Is it possible to use query parameters to fill the IN keyword(是否可以使用查询参数填充IN关键字)
问题描述
Imagine a table with GUIDs as primary key. I would like to select a few of these rows based on their primary key. I would like to use a query like:
SELECT * FROM mytable WHERE id IN ('firstguidhere','secondguidhere');
I am using ADO.NET to query the database, so I would like to use a parametrized query instead of dynamic sql, which would obviously work, but I want to retain the benefits of parametrized queries (security, escaping, etc...).
Is it possible to fill the collection for the IN-clause using sql-parameters?
You could pass the list of GUIDs as a comma-separated string parameter and use a table-valued UDF to split them into a table to use in your IN clause:
SELECT *
FROM my_table
WHERE id IN (SELECT id FROM dbo.SplitCSVToTable(@MyCSVParam))
Erland Sommarskog has an interesting article with examples of how to split comma-separated strings into tables using a UDF.
(For performance reasons, you should ensure that your UDF is inline table-valued, rather than multi-statement.)
这篇关于是否可以使用查询参数填充IN关键字的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:是否可以使用查询参数填充IN关键字
- Azure Active Directory 与 MVC,客户端和资源标识同一 2022-01-01
- C# 通过连接字符串检索正确的 DbConnection 对象 2022-01-01
- 使用 rss + c# 2022-01-01
- 带问号的 nvarchar 列结果 2022-01-01
- 是否可以在 .Net 3.5 中进行通用控件? 2022-01-01
- 在 C# 中异步处理项目队列 2022-01-01
- CanBeNull和ReSharper-将其用于异步任务? 2022-01-01
- 为什么 C# 中的堆栈大小正好是 1 MB? 2022-01-01
- 在 LINQ to SQL 中使用 contains() 2022-01-01
- Windows 喜欢在 LINUX 中使用 MONO 进行服务开发? 2022-01-01
