Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

grab data where datetime is 30days from now

Status
Not open for further replies.
flyclassic22

flyclassic22

Technical User
Oct 1, 2002
54
SG
How do i insert a sql and asp.net datetime functions and date now to come up with a sql statement to select data which are within now and 30days ago?
Any examples???
 
Sort by date Sort by votes
Code: 
DateTime today = DateTime.Today;
DateTime ThrityDaysAgo = DateTime.Today.AddDays(-30);
SqlCommand cmd = new SqlCommand();

cmd.CommandText = "select * from [table] where [field] bewteen @start and @end";
cmd.Parameter.Add(new Parameter("start", SqlDbType.DateTime, ThrityDaysAgo);
cmd.Parameter.Add(new Parameter("end", SqlDbType.DateTime, today);

this still requires a connection string and SqlConnection object, but you get the idea. NOTE: I'm not sure if the new Parameter overload is valid, I'm doing this from memmory.

Jason Meckley
Programmer
Specialty Bakers, Inc.
 
Upvote 0 Downvote
I've just found out myself after browsing google...
What i did...

DateTime todaydate;
DateTime sixtydaysago;
todaydate = sixtydaysago = DateTime.Today;
sixtydaysago = sixtydaysago.AddDays(-30);

string selectquery = "SELECT [ImagePath], [Description], [Price], [DateRelease], [productID] FROM [CDCatalog] WHERE DateRelease BETWEEN '" + sixtydaysago.ToString() + "' AND '" + todaydate.ToString() + "'";
NewRelease.SelectCommand = selectquery;

And it worked.. haha, it is similar to yours jason.. I get your idea, it seems the same, thank you anyway!!
 
Upvote 0 Downvote
Code: 
string selectquery = "SELECT [ImagePath], [Description], [Price], [DateRelease], [productID] FROM [CDCatalog] WHERE DateRelease BETWEEN '" + sixtydaysago.ToString() + "' AND '" + todaydate.ToString() + "'";
this is open to SQL injection attacks where as this
Code: 
string selectquery = "SELECT [ImagePath], [Description], [Price], [DateRelease], [productID] FROM [CDCatalog] WHERE DateRelease BETWEEN @start AND @end";
is not. That is why .Net include Parameter objects.

here is more information about SQL injection attacks Google "sql injection attacks"

Jason Meckley
Programmer
Specialty Bakers, Inc.
 
Upvote 0 Downvote
Good point about the injection attacks Jason. My suggestion was because of that, but also for performance and maintainability.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

AhmedAzizBarbary
  • Locked
  • Question
How to read data response body after success login razor page ?
Replies
0
Views
962
AhmedAzizBarbary
AhmedAzizBarbary
G12Consult
  • Locked
  • Question
Retrieve data from JSON
Replies
1
Views
870
gmmastros
gmmastros
G12Consult
  • Locked
  • Question
Javascript from Content Pages
Replies
0
Views
819
G12Consult
G12Consult
a6green
  • Locked
  • Question
How to configure AT&T / Avaya Definity G3 incoming ISDN trunk
Replies
2
Views
1K
a6green
a6green
thep1
  • Locked
  • Question
dynamic pivot data to display in gridview
Replies
3
Views
703
jbenson001
jbenson001

Part and Inventory Search

Sponsor

Back
Top