C# 使用inputbox在asp.net core razor中使用dapper进行过滤
我有一个已经从数据库中获取数据的查询,现在我想使用razor页面中的复选框过滤数据。 下面是复选框C# 使用inputbox在asp.net core razor中使用dapper进行过滤,c#,sql,asp.net-core,razor,dapper,C#,Sql,Asp.net Core,Razor,Dapper,我有一个已经从数据库中获取数据的查询,现在我想使用razor页面中的复选框过滤数据。 下面是复选框 <!--check box--> <div id="selection" class="input-group col-md-3 flex-column" style="display: inline-flex;"> <
<!--check box-->
<div id="selection" class="input-group col-md-3 flex-column" style="display: inline-flex;">
<div class="form-check">
<input type="text" class="form-check-input" value="InterestRate" name="loan" id="intRate">
<label class="form-check-label" for="exampleCheck1">Interest Rate</label>
</div>
<div class="form-check">
<input type="text" class="form-check-input" value="LoanAmount" name="loan" id="intRate">
<label class="form-check-label" for="exampleCheck1">Interest Rate</label>
</div>
<div class="form-check">
<input type="date" class="form-check-input" value="LoanTrfDate" name="loan" id="transDate">
<label class="form-check-label" for="exampleCheck1">Transfer Date</label>
</div>
<button type="submit" class="btn btn-primary" id="filter">Submit</button>
</div>
<!--check box-->
如果您在调用之前设法在字典中获取输入变量,可以通过数据绑定变量,也可以在需要时获取它们。下面的方法可以为您过滤它 这假设您将键设置为列名。在本例中,它们都来自同一个表别名(尽管您可以根据需要进行编辑。这只是一种不断构建准备好的语句并动态添加where条件的方法) 执行时,您提供参数值,Dapper非常擅长基于您的值进行类型匹配。这也解决了SQLinjection的一些危险 还有其他方法可以动态构建查询或插入参数。 把这些值放到字典里我就留给你了
整洁到底需要过滤什么?我们看到了复选框的代码,但我看不到查询结果中的内容。复选框的用途是什么?目前还不清楚你打算如何处理这些复选框。如果单击复选框,会发生什么情况?按列筛选,例如InterestRate column我希望能够单击这些复选框。复选框中的值是表列的名称。这样,我就可以用列查询表,其中复选框值是列的名称这些列是什么表?通过执行
选择l.*public async Task<IEnumerable<Loan>> ManageGettingAll(string[] Requestloans, bool includeDeleted, bool showUnapprovedOnly)
{
IEnumerable<Loan> loans = null;
try
{
using (var conn = new SqlConnection(connectionstring))
{
await con.OpenAsync();
string sql = "Select l.*, c.FirstName from dbo.Loan l left join Customer c on l.CustId=c.CustId";
if (!includeDeleted)
{
sql += " and l.Deleted = 0";
}
if (showUnapprovedOnly)
{
sql += " and l.Approved = 0";
}
loans = await conn.QueryAsync<Loan>(sql);
}
}
catch (Exception)
{
throw;
}
return loans;
}
public async Task<IEnumerable<Loan>> ManageGettingAll(Dictionary<string, object> Params)
{
IEnumerable<Loan> loans = null;
try
{
using (var conn = new SqlConnection(connectionstring))
{
await conn.OpenAsync();
string basesql = "Select l.*, c.FirstName from dbo.Loan l left join Customer c on l.CustId=c.CustId";
DynamicParameters queryParams = new DynamicParameters();
if (Params.Count == 0)
{
//No params, so no where condition needed.
}
else
{
bool firstVar = true;
basesql += " WHERE ";
foreach (var paramName in Params.Keys)
{
if (!firstVar)
{
basesql += " AND ";
}
else
{
firstVar = false;
}
basesql += ("l." + paramName + " = @" + paramName);
if (Params.TryGetValue(paramName, out object ParamValue))
{
queryParams.Add("@" + paramName, ParamValue);
}
else
{
//Key not found, should be impossible though.
}
}
}
loans = await conn.QueryAsync<Loan>(basesql, queryParams);
}
}
catch (Exception)
{
throw;
}
return loans;
}
Dictionary<string, object> parameters = new Dictionary<string, object>();
parameters.Add("interestrate", 10);
parameters.Add("transferdate", DateTime.Now);
parameters.Add("loanName", "Mortgage");
ManageGettingAll(parameters);
SELECT l.*, c.FirstName from dbo.Loan l left join Customer c on l.CustId=c.CustId
WHERE l.interestrate = @interestrate AND l.transferdate = @transferdate AND l.loanName = @loanname