我有这个代码... C#中带参数的查询
var sql = @"select * from Passenger t0
join Ticket t1 on t0.PassengerID = t1.PassengerID
where t1.IsArrived = @IsArrived ";
List<SqlParameter> parameters = new List<SqlParameter>() {
new SqlParameter
{
ParameterName = "DateFrom",
Value = (object)fromDate ?? DBNull.Value,
DbType = System.Data.DbType.DateTime
},
new SqlParameter
{
ParameterName = "DateTo",
Value = (object)toDate ?? DBNull.Value,
DbType = System.Data.DbType.DateTime
},
new SqlParameter
{
ParameterName = "IsArrived",
Value = route,
DbType =System.Data.DbType.Boolean
},
new SqlParameter
{
ParameterName = "Search",
Value = $"'%{searchString}%'",
DbType = System.Data.DbType.String
}
};
var sqlQuery = sql +
(fromDate != null ? "and t1.DateFrom >= @DateFrom " : " ") +
(toDate != null ? "and @DateTo >= t1.DateFrom" : " ") +
(!String.IsNullOrEmpty(searchString) ? "and (t0.FirstName like @Search or t0.LastName like @Search)" : " ");
参数&#34; @ Search&#34;坏了 - 如何修改此查询才能工作? 我不知道如何为此参数编写值。 我试过了
Value = $@"'%{searchString}%'"
Value = @"'%"+searchString+"%'",
Value = $"\u0027\u0025{searchString}\u0025\u0027",
Value = "\u0027\u0025"+searchString+"\u0025\u0027",
Value = "\'%"+searchString+"%\'"
答案 0 :(得分:0)
var sqlQuery = sql +
(fromDate != null ? "and t1.DateFrom >= @DateFrom " : " ") +
(toDate != null ? "and @DateTo >= t1.DateFrom" : " ") +
(!String.IsNullOrEmpty(searchString) ? "and (t0.FirstName like @Search or t0.LastName like ' + @Search+ ')" : " ");
不要将@Search保留在字符串中。