将参数值作为SQL Server中的Where子句传递

时间:2014-05-30 13:00:05

标签: c# sql-server-2008

我想将参数值作为SQL Server中的Where子句传递。如果我直接在Query中传递值,那么它会向我显示结果,但在将其与SQLCommandStorecProcedure一起使用后,它不会返回任何值。

请帮我解决这个问题。

我的查询: 

Select top 15 UserId, (FirstName + ' ' + LastName) as Name from tblUser Where  + @AllUserIds + (FirstName + ' ' + LastName) LIKE @Search1 + '%' AND (FirstName + ' ' + LastName) LIKE '%' + @Search2 + '%'

@Search1='abc'
@Search2=''
@AllUserIds=UserId!=2869 AND UserId!=1 AND


C#代码: 

SqlCommand cmd = new SqlCommand();
cmd.Connection = con;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "sp_Teacher_App";

cmd.Parameters.Add("@Search1", SqlDbType.VarChar, 50).Value = Search1;
cmd.Parameters.Add("@Search2", SqlDbType.VarChar, 50).Value = Search2;

AllUserIds = "UserId!=" + AllUserIds.Replace(",", " AND UserId!=") + " AND ";
cmd.Parameters.Add("@AllUserIds", SqlDbType.VarChar).Value = AllUserIds;
cmd.Parameters.Add("@Mode", SqlDbType.VarChar, 30).Value = "GetUserSuggestions";

3 个答案:

答案 0 :(得分:0)

涉及灵活数量参数的复杂查询很棘手。幸运的是,像“小巧玲珑”这样的工具可以帮到你。 看起来就像你想要做的事情如下:

int[] userIds = new[] {1,2,3,4};
var query = conn.Query(@"
Select top 15 UserId, (FirstName + ' ' + LastName) as Name
from tblUser Where UserId not in @userIds
and (FirstName + ' ' + LastName) LIKE @Search1 + '%'
and (FirstName + ' ' + LastName) LIKE '%' + @Search2 + '%'",
    new { userIds, Search1, Search2 });

foreach(var row in query) {
    Console.WriteLine((int)row.UserId);
    Console.WriteLine((string)row.Name);
}

请注意dapper在这里帮助我们的事情:

  • 清洁参数化
  • userIds参数的参数扩展
  • 结果绑定(在这种情况下为dynamic,但也支持类型绑定)

答案 1 :(得分:0)

更好的方法是使用动态SQL在存储过程中构建查询。 

ALTER Procedure [dbo].[sp_Teacher_App]
    @AllUserIds nvarchar(100),
    @Search1 nvarchar(100),
    @Search2 nvarchar(100),
As
    SET NOCOUNT ON
    declare @selectCols nvarchar(500), @wherClause nvarchar(300), @fromClause   varchar(50)
    set @selectCols = 'Select top 15 UserId, (Firstname' + '+ ' +  'LastName) as Name' 
    set @fromClause = ' tblUser '        --you can even pass this as  a param
    set @wherClause = @AllUserIds 
    set @query = @selectCols + 'from ' + @fromClause +  ' where ' + @wherClause 
    exec(@query)

    SET NOCOUNT OFF

答案 2 :(得分:-2)

再试几个括号。如果这不起作用,请删除所有where条件,并将tyhen一次一个地添加回来,以帮助您诊断问题源自何处。

Select top 15 UserId, (FirstName + ' ' + LastName) as Name 
from tblUser 
Where 
(
@AllUserIds + 
((FirstName + ' ' + LastName) LIKE @Search1 + '%' )
AND 
((FirstName + ' ' + LastName) LIKE '%' + @Search2 + '%')
)
相关问题
最新问题