使用dapper框架动态拼接出最安全的sql语句--多条件查询
public ListGetNoticeByToUserID(Search search) { //search.userId=3; string sql = "select * from Notices WHERE ID>0 "; var param = new DynamicParameters(); sql += " AND ToUserID LIKE @toUserID"; param.Add("toUserID", "%"+search.userId.ToString()+"%" ); if (search.ID > 0) { sql += " AND id = @id"; param.Add("id", search.ID); } var NoticeState = new List (); NoticeState.AddRange(_workingDB.Query (sql, param).ToList()); string sql2 = "select * from IsReadNotices where NoticeID=@noticeID AND UserID=@uid "; foreach (var n in NoticeState) { IsReadNotice isReadNotices = _workingDB.Query (sql2, new { noticeID = n.ID, uid = search.userId }).SingleOrDefault(); if (isReadNotices != null) { n.statusMsg = isReadNotices.statusMsg; n.Remarks = isReadNotices.Remarks; } } return NoticeState; }
网站标题:使用dapper框架动态拼接出最安全的sql语句--多条件查询
网站链接:http://azwzsj.com/article/jphhpe.html