如何获得特定月份和年份的所有条目?
[英]How do I get all the entries for a certain month and year?
问题描述
I am trying to do 
我正在尝试做
var dt = DateTime.Now.ToString();
string query = "SELECT * FROM Gigs where Date >= '"+dt+"';";
it appears to work - except it gets entries for future months 它似乎可以工作-除非它能获得未来几个月的条目
I then do 然后我做
var dt = DateTime.Now.AddMonths(3).ToString();
string query = "SELECT * FROM Gigs where Date >= '"+dt+"';";
And I get the same result which isn't expected 而且我得到了意外的结果
If today is January 1st, I want to get all the entries for January, but none for February. 如果今天是1月1日,我想获得一月的所有条目,但二月的却没有。
This is readonly data, no concern of SQL injection 这是只读数据,与SQL注入无关
2 个解决方案
解决方案1
5 已采纳 2015-06-05 18:40:50
First of all, why do you need to calculate date in C# and pass it to SQL query? 首先,为什么需要在C#中计算日期并将其传递给SQL查询? You can use DATEADD and GETDATE() to avoid that: 您可以使用DATEADD和GETDATE()来避免这种情况:
--Will get three months before:
select DATEADD(MONTH, 3, GETDATE())
Second, you got three months in future. 其次,您未来有三个月。 Are you sure that you don't want to use -3: 您确定不想使用-3:
var dt = DateTime.Now.AddMonths(-3).ToString();
Third: use parameterized queries, here is the example: 第三:使用参数化查询,这是示例:
using (var connection = new SqlConnection("Data Source=.;Initial Catalog=Test;Integrated Security=SSPI;"))
{
connection.Open();
using (var command = connection.CreateCommand())
{
command.CommandText = "SELECT * FROM [Test].[dbo].[SomeDates] WHERE dt > @MyDate";
var param = new SqlParameter("@MyDate", SqlDbType.DateTime2) { Value = DateTime.Now };
command.Parameters.Add(param);
var result = command.ExecuteReader();
while (result.Read())
{
Console.WriteLine(result.GetDateTime(0));
}
}
}
Update regarding second : looks like you do want to get query in future. 关于秒的更新 :看来您确实希望将来获得查询。
Update #2 : Even if you is not concerned about SQL injection (but you must be), you should use parameterized queries since framework will take care of date time formats and conversions. 更新#2 :即使您不担心SQL注入(但一定要担心),也应该使用参数化查询,因为框架将处理日期时间格式和转换。 Otherwise it may work on your machine but won't work on other machine/production. 否则,它可能会在您的计算机上运行,但无法在其他计算机/产品上运行。
解决方案2
0 2015-06-05 23:30:14
If you are going to convert the date to a string, make sure your region settings don't return a different date for sql server if it uses different region settings. 如果要将日期转换为字符串,请确保您的区域设置使用不同的区域设置时不会为sql server返回不同的日期。 June 5th can be 05-06-2015 for you, but if you pass that in sql-server with en-us it will interpret it as May 6th. 6月5日对您而言可能是2015年5月6日,但是如果您在en-us中将它传递到sql-server中,它将被解释为5月6日。
Conversion from date to string for sql server should always be done using the universal format yyyy-MM-dd, which won't be interpreted wrong in most software, regardless of regional settings. 对于SQL Server,从日期到字符串的转换应始终使用通用格式yyyy-MM-dd进行,在大多数软件中,无论区域设置如何,都不会将其解释为错误。
If you use SqlParameters as suggested you don't really need to worry about these mismatches, so another + for SqlParameter usage. 如果按照建议的方式使用SqlParameters,则不必担心这些不匹配,因此可以使用SqlParameter的另一个+。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.