我的 WCF Web 服务中有以下代码片段,它根据所提供字典的值的格式构建一组 where 条件。
public static Dictionary<string, string>[] VehicleSearch(Dictionary<string, string> searchParams, int maxResults)
{
string condition = "";
foreach (string key in searchParams.Keys)
{
//Split out the conditional in case multiple options have been set (i.e. SUB;OLDS;TOY)
string[] parameters = searchParams[key].Split(';');
if (parameters.Length == 1)
{
//If a single condition (no choice list) check for wildcards and use a LIKE if necessary
string predicate = parameters[0].Contains('%') ? " AND {0} LIKE @{0}" : " AND {0} = @{0}";
condition += String.Format(predicate, key);
}
else
{
//If a choice list, split out query into an IN condition
condition += string.Format(" AND {0} IN({1})", key, string.Join(", ", parameters));
}
}
SqlCommand cmd = new SqlCommand(String.Format(VEHICLE_QUERY, maxResults, condition));
foreach (string key in searchParams.Keys)
cmd.Parameters.AddWithValue("@" + key, searchParams[key]);
cmd.Prepare();
请注意,字典中的值被显式设置为字符串,并且它们是唯一被发送到AddWithValue语句中的项目。这会产生如下 SQL:
SELECT TOP 200 MVINumber AS MVINumber
, LicensePlateNumber
, VIN
, VehicleYear
, MakeG
, ModelG
, Color
, Color2
FROM [Vehicle_Description_v]
WHERE 1=1 AND VIN LIKE @VIN
并且错误地说
System.InvalidOperationException:SqlCommand.Prepare 方法要求所有参数都具有明确设置的类型。
我所做的所有搜索都表明我需要告诉AddWithValue我正在准备的值的类型,但是我所有准备的值都是字符串,而且我看到的所有示例在处理字符串时都没有执行任何额外的操作. 我错过了什么?