;
to_date(:abccusttime, 'mm-dd-yyyy hh24:mi:ss')
Then set a parameter for abbcusttime, also don't use apostrophes (') when adding parameters, it doesn't like that :)
OracleCommand.Parameters.Add(":abccusttime", OracleDbType.Varchar2).Value = abccusttime;
You better use parameters
DateTime updatedtime = obj["updated_time"] as DateTime;
var statement = "..... where Updated_time > :updatedtime";
using (OracleConnection connection = new OracleConnection(connectionString))
using (OracleCommand command = new OracleCommand(statement, connection))
{
command.Parameters.AddWithValue(":updatedtime", updatedtime );
command.Connection.Open();
command.ExecuteNonQuery();
}