SOQL 中可以连接字符串吗?
我读过 2005 年的帖子,人们说 SOQL 不支持字符串连接。
虽然想知道它是否受支持并且有人已经这样做了。
我正在尝试连接,但没有运气:(
下面是 APEX 代码试图查找具有指定电子邮件的记录。
String myEmail = '[email protected]';
String foo = 'SELECT emailTo__c, source__c FROM EmailLog__c
WHERE source__c = \'' +
myEmail + '\';
Database.query(foo)
即使该记录确实在数据库中,它也不会查询任何内容。调试显示 “row(0)”表示返回空。
我是否以错误的方式连接?
更新
我刚刚找到了一种不必添加单引号的方法。即使对于具有查询的字符串,也只需要应用相同的冒号变量。
String foo = DateTime.newInstance(......);
String bar = 'SELECT id FROM SomeObject__c WHERE createdOn__c = :foo';
List<SomeObject__c> result = Database.query(bar);
System.debug(result);
如果 WHERE 子句包含 DateTime,这也有效并且是必要的,因为 DateTime 不能用单引号引起来。
I've read thread from 2005 and people said SOQL does not support string concatenation.
Though wondering if it is supported and someone has done this.
I'm trying to concat but no luck :(
Below is APEX code trying to find record with specified email.
String myEmail = '[email protected]';
String foo = 'SELECT emailTo__c, source__c FROM EmailLog__c
WHERE source__c = \'' +
myEmail + '\';
Database.query(foo)
Even though the record is indeed in the database, it does not query anything. Debug shows
"row(0)" which means empty is returned.
Am I doing concat wrong way?
UPDATE
I just found a way not have to add single quote. Just needed to apply same colon variable even for String that has query.
String foo = DateTime.newInstance(......);
String bar = 'SELECT id FROM SomeObject__c WHERE createdOn__c = :foo';
List<SomeObject__c> result = Database.query(bar);
System.debug(result);
This works too and is necessary if WHERE clause contains DateTime since DateTime cannot be surrounded with single quotes.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
为什么使用Database.query()?如果您在括号中使用普通查询,事情会变得更简单、更快
[SELECT emailTo__c, source__c FROM EmailLog__c WHERE source__c = :myEmail]更不用说参数绑定而不是字符串连接意味着不需要担心 SQL 注入等。请考虑习惯括号中的这些查询,它们一开始看起来很奇怪,但会多次拯救你的屁股(输入错误的字段名称等)。
至于实际的连接 - 它的工作原理就像你所描述的那样,我只是不确定是否需要转义撇号。绑定变量是最安全的方法。
http://www.salesforce.com/us/developer/docs /apexcode/Content/apex_dynamic_soql.htm
http://www.salesforce.com/us/developer/docs/api/index_Left.htm#CSHID=sforce_api_calls_soql.htm|StartTopic=Content%2Fsforce_api_calls_soql.htm|SkinName=webhelp
Why do you use Database.query()? Stuff will be much simpler and faster if you'll use normal queries in brackets
[SELECT emailTo__c, source__c FROM EmailLog__c WHERE source__c = :myEmail]Not to mention that parameter binding instead of string concatenation means no need to worry about SQL injections etc.. Please consider getting used to these queries in brackets, they look weird in beginnign but will save your butt many times (mistyped field names etc).
As for actual concatenation - it works like you described it, I'm just unsure about the need to escape apostrophes. Binding the variables is safest way to go.
http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_dynamic_soql.htm
http://www.salesforce.com/us/developer/docs/api/index_Left.htm#CSHID=sforce_api_calls_soql.htm|StartTopic=Content%2Fsforce_api_calls_soql.htm|SkinName=webhelp