1. 首页
  2. 问答
  3. 轨道4:Mysql2 ::错误:您在您的SQL语法错误

轨道4:Mysql2 ::错误:您在您的SQL语法错误

2014-09-20 95 views
0

我有一个轨道下面的代码4的应用轨道4:Mysql2 ::错误:您在您的SQL语法错误

query= OrderHeader.select("orders_header.id, 
    orders_header.created_at").where("shop_id=#{shop_id} and 
    customer_id=#{customer_id} and hash_key like 
    '#{current_hash_key}'").order("id desc") 
     if query.nil? 
     return true # no duplicates found 
     end 
     if (query.count>0) # duplicates found 
     #nothing 
     end

,我得到的错误

ERROR

SELECT COUNT(orders_header.id, orders_header.created_at) FROM orders_header WHERE (shop_id=99 and customer_id=1 and hash_key like '539de64e8793790430052bc861dd0ff521334e32')

Mysql2::Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' orders_header.created_at) FROM orders_header WHERE (shop_id=99 and customer_' at line 1: SELECT COUNT(orders_header.id, orders_header.created_at) FROM orders_header WHERE (shop_id=99 and customer_id=1 and hash_key like '539de64e8793790430052bc861dd0ff521334e32')

来源

2014-09-20 Mike Adams

+0

,当我浏览到轨管理,并尝试我有这样的错误编辑我的一个users.do你有什么想法? – 2017-09-05 10:33:19

回答

0

提到你需要等使用复数形式的表名里面的字符串,orders_headers.idorders_header.id,并且,也避免SQL注入,你应该使用传递给串PARAMS不要把你的PARAMS里面的字符串,如:

where("shop_id=?", shop_id)

所以清理你的整个where语句也可能是这样的

where(shop_id: shop_id, customer_id: customer_id).where("hash_key like '?'",current_hash_key)

来源

2014-09-20 05:45:33

相关问题

 相关问题