我需要使用像
这样的查询SELECT * FROM Table WHERE field IN (1,2,3)
我c#使用此
var data = context.ExecuteQuery<Some>( "SELECT * FROM Table WHERE field IN {0}", arrayParam ); //for example arrayParam has 1,2,3
当我使用它时,工作正常
var data = context.ExecuteQuery<Some>( "SELECT * FROM Table WHERE field = {0}", 1);
但随着param崩溃
传递参数数组?
注意:真正的查询是它要复杂得多,因此使用本机查询而不是linq
答案 0 :(得分:3)
如果在将数组作为SQL参数传递之前验证数组(以防止SQL注入),则可以执行以下操作:
var data = context.ExecuteQuery<Some>( "SELECT * FROM Table WHERE field IN ({0})", string.Join(",",arrayParam.Select(n=>n.ToString())));
答案 1 :(得分:0)
您可以执行@Marcin Zablocki所说的操作,也可以使用整个查询构造一个字符串,然后调用ExecuteQuery而不使用任何这样的参数:
var query = string.Format("SELECT * FROM Table WHERE field IN ({0})", string.Join(",", arrayParam.Select(n => n.ToString())));
var data = context.ExecuteQuery<Some>(query);