更新查询出现sql语法错误
本文关键字:语法 错误 sql 查询 更新 | 更新日期: 2023-09-27 17:50:56
我试图更新一些客户的详细信息,但我得到错误:错误:你有一个错误在你的SQL语法;检查与MySQL服务器版本对应的手册,以便使用正确的语法PaperWorkRequired = 1, BookingInRequired = 0, taillifrequired = 1, OpeningTimes at line 1
文书工作,预订和尾吊是复选框和开放时间是一个文本框。这些选项不需要填写(这是BookingInRequired等于零的方式,因为复选框是空的)。
public static void UpdateCustomer(int CustomerID, string Name, int AccountType, string AccountCode, string Add1, string Add2, string Add3, string Town, int TownID, int CountryID, int CurrencyType, int CountyID, string PostCode, string ContactName, string Phone, string Email, int IsActive, int ModifiedByUser, string Website, string VATNo, int PORequired, int CreditTerms, int CreditDays, int VATCodeID, int COD, string VATAuthNo, int PrintBankDetails, int VATExempt, DateTime VATExpiry,
string SignedCreditApplcation, DateTime FinancialYearEnd, string FinancialSummary, DateTime CreditReviewDate, string CreditReviewComments, string DefaultInvoiceType, string DownloadToAccountCode, int PODRequired, decimal FuelSurcharge,
string InvoiceInstructions, string DeliveryInstructions, int DeliveryInstructionsField, string CollectionInstuctions, int CollectionInstructionsField, string SpecialInstructions, int SpecialInstructionsField, int FOC, string DefaultPONumber, int OnHold, int PrintVAT, int PickByOrder, int IncludeInSelectStock, string GroupAccountCode, DateTime AccreditationExpiry, string AccreditedBy, DateTime AccreditedDate, int SendToWeb, int Rank, string SalesRep, int ShowProductionNote,
string WebsiteCheckDate, string WebsiteComments, int Facebook, int PaperRecordOnFile, int FSCReq, string QuoteType, int PalletNetwork, string CustomerRequirement, int CustomerRequirementField, int ServiceLevel, int DefaultCreditorID, int ManualLotNo, DateTime DiscountReviewDate, decimal CreditLimitAmount, DateTime? AccountDisabledDate, string AccountDisabledMsg,
int PaperWorkRequired, int BookInRequired, int TailLiftRequired, string OpeningTimes, string EquipmentRequired, string WeighInOut)
{
string sql = "proc_UpdateCustomer";
using (MySql.Data.MySqlClient.MySqlConnection conn = new MySql.Data.MySqlClient.MySqlConnection(ConnectionStrings["TAT"]))
{
conn.Open();
using (MySql.Data.MySqlClient.MySqlCommand cmd = new MySql.Data.MySqlClient.MySqlCommand(sql, conn))
{
cmd.CommandType = CommandType.Text;
cmd.CommandText = "UPDATE customer SET Name = '" + Name.Replace("'", "''") + "', " +
"AccountType = " + AccountType + ", " +
"AccountCode = '" + AccountCode.Replace("'", "''") + "', " +
"Add1 = '" + Add1.Replace("'", "''") + "', " +
"Add2 = '" + Add2.Replace("'", "''") + "', " +
"Add3 = '" + Add3.Replace("'", "''") + "', " +
"Town = '" + Town.Replace("'", "''") + "', " +
"TownID = " + TownID + ", " +
"CountryID = " + CountryID + ", " +
"CountyID = " + CountyID + ", " +
"CurrencyType = " + CurrencyType + ", " +
"PostCode = '" + PostCode.Replace("'", "''") + "', " +
"ContactName = '" + ContactName.Replace("'", "''") + "', " +
"Phone = '" + Phone.Replace("'", "''") + "', " +
"Email = '" + Email.Replace("'", "''") + "', " +
"IsActive = " + IsActive + ", " +
"ModifiedByUser = " + ModifiedByUser + ", " +
"ModifiedDate = NOW()," +
"Website = '" + Website.Replace("'", "''") + "', " +
"VATNo = '" + VATNo.Replace("'", "''") + "', " +
"CreditTermsID = " + CreditTerms + "," +
"CreditDays = " + CreditDays + "," +
"VATCodeID = " + VATCodeID + "," +
"COD = " + COD + ", " +
"VATAuthNo = '" + VATAuthNo.Replace("'", "''") + "', " +
"PrintBankDetails = " + PrintBankDetails + ", " +
"VATExempt = " + VATExempt + ", " +
"VATExpiry = '" + VATExpiry.Year + "-" + VATExpiry.Month + "-" + VATExpiry.Day + "', " +
"FinancialYearEnd = '" + FinancialYearEnd.Year + "-" + FinancialYearEnd.Month + "-" + FinancialYearEnd.Day + "', " +
"FinancialSummary ='" + FinancialSummary.Replace("'", "''") + "', " +
"SignedCreditApplication = '" + SignedCreditApplcation.Replace("'", "''") + "', " +
"CreditReviewedDate = '" + CreditReviewDate.Year + "-" + CreditReviewDate.Month + "-" + CreditReviewDate.Day + "', " +
"CreditReviewComments = '" + CreditReviewComments.Replace("'", "''") + "', " +
"DefaultInvoiceType = '" + DefaultInvoiceType.Replace("'", "''") + "', " +
"DownloadToAccountCode ='" + DownloadToAccountCode.Replace("'", "''") + "', " +
"PODRequired = " + PODRequired + ", " +
"FuelSurcharge= " + FuelSurcharge + ", " +
"InvoiceInstructions = '" + InvoiceInstructions.Replace("'", "''") + "'," +
"DeliveryInstructions = '" + DeliveryInstructions.Replace("'", "''") + "', " +
"DeliveryInstructionsField = " + DeliveryInstructionsField + ", " +
"CollectionInstructions ='" + CollectionInstuctions.Replace("'", "''") + "', " +
"CollectionInstructionsField = " + CollectionInstructionsField + ", " +
"SpecialInstructions ='" + SpecialInstructions.Replace("'", "''") + "', " +
"SpecialInstructionsField = " + SpecialInstructionsField + ", " +
"FOC = " + FOC + ", " +
"DefaultPO = '" + DefaultPONumber.Replace("'", "''") + "'," +
"PORequired = " + PORequired + ", " +
"OnHold = " + OnHold + ", " +
"PrintVAT = " + PrintVAT + ", " +
"IncludeInSelectStock = " + IncludeInSelectStock + ", " +
"PickByOrder = " + PickByOrder + ", " +
"AccreditationExpiry = '" + AccreditationExpiry.Year + "-" + AccreditationExpiry.Month + "-" + AccreditationExpiry.Day + "'," +
"AccreditedDate = '" + AccreditedDate.Year + "-" + AccreditedDate.Month + "-" + AccreditedDate.Day + "'," +
"AccreditedBy = '" + AccreditedBy.Replace("'", "''") + "'," +
"GroupAccountCode = '" + GroupAccountCode.Replace("'", "''") + "', " +
"SendToWeb = " + SendToWeb + ", " +
"SalesRep = '" + SalesRep.Replace("'", "''") + "'," +
"ShowProductionNote = " + ShowProductionNote + ", " +
"WebsiteCheckDate = '" + WebsiteCheckDate.Replace("'", "''") + "', " +
"WebsiteComments = '" + WebsiteComments.Replace("'", "''") + "', " +
"Facebook = " + Facebook + ", " +
"PaperRecordOnFile = " + PaperRecordOnFile + ", " +
"FSCReq = " + FSCReq + ", " +
"QuoteType = '" + QuoteType.Replace("'", "''") + "', " +
"Rank = " + Rank + ", " +
"PalletNetwork = " + PalletNetwork + ", " +
"CustomerRequirement ='" + CustomerRequirement.Replace("'", "''") + "', " +
"CustomerRequirementField = " + CustomerRequirementField + ", " +
"ServiceLevel = " + ServiceLevel + ", " +
"ManualLotNo = " + ManualLotNo + ", " +
"DiscountReviewDate = '" + DiscountReviewDate.Year + "-" + DiscountReviewDate.Month + "-" + DiscountReviewDate.Day + "', " +
"CreditLimitAmount = " + CreditLimitAmount + ", " +
"DefaultCreditorID = " + DefaultCreditorID + ", " +
"AccountDisabledDate = ?AccountDisabledDate," +
"AccountDisabledMsg = ?AccountDisabledMsg " +
"PaperWorkRequired = " + PaperWorkRequired + ", " +
"BookingInRequired = " + BookInRequired + ", " +
"TailLiftRequired = " + TailLiftRequired + ", " +
"OpeningTimes ='" + OpeningTimes.Replace("'", "''") + "', " +
"EquipmentRequired ='" + EquipmentRequired.Replace("'", "''") + "', " +
"WeighInOut ='" + WeighInOut.Replace("'", "''") +
"WHERE ID = " + CustomerID;
cmd.Parameters.Add(new MySqlParameter("AccountDisabledDate", AccountDisabledDate));
cmd.Parameters.Add(new MySqlParameter("AccountDisabledMsg", AccountDisabledMsg));
cmd.ExecuteNonQuery();
}
}
}
在您的查询建筑中,您缺少一个逗号?AccountDsibaledMsg后,如下
AccountDisabledMsg = ?AccountDisabledMsg " +
"PaperWorkRequired = " + PaperWorkRequired +
加逗号,然后试试
AccountDisabledMsg = ?AccountDisabledMsg ," +
"PaperWorkRequired = " + PaperWorkRequired +
但总是尝试参数化查询,因为它将使您的调试更容易,并避免sql注入问题