Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/xml/13.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Mysql 在where子句SQL中使用别名_Mysql_Sql Server - Fatal编程技术网
Fatal编程技术网
  • mysql/
  • Mysql 在where子句SQL中使用别名

Mysql 在where子句SQL中使用别名

mysql sql-server

Mysql 在where子句SQL中使用别名,mysql,sql-server,Mysql,Sql Server,在SQL语句的声明中,我根据用户的输入实现了if/else语句。本声明: if($form['filter']['date'] && $form['filter']['dateTill'] == ""){ $sql .= '(select results.completed from results where results.client_id = c.id and results.completed IS NOT NULL AND results.co

在SQL语句的声明中,我根据用户的输入实现了if/else语句。本声明:

    if($form['filter']['date'] && $form['filter']['dateTill'] == ""){
        $sql .= '(select results.completed from results where results.client_id = c.id and results.completed IS NOT NULL AND results.completed > "'.$form['filter']['date'].'" order by results.id desc limit 1) AS last_completed_analysis, ';
    } else if($form['filter']['dateTill'] && $form['filter']['dateTill'] == "") {
       $sql .= '(select results.completed from results where results.client_id = c.id and results.completed IS NOT NULL AND results.completed < "'.$form['filter']['dateTill'].'" order by results.id desc limit 1) AS last_completed_analysis, ';
    } else if($form['filter']['dateTill'] && $form['filter']['dateTill']){
        $sql .= '(select results.completed from results where results.client_id = c.id and results.completed IS NOT NULL AND results.completed > "'.$form['filter']['date'].'" AND results.completed <"'.$form['filter']['dateTill'].'" order by results.id desc limit 1) AS last_completed_analysis, ';
    }
    else {
        $sql .= '(select results.completed from results where results.client_id = c.id and results.completed IS NOT NULL order by results.id desc limit 1) AS last_completed_analysis, ';
    }
然而。。这不管用。我可以复制粘贴上次完成的分析的整个声明,但是这个代码对我来说太长了,我知道可以做得更好。。。有人能帮我申报这个where条款吗

在where条件下不能使用别名

您可以按order by或group by中的最新版本使用别名,但不能在where中使用

这是因为列区域按特定顺序计算,并且在计算where条件时,别名(目前)未解析

因此,您应该使用完整的代码,例如:

  WHERE (select results.completed 
          from results 
          where results.client_id = c.id 
          and results.completed  
          IS NOT NULL order by results.id desc limit 1) IS NOT NULL
使用基于字符串concat的联合国用户输入时要小心

问题不清楚,您能说得更清楚吗?您不能使用同一select的select in in where子句中定义的别名。您可以将where子句移动到一个外部select where子句,方法是将整个select封装在
select*FROM()中,其中上次完成的分析不为null,并且可以工作。这与操作顺序有关。where在select之前执行,因此在执行时没有设置别名;因此where子句别名不知道上次完成的分析引用的是什么,因为它还不在范围内。通过将其移动到外部,内部选择别名已具体化,因此可用。。和是不相关的数据库软件,具有不同的语法规则,以不同的方式扩展了SQL标准。它们不能混为一谈。您使用哪一种?警告您的代码可能会被SQL注入。决不要在SQL中连接用户提交的数据。请使用参数化查询,或者至少在连接数据之前转义任何数据。此外,我强烈建议您对大多数SQL查询进行因数分解,并仅根据用户输入调整条件。@AnnaJeanine请小心通过连接字符串以形成查询来添加用户输入。除非对输入进行清理,否则它容易受到SQL注入的攻击。如果做得不好,有人可能会毫不费力地删除您的数据库或访问私人信息。谢谢你指出这一点!在查询的其余部分,我已经尽了最大努力,将用户输入限制为仅日期类型。

  WHERE (select results.completed 
          from results 
          where results.client_id = c.id 
          and results.completed  
          IS NOT NULL order by results.id desc limit 1) IS NOT NULL