[英]How do you write a parameterized where-in raw sql query in Entity Framework
如何在Entity Framework中編寫參數化的where-in原始sql查詢? 我嘗試了以下方法:
string dateQueryString = String.Join(",", chartModelData.GetFormattedDateList());
//Dates returned in format of 20140402,20140506,20140704
const string selectQuery =
@"SELECT
MAX(DATA_SEQ) AS MaxSeq, MIN(DATA_SEQ) AS MinSeq, COUNT(1) AS TotSampleCnt
FROM SPCDATA_TB
WHERE DATA_WDATE IN @DateParam
AND LINE_CODE = @LineCode
AND MODEL_NO = @ModelNumber
AND LOT_NO = @LotNumber
AND EQUIP_NO LIKE @EquipNumber";
SPCDataSeqCntInfo dataSeqCntInfo = _dbContext.Database.SqlQuery<SPCDataSeqCntInfo>(
selectQuery,
new SqlParameter("@DateParam", dateQueryString),
new SqlParameter("@LineCode", chartModelData.LineCode),
new SqlParameter("@ModelNumber", chartModelData.ModelNum),
new SqlParameter("@EquipNumber", equipmentNumber),
new SqlParameter("@LotNumber", chartModelData.LotNum)
).SingleOrDefault() ?? new SPCDataSeqCntInfo();
但是正如預期的那樣,它在DateParam上引發錯誤,因為它期望一個值。
這不是實體框架特有的問題,您可以通過動態生成自己的參數名稱來解決。
var parameters = new List<SqlParameter> {
new SqlParameter("@DateParam", dateQueryString),
new SqlParameter("@LineCode", chartModelData.LineCode),
new SqlParameter("@ModelNumber", chartModelData.ModelNum),
new SqlParameter("@EquipNumber", equipmentNumber),
new SqlParameter("@LotNumber", chartModelData.LotNum)
};
var dateParameters = chartModelData
.GetFormattedDateList()
.Select((date, index) => new SqlParameter("@date" + index, date));
parameters.AddRange(dateParameters);
var inValues = string.Join(", ", dateParameters.Select(p => p.ParameterName));
var query = @"SELECT MAX(DATA_SEQ) AS MaxSeq,
MIN(DATA_SEQ) AS MinSeq,
COUNT(1) AS TotSampleCnt
FROM SPCDATA_TB
WHERE DATA_WDATE IN (" + inValues + @")
AND LINE_CODE = @LineCode
AND MODEL_NO = @ModelNumber
AND LOT_NO = @LotNumber
AND EQUIP_NO LIKE @EquipNumber";
var myResult = _dbContext.Database
.SqlQuery<SPCDataSeqCntInfo>(query, parameters.ToArray());
發送到SQL-Server的結果查詢如下所示:
SELECT
MAX(DATA_SEQ) AS MaxSeq,
MIN(DATA_SEQ) AS MinSeq,
COUNT(1) AS TotSampleCnt
FROM SPCDATA_TB
WHERE DATA_WDATE IN (@date0, @date1, @date2)
AND LINE_CODE = @LineCode
AND MODEL_NO = @ModelNumber
AND LOT_NO = @LotNumber
AND EQUIP_NO LIKE @EquipNumber
通常,您希望避免在編寫查詢時進行字符串操作,但是,我相信此示例對於sql-injection是安全的。
這是用SQL編寫查詢的方式。
select *
from MyTable
where dateColumn in ('2014-01-01', '2014-02-01', '2014-03-01')
因此,除了必須用括號完全表示此字符串之外,別無所求。
var dateQueryString = string.Join(",", chartModelData.GetFormattedDateList());
// Dates shall be returned as DateTime.ToShortDateTimeString() as follows:
// '2014-01-01', '2014-02-01', '2014-03-01'
然后僅需將其包裝在括號中即可。
var sql = @"select max(data_seq) as MaxSeq
, min(data_seq) as MinSeq
, count(1) as TotSampleCnt
from spcdata_tb
where data_wadate in (@DateParam)
and line_code = @LineCode
and model_no = @ModelNumber
and lot_no = @LotNumber
and equip_no like @EquipNumber";
為每個命名參數提供參數值,然后加油! 這樣就可以了!
我會寫一個存儲proc來接受您的參數,然后將proc添加到您的edmx中。
然后,在edmx->模型瀏覽器->函數導入-> ...中,將存儲的proc的返回類型更改為SPCDataSeqCntInfo。
實體框架將負責傳遞您的參數。
例如
public static List<SPCDataSeqCntInfo> GetSPCDataSeqCntInfo(DateTime dateParam, string lineCode, int modelNum, int equipmentNumber, int lotNum)
{
using (var db = new NameOfMyEntites())
{
return db.sp_GetSPCDataSeqCntInfo(dateParam, lineCode, modelNum, equipmentNumber, lotNum).ToList();
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.