動態凡在LINQ MVC

我想在MVC項目篩選與兩個下拉模型動態凡在LINQ MVC

var model = (from x in db.TABLE.... 
      join y in db.TABLE...).Where(where)...

我的邏輯是

  String where = string.Empty; 

      if (search.anno != null) 
       where = " ANNO = " + search.anno ; 

      if (search.Cliente != null) 
      { 
       if (!string.IsNullOrEmpty(where)) 
       { 
        where += " And CODICE_CLIENTE = '" + search.Cliente + "'";     } 
       else 
       { 
        where = " CODICE_CLIENTE = '" + search.Cliente + "'"; 
       } 
      }

我得到一個錯誤：System.Linq.Dynamic。 ParseException：字符文字必須只包含一個字符

我在那裏+ =「和CODICE_CLIENTE ='」+ search.Cliente +「'」;

我看到的Apex在到底是「」

如何解決

來源

2017-04-07 jon

你得到，如果錯誤search.anno不爲null？ –

是的！我看到在調試ANNO = 2015和CODICE_CLIENTE ='00106'「，我得到那個錯誤 – jon

如果只有Anno過濾控制器工作...但客戶過濾器不起作用 – jon

-1

您需要使用的表達雙等於和雙引號的字符串字符串，其中=的String.Empty;

  if (search.anno != null) 
       where = " ANNO == " + search.anno ; 

      if (search.Cliente != null) 
      { 
       if (!string.IsNullOrEmpty(where)) 
       { 
        where += " And CODICE_CLIENTE == \"" + search.Cliente + "\"";     } 
       else 
       { 
        where = " CODICE_CLIENTE == \"" + search.Cliente + "\""; 
       } 
      }

注意，這是容易受到SQL注入，應該避免，你應該使用的參數，像這樣：

var model = (from x in db.TABLE.... join y in db.TABLE...).Where(whereString, params)...

來源

2017-04-07 14:58:47

允許[SQL注入攻擊]（https://en.wikipedia.org/wiki/SQL_injection）的答案我不贊成。 –

對！像SQL一樣！你能告訴我怎麼用上面的例子嗎？ – jon

這個例子翻譯成LINQ的，而不允許Sql Injection Attacks

 String where = string.Empty; 

     if (search.anno != null) 
      where = " ANNO = " + search.anno ; 

     if (search.Cliente != null) 
     { 
      if (!string.IsNullOrEmpty(where)) 
      { 
       where += " And CODICE_CLIENTE = '" + search.Cliente + "'";     } 
      else 
      { 
       where = " CODICE_CLIENTE = '" + search.Cliente + "'"; 
      } 
     }

會是什麼樣子：

IQueryable<x> query = (from x in db.TABLE.... 
    join y in db.TABLE...); 


if (search.anno != null) 
{ 
    query = query.Where(x => x.ANNO == search.anno); 
} 

if (search.Cliente != null) 
{ 
    query = query.WHere(x => x.CODICE_CLIENTE == search.Cliente); 
} 

var model = query.ToList(); // or await query.ToListAsync();

來源

2017-04-07 15:17:03

好吧我知道這種邏輯！但是我嘗試使用動態linq來改善它http://stackoverflow.com/questions/43201615/improve-pivot -linq-to-entities – jon

此時選擇新的 ANNO = ordine.Anno， LINEA = linea， MESE = ordine.Datord.Value.Month， CODICE_CLIENTE = ordine.Codcli， IMPORTO = rigaOrdine.Import }）其中，（其中） – jon

無人應答，所以我試圖與動態LINQ：過濾所述的IQueryable目標i提高約60％的時間執行 – jon

我解決，使...
字符串，其中=的String.Empty; object [] parameters = null;

if (search.anno != null) 
     where = " ANNO = @0 "; 
     parameters = new object[] { search.anno }; 

    if (search.Cliente != null) 
    { 
     if (!string.IsNullOrEmpty(where)) 
     { 
      where += " && CODICE_CLIENTE = @1"; 
      parameters = new object[] { search.anno, search.Cliente }; 
     } 
     else 
     { 
      where = " CODICE_CLIENTE = @0"; 
      parameters = new object[] { search.Cliente }; 
     } 
    } 

    if (search.linea != null) 
    { 
     if (!string.IsNullOrEmpty(where)) 
     { 
      where += " && LINEA.Contains(@2) "; 
      parameters = new object[] { search.anno, search.Cliente, search.linea }; 
     } 
     else 
     { 
      where = " LINEA.Contains(@0) "; 
      parameters = new object[] { search.linea }; 
     } 
    }

但問題是LINEA屬性（anonimous型）：它是字符串，我不能再次使用包含（@p）坦克全部重播，並幫助您提供

來源

2017-04-09 15:14:08 jon

動態凡在LINQ MVC

回答

相關問題