我有这个问题:
MySQL server version for the right syntax to use near 'where no ='count'' at line 1
这是我的代码:
Private Sub Timer1_Tick(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Timer1.Tick
MysqlConn = New MySqlConnection
MysqlConn.ConnectionString = "server=localhost;userid=root;password=;database=penjara"
Dim Reader As MySqlDataReader
MysqlConn.Open()
Dim query As String
Dim spath As String
Dim count As Integer = 0
Dim mysound As Media.SoundPlayer
Dim cmd As MySqlCommand
Dim rdr As MySqlDataReader
query = "Select * from penjara.info"
Command = New MySqlCommand(query, MysqlConn)
Reader = Command.ExecuteReader
While Reader.Read
Reader.Close()
count = count + 1
query = "Select penjara.info where no ='count'"
cmd = New MySqlCommand(query, MysqlConn)
rdr = cmd.ExecuteReader
End While
End Sub
如何解决这个错误?
最佳答案
试试这个:
query = "Select * from penjara.info where no = '" & count & "'"
这将传入变量count
的值。但是,请注意,这是一种不安全的方法,因为连接形成查询会使您的应用程序容易受到 SQL 注入(inject)的攻击。相反,您应该使用参数化查询。
Dim connStr As String = "server=localhost;userid=root;password=;database=penjara"
Using MySqlConn As New MySqlConnection(connStr)
Using cmd As New MySqlCommand()
With cmd
.Connection = MySqlConn
.CommandText = "Select * from penjara.info where no = @count"
.CommandType = CommandType.Text
.Parameters.AddWithValue("@count", count)
End With
Try
MySql.Open()
rdr = cmd.ExecuteReader
Catch ex As Exception
<handle exception>
End Try
End Using
End Using
关于MySQL 服务器版本,用于在 'where no =' 计数附近使用正确的语法,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/24904541/