我在mysql中有一个用户表。有时用户有老板,有时用户没有。 所以boss数据类型在nullable int中(它是一个外键,这就是为什么可以为空的 INT )。 我正在使用以下代码,当boss值为null时导致问题,产生以下错误“错误的整数值:''对于第1行的列'boss_id'”
string query = " INSERT INTO " + databasename + ".system_user (" +
"`boss_id`, " +
"`name`, " +
"`user_name`, " +
"`password_2`, " +
"`designation`," +
"`digital_signature`," +
"`functional_role`," +
"`group_2`) " +
"VALUES ('" +
systemuser.Boss + "', '" +
systemuser.Name + "','" +
systemuser.UserName + "', '" +
systemuser.Password + "', '" +
systemuser.Designation + "', '" +
systemuser.DigitalSignature + "', '" +
systemuser.FunctionalRole + "', '" +
systemuser.Group + "');";
MySqlConnection conDataBase = new MySqlConnection(myconnection);
MySqlCommand cmdDataBase = new MySqlCommand(query, conDataBase);
MySqlDataReader myreader;
try
{
conDataBase.Open();
myreader = cmdDataBase.ExecuteReader();
conDataBase.Close();
return true;
}
catch (Exception ex)
{
conDataBase.Close();
MessageBox.Show(ex.Message);
return false;
}
所以,我改变了字符串查询的代码如下:
string query = "";
if(systemuser.Boss!=null)
{
query = " INSERT INTO " + databasename + ".system_user (" +
"`boss_id`, " +
"`name`, " +
"`user_name`, " +
"`password_2`, " +
"`designation`," +
"`digital_signature`," +
"`functional_role`," +
"`group_2`) " +
"VALUES ('" +
systemuser.Boss + "', '" +
systemuser.Name + "','" +
systemuser.UserName + "', '" +
systemuser.Password + "', '" +
systemuser.Designation + "', '" +
systemuser.DigitalSignature + "', '" +
systemuser.FunctionalRole + "', '" +
systemuser.Group + "');";
}
else
{
query = " INSERT INTO " + databasename + ".system_user (" +
"`name`, " +
"`user_name`, " +
"`password_2`, " +
"`designation`," +
"`digital_signature`," +
"`functional_role`," +
"`group_2`) " +
"VALUES ('" +
systemuser.Name + "','" +
systemuser.UserName + "', '" +
systemuser.Password + "', '" +
systemuser.Designation + "', '" +
systemuser.DigitalSignature + "', '" +
systemuser.FunctionalRole + "', '" +
systemuser.Group + "');";
}
它有效,因为默认情况下,Mysql在跳过的值处设置null。
现在根据我的场景,我必须将boss_id从int更新为null,有时从null更新为int。但是如果value为null,我的查询总是跳过。你可以帮我改变插入语句,以便它在boost中插入空值(如果它为null)并且不要只是跳过它。
答案 0 :(得分:2)
首先,您应该使用参数,它会为您提供干净的代码并避免注入。
您可以使用以下参数:
string query = string.Format("INSERT INTO {0}.system_user (`boss_id`, `name`, `user_name`, `password_2`, `designation`, `digital_signature`, `functional_role`, `group_2`)" +
"VALUES (@boss_id, @name, @user_name, @password_2, @designation, @digital_signature, @functional_role, @group_2)", databasename);
MySqlConnection conDataBase = new MySqlConnection(myconnection);
MySqlCommand cmdDataBase = new MySqlCommand(query, conDataBase);
cmdDataBase.Parameters.AddWithValue("@boss_id", systemuser.Boss ?? (object)DBNull.Value);
cmdDataBase.Parameters.AddWithValue("@name", systemuser.Name);
cmdDataBase.Parameters.AddWithValue("@user_name", systemuser.UserName);
cmdDataBase.Parameters.AddWithValue("@password_2", systemuser.Password);
cmdDataBase.Parameters.AddWithValue("@designation", systemuser.Designation);
cmdDataBase.Parameters.AddWithValue("@digital_signature", systemuser.DigitalSignature);
cmdDataBase.Parameters.AddWithValue("@functional_role", systemuser.FunctionalRole);
cmdDataBase.Parameters.AddWithValue("@group_2", systemuser.Group);
注意"@boss_id", systemuser.Boss ?? (object)DBNull.Value,这是因为您无法在参数中直接使用null。
<强>更新
如果您想要更新或删除,您也可以使用参数:
您可以像这样编写查询:
string query = string.Format("UPDATE {0}.system_user SET `name` = @name WHERE `boss_id` = @boss_id", databasename);
或
string query = string.Format("DELETE FROM {0}.system_user WHERE `boss_id` = @boss_id", databasename);
对于datetime列,您可以看到this question。它有很好的答案。
答案 1 :(得分:0)
您将Systemuser.Boss的值封装在单引号中,这是否表示您正在尝试将字符串插入整数列?
string query = @"INSERT INTO {0}.system_user (
`boss_id`,
`name`,
`user_name`,
`password_2`,
`designation`,
`digital_signature`,
`functional_role`,
`group_2`)
VALUES
{1},
'{2}',
'{3}',
'{4}',
'{5}',
'{6}',
'{7}',
'{8}')
";
string formattedQuery = string.Format(query,
databasename, // {0}
Systemuser.Boss, // {1}
Systemuser.Name, // {2}
etc, etc);
编辑:错过了你说过的部分&#39;当它为空时......你需要使用:
(Systemuser.Boss ?? "NULL")