此代码适用于单个值的查询参数:
public void GetById(long id)
{
var sql = "SELECT * FROM table1 WHERE id = :id";
using(var cmd = new OracleCommand(sql, oracleConnection)) {
cmd.Parameters.Add(new OracleParameter("id", id));
...
}
}
什么是数组或值列表?
public void GetByIds(long[] ids)
{
var sql = "SELECT * FROM table1 WHERE id IN (:ids)";
using(var cmd = new OracleCommand(sql, oracleConnection)) {
cmd.Parameters.Add(new OracleParameter("ids", /* ??? */));
...
}
}
如果不清楚,我正在寻找可以像这样工作的东西:
sql = "SELECT * FROM table1 WHERE id IN (" + string.Join(',', ids) + ")";
但作为干净的参数化查询。
答案 0 :(得分:0)
您可以将参数列表作为字符串发送,并使用常规表达式来分隔ID。示例:
select regexp_substr('SMITH,ALLEN,WARD,JONES','[^,]+', 1, level) from dual
所以
sql = "SELECT * FROM table1 WHERE id IN (
select regexp_substr(:ids,'[^,]+', 1, level) from dual
)";
How to split comma separated string and pass to IN clause of select statement