[英]DateTime format into SQL Server
I am trying to insert into a SQL Server database using a C# application. 我正在尝试使用C#应用程序插入SQL Server数据库中。
In C# I am using datetime.now
to get the current datetime: 在C#中,我使用
datetime.now
来获取当前日期时间:
order.PendingDateTime = DateTime.Now;
This gives me 25/07/2014 11:30:17
. 这给了我
25/07/2014 11:30:17
。
In the SQL Server table the datatype is datetime
. 在SQL Server表中,数据类型为
datetime
。 Which holds the data as 2014-07-23 14:54:01.607
for example. 例如,其中保存的数据为
2014-07-23 14:54:01.607
。
However running the value 25/07/2014 11:30:17
using a normal insert script it inserts into the SQL Server table fine but displays in the table as 2014-07-25 11:30:17
. 但是,使用普通的插入脚本运行值
25/07/2014 11:30:17
可以将其插入SQL Server表中,但在表中显示为2014-07-25 11:30:17
。 (This is ok) (还行吧)
However when I use SqlConnection
但是当我使用
SqlConnection
using (con)
{
con.Open();
using (SqlCommand cmd = new SqlCommand())
{
cmd.Connection = con;
cmd.CommandText = @sql;
cmd.ExecuteScalar();
}
}
It fails, it says 它失败了,它说
The conversion of a varchar data type to a datetime data type resulted in an out-of-range value.
从varchar数据类型到datetime数据类型的转换导致值超出范围。 The statement has been terminated.
该语句已终止。
I think this is because Visual Studio 2010 and SQL Server uses a different datetime format to each other. 我认为这是因为Visual Studio 2010和SQL Server使用彼此不同的日期时间格式。
How do I fix this? 我该如何解决?
Current Code: 当前代码:
string sql = "INSERT INTO Order ([LedgerNumber], [OrderNumber], [OrderDate], [PendingDateTime], [EmailAddress]) VALUES (1, '" + rec.OrderNumber + "', CONVERT(datetime, '" + rec.OrderDate + "', 120), CONVERT(datetime, '" + rec.PendingDateTime + "', 120), '" + rec.EmailAddress + "')";
try
{
SqlConnection con2 = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["OrderContext"].ConnectionString);
using (con2)
{con2.Open();
using (SqlCommand cmd = new SqlCommand())
{
cmd.Connection = con2;
cmd.CommandText = @sql;
cmd.Parameters.AddWithValue("rec.PendingDateTime", DateTime.Now);
cmd.Parameters.AddWithValue("rec.OrderDate", rec.OrderDate);
cmd.ExecuteScalar();
}
Always use sql-parameters instead of string-concatenation. 始终使用sql-parameters而不是字符串连接。 It prevents you from such issues and - more important - from sql-injection:
它可以防止出现此类问题,更重要的是,可以防止sql-injection:
string sql = @"INSERT INTO Order ([LedgerNumber], [OrderNumber], [OrderDate], [PendingDateTime], [EmailAddress])
VALUES (1, @OrderNumber, @OrderDate, @PendingDateTime, @EmailAddress)";
using (var con = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["OrderContext"].ConnectionString))
using (SqlCommand cmd = new SqlCommand(sql, con))
{
cmd.Parameters.AddWithValue("@OrderNumber", rec.OrderNumber);
cmd.Parameters.AddWithValue("@OrderDate", rec.OrderDate);
cmd.Parameters.AddWithValue("@PendingDateTime", rec.PendingDateTime);
cmd.Parameters.AddWithValue("@EmailAddress", rec.EmailAddress);
con.Open();
cmd.ExecuteNonQuery();
}
You: " if I wasn't using datetime.now and get a datetime from a value entered by user. Say '24/07/2014 10:30' how do I use the AddWithValue to achieve this? " 您:“ 如果我不使用datetime.now并从用户输入的值中获取日期时间。请说'24 / 07/2014 10:30'我如何使用AddWithValue实现此目的? ”
You have to parse the input to DateTime
first. 您必须首先将输入解析为
DateTime
。 Therefore use DateTime.Parse
or DateTime.TryParse
, DateTime.ParseExact
or DateTime.TryParseExact
. 因此,请使用
DateTime.Parse
或DateTime.TryParse
, DateTime.ParseExact
或DateTime.TryParseExact
。 The TryParse
-methods enable you to check if the input is a valid DateTime
. TryParse
方法使您可以检查输入是否为有效的DateTime
。
For example: 例如:
DateTime pendingDateTime;
if(!DateTime.TryParse(TxtPendingDateTime.Text, out pendingDateTime))
{
MessageBox.Show("Please enter a valid Pending-Date in the format: yourformat");
return;
}
// here you can go on with the code above
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.