Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.
How to properly format date fields coming out of an MS SQL database
I have this SQL command and the aplydate and glpostdt fields are dates.
DataCommand.CommandText = "select aplydate,glpostdt,distref from job_linker where companyid = '" + CompanyID + "' and bchsourc = 'Apply_Documents' and transnmbr ='" + ApplyToVoucherNumber + "' and trxtype = 'Apply Payments ' and dstsqnum = 16384 and cntrltyp = 0 and aptvchnm = '" + ApplyToDocumentNumber + "' and spcldist = 0 and len(rtrim(jobnumber))>0";
I obtain the values with this code
DataDataAdapter = new System.Data.SqlClient.SqlD
DataDataAdapter.SelectComm
DataDataAdapter.TableMappi
this.txtApplyDate.DataBind
this.txtApplyPostingDate.D
It is the last two lines where I am stumped. I want the format of the dates to be MM/dd/yyyy. When I try
this.txtApplyDate.DataBind
I receive an error.
What is the correct way to format these date fields?
DataCommand.CommandText = "select aplydate,glpostdt,distref from job_linker where companyid = '" + CompanyID + "' and bchsourc = 'Apply_Documents' and transnmbr ='" + ApplyToVoucherNumber + "' and trxtype = 'Apply Payments ' and dstsqnum = 16384 and cntrltyp = 0 and aptvchnm = '" + ApplyToDocumentNumber + "' and spcldist = 0 and len(rtrim(jobnumber))>0";
I obtain the values with this code
DataDataAdapter = new System.Data.SqlClient.SqlD
DataDataAdapter.SelectComm
DataDataAdapter.TableMappi
this.txtApplyDate.DataBind
this.txtApplyPostingDate.D
It is the last two lines where I am stumped. I want the format of the dates to be MM/dd/yyyy. When I try
this.txtApplyDate.DataBind
I receive an error.
What is the correct way to format these date fields?
Asked:
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
So from a sql injection side, is it better to do the conversion on the data binding side? No data input is happening on the user side with this query. Is it still susceptible to sql injection?
this.txtApplyDate.DataBind
You are applying the ToString to the DataBindings.Add, I think you want:
this.txtApplyDate.DataBind
or something along those lines
You are applying the ToString to the DataBindings.Add, I think you want:
this.txtApplyDate.DataBind
or something along those lines
If there's no user input then no need to worry about sql injection. Saw the variables, didn't know where they were coming from.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
C#
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: IC3 GS4 Internet Core Competency Global Standard 4… 135 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
Open in new window
Note that the sql query itself looks vulnerable to sql injection.
If you wanted to do it to the dataBinding side:
Open in new window