计算表数据库中的查询 [英] Count query in table database

问题描述

我正在尝试从数据库计算table1中的一个操作数，并像研究键一样设置column1和column2。

当我点击研究按钮时它显示我这个错误

I'm trying to count number of an operation in table1 from database and seted column1 and column2 like research keys .
when I click research button it shows me this error

"

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '*) FROM DATABASE.TABLE1 WHERE COLUMN1  = 'KEY1' AN' at line 1

在LINE1





在此行< br $>

IN LINE1"


at this line "

int countOERATION = Convert.ToInt32(cmdOPERATION.ExecuteScalar());

之前我已经使用过这段代码与不同的表格，它运作正常！





以前有人得到过这个！

或者关闭，感谢您的帮助。



我尝试过的事情：

"
I already used this code before with different table and it worked correctly !


has any one got this before !?
Or close , Thank you for any help .

What I have tried:

using (var cmdOPERATION = new MySqlCommand("SELECT  COUNT (*) FROM DATABASE.TABLE1 WHERE COLUMN1  = '" + KEY1 + "' AND COLUMN2 =  '" + KEY2 + "' ;", CONNECTION))
                     {

               int countOPERATION = Convert.ToInt32(cmdOPERATION.ExecuteScalar());                                             }

推荐答案

这里有很多问题：

1）永远不要连接字符串来构建SQL命令。它让您对意外或故意的SQL注入攻击持开放态度，这可能会破坏您的整个数据库。请改用参数化查询。

2）错误消息与您的代码不符，如图所示：它指的是TABLE1，而您的代码指的是TALE1



所以请检查你的代码：猜测你错过了代码中的命令开头（。但修复了连接，不仅是在代码中，而是整个应用程序 - 或者你最好的伙伴将是能够删除你的整个数据库只是为了看看你的脸......

There are a number of problems here:
1) Never concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
2) The error message does not match your code as shown: it refers to TABLE1, while your code refers to TALE1

So check your code: at a guess you have missed out the opening "(" from your command in the code. But fix the concatenation, not only in that code but the whole of your application - or your best mate will be able to delete your whole DB just to see the look on your face...

不要构建那样的查询字符串。你正在为SQL注入做好准备。使用参数化查询代替。

Do not build query strings like that. You're setting yourself up for SQL injection. Use parameterized queries instead.

我尝试使用实体查询并为我工作。

I tried with entity query and its working for me .

baseEntities dc = new baseEntities();

var getcount = dc.table.Where(b => b.column1 == key1 && b.column2 == key2).Count(); 
                            int count = Convert.ToInt32(getcount);

谢谢大家好或者您的建议：）

thank you all for your suggestions :)

这篇关于计算表数据库中的查询的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！