i have written a program with date format as m/d/yyyy

when i deploy it to client's machine, due to the client use d/m/yyyy format
the Select SQL statement return some record wrongly.

how can i fix this problem ? set the user's locale / date format when
program launch and reset it during exit ?

Pls let me know your way to solve it.
many thanks

"jeff" <(E-Mail Removed)> schrieb:
> i have written a program with date format as m/d/yyyy
>
> when i deploy it to client's machine, due to the client use d/m/yyyy
format
> the Select SQL statement return some record wrongly.
>
> how can i fix this problem ? set the user's locale / date format when
> program launch and reset it during exit ?

Use 'DateTime.ParseExact'/'DateTime.ToString' with an explicit format (and
'CultureInfo.InvariantCulture') specified.

--
Herfried K. Wagner [MVP]
<URL:http://dotnet.mvps.org/>

Jeff,

The best thing you can do is absolute not explicitly using date time
formats. By instance not using toString or using Format.

In a normal setting all should be showed in the right way, depending on the
culture setting of the clients computer.

Just my thought,

Cor

"jeff" <(E-Mail Removed)>

>
> when i deploy it to client's machine, due to the client use d/m/yyyy
> format
> the Select SQL statement return some record wrongly.
>
> how can i fix this problem ? set the user's locale / date format when
> program launch and reset it during exit ?
>
> Pls let me know your way to solve it.
> many thanks
>
>

Jeff,
It sounds like you are using String concatenation to build a Dynamic SQL
statement, where one of the "parameters" is a date.

As you found out this is not advisable for a number of reasons, including
but not limited to:
1: culture settings change, how one machine displays a date may be different
than another
2: quoting of string characters (How do you handle O'Brian as a parameter?)
3: SQL Injection attacks. If you use string concatenation to build an SQL
statement you are opening up a HUGE security risk in your app!

For information on SQL Injection attacks see:
http://msdn.microsoft.com/msdnmag/is...n/default.aspx

I would recommend you use a parameterized query instead, which eliminates
the above problems, and can also lead to faster code. For an example of a
parameterized query see "Avoid Dynamic SQL" in the above article.

Hope this helps
Jay





"jeff" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>i have written a program with date format as m/d/yyyy
>
> when i deploy it to client's machine, due to the client use d/m/yyyy
> format
> the Select SQL statement return some record wrongly.
>
> how can i fix this problem ? set the user's locale / date format when
> program launch and reset it during exit ?
>
> Pls let me know your way to solve it.
> many thanks
>
>