C# 内部联接处的SQLException
我使用的是一个C程序,它调用在SQLServer2008R2实例上执行的SQL语句。下面是SQL调用:C# 内部联接处的SQLException,c#,sql,sql-server-2008-r2,inner-join,C#,Sql,Sql Server 2008 R2,Inner Join,我使用的是一个C程序,它调用在SQLServer2008R2实例上执行的SQL语句。下面是SQL调用: SELECT TOP 1 as1.AssetTagID, as1.TagID, as1.CategoryID, as1.Description, as1.HomeLocationID, as1.ParentAssetTagID FROM Assets AS as1 ORDER BY ar.DateScanned DESC INNER JOIN AssetsReads AS a
SELECT TOP 1 as1.AssetTagID, as1.TagID, as1.CategoryID, as1.Description,
as1.HomeLocationID, as1.ParentAssetTagID
FROM Assets AS as1 ORDER BY ar.DateScanned DESC
INNER JOIN AssetsReads AS ar
ON as1.AssetTagID = ar.AssetTagID
WHERE (ar.ReadPointLocationID='Readpoint1' OR ar.ReadPointLocationID='Readpoint2')
AND as1.TagID!='000000000000000000000000';
System.Data.SqlClient.SqlException: Incorrect syntax near the keyword 'INNER'.
"SELECT TOP 2 as1.AssetTagID, as1.TagID, " +
"as1.CategoryID, as1.Description, as1.HomeLocationID," +
"as1.ParentAssetTagID FROM Assets AS as1 ORDER BY ar.DateScanned DESC\n" +
"INNER JOIN AssetsReads AS ar ON as1.AssetTagID = ar.AssetTagID\n" +
"WHERE (ar.ReadPointLocationID='" + IntegrationService.Lane2Zones[0] +
"' OR ar.ReadPointLocationID='" + IntegrationService.Lane2Zones[1] + "')\n" +
"AND as1.TagID!='000000000000000000000000';"
你的订单不能在那里。把它移到最后
我也会做一个强制性的“不要这样做”的演讲。像这样连接SQL字符串会使您面临SQL注入攻击。在谷歌和SO上有大量的信息,所以我不打算这么做,但是你应该考虑把它变成一个参数化的查询。把它移到最后
我也会做一个强制性的“不要这样做”的演讲。像这样连接SQL字符串会使您面临SQL注入攻击。在谷歌和SO上有很多信息,所以我不会去做,但是你应该考虑把这个变成一个参数化的查询。您的order by条款出现故障:
SELECT TOP 1 as1.AssetTagID,
as1.TagID,
as1.CategoryID,
as1.Description,
as1.HomeLocationID,
as1.ParentAssetTagID
FROM Assets AS as1
INNER JOIN AssetsReads AS ar
ON as1.AssetTagID = ar.AssetTagID
WHERE ( ar.ReadPointLocationID = 'Readpoint1'
OR ar.ReadPointLocationID = 'Readpoint2' )
AND as1.TagID != '000000000000000000000000'
ORDER BY ar.DateScanned DESC;
SELECT TOP (1) [as1].[AssetTagID],
[as1].[TagID],
[as1].[CategoryID],
[as1].[Description],
[as1].[HomeLocationID],
[as1].[ParentAssetTagID]
FROM [<schema>].[Assets] AS [as1]
INNER JOIN [<schema>].[AssetsReads] AS [ar]
ON [as1].AssetTagID = [ar].[AssetTagID]
WHERE ( [ar].[ReadPointLocationID] = 'Readpoint1'
OR [ar].[ReadPointLocationID] = 'Readpoint2' )
AND cast([as1].TagID AS [INT]) != 0
ORDER BY [ar].[DateScanned] DESC;
就像他说的。。。您的order by条款出现故障:
SELECT TOP 1 as1.AssetTagID,
as1.TagID,
as1.CategoryID,
as1.Description,
as1.HomeLocationID,
as1.ParentAssetTagID
FROM Assets AS as1
INNER JOIN AssetsReads AS ar
ON as1.AssetTagID = ar.AssetTagID
WHERE ( ar.ReadPointLocationID = 'Readpoint1'
OR ar.ReadPointLocationID = 'Readpoint2' )
AND as1.TagID != '000000000000000000000000'
ORDER BY ar.DateScanned DESC;
SELECT TOP (1) [as1].[AssetTagID],
[as1].[TagID],
[as1].[CategoryID],
[as1].[Description],
[as1].[HomeLocationID],
[as1].[ParentAssetTagID]
FROM [<schema>].[Assets] AS [as1]
INNER JOIN [<schema>].[AssetsReads] AS [ar]
ON [as1].AssetTagID = [ar].[AssetTagID]
WHERE ( [ar].[ReadPointLocationID] = 'Readpoint1'
OR [ar].[ReadPointLocationID] = 'Readpoint2' )
AND cast([as1].TagID AS [INT]) != 0
ORDER BY [ar].[DateScanned] DESC;
为什么?只需使用空格而不是\n。为什么要在字符串中添加“\n”?我一直认为SQL语句出于某种原因总是需要换行符。我猜这是错的?很抱歉,我不太习惯使用SQL。下面是一个很好的链接,它将显示并解释联接中的差异以及ORDER BY子句的位置。为什么\n?只需使用空格而不是\n。为什么要在字符串中添加“\n”?我一直认为SQL语句出于某种原因总是需要换行符。我猜这是错的?很抱歉,我不太习惯使用SQL。这里有一个很好的链接,可以显示并解释连接的区别以及ORDER BY子句的位置。感谢您提供有关注入的提示。但是这个应用程序是部署在一个私有网络上的,所以希望我们不必担心这个问题。谢谢关于注入的提示。但是这个应用程序部署在一个私有网络上,所以希望我们不必担心这个问题。