你好,我有这个SQL查询:
SQL = "SELECT SUM( " + "CASE WHEN rn =1" + "THEN v.FirstAmount"
+ "WHEN rn =2" + "THEN v.SecondAmount " + "ELSE v.ThirdAmount " + "END ) "
+ "FROM (" + "SELECT cv. * , @rn := IF( @vi = `Violation ID` , @rn +1, 1 ) AS rn,
@vi := `Violation ID` " + "FROM class_violation cv" + "CROSS JOIN ("
+ "SELECT @rn :=0, @vi := ''" + ")CONST" + "ORDER BY `Violation ID`" + ")cv"
+ "JOIN violation v ON cv.`Violation ID` = v.`Violation ID` "
+ "JOIN class_record tr ON cv.`Class No.` = tr.`Class No.` "
+ "WHERE tr.`Class ID` = '" + where + "'";
我遇到了这个错误:
MySql.Data.MySqlClient.MySqlException: Fatal Error encountered during
command execution ---> MySql.Data.MySqlClient.MySqlException: Parameter
'@rn' must be defined
at
MySql.Data.MySqlClient.Statement.SerializeParameter(MySqlParameterCollection
parameters, MySqlPacket packet, String parmName, Int32 parameterIndex)
at MySql.Data.MySqlClient.Statement.InternalBindParameters(String sql,
MySqlParameterCollection parameters,MySqlPacket packet)
如何更正我的SQL查询并定义参数?
C#
代码在哪里?你为所有的参数提供了值,包括@rn
吗? - Iqbal"WHERE tr.``Class ID`` = '" + where + "'"
可能会受到 SQL 注入攻击。 - Jon Skeet@rn
为查询本身的参数之间混淆了。但看起来你喜欢将@rn用作变量... - ZoolWay