SQL和日期问题 [英] Problem with SQL and date

问题描述

Hello.
I have a problem with the format of the date which is stored in SQL server. It should send the date as 'dd-MM-yyyy' but when I look in the 'Table Data' it shows like 'mm-DD-yyyy 00:00:00' and I can't figure out why.

My code for sending information to SQL is:
<pre lang="c#"> MessageBox.Show((DateTime.Parse(datoForbrug.Value.ToShortDateString())).ToString("dd-MM-yyyy"));

cmd.CommandText = "insert into " + Forbrug + " (Dato, Aflæsning, Forskel) VALUES ('" + (DateTime.Parse(datoForbrug.Value.ToShortDateString())).ToString("dd-MM-yyyy") + "', '" + IndtastForbrug.Text + "','" + 0 + "')";

当我从SQL接收数据时，代码是：

When I should recieve the data from SQL, the code is:

Gridview_index.Rows [n].Cells [0].Value = String.Format("{0:dd-MM-yyyy}", item [1].ToString());

我尝试了什么：



一切：从更改dateTimePicker中的格式到格式化，从发送信息到SQL，在SQL中，从SQL接收。也在网上搜索。

What I have tried:

Everything: from changing format in the dateTimePicker to format from sending information to SQL, in the SQL and recieving from SQL. Searching the web too.

推荐答案

Quote：

它应该将日期发送为' dd-MM-yyyy '当我查看'表格数据'时，它显示为' mm-DD-yyyy 00:00:00 '我无法找出原因。

It should send the date as 'dd-MM-yyyy' but when I look in the 'Table Data' it shows like 'mm-DD-yyyy 00:00:00' and I can't figure out why.

日期格式取决于sqk服务器本地化和数据库整理。请参阅： SQL Server的国际注意事项 [ ^ ]。通常，日期（日期时间）数据类型包含日期和时间部分。请检查：数据类型（Transact-SQL）| Microsoft Docs [ ^ ]找出原因。


根据您要实现的目标，您可以更改 datetime 数据类型为 date 。

A date format depends on sqk server localization and database collation. Please see: International Considerations for SQL Server[^]. Usually a date (datetime) data type contains a date and time parts. Check this: Data Types (Transact-SQL) | Microsoft Docs[^] to find out why.

Depending on what you're trying to achieve, you can change datetime data type into date.

从SQL中的scriptfile：

From scriptfile in SQL:

INSERT INTO [dbo].[Elforbrug] ([Id], [Dato], [Aflæsning], [Forskel]) VALUES (71, N'2017-02-04 00:00:00', 10, 0)
INSERT INTO [dbo].[Elforbrug] ([Id], [Dato], [Aflæsning], [Forskel]) VALUES (72, N'2017-02-04 00:00:00', 12, 0)

永远不要通过连接用户输入来构建SQL查询，它被命名为SQL注入，这对你来说很危险数据库容易出错。

名称中的单引号和程序崩溃。如果像Brian O'Conner这样的用户输入可能会使您的应用程序崩溃，那么这是一个SQL注入漏洞。

SQL注入 - 维基百科 [ ^ ]

SQL注入 [ ^ ]

Never build an SQL query by concatenating with user inputs, it is named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability.
SQL injection - Wikipedia[^]
SQL Injection[^]

这篇关于SQL和日期问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！