Dapper字符串类型参数传递(sql-like运算符)
请查看官网代码示例:
https://www.w3cschool.cn/dapperorm/dapperorm-vdxn31fj.html
1 var sql = "SELECT * FROM Invoice WHERE Code = @Code;"; 2 using (var connection = My.ConnectionFactory()) 3 { 4 connection.Open(); 5 var invoices = connection.Query<Invoice>(sql, new {Code = new DbString {Value = "Invoice_1", IsFixedLength = false, Length = 9, IsAnsi = true}}).ToList(); 6 My.Result.Show(invoices); 7 }
sql语句当中的Code参数是进行精确查找的,所以Dapper Query方法当中为@Code参数使用DbString(Dapper.DbString类型)来封装,如果sql语句如下,在sql语句中使用like运算符进行表字段关键词的模糊匹配
var sql = "SELECT * FROM Invoice WHERE Code like @Code";
则Dapper Query方法映射sql-like运算操作的查询参数时(不使用sql语句拼接的方式,防止sql注入),则示例代码如下所示:
string value = $"%{code}%" var sql = "SELECT * FROM Invoice WHERE Code = @Code;"; using (var connection = My.ConnectionFactory()) { connection.Open(); var invoices = connection.Query<Invoice>(sql, new { Code = new DbString { Value = value, IsFixedLength = false, Length = value.Length, IsAnsi = true } }).ToList(); My.Result.Show(invoices); }
声明一个变量value,用于存放sql-like '%key%'匹配字符串的占位符即可
海到尽头天作岸,山登绝顶我为峰。来自一个对技术充满热忱的IT小渣的美好愿望!
浙公网安备 33010602011771号