Question

我查看了不同的链接（例如one），但我仍然无法得到此错误消息的来源。我一直在计算列，昏迷等，而没有找到问题所在。

int exId = stride.getExerciseId();
string timestamp = stride.getTimeStamp();
int startSec = stride.getBeginningSec();
int startMsec = stride.getBeginningMSec();
int endSec = stride.getEndSec();
int endMSec = stride.getEndMSec();
float length = stride.getLength();
float duration = stride.getDuration();
float steplength = stride.getStepLength();
float stepDuration = stride.getStepDuration();
string supportingFoot = stride.getSupportingFoot();

string query = "INSERT INTO singlesupportstate (ExerciseId , TimeStamp , SingleSupportStateStartSeconds , SingleSupportStateStartMSeconds , SingleSupportStateEndSeconds , SingleSupportStateEndMSeconds , StrideLength , StrideDuration , StepLength , StepDuration , SupportingFoot) 
VALUES("+ exId +",'" + timestamp +"',"+ startSec +"," + startMsec + "," + endSec + "," + endMSec + "," + length +"," + duration + "," + steplength + "," + duration + ",'" + supportingFoot + "')";
if (this.OpenConnection() == true)
{
     MySqlCommand cmd = new MySqlCommand(query, connection);
     cmd.ExecuteNonQuery();
     this.CloseConnection();
}

编辑：

所以我改变了我的代码以使用参数化查询，这是新的代码：

if (this.OpenConnection() == true)
        {
            MySqlCommand cmd = connection.CreateCommand() ;
            cmd.CommandText = "INSERT INTO singlesupportstate (ExerciseId , TimeStamp , SingleSupportStateStartSeconds , SingleSupportStateStartMSeconds , SingleSupportStateEndSeconds , SingleSupportStateEndMSeconds , StrideLength , StrideDuration , StepLength , StepDuration , SupportingFoot) "
                +" VALUES(@exId,@timestamp,@startSec,@startMsec,@endSec,@endMSec,@length,@duration,@steplength,@stepduration,@supportingFoot)";

            cmd.Parameters.Add("@exId", MySqlDbType.Int32);
            cmd.Parameters.Add("@timestamp",MySqlDbType.Timestamp);
            cmd.Parameters.Add("@startMsec",MySqlDbType.Int32);
            cmd.Parameters.Add("@startSec",MySqlDbType.Int32);
            cmd.Parameters.Add("@endSec",MySqlDbType.Int32);
            cmd.Parameters.Add("@endMSec",MySqlDbType.Int32);
            cmd.Parameters.Add("@length", MySqlDbType.Float);
            cmd.Parameters.Add("@duration",MySqlDbType.Float);
            cmd.Parameters.Add("@steplength",MySqlDbType.Float);
            cmd.Parameters.Add("@stepduration", MySqlDbType.Float);
            cmd.Parameters.Add("@supportingfoot", MySqlDbType.Text);

            cmd.Parameters["@exId"].Value = exId;
            cmd.Parameters["@timestamp"].Value = timestamp;
            cmd.Parameters["@startMsec"].Value = startMsec;
            cmd.Parameters["@startSec"].Value = startSec;
            cmd.Parameters["@endSec"].Value = endSec;
            cmd.Parameters["@endMSec"].Value = endMSec;
            cmd.Parameters["@length"].Value = length;
            cmd.Parameters["@duration"].Value = duration;
            cmd.Parameters["@steplength"].Value =steplength;
            cmd.Parameters["@stepduration"].Value =stepDuration;
            cmd.Parameters["@supportingfoot"].Value =supportingFoot;
            cmd.CommandTimeout = 120;
            cmd.ExecuteNonQuery();
            this.CloseConnection();
        }

Answer 1

这意味着在串联中的一个值中断了INSERT，因为它有一个逗号或字符串分隔符，因此打破了整个query字符串

查看连接后的实际query字符串，执行前

并使用参数来移除此问题并减轻SQL注入风险。

另一个选项是singlesupportstate表上也有INSERT损坏的触发器（例如审计或历史记录）。

Answer 2

可能发生的事情是两件事之一：

1）有'引号使您的查询似乎具有较少的值，因为它会占用逗号。 2）使用逗号而不是点来格式化数字，导致数字123.45显示为123,45，从而使查询认为有两个整数值：123和{ {1}}导致价值太多。

正如其他人所说，尝试并使用查询参数，这不会再发生。它还为您节省了大量手动转义字符串。

“列数与第1行的值计数不匹配”

2 个答案: