获取更新查询的SQL语法错误
[英]Getting sql syntax error for update query
问题描述
我正在尝试更新一些客户详细信息,但出现错误:错误:您的SQL语法有错误。 检查与您的MySQL服务器版本相对应的手册,以在PaperWorkRequired = 1,BookingInRequired = 0,TailLiftRequired = 1,OpeningTimes第1行附近使用正确的语法
文书工作,预订和尾巴升降机均为复选框,开放时间为文本框。 无需填写这些选项(由于复选框为空,因此BookingInRequired等于零)。
public static void UpdateCustomer(int CustomerID, string Name, int AccountType, string AccountCode, string Add1, string Add2, string Add3, string Town, int TownID, int CountryID, int CurrencyType, int CountyID, string PostCode, string ContactName, string Phone, string Email, int IsActive, int ModifiedByUser, string Website, string VATNo, int PORequired, int CreditTerms, int CreditDays, int VATCodeID, int COD, string VATAuthNo, int PrintBankDetails, int VATExempt, DateTime VATExpiry,
string SignedCreditApplcation, DateTime FinancialYearEnd, string FinancialSummary, DateTime CreditReviewDate, string CreditReviewComments, string DefaultInvoiceType, string DownloadToAccountCode, int PODRequired, decimal FuelSurcharge,
string InvoiceInstructions, string DeliveryInstructions, int DeliveryInstructionsField, string CollectionInstuctions, int CollectionInstructionsField, string SpecialInstructions, int SpecialInstructionsField, int FOC, string DefaultPONumber, int OnHold, int PrintVAT, int PickByOrder, int IncludeInSelectStock, string GroupAccountCode, DateTime AccreditationExpiry, string AccreditedBy, DateTime AccreditedDate, int SendToWeb, int Rank, string SalesRep, int ShowProductionNote,
string WebsiteCheckDate, string WebsiteComments, int Facebook, int PaperRecordOnFile, int FSCReq, string QuoteType, int PalletNetwork, string CustomerRequirement, int CustomerRequirementField, int ServiceLevel, int DefaultCreditorID, int ManualLotNo, DateTime DiscountReviewDate, decimal CreditLimitAmount, DateTime? AccountDisabledDate, string AccountDisabledMsg,
int PaperWorkRequired, int BookInRequired, int TailLiftRequired, string OpeningTimes, string EquipmentRequired, string WeighInOut)
{
string sql = "proc_UpdateCustomer";
using (MySql.Data.MySqlClient.MySqlConnection conn = new MySql.Data.MySqlClient.MySqlConnection(ConnectionStrings["TAT"]))
{
conn.Open();
using (MySql.Data.MySqlClient.MySqlCommand cmd = new MySql.Data.MySqlClient.MySqlCommand(sql, conn))
{
cmd.CommandType = CommandType.Text;
cmd.CommandText = "UPDATE customer SET Name = '" + Name.Replace("'", "''") + "', " +
"AccountType = " + AccountType + ", " +
"AccountCode = '" + AccountCode.Replace("'", "''") + "', " +
"Add1 = '" + Add1.Replace("'", "''") + "', " +
"Add2 = '" + Add2.Replace("'", "''") + "', " +
"Add3 = '" + Add3.Replace("'", "''") + "', " +
"Town = '" + Town.Replace("'", "''") + "', " +
"TownID = " + TownID + ", " +
"CountryID = " + CountryID + ", " +
"CountyID = " + CountyID + ", " +
"CurrencyType = " + CurrencyType + ", " +
"PostCode = '" + PostCode.Replace("'", "''") + "', " +
"ContactName = '" + ContactName.Replace("'", "''") + "', " +
"Phone = '" + Phone.Replace("'", "''") + "', " +
"Email = '" + Email.Replace("'", "''") + "', " +
"IsActive = " + IsActive + ", " +
"ModifiedByUser = " + ModifiedByUser + ", " +
"ModifiedDate = NOW()," +
"Website = '" + Website.Replace("'", "''") + "', " +
"VATNo = '" + VATNo.Replace("'", "''") + "', " +
"CreditTermsID = " + CreditTerms + "," +
"CreditDays = " + CreditDays + "," +
"VATCodeID = " + VATCodeID + "," +
"COD = " + COD + ", " +
"VATAuthNo = '" + VATAuthNo.Replace("'", "''") + "', " +
"PrintBankDetails = " + PrintBankDetails + ", " +
"VATExempt = " + VATExempt + ", " +
"VATExpiry = '" + VATExpiry.Year + "-" + VATExpiry.Month + "-" + VATExpiry.Day + "', " +
"FinancialYearEnd = '" + FinancialYearEnd.Year + "-" + FinancialYearEnd.Month + "-" + FinancialYearEnd.Day + "', " +
"FinancialSummary ='" + FinancialSummary.Replace("'", "''") + "', " +
"SignedCreditApplication = '" + SignedCreditApplcation.Replace("'", "''") + "', " +
"CreditReviewedDate = '" + CreditReviewDate.Year + "-" + CreditReviewDate.Month + "-" + CreditReviewDate.Day + "', " +
"CreditReviewComments = '" + CreditReviewComments.Replace("'", "''") + "', " +
"DefaultInvoiceType = '" + DefaultInvoiceType.Replace("'", "''") + "', " +
"DownloadToAccountCode ='" + DownloadToAccountCode.Replace("'", "''") + "', " +
"PODRequired = " + PODRequired + ", " +
"FuelSurcharge= " + FuelSurcharge + ", " +
"InvoiceInstructions = '" + InvoiceInstructions.Replace("'", "''") + "'," +
"DeliveryInstructions = '" + DeliveryInstructions.Replace("'", "''") + "', " +
"DeliveryInstructionsField = " + DeliveryInstructionsField + ", " +
"CollectionInstructions ='" + CollectionInstuctions.Replace("'", "''") + "', " +
"CollectionInstructionsField = " + CollectionInstructionsField + ", " +
"SpecialInstructions ='" + SpecialInstructions.Replace("'", "''") + "', " +
"SpecialInstructionsField = " + SpecialInstructionsField + ", " +
"FOC = " + FOC + ", " +
"DefaultPO = '" + DefaultPONumber.Replace("'", "''") + "'," +
"PORequired = " + PORequired + ", " +
"OnHold = " + OnHold + ", " +
"PrintVAT = " + PrintVAT + ", " +
"IncludeInSelectStock = " + IncludeInSelectStock + ", " +
"PickByOrder = " + PickByOrder + ", " +
"AccreditationExpiry = '" + AccreditationExpiry.Year + "-" + AccreditationExpiry.Month + "-" + AccreditationExpiry.Day + "'," +
"AccreditedDate = '" + AccreditedDate.Year + "-" + AccreditedDate.Month + "-" + AccreditedDate.Day + "'," +
"AccreditedBy = '" + AccreditedBy.Replace("'", "''") + "'," +
"GroupAccountCode = '" + GroupAccountCode.Replace("'", "''") + "', " +
"SendToWeb = " + SendToWeb + ", " +
"SalesRep = '" + SalesRep.Replace("'", "''") + "'," +
"ShowProductionNote = " + ShowProductionNote + ", " +
"WebsiteCheckDate = '" + WebsiteCheckDate.Replace("'", "''") + "', " +
"WebsiteComments = '" + WebsiteComments.Replace("'", "''") + "', " +
"Facebook = " + Facebook + ", " +
"PaperRecordOnFile = " + PaperRecordOnFile + ", " +
"FSCReq = " + FSCReq + ", " +
"QuoteType = '" + QuoteType.Replace("'", "''") + "', " +
"Rank = " + Rank + ", " +
"PalletNetwork = " + PalletNetwork + ", " +
"CustomerRequirement ='" + CustomerRequirement.Replace("'", "''") + "', " +
"CustomerRequirementField = " + CustomerRequirementField + ", " +
"ServiceLevel = " + ServiceLevel + ", " +
"ManualLotNo = " + ManualLotNo + ", " +
"DiscountReviewDate = '" + DiscountReviewDate.Year + "-" + DiscountReviewDate.Month + "-" + DiscountReviewDate.Day + "', " +
"CreditLimitAmount = " + CreditLimitAmount + ", " +
"DefaultCreditorID = " + DefaultCreditorID + ", " +
"AccountDisabledDate = ?AccountDisabledDate," +
"AccountDisabledMsg = ?AccountDisabledMsg " +
"PaperWorkRequired = " + PaperWorkRequired + ", " +
"BookingInRequired = " + BookInRequired + ", " +
"TailLiftRequired = " + TailLiftRequired + ", " +
"OpeningTimes ='" + OpeningTimes.Replace("'", "''") + "', " +
"EquipmentRequired ='" + EquipmentRequired.Replace("'", "''") + "', " +
"WeighInOut ='" + WeighInOut.Replace("'", "''") +
"WHERE ID = " + CustomerID;
cmd.Parameters.Add(new MySqlParameter("AccountDisabledDate", AccountDisabledDate));
cmd.Parameters.Add(new MySqlParameter("AccountDisabledMsg", AccountDisabledMsg));
cmd.ExecuteNonQuery();
}
}
}
1 个解决方案
解决方案1
0 已采纳 2015-05-28 10:04:50
在您的查询建筑物中,您在?AccountDsibaledMsg之后缺少逗号,如下所示
AccountDisabledMsg = ?AccountDisabledMsg " +
"PaperWorkRequired = " + PaperWorkRequired +
放入逗号并尝试
AccountDisabledMsg = ?AccountDisabledMsg ," +
"PaperWorkRequired = " + PaperWorkRequired +
但是请始终尝试使用参数化查询,因为这将使您调试更加容易,并且避免了sql注入问题
收到“您的SQL语法有错误”错误。 此查询出了什么问题?
[英]Getting a “you have an error in your SQL syntax” error. What is going wrong with this query?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.