0

我想知道这是否可能,而且肯定是。我想基本上根据用户输入有条件地创建一个动态 SQL 语句(对于这个例子,我们将使用 3 个文本框输入):

var firstname = document.getElementById('firstname').value
var middle = document.getElementById('middle').value
var lastname = document.getElementById('lastname').value
var SQL

(如果所有 3 个字段都已填写...)

SQL = "SELECT * FROM TABLE WHERE [Firstname] = '" + firstname + "' AND [Middle] = '" + middle + "' AND [Lastname] = '" + lastname + "'"

(如果填写了 3 个字段中的 2 个...)

SQL = "SELECT * FROM TABLE WHERE [Firstname] = '" + firstname + "' AND [Lastname] = '" + lastname + "'"

有没有更好的方法来做到这一点?更短的东西?还是我必须评估每个字段中的文本然后定义 SQL?

只是想知道,但问永远不会伤害。

周杰伦

4

3 回答 3

0

像这样的东西应该工作......

SQL = "SELECT * FROM TABLE WHERE 

  1 =
  (
  case
     when LEN('" + firstname + "') > 0  and LEN('" + lastname + "') > 0 and LEN('" + middle + "') > 0 then ([Firstname] = '" + firstname + "' AND [Lastname] = '" + lastname + "' AND [Middle] = '" + middle + "')
     when LEN('" + firstname + "') = 0  and LEN('" + lastname + "') > 0 and LEN('" + middle + "') > 0 then ([Lastname] = '" + lastname + "' AND [Middle] = '" + middle + "')
     ...
  end
  )

或更好:

SQL = "SELECT * FROM TABLE WHERE 
(
  (LEN('" + firstname + "') > 0 AND [FirstName] = '" + firstname + "') 
 OR 
   LEN('" + firstname + "') = 0
) 
AND (same for secondName) 
AND (same for middle)"
于 2012-11-01T15:36:41.537 回答
0

如果您能够将值作为参数传递到查询中,那么

SQL = " SELECT * 
    FROM TABLE 
    WHERE (@firstName is null OR [FirstName] = @firstName) 
      AND (@middle is null OR [Middle] = @middle)
          AND (@lastName is null OR [Lastname] = @lastName"

这也将阻止查询缓存被垃圾邮件发送,因为您只会在缓存中存储 1 个查询计划。

于 2012-11-01T15:40:18.930 回答
0

请永远不要这样做。 参数化查询是您的朋友。

于 2012-11-01T15:45:09.703 回答