I started a new ASP.NET MVC project two weeks ago. I'm using the micro ORM NPoco and I love it!
During testing I ran into a problem saving DateTime properties into SQL Server 2014 Express.
When I tried to insert the DateTime value 00:03:28.385 it saved in the database as 00:03:28.387. The database column type is time(7). I tried datetime2(7) and the result is always the same -> 00:03:28.387
Then I tried the plain System.Data.SqlClient:
var insert = "insert into Foo(time) values (#time)";
var conn = new SqlConnection(#"conntionString");
conn.Open();
var cmd = new SqlCommand(insertString.ToString(), _conn);
cmd.Parameters.AddWithValue("#Time", DateTime.ParseExact("00:03:28.385", "HH:mm:ss.fff", CultureInfo.InvariantCulture));
cmd.ExecuteNonQuery();
The result was the same: 00:03:28.387
It would worked when insert the time as a string.
insert into Foo(time) values ('00:03:28.385')
So it’s not a problem from NPoco.
If you properly specify the parameters for your SqlCommand, it works just fine:
string connStr = "server=.;database=Test;Integrated security=SSPI;";
string insertQry = "INSERT INTO dbo.Foo(time) VALUES(#Time);";
using (SqlConnection conn = new SqlConnection(connStr))
using (SqlCommand insertCmd = new SqlCommand(insertQry, conn))
{
// use proper Parameters syntax - specify SqlDbType!
insertCmd.Parameters.Add("#time", SqlDbType.Time).Value = TimeSpan.Parse("00:03:28.385");
conn.Open();
insertCmd.ExecuteNonQuery();
conn.Close();
}
I think the .AddParameterWithValue might just guess the datatype wrong and use SqlDbType.DateTime which corresponds to the DATETIME type in SQL Server - and that does have a 3.33ms accuracy - so .385 would be "rounded up" to .387 for that datatype.
I don't know all the details, but see Otiel's answer on this page. It seems to match what you are seeing.
Milliseconds in my DateTime changes when stored in SQL Server
This is due to the precision of the SQL datetime type. According to
msdn:
Datetime values are rounded to increments of .000, .003, or .007 seconds
Related
I have DateTimePicker object in a C# winform application, from which I am getting date and time in yyyy-MM-dd HH:mm tt custom format. But whenever I save the data in phpmyadmin, it gets saved as "0000-00-00 00:00:00.000000" in the specific field. My code is bellow:-
private void submit_Click(object sender, EventArgs e)
{
DateTime scd = MydateTimePicker.Value;
cn.Open();
cmd.Connection = cn;
cmd.CommandType = CommandType.Text;
cmd.CommandText = "insert into flight(flight_schedule) values ('" + scd + "')";
cmd.ExecuteNonQuery();
cn.Close();
}
In c# when you use a DateTime variable in a string context, it is treated as if it were appended with .ToString(). Unfortunately that delivers a locale-specific rendering of the date. On my USA locale it looks like this:
2/26/2016 7:12:19 PM
MySQL, when you present datetime values to it as strings, needs this format.
2016-02-26 19:12:19
In some versions of MySQL, a failure to interpret a date results in a zero date. Read this for more information on that topic. http://dev.mysql.com/doc/refman/5.7/en/sql-mode.html#sqlmode_allow_invalid_dates
Your insert query constructs a query string, so your DateTime value gets formatted in a way that MySQL cannot use. That's why you get that strange zero date.
If you changed your insert query to this, things would probably start to work.
cmd.CommandText = "insert into flight(flight_schedule) values ('" +
scd.ToString("yyyy-MM-dd HH:mm:ss") + "')";
Better yet, use parameters. Read this for an example and discussion. C# SqlParameters Short Hand
No.
You have a bad habit to kick as choosing wrong data type. You should never store your DateTime values as a string.
Change your flight_schedule to DATETIME column type and pass your DateTime value directly with a parameterized query.
Also use using statement to dispose your connection and command automatically instead of calling Close or Dispose methods manually.
using(var cn = new MySqlConnection(conString))
using(var cmd = cn.CreateCommand())
{
cmd.CommandText = "insert into flight(flight_schedule) values (#date)";
cmd.Parameters.Add("#date", MySqlDbType.Datetime).Value = MydateTimePicker.Value;
// I assume you change your column type to Datetime
cn.Open();
cmd.ExecuteNonQuery();
}
EDIT:
Looks like you already have DATETIME column in your database, so my answer seems irrelevant but I still believe saving your DateTime as their values, not their string representations.
Using Visual Studio 2010 and C#
Table1:
column datatype
------------------------
Currenttime time
How to insert a time value into table1?
Code
string hr = txtHr.Text;
string min = txtMin.Text;
string time = hr + ":" + min;
insert into table1 values(time)
Getting error
Cannot convert from string to System.Timespan
while inserting into table1.
Need Code help
You should always (no exceptions!) use parametrized queries instead of constructing your own SQL statement as a string! Just google "SQL injection" - it's a really horrible thing.... stop doing that RIGHT NOW
To use a parametrized query, you should get in the habit of using a pattern like this:
// Define your SQL query - WITH parameters!
// And always specify the list of columns for your INSERT!
string query = "INSERT INTO dbo.Table1(CurrentTime) VALUES(#TimeValue)";
// use the "using" blocks to properly protect your disposable connection and command
using (SqlConnection con = new SqlConnection("server=.;database=test;integrated security=SSPI;"))
using (SqlCommand cmd = new SqlCommand(query, con))
{
string hr = txtHr.Text;
string min = txtMin.Text;
string time = hr + ":" + min;
// set the parameter value
cmd.Parameters.Add("#TimeValue", SqlDbType.Time).Value = TimeSpan.Parse(time);
// open connection, execute your INSERT, close connection
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
You need DateTime.Parse and not Timespan.parse , Timespan represents length of time
You need to parse to DateTime and not datetimepicker's itself, parse its value
DateTime.Parse(datetimepicker1.value)
I have a Date field in a table that is displayed as Day-Month-Year Hour.Minute.Seconds and I am trying to update the HOUR field when there is the same Ertnumber and Date. I can get the field to update with the same Ertnumber but when I try to make sure the date is the same I get an error. I am having troubles making my DateTime format the same as sqls.
I create the DateTime in c# by:
DateTime dateStamp = new DateTime(2013, 2, 14, 1, 0, 0);
Here is my update string.
String.Format("update sdeadmin.meter_data_fixed_network set HOUR{2} = {0} where ERTNUMBER = '{1}' and DATETIME = '{3}'", this.Read, this.ertNumber, this.Stamp.Hour, this.DateStamp.ToString("MMddyyyyHHmmss"));
Try doing something like this:
Datetime parameter for SQL Queries
You should be doing a parameterized query, not a String.Format()
Parameterization of your query should resolve this issue; however, your problem is actually in two parts; you need to first build the query which references a column name that can change, HOUR+stamp.Hour, and the query parameters.
Therefore, something like the following should work for you:
string query =
String.Format("update sdeadmin.meter_data_fixed_network SET HOUR{0} = #read WHERE ERTNUMBER = #ertnumber AND DATETIME = #date;", this.Stamp.Hour);
This builds your basic query - you know have a parameterized query that will update the respective HOUR column of sdeadmin.meter_data_fixed_network. All that remains is create a connection object, a command object, and add the parameters to it before executing it.
For example:
//Create the connection
using(SqlDbConnection connection = new SqlDbConnection("your_connection_string"))
{
//Create the Command
using(SqlDbCommand command = new SqlDbCommand(query))
{
//Set up the properties of the command and the parameters
command.CommandType = CommandType.Text;
command.Connection = connection;
command.Parameters.AddWithValue("#read", Read);
command.Parameters.AddWithValue("#ertnumber", ertNumber);
command.Parameters.AddWithValue("#date", DateStamp);
//Have to open the connection before we do anything with it
connection.Open();
//Execute the command. As we don't need any results back we use ExecuteNonQuery
command.ExecuteNonQuery();
}
}//At this point, connection will be closed and disposed - you've cleaned up
There are several advantages to parameterizing your query:
You can help prevent sql injection attacks
Many database engines can reuse execution plans for parameterized queries, improving performance
#JeffAtwood wrote on this subject a few years ago: http://www.codinghorror.com/blog/2005/04/give-me-parameterized-sql-or-give-me-death.html
Also note the use of the USING statement. This will ensure that the connection and command objects are disposed as soon as you leave the scope of the respective usings. This is important as, although .Net will manage the resources it has control over, it cannot manage external resources like file handles, database connections etc, so it's important you clean up after yourself. The Dispose for Connection will also explicitly close it.
(Assuming you mean SQL Server): The best date format to use with SQL Server is ISO 8601:
yyyyMMdd HHmmss.
HOWEVER, writing your SQL with String.Format is a terrible practice. Use System.Data.SQLClient.SQLCommand with parameters and the format won't bother you.
DateTime dateStamp = new DateTime(2013, 2, 14, 1, 0, 0);
System.Data.SQLClient.SQLConnection cxn; // make sure to set this up and open it
System.Data.SQLClient.SQLCommand cmd = new System.Data.SQLClient.SQLCommand(
String.Format("update sdeadmin.meter_data_fixed_network set HOUR{0} = #value where ERTNUMBER = #ert and DATETIME = #date", this.Stamp.Hour)
,cxn );
cmd.Parameters.Add(new SqlParameter("#value", this.Read);
cmd.Parameters.Add(new SqlParameter("#ert", this.ertNumber);
cmd.Parameters.Add(new SqlParameter("#date", this.Stamp);
cmd.ExecuteNonQuery();
My SQL Server 2008 database has a table with a column of datatype datetime.
When I try to insert values into the datetime column I am getting error.
Incorrect syntax near '-'
My datetime picker has custom format yyyy-MM-dd e.g (2012-11-01)
Following is the code sample I used to insert datetime.
System.DateTime myDate = default(System.DateTime);
myDate = DateTimePickerPrint.Value;
string query = string.Format("EXEC Save_Quotation_Bookshop '" + txt_QutationNo.Text + "','" + txt_CusCode.Text + "',#" + myDate + "#,");
Please any one have an idea ?
First off: STOP concatenating together your SQL code! This is an invitation for SQL injection attacks, and it's really bad for performance, too - use parametrized queries instead.
If you do - you won't have the problem of datetime/string conversion issues, either.....
Secondly: the "safe" format for a date-only DateTime in SQL Server is YYYYMMDD - without any dashes - only this format guarantees that it'll run on any SQL Server, regardless of your language, regional and dateformat settings.
Thirdly. if you want to execute a stored procedure - I would recommend using this approach:
System.DateTime myDate = default(System.DateTime);
myDate = DateTimePickerPrint.Value;
using (SqlConnection con = new SqlConnection(your-connection-string-here))
using (SqlCommand cmd = new SqlCommand("dbo.Save_Quotation_Bookshop", con))
{
// tell ADO.NET it's a stored procedure (not inline SQL statements)
cmd.CommandType = CommandType.StoredProcedure;
// define parameters
cmd.Parameters.Add("#QuotationNo", SqlDbType.VarChar, 50).Value = txt_QutationNo.Text;
cmd.Parameters.Add("#CustomerCode", SqlDbtype.VarChar, 25).Value = txt_CusCode.Text;
cmd.Parameters.Add("#SaleDate", SqlDbType.DataTime).Value = myDate;
// open connection, execute stored procedure, close connection again
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
Don't use EXEC ...... as an inline SQL statement - tell ADO.NET that you're executing a stored procedure, supply the parameters - and you're done!
Wrap the date in single quotes instead of #.
This string concatenation is a SQL injection waiting to happen. Use SqlCommand with parameters instead, then you don't have to worry about string conversion issues
Try this
string query = String.Format("EXEC Save_Quotation_Bookshop '{0}','{1}','{2}'",txt_QutationNo.Text,txt_CusCode.Text, myDate);
OR
string query = string.Format("EXEC Save_Quotation_Bookshop #QutationNo,#CusCode,#myDate");
...
comm.Parameters.AddWithValue("#QutationNo", txt_QutationNo.Text);
comm.Parameters.AddWithValue("#CusCode", txt_CusCode.Text);
comm.Parameters.AddWithValue("#myDate", myDate);
if you please help me out my error is:
Conversion failed when converting date and/or time from character string.
my database column is of type datetime
Use a parameterized query and you won't have to worry about date formats, or sql injection, and use using to ensure your connection is disposed.
using (var connection = new SqlConnection(yourConnectionString))
using (var command = connection.CreateCommand())
{
command.CommandText = "insert into YourTable(Col1, Col2) values(#val1, #val2)";
command.Parameters.AddWithValue("#val1", 123);
command.Parameters.AddWithValue("#val2", DateTime.Now);
connection.Open();
command.ExecuteNonQuery();
}
you can also GETDATE() function of sql it is predefine function of sql