zoukankan      html  css  js  c++  java
  • Dapper 封装02-组装SQL

    在 SQLSERVER 里,我们在执行命令的时候我们是可以进行参数化传递的。这个好处主要可以防止注入。

    定义接受参数的类:

       public class DataParameter
        {
            public DataParameter()
            {
            }
            public DataParameter(string name,object value)
            {
                this.Name = name;
                this.Value = value;
            }
            public string Name { get; set; }
            public object Value { get; set; }
        }

    我们正常写一个 Where 语句,比如 WHERE Age=23 and name like '%delaywu%' 。从这句话中我们知道一个where 表达式 是由 表字段名 + 操作符号 + 值  组成的基本操作。

    所以我们创建一个方法来构建这样的SQL

         private static WhereClip BuildWhereChip(string propertyName, object value, QueryOper op, string paramName=null)
            {
                if(op !=QueryOper.IsNull && op!=QueryOper.IsNotNull && (value==null || value==DBNull.Value))
                {
                    return null;
                }
                WhereClip where = new WhereClip();
                StringBuilder sbSql = new StringBuilder($"{propertyName}{SqlQueryUtils.ToString(op)}");
    
                if (value !=null && value !=DBNull.Value)
                {
                    if(paramName ==null)
                    {
                        paramName = SqlQueryUtils.GetParmName(propertyName);
                    }
    
                    if(paramName.Length>0)
                    {
                        sbSql.Append($"@{paramName}");
                        where.Parameters.Add(new DataParameter(paramName, value));
                    }
                    else
                    {
                        sbSql.Append($"{value}");
                    } 
                }
                where.WhereSql = sbSql.ToString();
                return where;
            }
            public static string GetParmName(string propertyName)
            {
                //[a.name]="delaywu"
                string paramName = propertyName.Replace("[", "").Replace("]", "");
                if(paramName.Contains("."))
                {
                    //name
                    int lstIdx = paramName.LastIndexOf('.');
                    paramName = paramName.Substring(lstIdx + 1).Trim();
                }
                if(!System.Text.RegularExpressions.Regex.IsMatch(paramName,"^[a-zA-Z1-9_]*$"))
                {
                    return string.Empty;
                }
                return paramName;
            }
    GetParmName 这个方法主要是 可能在写多表查询的时候出现 a.Name b.age 这类的情况。获得其真实的 字段名称。以及[  ] 这个信息的处理。
    有了基础的构建方法。我们可以把相关操的符的 WHERE 都可以生成出来了。
     public static WhereClip Eq(string propertyName, object value, string paramName = null)
            {
                return BuildWhereChip(propertyName, value, QueryOper.Eq, paramName);
            }
    
            public static WhereClip NotEq(string propertyName, object value, string paramName = null)
            {
                return BuildWhereChip(propertyName, value, QueryOper.NotEq, paramName);
            }
    
            public static WhereClip IsNull(string propertyName)
            {
                return BuildWhereChip(propertyName, null, QueryOper.IsNull, null);
            }
            public static WhereClip IsNotNull(string propertyName)
            {
                return BuildWhereChip(propertyName, null, QueryOper.IsNotNull, null);
            }
            public static WhereClip StartWith(string propertyName, string value, string paramName = null)
            {
                return Like(propertyName, value.Replace("%", "[%]").Replace("_", "[_]") + '%', paramName);
            } 
            public static WhereClip EndsWith(string propertyName, string value, string paramName = null)
            {
                return Like(propertyName, '%' + value.Replace("%", "[%]").Replace("_", "[_]"), paramName);
            }
    
            public static WhereClip Gt(string propertyName, object value, string paramName = null)
            {
                return BuildWhereChip(propertyName, value, QueryOper.Gt, paramName);
            }
            public static WhereClip Lt(string propertyName, object value, string paramName = null)
            {
                return BuildWhereChip(propertyName, value, QueryOper.Lt, paramName);
            }
            public static WhereClip Le(string propertyName, object value, string paramName = null)
            {
                return BuildWhereChip(propertyName, value, QueryOper.Le, paramName);
            }
            public static WhereClip Ge(string propertyName, object value, string paramName = null)
            {
                return BuildWhereChip(propertyName, value, QueryOper.Ge, paramName);
            }
            public static WhereClip Like(string propertyName, string value, string paramName = null)
            {
                if (string.IsNullOrEmpty(value))
                {
                    return null;
                }
                return BuildWhereChip(propertyName, value, QueryOper.Like, paramName);
            }
    
            public static WhereClip Between(string propertyName, object lo, object hi,  string paramName=null)
            {
                WhereClip where = new WhereClip();
                StringBuilder sbSql = new StringBuilder($"{propertyName} between ");
                if(paramName==null)
                {
                    paramName = SqlQueryUtils.GetParmName(propertyName);
                }
                if(propertyName.Length>0)
                {
                    string strParamName1 = paramName + "_pmin";
                    string strParamName2 = paramName + "_pmax";
                    sbSql.Append($"@{strParamName1} and @{strParamName2} ");
                    where.Parameters.Add(new DataParameter(strParamName1, lo));
                    where.Parameters.Add(new DataParameter(strParamName2, hi));
                }
                else
                {
                    sbSql.Append($"{lo} and {hi}");
                }
                where.WhereSql = sbSql.ToString();
                return where;
            }
    
            public static WhereClip DapperIn<T>(string propertyName,IEnumerable<T>values,string paramName=null)
            {
                if (values == null || !values.Any())
                {
                    return null;
                }
    
                WhereClip where = new WhereClip();
                if(paramName==null)
                {
                    paramName = SqlQueryUtils.GetParmName(propertyName);
                }
                if(paramName.Length>0)
                {
                    where.Parameters.Add(new DataParameter(paramName, values));
                    where.WhereSql = $"{propertyName} in @{paramName} ";
                }
                else
                {
                    if(typeof(T).FullName==typeof(string).FullName)
                    {
                        string strIn = string.Join<T>("','", values);
                        where.WhereSql = $"{propertyName} in ({strIn})";
                    }
                    else
                    {
                        string strIn = string.Join<T>(",", values);
                        where.WhereSql = $"{propertyName} in ({strIn})";
                    }
                }
                return where;
            }
    
            public static WhereClip DapperNotIn<T>(string propertyName, IEnumerable<T> values, string paramName = null)
            {
                if (values == null || !values.Any())
                {
                    return null;
                }
                WhereClip where = new WhereClip();
                if (paramName == null)
                {
                    paramName = SqlQueryUtils.GetParmName(propertyName);
                }
                if (paramName.Length > 0)
                {
                    where.Parameters.Add(new DataParameter(paramName, values));
                    where.WhereSql = $"{propertyName} not in @{paramName} ";
                }
                else
                {
                    if (typeof(T).FullName == typeof(string).FullName)
                    {
                        string strIn = string.Join<T>("','", values);
                        where.WhereSql = $"{propertyName} not in ('{strIn}') ";
                    }
                    else
                    {
                        string strIn = string.Join<T>(",", values);
                        where.WhereSql = $"{propertyName} not in ({strIn}) ";
                    }
                }
                return where;
            }
    View Code

    上面的代码。我主要说一下 Like 相关的。数据库里面我们经常使用 []来转义特殊的单词。like 中%我们是要转义的,其次_也要的。

    测试一下:

  • 相关阅读:
    取最小未用的账号
    Oracle 同义词
    RMAN备份报 RMAN-06059 错误
    Oracle11g memory_target
    基础记录
    uboot启动流程
    android有关生命周期探讨
    can协议
    java虚拟机
    内存管理机制
  • 原文地址:https://www.cnblogs.com/delaywu/p/13380203.html
Copyright © 2011-2022 走看看