SqlHelper
//===============================================================================
// This file is based on the Microsoft Data Access Application Block for .NET
// For more information please go to
// http://msdn.microsoft.com/library/en-us/dnbda/html/daab-rm.asp
//===============================================================================
using System;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Collections;
using System.Collections.Specialized;
using System.Text;
namespace SQL
{
/// <summary>
/// The SqlHelper class is intended to encapsulate high performance,
/// scalable best practices for common uses of SqlClient.
/// </summary>
public abstract class SqlHelper
{
//Database connection strings
public static readonly string Constr = ConfigurationManager.ConnectionStrings["Constr"].ConnectionString;
// Hashtable to store cached parameters
private static Hashtable parmCache = Hashtable.Synchronized(new Hashtable());
/// <summary>
/// Execute a SqlCommand (that returns no resultset) against the database specified in the connection string
/// using the provided parameters.
/// </summary>
/// <remarks>
/// e.g.:
/// int result = ExecuteNonQuery(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));
/// </remarks>
/// <param name="connectionString">a valid connection string for a SqlConnection</param>
/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
/// <param name="commandText">the stored procedure name or T-SQL command</param>
/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
/// <returns>an int representing the number of rows affected by the command</returns>
public static int ExecuteNonQuery(string connectionString, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
{
SqlCommand cmd = new SqlCommand();
using (SqlConnection conn = new SqlConnection(connectionString))
{
PrepareCommand(cmd, conn, null, cmdType, cmdText, commandParameters);
int val = cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
return val;
}
}
/// <summary>
/// Execute a SqlCommand (that returns no resultset) against an existing database connection
/// using the provided parameters.
/// </summary>
/// <remarks>
/// e.g.:
/// int result = ExecuteNonQuery(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));
/// </remarks>
/// <param name="conn">an existing database connection</param>
/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
/// <param name="commandText">the stored procedure name or T-SQL command</param>
/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
/// <returns>an int representing the number of rows affected by the command</returns>
public static int ExecuteNonQuery(SqlConnection connection, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
{
SqlCommand cmd = new SqlCommand();
PrepareCommand(cmd, connection, null, cmdType, cmdText, commandParameters);
int val = cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
return val;
}
/// <summary>
/// Execute a SqlCommand (that returns no resultset) using an existing SQL Transaction
/// using the provided parameters.
/// </summary>
/// <remarks>
/// e.g.:
/// int result = ExecuteNonQuery(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));
/// </remarks>
/// <param name="trans">an existing sql transaction</param>
/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
/// <param name="commandText">the stored procedure name or T-SQL command</param>
/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
/// <returns>an int representing the number of rows affected by the command</returns>
public static int ExecuteNonQuery(SqlTransaction trans, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
{
SqlCommand cmd = new SqlCommand();
PrepareCommand(cmd, trans.Connection, trans, cmdType, cmdText, commandParameters);
int val = cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
return val;
}
/// <summary>
/// Execute a SqlCommand that returns a resultset against the database specified in the connection string
/// using the provided parameters.
/// </summary>
/// <remarks>
/// e.g.:
/// SqlDataReader r = ExecuteReader(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));
/// </remarks>
/// <param name="connectionString">a valid connection string for a SqlConnection</param>
/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
/// <param name="commandText">the stored procedure name or T-SQL command</param>
/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
/// <returns>A SqlDataReader containing the results</returns>
public static SqlDataReader ExecuteReader(string connectionString, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
{
SqlCommand cmd = new SqlCommand();
SqlConnection conn = new SqlConnection(connectionString);
// we use a try/catch here because if the method throws an exception we want to
// close the connection throw code, because no datareader will exist, hence the
// commandBehaviour.CloseConnection will not work
try
{
PrepareCommand(cmd, conn, null, cmdType, cmdText, commandParameters);
SqlDataReader rdr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
return rdr;
}
catch
{
conn.Close();
throw;
}
}
/// <summary>
/// Execute a SqlCommand that returns the first column of the first record against the database specified in the connection string
/// using the provided parameters.
/// </summary>
/// <remarks>
/// e.g.:
/// Object obj = ExecuteScalar(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));
/// </remarks>
/// <param name="connectionString">a valid connection string for a SqlConnection</param>
/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
/// <param name="commandText">the stored procedure name or T-SQL command</param>
/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
/// <returns>An object that should be converted to the expected type using Convert.To{Type}</returns>
public static object ExecuteScalar(string connectionString, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
{
SqlCommand cmd = new SqlCommand();
using (SqlConnection connection = new SqlConnection(connectionString))
{
PrepareCommand(cmd, connection, null, cmdType, cmdText, commandParameters);
object val = cmd.ExecuteScalar();
cmd.Parameters.Clear();
return val;
}
}
/// <summary>
/// Execute a SqlCommand that returns the first column of the first record against an existing database connection
/// using the provided parameters.
/// </summary>
/// <remarks>
/// e.g.:
/// Object obj = ExecuteScalar(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));
/// </remarks>
/// <param name="conn">an existing database connection</param>
/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
/// <param name="commandText">the stored procedure name or T-SQL command</param>
/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
/// <returns>An object that should be converted to the expected type using Convert.To{Type}</returns>
public static object ExecuteScalar(SqlConnection connection, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
{
SqlCommand cmd = new SqlCommand();
PrepareCommand(cmd, connection, null, cmdType, cmdText, commandParameters);
object val = cmd.ExecuteScalar();
cmd.Parameters.Clear();
return val;
}
/// <summary>
/// 执行插入操作
/// </summary>
/// <param name="connectionString"></param>
/// <param name="creator"></param>
/// <returns></returns>
public static int Insert(string connectionString, SqlCreator creator)
{
string sql = creator.GetInsertSql();
SqlParameter[] par = new SqlParameter[creator.Parameters.Length];
for (int i = 0; i < creator.Parameters.Length; i++)
{
Parameter parm=creator.Parameters[i];
par[i] = SqlHelper.MakeInputParam(parm.ParameterName, parm.DbType, parm.Size, parm.Value);
}
return SqlHelper.ExecuteNonQuery(connectionString, CommandType.Text, sql, par);
}
/// <summary>
/// 执行更新操作
/// </summary>
/// <param name="connectionString"></param>
/// <param name="creator"></param>
/// <returns></returns>
public static int Update(string connectionString, SqlCreator creator)
{
string sql = creator.GetUpdateSql();
SqlParameter[] par = new SqlParameter[creator.Parameters.Length + creator.WhereParameters.Length];
for (int i = 0; i < creator.Parameters.Length; i++)
{
Parameter parm = creator.Parameters[i];
par[i] = SqlHelper.MakeInputParam(parm.ParameterName, parm.DbType, parm.Size, parm.Value);
}
for (int i = creator.Parameters.Length; i < par.Length; i++)
{
Parameter parm = creator.Parameters[i - creator.Parameters.Length];
par[i] = SqlHelper.MakeInputParam(parm.ParameterName, parm.DbType, parm.Size, parm.Value);
}
}
/// <summary>
/// add parameter array to the cache
/// </summary>
/// <param name="cacheKey">Key to the parameter cache</param>
/// <param name="cmdParms">an array of SqlParamters to be cached</param>
public static void CacheParameters(string cacheKey, params SqlParameter[] commandParameters)
{
parmCache[cacheKey] = commandParameters;
}
public static DataTable GetTable(string connectionString, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
{
DataTable dt = new DataTable();
SqlCommand cmd = new SqlCommand();
using (SqlConnection conn = new SqlConnection(connectionString))
{
PrepareCommand(cmd, conn, null, cmdType, cmdText, commandParameters);
SqlDataAdapter da = new SqlDataAdapter();
da.SelectCommand = cmd;
da.Fill(dt);
}
return dt;
}
/// <summary>
/// Retrieve cached parameters
/// </summary>
/// <param name="cacheKey">key used to lookup parameters</param>
/// <returns>Cached SqlParamters array</returns>
public static SqlParameter[] GetCachedParameters(string cacheKey)
{
SqlParameter[] cachedParms = (SqlParameter[])parmCache[cacheKey];
if (cachedParms == null)
return null;
SqlParameter[] clonedParms = new SqlParameter[cachedParms.Length];
for (int i = 0, j = cachedParms.Length; i < j; i++)
clonedParms[i] = (SqlParameter)((ICloneable)cachedParms[i]).Clone();
return clonedParms;
}
/// <summary>
/// Prepare a command for execution
/// </summary>
/// <param name="cmd">SqlCommand object</param>
/// <param name="conn">SqlConnection object</param>
/// <param name="trans">SqlTransaction object</param>
/// <param name="cmdType">Cmd type e.g. stored procedure or text</param>
/// <param name="cmdText">Command text, e.g. Select * from Products</param>
/// <param name="cmdParms">SqlParameters to use in the command</param>
private static void PrepareCommand(SqlCommand cmd, SqlConnection conn, SqlTransaction trans, CommandType cmdType, string cmdText, SqlParameter[] cmdParms)
{
if (conn.State != ConnectionState.Open)
conn.Open();
cmd.Connection = conn;
cmd.CommandText = cmdText;
if (trans != null)
cmd.Transaction = trans;
cmd.CommandType = cmdType;
if (cmdParms != null)
{
foreach (SqlParameter parm in cmdParms)
{
if (parm != null)
{
cmd.Parameters.Add(parm);
}
}
}
}
/// <summary>
/// 创建输入参数
/// </summary>
/// <param name="paramName"></param>
/// <param name="dbType"></param>
/// <param name="length"></param>
/// <returns></returns>
public static SqlParameter MakeInputParam(string paramName, SqlDbType dbType, int size, object value)
{
if (value == null)
{
value = DBNull.Value;
}
if (value.GetType() == typeof(string) && string.IsNullOrEmpty(value.ToString()))
{
value = DBNull.Value;
}
SqlParameter par = new SqlParameter(paramName, dbType);
if (size > 0)
{
par.Size = size;
}
par.Direction = ParameterDirection.Input;
par.Value = value;
return par;
}
/// <summary>
/// 创建输出参数
/// </summary>
/// <param name="paramName"></param>
/// <param name="dbType"></param>
/// <param name="size"></param>
/// <returns></returns>
public static SqlParameter MakeOutputParam(string paramName, SqlDbType dbType, int size)
{
SqlParameter par = new SqlParameter(paramName, dbType, size);
par.Direction = ParameterDirection.Output;
return par;
}
}
/// <summary>
/// 封装构建SQL语句和其参数的类
/// </summary>
public class SqlCreator
{
public string TableName = "";
public Parameter[] Parameters = new Parameter[] { };
public Parameter[] WhereParameters = new Parameter[] { };
public SqlCreator(string tableName,Parameter[] parameters, Parameter[] where)
{
TableName = tableName;
Parameters = parameters;
WhereParameters = where;
}
/// <summary>
/// 获取插入SQL语句
/// </summary>
/// <returns></returns>
public string GetInsertSql()
{
StringBuilder s = new StringBuilder();
s.Append("insert into " + TableName + "(");
for (int i = 0; i < Parameters.Length - 1; i++)
{
s.Append(Parameters[i].ColumnName + ",");
}
s.Append(Parameters[Parameters.Length].ColumnName);
s.Append(")");
s.Append("values(");
for (int i = 0; i < Parameters.Length - 1; i++)
{
s.Append(Parameters[i].ParameterName + ",");
}
s.Append(Parameters[Parameters.Length].ParameterName);
s.Append(")");
return s.ToString();
}
/// <summary>
/// 获取更新SQL语句
/// </summary>
/// <param name="whereColumnName">Where后面的列名</param>
/// <param name="whereColumnParam">Where后面的列的参数</param>
/// <returns></returns>
public string GetUpdateSql()
{
StringBuilder s = new StringBuilder();
s.Append("update " + TableName + " set ");
for (int i = 0; i < Parameters.Length - 1; i++)
{
s.Append(Parameters[i].ColumnName + "=" + Parameters[i].ParameterName + ",");
}
s.Append(Parameters[Parameters.Length].ColumnName + "=" + Parameters[Parameters.Length].ParameterName);
if (WhereParameters.Length > 0)
{
s.Append(" where ");
for (int i = 0; i < WhereParameters.Length - 1; i++)
{
s.Append(WhereParameters[i].ColumnName + "=" + WhereParameters[i].ParameterName + " and ");
}
s.Append(WhereParameters[WhereParameters.Length].ColumnName + "=" + WhereParameters[WhereParameters.Length].ParameterName);
}
return s.ToString();
}
}
public class Parameter
{
public string ColumnName;
public string ParameterName;
public SqlDbType DbType;
public ParameterDirection Direction;
public int Size;
public object Value;
/// <summary>
/// 输入参数
/// </summary>
/// <param name="columnName"></param>
/// <param name="parameterName"></param>
/// <param name="dbType"></param>
/// <param name="size"></param>
/// <param name="value"></param>
public Parameter(string columnName, string parameterName, SqlDbType dbType, int size, object value)
{
Direction = ParameterDirection.Input;
ColumnName = columnName;
ParameterName = parameterName;
DbType = dbType;
Size = size;
Value = value;
}
}
}
浙公网安备 33010602011771号