C#.net MVC通过参数从数据库加载数据
我想传递从角度复选框中获取的值。。(已选中的编号)从my db查询特定数据。 查看我的连接查询C#.net MVC通过参数从数据库加载数据,c#,asp.net-mvc,angularjs,C#,Asp.net Mvc,Angularjs,我想传递从角度复选框中获取的值。。(已选中的编号)从my db查询特定数据。 查看我的连接查询 private static string m_sConnectionString = ConfigurationManager.ConnectionStrings["NomsConnection"].ConnectionString; private static string m_sReport = "SELECT r.[RequestID],r.[RequestDate]
private static string m_sConnectionString = ConfigurationManager.ConnectionStrings["NomsConnection"].ConnectionString;
private static string
m_sReport = "SELECT r.[RequestID],r.[RequestDate],r.[PARNumber],r.[StatusID],r.[PurchaseComment]" // 0 - 4
+ ",r.[UID],r.[LearUID],r.[FullName],r.[Email]" // 5 - 8
+ ",r.[EntityName],r.[DepartmentName],r.[DepartmentID]" // 9 - 11
+ ",r.[InboxLearUID]" // 12
+ ",r.[ProgramID],r.[ProgramCode],r.[ProgramName],r.[CostCenterCode]" // 13 - 16
+ ",p.[PartDesc],p.[SupplierID],p.[AccountType],p.[CurrName],p.[PartQuantity],p.[PiecePrice], p.[PartNumber]"
+ "FROM [NOP_PR].[dbo].[Requests] r "
+ "JOIN [NOP_PR].[dbo].[Parts] p on p.[RequestID] = r.[RequestID]"
+ "JOIN [NOP_PR].[dbo].[Departments] d on d.[DepartmentID] = r.[DepartmentID]"
+ "WHERE [CountryName] IN ('Philippines') ";
//ORDER BY r.[RequestDate] DESC";
public static List<NomsPRRequest> LoadPRfromDB_withParams(DateTime from, DateTime to, string EntityID,
string DepartmentID, string [] StatusID)
{
string sScript = m_sReport + ((EntityID == "") ? "" : " AND d.[EntityID]=" + EntityID) + ((DepartmentID == "") ? "" : " AND d.[DepartmentID]=" + DepartmentID)
+ " and [RequestDate] between '" + from.ToString("yyyy-MM-dd HH:mm:ss") + "' and '" + to.ToString("yyyy-MM-dd HH:mm:ss") + "'" + " and " + (( __________ ) ? "" : " AND d.[StatusID] in (" + ____________ + ")" );
Dictionary<long, NomsPRRequest> data = new Dictionary<long, NomsPRRequest>();
long key;
double dAmount;
using (SqlConnection con = new SqlConnection(m_sConnectionString))
{
con.Open();
using (SqlCommand command = new SqlCommand(sScript, con))
{
SqlDataReader reader = command.ExecuteReader();
while (reader.Read())
{
key = reader.GetInt64(0);
if (!data.ContainsKey(key))
{
data.Add(key, new NomsPRRequest()
{
RequestID = key,
RequestDate = reader.GetDateTime(1),
PARNumber = reader.GetString(2),
DepartmentName = reader.GetString(10),
DepartmentID = reader.GetInt64(11),
StatusID = reader.GetInt64(3),
FullName = reader.GetString(7),
InboxLearUID = reader.GetString(12),
ProgramName = reader.GetString(14),
ItemList = new List<NomsPRItem>(),
TotalAmount = 0.0
});
}
dAmount = (double)reader.GetDecimal(21) * (double)reader.GetDecimal(22);
data[key].TotalAmount += dAmount;
data[key].ItemList.Add(new NomsPRItem()
{
RequestID = key,
PartDesc = reader.GetString(17),
PartNumber = reader.GetString(23),
SupplierID = reader.GetString(18),
FullName = reader.GetString(7),
AccountType = reader.GetString(19),
CurrName = reader.GetString(20),
PartQuantity = (double)reader.GetDecimal(21),
PiecePrice = (double)reader.GetDecimal(22),
Amount = dAmount
});
}
}
}
return data.Values.ToList();
}
以及在我的MVC控制器中传递的内容
public JsonResult GetList()
{
DateTime today = DateTime.Now;
List<NomsPRRequest> model = NomsConnection.LoadPRfromDB_withParams(new DateTime(today.Year, today.Month, 1, 0, 0, 0), today,"","");
return Json(model, JsonRequestBehavior.AllowGet);
}
public JsonResult GetReportList(string from, string to, string EntityID="", string DepartmentID="", int StatusID)
{
DateTime fromd = DateTime.Now;
DateTime tod = DateTime.Now;
if (from != "undefined")
fromd = Convert.ToDateTime(from);
if (to != "undefined")
tod = Convert.ToDateTime(to);
fromd = new DateTime(fromd.Year, fromd.Month, fromd.Day, 0, 0, 0);
tod = new DateTime(tod.Year, tod.Month, tod.Day, 23, 59, 59);
return Json(NomsConnection.LoadPRfromDB_withParams(fromd, tod, EntityID, DepartmentID, StatusID), JsonRequestBehavior.AllowGet);
}
在传递数据时,还要在这部分中添加什么
scope.changeDate = function () {
scope.models = null;
var e = document.getElementById("entityList");
scope.EntityID = e.options[e.selectedIndex].value;
e = document.getElementById("deptList");
scope.DepartmentID = e.options[e.selectedIndex].value;
// console.log(this.filter_fromDate);
//console.log(this.filter_toDate);
http.get('GetReportList?from=' + scope.filter_fromDate + '&to=' + scope.filter_toDate + '&EntityID=' + scope.EntityID + '&DepartmentID=' + scope.DepartmentID).success(
function (data) {
scope.models = data;
});
}
首先,您的sql查询确实应该防止 考虑到您的问题似乎是您需要查询来读取
。。。。以及([status1]、[status2]、[status3]……)中的d.statusid
。为此,可以使用参数。首先,我们需要为StatusId
string sScript = m_sReport
+ ((EntityID == "") ? "" : " AND d.[EntityID]="
+ EntityID) + ((DepartmentID == "") ? "" : " AND d.[DepartmentID]="
+ DepartmentID) + " and [RequestDate] between '"
+ from.ToString("yyyy-MM-dd HH:mm:ss") + "' and '"
+ to.ToString("yyyy-MM-dd HH:mm:ss") + "'" + " and "
+ (( __________ ) ? "" : " AND d.[StatusID] in (";
int paramCount=0;
foreach(string Id in StatusId)
{
sScript = sScript + "@statusParam" + paramCount + ",";
paramCount++;
}
sScript = sScript + ");";
接下来,我们需要填充每个参数,因此在初始化连接等之后:
using (SqlCommand command = new SqlCommand(sScript, con))
{
paramCount = 0;
foreach(string Id in StatusId)
{
string paramName = "@statusParam" + paramCount;
command.Parameters.AddWithValue(paramName,Id);
paramCount++;
}
SqlDataReader reader = command.ExecuteReader();
/*..........rest of the code */
}
我没有在任何IDE中使用它,因此可能会有一些小的语法错误,但您明白了。您是指此处的statusId`foreach(statusId中的string Id)`是我将从复选框中获取的statusId吗?您的方法
LoadPRfromDB_with params
包含一个参数string[]statusId
。我假设您的问题是编写一个查询以包含该数组中的所有StatusID。您的问题并不十分清楚-您是在努力让复选框发回控制器,还是在编写SQL查询?
scope.changeDate = function () {
scope.models = null;
var e = document.getElementById("entityList");
scope.EntityID = e.options[e.selectedIndex].value;
e = document.getElementById("deptList");
scope.DepartmentID = e.options[e.selectedIndex].value;
// console.log(this.filter_fromDate);
//console.log(this.filter_toDate);
http.get('GetReportList?from=' + scope.filter_fromDate + '&to=' + scope.filter_toDate + '&EntityID=' + scope.EntityID + '&DepartmentID=' + scope.DepartmentID).success(
function (data) {
scope.models = data;
});
}
string sScript = m_sReport
+ ((EntityID == "") ? "" : " AND d.[EntityID]="
+ EntityID) + ((DepartmentID == "") ? "" : " AND d.[DepartmentID]="
+ DepartmentID) + " and [RequestDate] between '"
+ from.ToString("yyyy-MM-dd HH:mm:ss") + "' and '"
+ to.ToString("yyyy-MM-dd HH:mm:ss") + "'" + " and "
+ (( __________ ) ? "" : " AND d.[StatusID] in (";
int paramCount=0;
foreach(string Id in StatusId)
{
sScript = sScript + "@statusParam" + paramCount + ",";
paramCount++;
}
sScript = sScript + ");";
using (SqlCommand command = new SqlCommand(sScript, con))
{
paramCount = 0;
foreach(string Id in StatusId)
{
string paramName = "@statusParam" + paramCount;
command.Parameters.AddWithValue(paramName,Id);
paramCount++;
}
SqlDataReader reader = command.ExecuteReader();
/*..........rest of the code */
}