0

谁能让我知道我在这里做错了什么.....

这是我的查询并在尝试在 sqlite 数据库管理器中运行查询时出现语法错误"near SELECT",以及"errorfunction"在 phonegap 应用程序中执行期间始终进入

tx.executeSql("INSERT INTO proposal_products(proposal_id,date_created,date_modified,labour_hours,cost_price,sale_price,adj_cost_price,adj_sale_price,service_price,adj_service_price,discipline_products_id) VALUES("
                        + window.localStorage
                                .getItem("assign_proposal_id")
                        + ",'"
                        + getCurrentDateTime()
                        + "','"
                        + getCurrentDateTime()
                        + "',"
                        + selectedLabourHours
                        + ","+ callStd +","
                        + callStd +","
                        + callStd +","
                        + callStd +","
                        + callStd +","
                        + callStd +",(SELECT id FROM discipline_products WHERE discipline_products.product_id = (SELECT id FROM products WHERE c4w_code = "CALSTD")))",
                [],
                function() {
                    console
                            .log("suceessCBinsertIntoProposalProduct when Checkbox unchecked:");
                    window.localStorage.setItem("discipline_product_idCallStd","discipline_IdCallSTD");
                },
                function(err) {
                    console
                            .log("errorCBinsertIntoProposalProduct when Checkbox unchecked:"
                                    + err.message);


});
4

1 回答 1

0

语法错误在这里:

   + callStd +"[...] WHERE c4w_code = "CALSTD")))",

你可能的意思是:

   + callStd +"[...] WHERE c4w_code = 'CALSTD')))",

实际上,您已经关闭了字符串文字,然后得到了CALSTD...

但是,您真的不应该按照您目前的方式构建 SQL。它很难阅读,容易出现转换错误(尤其是日期/时间值)并且容易受到SQL 注入攻击。使用参数化 SQL,但这是在您的环境中完成的。如果您的环境不支持参数化 SQL,我会感到非常惊讶。

于 2013-07-05T06:06:08.830 回答