我得到一个错误,不确定如何解决它:
ERROR [HY000] [MySQL][ODBC 3.51 Driver][mysqld-5.5.9]Column 'UserID' in field list is ambiguous
我的代码:
using System.Data.Odbc;
public partial class Search : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
private void PopulateWallPosts(string search)
{
using (OdbcConnection cn = new OdbcConnection("Driver={MySQL ODBC 3.51 Driver}; Server=localhost; Database=gymwebsite2; User=root; Password=commando;"))
{
cn.Open();
using (OdbcCommand cmd = new OdbcCommand("SELECT UserID, FirstName, SecondName, p.PicturePath FROM User LEFT JOIN Pictures p ON p.UserID = u.UserID WHERE FirstName LIKE '%" + search + "%' ORDER BY UserID DESC", cn))
{
using (OdbcDataReader reader = cmd.ExecuteReader())
{
test1.Controls.Clear();
while (reader.Read())
{
System.Web.UI.HtmlControls.HtmlGenericControl div = new System.Web.UI.HtmlControls.HtmlGenericControl("div");
div.Attributes["class"] = "test";
div.ID = String.Format("{0}", reader.GetString(0)); //userid
string id = Convert.ToString(div.ID);
//store the div id as a string
Image img = new Image();
img.ImageUrl = String.Format("{0}", reader.GetString(3)); //p.picturepath
img.AlternateText = "Test image";
div.Controls.Add(img);
div.Controls.Add(ParseControl(String.Format("   " + "{0} {1}", reader.GetString(1), reader.GetString(2)))); // FirstName, SecondName
div.Attributes.Add("onclick", "confirm_delete(" + id + ");");
// send the div id to javascript
div.Style["clear"] = "both";
test1.Controls.Add(div);
}
}
}
}
}
protected void Button2_Click(object sender, EventArgs e)
{
string search = TextBox2.Text;
PopulateWallPosts(search);
}
}
表格结构:
答案 0 :(得分:3)
尝试指定您在查询中使用的UserId列:
using (OdbcCommand cmd = new OdbcCommand("SELECT u.UserID, u.FirstName, u.SecondName, p.PicturePath FROM User u LEFT JOIN Pictures p ON p.UserID = u.UserID WHERE u.FirstName LIKE '%" + search + "%' ORDER BY u.UserID DESC", cn))
另外,我建议您使用MySQL ADO.NET driver/connector而不是ODBC。最后使用参数化查询,因为当前您的代码易受SQL注入攻击,并且search
参数的字符串连接。
所以这是改进后的代码的样子:
using (var cn = new MySqlConnection("Server=localhost; Database=gymwebsite2; User=root; Password=commando;"))
using (var cmd = cn.CreateCommand())
{
cn.Open();
cmd.CommandText = "SELECT u.UserID, u.FirstName, u.SecondName, p.PicturePath FROM User u LEFT JOIN Pictures p ON p.UserID = u.UserID WHERE u.FirstName LIKE '@search' ORDER BY u.UserID DESC";
cmd.Parameters.AddWithValue("@search", search);
using (var reader = cmd.ExecuteReader())
{
test1.Controls.Clear();
while (reader.Read())
{
...
}
}
}
答案 1 :(得分:1)
您需要在查询中指定要引用的UserId。
SELECT User.UserID,FirstName, SecondName,p.PicturePath FROM User LEFT JOIN图片p ON p.UserID = u.UserID WHERE FirstName LIKE'%“+ 搜索+“%'ORDER BY UserID DESC
答案 2 :(得分:0)
在您的userID查询列中添加一个表前缀,指定表源