That will work, but it's a bad idea. Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Always use Parameterized queries instead.
When you concatenate strings, you cause problems because SQL receives commands like:
SELECT * FROM MyTable WHERE StreetAddress = 'Baker's Wood'
The quote the user added terminates the string as far as SQL is concerned and you get problems. But it could be worse. If I come along and type this instead: "x';DROP TABLE MyTable;--" Then SQL receives a very different command:
SELECT * FROM MyTable WHERE StreetAddress = 'x';DROP TABLE MyTable;
Which SQL sees as three separate commands:
SELECT * FROM MyTable WHERE StreetAddress = 'x';
A perfectly valid SELECT
DROP TABLE MyTable;
A perfectly valid "delete the table" command
And everything else is a comment.
So it does: selects any matching rows, deletes the table from the DB, and ignores anything else.
So ALWAYS use parameterized queries! Or be prepared to restore your DB from backup frequently. You do take backups regularly, don't you?
So even for values that can't be SQL Inject prone, you should use parameters - because in this case it prevents confusion, given that the database server and the app may be running on machines with very different culture settings, so the default string generated by your code may not match the date format that the database server machine is set for: if yours uses MM-dd-yy and the server uses dd-MM-yy then you will retrieve the wrong info.
If you aren't getting any data at all after you have fixed this throughout your whole app, then double check the data in your database and check that the Date column does not contain any time info (or that it's set to midnight) - an "equals comparison" needs the values to be identical down to the tick, not just to the day.
Submit an article or tip