I am making project in c# .net where I am badly stuck in a database query.
I have a date column in my table of my database in which i have stored the date with datatype varchar(50) and passed (convert(varchar(8),getdate(),5) as default so it gives me a date in dd-MM-YY e.g 28-03-17.
Now the user input a month format MM and year format YY" in textbox only (NOT DAY) and in case if the user entries (month,year) are equal to month and year of database table then show the all data.
I know I have to first extract month and year from table date and then compare with user input. From searching I came to know that by using Year(DateField) I can extract year and Month Month(Date Field) from date field.
I am using below query but it isn't right at all.
"select * from table1
where YEAR(Time=convert(varchar(8),getdate(),5))='" + textBox1.Text +
"' AND MONTH(Time=convert(varchar(8),getdate(),5))='" + textBox2.Text + "'";
Where 'Time' is the name of my date field in database.The big problem is that I don't know how to compare year and month in this format that I have used.
You need to convert the value of Time column to DateTime and get the YEAR out of it.
You will get the year value in four digits, like 2017. To convert it to two digits you need to divide it by 100 using modulo operator.
//Preparing parameterized query to avoid SQL injection.
var sqlQuery = "select * from Tokens where (YEAR(Convert(datetime,Time,5)) % 100) = #year AND MONTH(Convert(datetime,Time,5)) = #month";
//Preparing command and adding parameters with the values.
var sqlCommand = new SqlCommand();
sqlCommand.CommandText = sqlQuery;
sqlCommand.Parameters.Add("#year", textBox1.Text);
sqlCommand.Parameters.Add("#month", textBox2.Text);
Now you can use this command to retrieve the data from the database.
First, sql server has a datetime data type so you should not be storing dates in your database as a string.
If you did do that, you would do something like:
select * from table1
where YEAR(Time)=" + textBox1.Text +
" AND MONTH(Time)=" + textBox2.Text;
Year and time both return ints so you do not need to delimit the text from your textboxes with a single quote.
One more thing, previous commenters are right, you should never directly take the text from a textbox and inject it into a sql string. It opens you up for sql injection attacks. Instead you should be using parameters.
Assuming that the date in the VARCHAR column is stored as dd-MM-YY (as you mentioned) then this query should work:
SELECT * FROM TABLE
WHERE SUBSTRING(-DateColumn-,4,2) = textBox1.text
AND SUBSTRING(-DateColumn-,7,2) = textBox2.text
Since you're storing the date as text, there's no need to convert anything. You should just be able to do a string comparison.
Related
On the server, the date format is mm-dd-yyyy. On my local machine, the date format is mm/dd/yyyy.
I have the following code:
DateTime FrDate, Todate;
string yy = "2020";
string mm = "04";
string dd = "01";
DateTime.TryParse(mm + "/" + dd + "/" + yy, out FrDate);
And then I am trying to run this query:
select * from helpdesk_tranactions where compl_date `= '" + FrDate.ToShortDateString() + "'
This is working fine when I run on my local machine, where the date format is mm/dd/yyyy.
However, when this code is deployed to the server, the same query is not working (since the date format is mm-dd-yyyy).
The error I get is:
The conversion of a varchar data type to a datetime data type resulted in an out-of-range value.
The statement has been terminated.
How can I write this query in such a way that it will work regardless of the system date formatting?
Noooooooo! If you're worried about string formats for SQL date values something has already gone horribly wrong.
The column in your database should be a Date, Timestamp, or DateTime rather than varchar field, and if that's true there is no human-readable format! The data is binary. What you see is a convenience shown to you by your management tool or connection library. If you're not using one of the date types for the column column, you should fix the schema, because it really is broken.
Once you have confirmed or fixed the column so you know it is a DateTime value, you should also be using DateTime variables in the C# code. And once you're doing that, the correct way to include those values in a query looks like this (assuming MySql because of the backtick, but you should also tag the question with the correct database engine):
string sql = "select * from helpdesk_tranactions where compl_date = #compl_date";
using (var cn = new MySqlConnection("connection string here"))
using (var cmd = new MySqlCommand(sql, cn))
{
cmd.Parameters.Add("#compl_date", MySqlDbType.DateTime).Value = FrDate;
cn.Open();
// ...
}
Notice this assigns the FrDate field directly to the query parameter. There's no conversion in your code to worry about.
This technique is also the best and only truly safe way to avoid certain other types of problem with sql.
I'm trying to get the records between two dates. Specifically between the start of the day and the time now. This is my query but it doesn't work for me. I have a MYSQL database
var query = (SELECT * FROM `jobs` WHERE `EventTime` < NOW() AND `EventTime` >= '" + dtstartofday + "' AND `PersonSel` = '" + personassigned + "' AND `PersonID` = '" + id + "'");
dtstartofday is of DateTime type.
You're using string concatenation to put query values directly into your SQL string. Don't do this, for a variety of reasons, one of which is the problem you're seeing here - how c# chooses to format the date as string, according to your regional preferences, and how MySQL chooses to parse the string as a date will have direct consequences for how the query runs. As a coarse example, if your date goes in as '2/3/2000' meaning third of feb, you could be using a mysql that interprets it as second of March. Alternatively you might find that c# is representing the date as something mysql doesn't recognise as a date so it is instead converting the EventTime date to a string and then comparing the strings, which is very unlikely to work out (and slow, because of all the conversions)
Either adjust your query so the start of day calculation is done by the db, and parameterize the other elements of your query:
var query = "SELECT * FROM `jobs` WHERE `EventTime` < NOW() AND `EventTime` >= CURDATE() AND `PersonSel` = #personSel AND `PersonID` = #personID"
Or parameterize the start date properly rather than passing its value as a string:
var query = "SELECT * FROM `jobs` WHERE `EventTime` < NOW() AND `EventTime` >= #eventTimeFrom AND `PersonSel` = #personSel AND `PersonID` = #personID"
To add values for the parameters you declare its name, type and value:
var cmd = new MySqlCommand(query, connection);
cmd.Parameters.Add("#eventTime", MySqlDbType.DateTime).Value = dtstartofday; //dtstartofday is a c# datetime representing midnight today e.g DateTime.Date
cmd.Parameters.Add("#personSel", MySqlDbType.Int).Value = personassigned;
cmd.Parameters.Add("#personID", MySqlDbType.DateTime).Value = id;
var x = cmd.ExecuteReader();
It is important to appreciate the difference between having the server do the time and your local machine do the time, especially if they are in different zones, but even if their clocks drift just a little. At some moment what each machine thinks of as "today" will differ. Consider it carefully
Later, when you're bored of writing this kind of code endlessly, you can install Dapper, an extension that does it for you. Take a look at http://dapper-tutorial.net for examples of how it will reduce code like this to just two lines; query and variables in, usable objects out.
I want to select the row of a database when the month of a date is accurate. for the year I did it:
select * from table where YEAR(date)='2015' it works well for the years
for the months I made :
select * from table where Month(date)='01'// I have the date format dd/mm/yyyy
thanks
From MONTH FUNCTION;
The Microsoft Access Month function returns the month (a number from 1
to 12) given a date value.
You should check it with an integer, not a string like;
select * from table where Month(date) = 1
Try this
select * from table where Month(date)='01' and YEAR(date)='2015'
My Problem:
I've got data in tables which is of format YYYY-MM ex: 2001-02.
When I query from my db, and store those values in lists to be presented onto a listview, the output becomes 1/1/2001 12:00 am (Don't want it in this date time format).
string sql6 = "select YYMM, TotalTrans from t2 where cast(TotalTrans as int) < 1000";
SQLiteCommand command3 = new SQLiteCommand(sql6, sqlite_conn);
SQLiteDataReader reader3 = command3.ExecuteReader();
while (reader3.Read())
{
DateTime yyyymm;
if (DateTime.TryParse(reader3["YYMM"].ToString(), out yyyymm))
{
YYMM.Add(yyyymm);
}
}
Based on SO user help, I tried to run modify the query and use strftime.
But now I don't get ANY values in my list (YYMMt21 - which I use to populate the listview)
string sql13 = "SELECT YYMM FROM t2 WHERE strftime('%Y-%m', YYMM) = '2002-02'";
SQLiteCommand cmd4 = new SQLiteCommand(sql13, sqlite_conn);
SQLiteDataReader rdr4 = cmd4.ExecuteReader();
while (rdr4.Read())
{
// int TotalTranst21;
int yyyyyy;
if (int.TryParse(rdr4["YYMM"].ToString(), out yyyyyy) )
{
YYMMt21.Add(yyyyyy);
}
}
You should have your program logic do the date formatting for you. In your code, your DateTime object is what is formatting your string the way you're seeing it --it doesn't matter how the date string looks in SQL, it will become a DateTime object [hence the DateTime.TryParse()].
Take a look at the MS documentation on date formatting.
http://msdn.microsoft.com/en-us/library/8kb3ddd4%28v=vs.110%29.aspx
As a side note, unlike other SQL database systems, there is no field type of DateTime in SQLite. You can store them as integers or text, and utilize the built-in functions referenced in the link as follows.
http://www.sqlite.org/lang_datefunc.html
First, what do you want to show in your list? YYYY-MM, just like database? If so, don't parse to int neither DateTime, just use returned string.
Now, the code...
SQL:
string sql6 = "select YYMM, TotalTrans from t2 where cast(TotalTrans as int) < 1000";
//If you are just using YYMM, why choosing two columns???
string sql13 = "SELECT YYMM FROM t2 WHERE strftime('%Y-%m', YYMM) = '2002-02'";
//If dates in database are already in YYYY-MM format, why use STRFTIME?
//STRFTIME will fail (return NULL), as YYYY-MM is not a valid SQLite date string
Parsing:
//if (DateTime.TryParse(reader3["YYMM"].ToString(), out yyyymm))
//if (int.TryParse(rdr4["YYMM"].ToString(), out yyyyyy) )
//No sense at all. Just use supplied string:
YYMMt21.Add(rdr4["YYMM"].ToString());
Conclusion:
SQLiteCommand command3 = new SQLiteCommand("SELECT YYMM FROM t2 WHERE TotalTrans<1000", sqlite_conn);
SQLiteDataReader reader3 = command3.ExecuteReader();
while (reader3.Read()) {
YYMM.Add(reader3["YYMM"].ToString());
}
... is enough!
You should use full format for store date: YYYY-MM-DD HH:MM:SS.SSS
does not matter if you need to store only the time or only date
also you can use other format for date and time:
REAL
as Julian day numbers, the number of days since noon in Greenwich on November 24, 4714 B.C. according to the proleptic Gregorian calendar.
INTEGER
as Unix Time, the number of seconds since 1970-01-01 00:00:00 UTC.
Only after that, strftime will work correctly.
try this
string Mydate = Convert.ToDateTime(rd4["YYMM"]).ToString("yyyy");
You will have as result year
if you use this:
string Mydate = Convert.ToDateTime(rd4["YYMM"]).ToString("d");
You will have result dd-mm-yyyy (or as the regional setting)
I get a timestamp from Facebook in the below code
cust_updated_time = obj["updated_time"].ToString();//2013-08-01T02:55:31+0000
abccusttime = cust_updated_time.Substring(0, cust_updated_time.ToString().Length - 3);//2013-08-01T02:55:31+0
Here I'm trying to insert into Oracle table
to_date('" + abccusttime + "', 'mm-dd-yyyy hh24:mi:ss')
but I get an error "not a valid month"
Any ideas? Thanks in advance.
if this is your date:
2013-08-01T02:55:31+0
It should look like this:
2013-08-01 02:55:31
Than you can use TO_DATE function (with correct mask format):
to_date('" + abccusttime + "', 'yyyy-mm-dd hh24:mi:ss')
When you try to map:
2013-08-01T02:55:31+0
with the format:
mm-dd-yyyy hh24:mi:ss
it's not going to work simply because your date components are in the wrong place. It's expecting a two-digit month at the start but you're giving it the century of 20, which is most definitely not a valid month.
You need to either change your data or your mapping so that they match.
It's probably easier to parameterize your query, but in this case you've got your time format wrong. To match;
2013-08-01T02:55:31+0000
you need a format like;
yyyy-MM-dd"T"hh24:mi:ss"+0000"
or, if you want the preprocessed format with a single zero;
yyyy-MM-dd"T"hh24:mi:ss"+0"
Sample;
SELECT TO_DATE('2013-08-01T02:55:31+0000', 'yyyy-MM-dd"T"hh24:mi:ss"+0000"') FROM DUAL;
> August, 01 2013 02:55:31+0000
Oracle date format reference.
You could also match/process the time zone information, but since it's not clear what result you'd like if it were set, I left it out (TZH and TZM will help there)
A rather trivial SQLfiddle.
The Oracle date format you want is mm-dd-yyyy, but the facebook timestamp is yyyy-mm-dd.
You should do something like this instead;
to_date(:abccusttime, 'mm-dd-yyyy hh24:mi:ss')
Then set a parameter for abbcusttime, also don't use apostrophes (') when adding parameters, it doesn't like that :)
OracleCommand.Parameters.Add(":abccusttime", OracleDbType.Varchar2).Value = abccusttime;
You better use parameters
DateTime updatedtime = obj["updated_time"] as DateTime;
var statement = "..... where Updated_time > :updatedtime";
using (OracleConnection connection = new OracleConnection(connectionString))
using (OracleCommand command = new OracleCommand(statement, connection))
{
command.Parameters.AddWithValue(":updatedtime", updatedtime );
command.Connection.Open();
command.ExecuteNonQuery();
}