查询活动记录时不知道该值是否为空的最佳实践是什么。
所以,在我看来,我有此表单可以在控制器上发送查询以进行查询
<%= form_tag("/worksteps", method: "get") do %>
<div>
<span>Work Steps</span>
<%= label_tag(:attrib, "All") %>
<%# "is not null" is a hack to query all %>
<%= radio_button_tag(:attrib, "is not null", checked = true ) %>
<%# workstep_attrib are the column names %>
<% @workstep_attrib.each do |attrib| %>
<%= label_tag(:attrib, attrib.name) %>
<%# value is a hack it will render "= 21" %>
<%= radio_button_tag(:attrib, "= #{attrib.id}") %>
<%end%>
</div>
<div>
<%= label_tag :dent_case, 'Search Case'%>
<%= text_field_tag :dent_case%>
<%= submit_tag :search%>
</div>
<%end%>
<%= radio_button_tag(:attrib, "is not null", checked = true ) %>
我查询所有内容的黑客手段
<%= radio_button_tag(:attrib, "= #{attrib.id}") %>
还可以查询特定列的黑客
这就是我在控制器上得到的
//由于首次加载为空
if !params[:attrib]
params[:attrib] = "is not null"
end
//查询代码,其中子句很时髦
Spree::WorkorderProductWorkstep.includes(product_workstep: [:workstep],
workorder: [:product,
denture_design: [:denture_design_spec],
order: [:user]])
.where("spree_worksteps.id #{params[:attrib]}")
.references(:workstep)
他们是另一种方式吗?我还了解到where子句所在的安全风险,我没有清理传入的数据,但那不是我现在的重点
我还在同一查询中添加了这个丑陋的解决方案
if !params[:dent_case] || params[:dent_case].empty?
params[:dent_case] = "is not null"
else
params[:dent_case] = "= #{params[:dent_case]}"
end
.where("denture_designs.id #{params[:dent_case]}")