Plz转换日期时间格式 [英] Plz to convert date time format

问题描述

您好我面临的问题是我希望转换日期时间格式从数据库获取日期时间和显示日期的其他格式我使用system.globalization并处理DateTime.ParseExact但是CultureInfo.InvariantCulture没有识别出错误：

System.DateTime.ParseExact（string，string，System.IFormatProvider）的最佳重载方法匹配'有一些无效的参数，不能从对象转换为字符串



所以这是完整的代码plz帮助

  void  EMPdspunis（）
 {
  string  dtfrom =  ; 
  string  dtto =  ; 
 dtfrom = DTPFROM.Value.ToShortDateString（）; 
 dtto = DTPTO.Value.ToShortDateString（）; 
  string  mm = DTPFROM.Value.Month.ToString（）; 
  if （mm.Length ==  1 ）
 {
 
 mm =   0 + mm; 
} 
  string  dd = DTPFROM.Value.Day.ToString（）; 
  if （dd.Length ==  1 ）
 {
 dd =   0 + dd; 
 
} 
 dtfrom = DTPFROM.Value.Year.ToString（）+ mm + dd; 
 
 mm = DTPTO.Value.Month.ToString（）; 
  if （mm.Length ==  1 ）
 {
 mm =   0 + mm; 
} 
 dd = DTPTO.Value.Day.ToString（）; 
  if （dd.Length ==  1 ）
 {
 
 dd =   0 + dd; 
 
} 
 
 dtto = DTPTO.Value.Year.ToString（）+ mm + dd; 
 
  //   string sqltxtEmpNo =从TEnter选择C_Date，L_UID，C_Time L_UID = + txtEmpName.Text +和C_Date介于'+ dtfrom +'和'+ dtto +';  
 
  string  sql =  选择c_date为[التاريخ]，l_uid为[رقمالموظف]，c_Time为[الوقت] FROM输入WHERE L_UID = + txtEmpNo.Text +  和c_date在' + dtfrom +之间 'and' + dtto +  '; 
 
  string  strconn =   Provider = SQLOLEDB; Data Source =。; user id = sa; Initial Catalog = unis; 
 OleDbConnection cn =  new  OleDbConnection（strconn）; 
 OleDbDataAdapter da =  new  OleDbDataAdapter（sql，cn）; 
 DataSet ds =  new  System.Data.DataSet（）; 
 da.Fill（ds，  ta）; 
  if （ds ==  null ）
 返回; 
 
 
  if （ds.Tables [ 0 ]。行.Count >   0 ）
 {
 
  for （ int  i =  0 ; i <  ds.Tables [ 0 ]。Rows.Count; i ++）
 {
 
 
 
 dtEmplogs.Rows.Add（）; 
 
 dtEmplogs.Rows [i] .Cells [ 0 ]。值= ds.Tables [ 0 ]。行[i] [ 0 ]; 
 
 dtEmplogs.Rows [i] .Cells [ 0 ]。Value = DateTime.ParseExact（ds.Tables [ 0 ]。行[i] [ 0 ]，  yyyyMMdd，CultureInfo.InvariantCulture）（  yyyy / MM / dd ）; 
 dtEmplogs.Rows [i] .Cells [ 1 ]。值= ds.Tables [ 0 ]。行[i] [ 1 ]; 
 dtEmplogs.Rows [i] .Cells [ 2 ]。Value = txtEmpName.Text; 
 dtEmplogs.Rows [i] .Cells [ 3 ]。值= ds.Tables [ 0 ]。行[i] [ 2 ]; 
 dtEmplogs.Rows [i] .Cells [ 3 ]。值= ds.Tables [ 0 ]。行[i] [ 2 ]; 
 
 
 
} 
 
 dtEmplogs.DefaultCellStyle.SelectionBackColor = Color.BurlyWood; 
} 
} 
 

我尝试了什么： < br $> b $ b

< pre>  for （ int  i =  0 ; i <  ds.Tables [ 0 ]。Rows.Count; i ++）
 {
 dtEmplogs.Rows.Add（）; 
 
 dtEmplogs.Rows [i] .Cells [ 0 ]。值= ds.Tables [ 0 ]。行[i] [ 0 ]; 
 
 dtEmplogs.Rows [i] .Cells [ 0 ]。Value = DateTime.ParseExact（ds.Tables [ 0 ]。行[i] [ 0 ]，  yyyyMMdd，CultureInfo.InvariantCulture）（  yyyy / MM / dd ）; 
 dtEmplogs.Rows [i] .Cells [ 1 ]。值= ds.Tables [ 0 ]。行[i] [ 1 ]; 
 dtEmplogs.Rows [i] .Cells [ 2 ]。Value = txtEmpName.Text; 
 dtEmplogs.Rows [i] .Cells [ 3 ]。值= ds.Tables [ 0 ]。行[i] [ 2 ]; 
 dtEmplogs.Rows [i] .Cells [ 3 ]。值= ds.Tables [ 0 ]。行[i] [ 2 ]; 
 
 
 
} 

解决方案

确保将字符串传递给 DateTime.ParseExact（）。

您必须为DateTime.ParseExact指定确切的格式字符串。您需要使用一个格式字符串，其中包含字母，告诉ParseExact在哪里读取字符串中的值。

请参见此处的示例： [ Dotnetperls ]

不是你问题的解决方案，而是你遇到的另一个问题。

永远不要通过连接字符串来构建SQL查询。迟早，您将使用用户输入来执行此操作，这会打开一个名为SQL注入的漏洞，这对您的数据库很容易并且容易出错。

名称中的单引号你的程序崩溃。如果用户输入像Brian O'Conner这样的名称可能会使您的应用程序崩溃，那么这是一个SQL注入漏洞，崩溃是最少的问题，恶意用户输入，并且它被提升为具有所有凭据的SQL命令。

SQL注入 - 维基百科 [ ^ ]

SQL注入 [ ^ ]

按示例进行SQL注入攻击 [ ^ ]

PHP：SQL注入 - 手册 [ ^ ]

SQL注入预防备忘单 - OWASP [ ^ ]

Hi I am facing problem that I want to convert date time format taking date time from database and display date in other format i used system.globalization and deal with DateTime.ParseExact but CultureInfo.InvariantCulture does not identify there is an error:
the best overloaded method match for System.DateTime.ParseExact(string, string, System.IFormatProvider)' has some invalid arguments and can not convert from object to string

so this is full code plz help

void EMPdspunis()
      {
          string dtfrom = "";
          string dtto = "";
          dtfrom = DTPFROM.Value.ToShortDateString();
          dtto = DTPTO.Value.ToShortDateString();
          string mm = DTPFROM.Value.Month.ToString();
          if (mm.Length == 1)
          {

              mm = "0" + mm;
          }
          string dd = DTPFROM.Value.Day.ToString();
          if (dd.Length == 1)
          {
              dd = "0" + dd;

          }
          dtfrom = DTPFROM.Value.Year.ToString() + mm + dd;

          mm = DTPTO.Value.Month.ToString();
          if (mm.Length == 1)
          {
              mm = "0" + mm;
          }
          dd = DTPTO.Value.Day.ToString();
          if (dd.Length == 1)
          {

              dd = "0" + dd;

          }

          dtto = DTPTO.Value.Year.ToString() + mm + dd;

              //string sqltxtEmpNo = "select C_Date,L_UID,C_Time from tEnter where L_UID=" + txtEmpName.Text + "and C_Date between'" + dtfrom + "'and'" + dtto + "'";

              string sql= "SELECT     c_date as [التاريخ],  l_uid as [رقم الموظف], c_Time as [الوقت]  FROM         tEnter WHERE     L_UID = " + txtEmpNo.Text+ " and c_date between '" + dtfrom + "' and '" + dtto+ "'";

              string strconn = "Provider=SQLOLEDB;Data Source=.;user id=sa;Initial Catalog=unis";
              OleDbConnection cn = new OleDbConnection(strconn);
              OleDbDataAdapter da = new OleDbDataAdapter(sql, cn);
              DataSet ds = new System.Data.DataSet();
              da.Fill(ds, "ta");
              if (ds == null)
                  return;


              if (ds.Tables[0].Rows.Count > 0)
              {

                  for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
                  {



                      dtEmplogs.Rows.Add();

                      dtEmplogs.Rows[i].Cells[0].Value = ds.Tables[0].Rows[i][0];

                      dtEmplogs.Rows[i].Cells[0].Value = DateTime.ParseExact(ds.Tables[0].Rows[i][0], "yyyyMMdd", CultureInfo.InvariantCulture)("yyyy/MM/dd");
                      dtEmplogs.Rows[i].Cells[1].Value = ds.Tables[0].Rows[i][1];
                      dtEmplogs.Rows[i].Cells[2].Value = txtEmpName.Text;
                      dtEmplogs.Rows[i].Cells[3].Value = ds.Tables[0].Rows[i][2];
                      dtEmplogs.Rows[i].Cells[3].Value = ds.Tables[0].Rows[i][2];



                  }

                  dtEmplogs.DefaultCellStyle.SelectionBackColor = Color.BurlyWood;
              }
      }

What I have tried:

<pre>  for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
                    {
                        dtEmplogs.Rows.Add();

                        dtEmplogs.Rows[i].Cells[0].Value = ds.Tables[0].Rows[i][0];

                        dtEmplogs.Rows[i].Cells[0].Value = DateTime.ParseExact(ds.Tables[0].Rows[i][0], "yyyyMMdd", CultureInfo.InvariantCulture)("yyyy/MM/dd");
                        dtEmplogs.Rows[i].Cells[1].Value = ds.Tables[0].Rows[i][1];
                        dtEmplogs.Rows[i].Cells[2].Value = txtEmpName.Text;
                        dtEmplogs.Rows[i].Cells[3].Value = ds.Tables[0].Rows[i][2];
                        dtEmplogs.Rows[i].Cells[3].Value = ds.Tables[0].Rows[i][2];

                    

                    }

解决方案

Make sure that you pass a string to DateTime.ParseExact().
You must specify the exact formatting string for DateTime.ParseExact. You need to use a format string that has letters in it that tell ParseExact where to read in the values from your string.
See examples here: [Dotnetperls]

Not a solution to your question, but another problem you have.
Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]

这篇关于Plz转换日期时间格式的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！