#region 多条件搜索时,使用List集合来拼接条件(拼接Sql)
StringBuilder sql = new StringBuilder("select * from PhoneNum"); List wheres = new List(); if (cboGroup.SelectedIndex != 0) { wheres.Add(" ptypeid=" + cboGroup.Text.Split('|')[0]); }
if (txtSearchName.Text.Trim().Length > 0) { wheres.Add(" pname like '%" + txtSearchName.Text.Trim() + "%'"); }
if (txtSearchCellPhone.Text.Trim().Length > 0) { wheres.Add(" pcellphone like '%" + txtSearchCellPhone.Text.Trim() + "%'"); } //判断用户是否选择了条件 if (wheres.Count > 0) { string wh = string.Join(" and ", wheres.ToArray()); sql.Append(" where " + wh); } #endregion
#region 多条件搜索使用带参数的sql语句
StringBuilder sql = new StringBuilder("select * from PhoneNum"); List wheres = new List(); List listParameter = new List();
if (cboGroup.SelectedIndex != 0) { wheres.Add(" ptypeid=@typeid "); listParameter.Add(new SqlParameter("@typeid", cboGroup.Text.Split('|')[0])); }
if (txtSearchName.Text.Trim().Length > 0) { wheres.Add(" pname like @pname "); //pname like '%乔%' //pname liek '%'+@pname+'%' listParameter.Add(new SqlParameter("@pname", "%" + txtSearchName.Text.Trim() + "%")); }
if (txtSearchCellPhone.Text.Trim().Length > 0) { wheres.Add(" pcellphone like @cellphone "); listParameter.Add(new SqlParameter("@cellphone", "%" + txtSearchCellPhone.Text.Trim() + "%")); }
//判断用户是否选择了条件 if (wheres.Count > 0) { string wh = string.Join(" and ", wheres.ToArray()); sql.Append(" where " + wh); }
SqlHelper.ExecuteDataTable(sql.ToString(), listParameter.ToArray()); #endregion
注意:
1.如果参数化,底层用dapper,则直接将参数写入,然后不用管if,最后把所有可能的参数都写成匿名对象,直接传过去,就可以了。
2.如果是 sqlparameters 这样的话,参照上边 第2个例子
