Application Security Testing: An Integral Part of DevOps
A common question I receive from clients, colleagues, and 4GuysFromRolla readers is for recommendations on how best to store and display dates and times in a data-driven web application. One of the challenges in storing and displaying dates in a web application is that it is quite likely that the visitors arriving at your site are not in the same time zone as your web server; moreover, it's very likely that your site attracts visitors from many different time zones from around the world.
Consider an online messageboard site, like ASPMessageboard.com, where each of 1,000,000+ posts includes the date and time it was made. Imagine a user from New York leaves a post on April 7th at 4:30 PM and that the web server hosting the site is located in Dallas, Texas, which is one hour earlier than New York. When storing that post to the database do you record the post's date and time relative to the visitor (4:30 PM), the relative to the web server (3:30 PM), or some other value? And when displaying this post how do you show that date and time to a reader in San Francisco, which is three hours earlier than New York? Do you show the time relative to the person who made the post (4:30 PM), relative to the web server (3:30 PM), or relative to the user (1:30 PM)? And if you decide to store or display the date based on the poster's or visitor's time zone then how do you know their time zone and its offset? How do you account for daylight savings, and so on?
This ASP.NET tutorial provides guidance on how to store and display dates and times for visitors across different time zones and includes a demo that gives a working example of some of these techniques. Read the entire article, Advice for Storing and Displaying Dates and Times Across Different Time Zones, here.