C# sql语法错误
您的SQL语法有错误;检查与MySQL服务器版本相对应的手册,以获取第1行中使用的正确语法(接近“)” 似乎无法修复此错误:C# sql语法错误,c#,asp.net,mysql,sql,mysql-error-1064,C#,Asp.net,Mysql,Sql,Mysql Error 1064,您的SQL语法有错误;检查与MySQL服务器版本相对应的手册,以获取第1行中使用的正确语法(接近“)” 似乎无法修复此错误: protected void Page_Load(object sender, EventArgs e) { if (Page.IsPostBack) { //It is a postback so check if it was by div click (NOT WORKING because the javascript isnt p
protected void Page_Load(object sender, EventArgs e)
{
if (Page.IsPostBack)
{
//It is a postback so check if it was by div click (NOT WORKING because the javascript isnt posting back)
string target = Request["__EVENTTARGET"];
if (target == "DivClicked")
{
string id = Request["__EVENTARGUMENT"];
//Call my delete function passing record id
using (OdbcConnection cn = new OdbcConnection("Driver={MySQL ODBC 3.51 Driver}; Server=localhost; Database=gymwebsite2; User=root; Password=commando;"))
{
cn.Open();
using (OdbcCommand cmd = new OdbcCommand("DELETE FROM WallPosting WHERE idWallPosting="+id+")", cn))
{
cmd.ExecuteNonQuery();
}
}
}
}
string theUserId = Session["UserID"].ToString();
PopulateWallPosts(theUserId);
}
删除时不需要关闭
)
using (OdbcCommand cmd = new OdbcCommand("DELETE FROM WallPosting WHERE idWallPosting=" + id, cn))
{
cmd.ExecuteNonQuery();
}
这是因为你有一个额外的右括号
new OdbcCommand("DELETE FROM WallPosting WHERE idWallPosting="+id+")", cn))
试一试
应该是这样的,当您以前没有打开(
时,您有一个额外的括号您正在关闭一个)
。
这应该可以解决问题。Gosh!我当然希望
id
不是1或1=1;删除表WallPosting;--
使用参数化查询,而不是直接从发布的表单中获取值。这是一个SQL注入漏洞,没有将查询参数化到数据库中。哦,是的,我知道:)这件事被告知了一百万次左右,我想如果我从我的表格中删除第一篇帖子,整个东西都会被删除lol:S
new OdbcCommand("DELETE FROM WallPosting WHERE idWallPosting="+id, cn))
using (OdbcCommand cmd = new OdbcCommand("DELETE FROM WallPosting WHERE idWallPosting="+id, cn))