Home/ Questions/Q 6703093
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-26T07:07:51+00:00

I run this command in vb select tuid, finish_time, bay from orders_table where tuid

  • 0

I run this command in vb

select tuid, finish_time, bay 
from orders_table 
where tuid between 1001 and 1005 order by finish_time asc

which returns

tuid    finish_time                     bay
1005    2011-10-14 00:20:00.000          5

then I run this command in vb

While commander.Read()
   str = "update orders_table set start_time = (" & commander("finish_time") & ") where orders_table.tuid =" & num & ""
   Dim myCommand3 As SqlCommand = New SqlCommand(str, myConn2)
   myCommand3.ExecuteNonQuery()

When I do the debugger to see what str is sending to the database I get this

str "update orders_table set start_time = (10/14/2011 12:20:00 AM) where orders_table.tuid =1006"   String

It throws an error saying incorrect syntax near “12”

It formatting datetime and I don’t want it to… how can i fix it so it looks like this 

2011-10-14 00:20:00.000
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Instead of () you can use ' or # to delimit the DateTime:

    str = "update orders_table set start_time = '" & commander("finish_time") & "' where orders_table.tuid =" & num & ""

    This is not the recommended way of using SQL, however (string concatenation), as it opens your code up to SQL Injection.

    It is much better to use parameterized queries, this will avoid the whole issue of escaping the values as well. See the answer @JoelCoehoorn gave.

    • 0