How to use dates in WHERE in SQL Server

Level Extreme platform

Subscription

Corporate profile

Products & Services

Support

Legal

Français

How to use dates in WHERE in SQL Server

Message

From

10/06/2008 17:09:16

Cetin Basoz
Engineerica Inc.
Izmir, Turkey

10/06/2008 17:06:41

Dmitry Litvak
Massachusetts, United States

General information

Forum:

Microsoft SQL Server

Category:

Other

Title:

Re: How to use dates in WHERE in SQL Server

Miscellaneous

Thread ID:

01322704

Message ID:

01322939

Views:

>>>
>>>But the problem I am having is that I have to pass the variable m.ldDate to the function that actually calls SQL Server (using SPT). I am trying to find a way to create a built-in string that includes the Date Variable without having to pass the variable.
>>
>>Well there are individuals doing that which some I respect but I don't want to be part of "SQL injection" crimes:) Pass the variable and use parameters. If you insist on passing a string:
>>
>>cast(dateString as datetime)
>>
>>is cross compatible (VFP and SQL server both recognize it).
>>Cetin
>
>Thank you, Cetin. I don't know what you mean by "SQL injection", I am only SQL Server newbie. And I will see how using CAST() can help me create one-string approach that will work for either SQL Server or VFP. Passing date variable as a parameter right now is not attractive approach.

OK. SQL injection in summary means you're opening your database to the public.
Cetin

Çetin Basöz

The way to Go
Flutter - For mobile, web and desktop.
World's most advanced open source relational database.
.Net for foxheads - Blog (main)
FoxSharp - Blog (mirror)
Welcome to FoxyClasses

LinqPad - C#,VB,F#,SQL,eSQL ... scratchpad

Map

View

Click here to load this message in the networking platform