>>>Pass it as parameter and you should have no problems at all:
>>>
>>>ldDate = DATE()
>>>lcSql = [INSERT INTO MyTable (MyDateTimeField) VALUES (?m.ldDate)]
>>>
>>True. But if you would want to convert it for whatever reason, what format should we use?
>>
>
>IMO, this conversion of values into a string which is then sent to SQL Server leaves the door open for SQL Injection Attacks. Passing parameters is safe. No user input "sanitizing" required, either.
I'm not sure what exactly do you mean here and how it can open this door. However, I haven't worked with SQL Server for ~3 years, so I can take your word for granted.
If it's not broken, fix it until it is.
My Blog