A.Dagostino wrote:
i have in my page an input text with a date like this "18/10/2005" i
need to convert this value to lunch a select on SQL2000 like this
"WHERE (dataAssunzione = CONVERT(DATETIME, '2005-10-18 00:00:00',
102))"
How can i convert this date ?
Do the Regional Settings on your server allow this text to be recognized as
a date? I.E., does this statement raise an error?
Response.Write CDate("18/10/2005")
If this statement runs without error, see
http://www.aspfaq.com/show.asp?id=2313
Otherwise, you will need to use basic string functions (Left, Mid and Right)
to extract the date elements and recombine them into a database-friendly
date format.
Bob Barrows
PS. you are going to unnecessary trouble in your example sql statement. All
that is required is:
WHERE dataAssunzione = '20051018'
No need for the parentheses and no need for the CONVERT function.
Also, given the lack of a parameter in te above example, it looks like you
are planning to use dynamic sql to create and run this query. if so, please
read:
http://mvp.unixwiz.net/techtips/sql-injection.html http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=23
The surest way to defeat sql injection is to use parameters, either by using
a Command object to pass parameter values to a string containing parameter
markers:
http://groups-beta.google.com/group/...e36562fee7804e
or by using my preferred method of using stored procedures:
http://tinyurl.com/jyy0
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"
