C# c如何在where条件下构建动态查询
这是我的问题C# c如何在where条件下构建动态查询,c#,sql,C#,Sql,这是我的问题 SELECT COUNT(MPRO.OriDes0154) 'QueueCalls' FROM MMProdat.dbo.InstTaWf0154 MPRO WITH(NOLOCK) WHERE MPRO.Estado0154 = 'QUEUED' AND F1IdWI02140154<>'VOICEMAIL' AND F1Camp02930154 = 'Support' 此列表中的值应位于此conidtion中,并且F1Camp02930154='支持' 例如,
SELECT COUNT(MPRO.OriDes0154) 'QueueCalls' FROM MMProdat.dbo.InstTaWf0154 MPRO WITH(NOLOCK)
WHERE MPRO.Estado0154 = 'QUEUED'
AND F1IdWI02140154<>'VOICEMAIL'
AND F1Camp02930154 = 'Support'
此列表中的值应位于此conidtion中,并且F1Camp02930154='支持'
例如,如果列表是空的,我将得到一个空结果,但是如果列表只有一个支持查询的值,那么查询将是空的
和F1Camp02930154=‘支持’
但是,如果列表中有两个变量,即支持和销售,那么查询将是
AND F1Camp02930154 = 'Support' and `Sales`
请用c怎么做
我已经有了这个:
string queryString = "SELECT COUNT(MPRO.OriDes0154) 'QueueCalls' FROM MMProdat.dbo.InstTaWf0154 MPRO WITH(NOLOCK) WHERE MPRO.Estado0154 = 'QUEUED' AND F1IdWI02140154<>'VOICEMAIL'";
您可以使用来构造IN子句,例如:
var companies = new List<string>() { "Support", "Sales" };
string inClause = String.Format(" IN ('{0}')", String.Join("', '", companies));
Console.WriteLine("AND F1Camp02930154" + inClause);
//output :
//AND F1Camp02930154 IN ('Support', 'Sales')
您应该在中使用,而不是与一堆OR一起使用。@GordonLinoff好主意,我将尝试它并用syntax@GordonLinoff请检查我的更新问题如果该公司是用户提供的,您非常容易受到SQL注入的攻击。小心点。@FilipDeVos公司是下拉列表,我以前验证过
List<string> compaines = new List<string>();
string queryString = "SELECT COUNT(MPRO.OriDes0154) 'QueueCalls' FROM MMProdat.dbo.InstTaWf0154 MPRO WITH(NOLOCK) WHERE MPRO.Estado0154 = 'QUEUED' AND F1IdWI02140154<>'VOICEMAIL' AND F1Camp02930154 IN (";
for (int i = 0; i < compaines.Count(); i++) {
queryString += "'" + compaines[i] + "'";
}
queryString += ")";
var companies = new List<string>() { "Support", "Sales" };
string inClause = String.Format(" IN ('{0}')", String.Join("', '", companies));
Console.WriteLine("AND F1Camp02930154" + inClause);
//output :
//AND F1Camp02930154 IN ('Support', 'Sales')