高级C＃重构

Question

As part of an internationalization effort it is required to refactor usages of string.Format(...) to use the string.Format(CultureInfo.InvariantCulture, ...) option when formatting SQL queries. This is to ensure the code will continue to generate valid SQL when running under a variety of language-culture environments. In other cases, for example when formatting strings for the UI, string.Format(...) usages should remain unchanged.

For example, the following code would need to be updated to use string.Format(CultureInfo.InvariantCulture, ...) :

string sql;

if(somethign) 
{
    sql = string.Format("SELECT {0} FROM {1}", column, table);
}
else 
{
    sql = string.Format("SELECT {0} FROM {1}", column2, table2);
}

db.Query(sql);

Unfortunately this pattern of database access is used several thousand times in the code base and there is no straightforward find and replace command I can think of to use here. Any find and replace approach needs to be advanced enough to isolate only the cases where the resulting string is used as a parameter to db.Query().

Some ideas I am currently considering include Resharper's Search with Pattern (I have never used it), writing a Roslyn based tool to intelligently refactor the code (seems over complicated) or some combination of Unix command line tools.

I'm also open to other more significant refactoring approaches provided they can be largely automated.

What is the recommended way to proceed with internationalizing this code?

Answer 1

You can use string interpolation of C#. So the query will look like this:

sql = $"SELECT {column} FROM {table}";

I think the default of string interpolation is current culture.

On the other hand, I still don't recommend constructing your query in your code as it can be vulnerable to SQL injection.