在我的服务器上保存到sql server时，datetime保存有问题吗? [英] Datetime save problem when saving into sql server on my server ?

问题描述

我正在使用简单的Bootstrap Datime Picker.
我可以向用户显示的格式是dd MM yyyy. 2016年2月27日

在我的本地计算机上工作正常.

当我将其部署在服务器上时.保存到数据库时，它已开始引发错误.

当我检查时，我发现在srver datime上，如果有时间保存，格式会以某种方式被更改.其2016-02-25.由于我的日期是2015-02-2016，因此会引发错误.

以下是我正在为临时解决方案做的事情.但是我有很多datime控件，并且忙于将它们全部修改并传递给此方法并转换时间，然后保存到db中..

我需要一些全局解决方案

请提出

我尝试过的事情:

公共字符串DateFormating(字符串dateTimeString)
{

字符串inputFormat ="dd/MM/yyyy";
字符串outputFormat ="yyyy/MM/dd";
var dateTime = DateTime.ParseExact(dateTimeString，inputFormat，CultureInfo.InvariantCulture);
字符串输出= dateTime.ToString(outputFormat);
返回输出；
}

Hi ,

I am using simple bootstrap datime picker .
My format to show the user is dd MM yyyy . 27-02-2016

it was working fine on my local .

When i deployed it on server . while saving into database it has started throwing error.

when i checked , i found that on srver datime format is somehow gets chnaged when there is time to save. its 2016-02-25. which throws an error as my date is 2015-02-2016.

below is what I am doing for temp solution . but there are many datime controls i have and its very hectic to chnage them all and pass to this method and convert the time and then save into db ..

I need some global solution

Please suggest

What I have tried:

public string DateFormating(string dateTimeString)
{

string inputFormat = "dd/MM/yyyy";
string outputFormat = "yyyy/MM/dd";
var dateTime = DateTime.ParseExact(dateTimeString, inputFormat, CultureInfo.InvariantCulture);
string output = dateTime.ToString(outputFormat);
return output;
}

推荐答案

停止将字符串发送到您的数据库.
对于初学者来说，几乎可以肯定，这意味着您需要将字符串连接起来以形成SQL命令-这非常危险.它使您对SQL注入持开放态度，这意味着用户仅输入文本就可能破坏数据库.始终改用参数化查询.
其次，DateTimePicker具有一个Value属性，该属性是一个DateTime值-因此将其直接发送给SQL作为参数，并且没有转换或格式问题，因为已传输的值已准备好直接插入DB中. br/> 因此，请检查您的整个代码，并转换为直接发送实际数据类型值的参数化查询.

Stop sending strings to your database.
For starters, it almost certainly means you are concatenating strings to form your SQL command - and that''s very dangerous. It leaves you wide open to SQL Injection which means users can damage of destroy your database just by typing in text. Always use parameterised queries instead.
Secondly, a DateTimePicker has a Value property which is a DateTime value - so send that direct to SQL as a parameter and there is no conversion or problems with format, because the value that is transfered is ready to be inserted in the DB directly.
So check the whole of your code, and convert to parameterised queries sending the actual datatype values directly.

尝试此操作将有效

Try this this will works

DateTime outPutDate = DateTime.ParseExact(yourDate, "dd-mm-yyyy", CultureInfo.CurrentCulture);

使用此->插入your_table_name值中(to_char(``您的日期''，``dd-mm-yyyy''));

use this -> insert into your_table_name values (to_char(''your date'',''dd-mm-yyyy''));

这篇关于在我的服务器上保存到sql server时，datetime保存有问题吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！