Avatar of rwheeler23
rwheeler23
Flag for United States of America asked on

How to properly format date fields coming out of an MS SQL database

I have this SQL command and the aplydate and glpostdt fields are dates.

DataCommand.CommandText = "select aplydate,glpostdt,distref from job_linker where companyid = '" + CompanyID + "' and bchsourc = 'Apply_Documents' and transnmbr ='" + ApplyToVoucherNumber + "' and trxtype = 'Apply Payments ' and dstsqnum = 16384 and cntrltyp = 0 and aptvchnm = '" + ApplyToDocumentNumber + "' and spcldist = 0 and len(rtrim(jobnumber))>0";

I obtain the values with this code

                DataDataAdapter = new System.Data.SqlClient.SqlDataAdapter();
                DataDataAdapter.SelectCommand = DataCommand;
                DataDataAdapter.TableMappings.Add("Table", "DISTREF");

                this.txtApplyDate.DataBindings.Add("Text", DataDataSet.Tables["DISTREF"], "aplydate").ToString();
                this.txtApplyPostingDate.DataBindings.Add("Text", DataDataSet.Tables["DISTREF"], "glpostdt").ToString();

It is the last two lines where I am stumped. I want the format of the dates to be MM/dd/yyyy.  When I try
                this.txtApplyDate.DataBindings.Add("Text", DataDataSet.Tables["DISTREF"], "aplydate").ToString("MM/dd/yyyy")
I receive an error.

What is the correct way to format these date fields?
C#

Avatar of undefined
Last Comment
rwheeler23

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Kyle Abrahams

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
rwheeler23

ASKER
Thanks. That is something else I need to read up on, sql injection.
rwheeler23

ASKER
So from a sql injection side, is it better to do the conversion on the data binding side? No data input is happening on the user side with this query.  Is it still susceptible to sql injection?
SOLUTION
AndyAinscow

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Kyle Abrahams

If there's no user input then no need to worry about sql injection.  Saw the variables, didn't know where they were coming from.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
rwheeler23

ASKER
Thnaks