将 SQL 存储在变量中的最佳方式
目前,我将查询放入这样的变量中。
query = @" select top 1
u.UserID
from
dbo.Users u
where
u.SystemUser = 1
and u.Status = @Status";
这样做的问题是,当转到新行时,缩进会丢失,我必须自己添加它。
有谁知道更好的方法吗?我知道存储过程是一种可能性(消除这个缩进问题),但我不确定它们是否一定更适合纯数据检索。
Currently I put my query in a variable like this.
query = @" select top 1
u.UserID
from
dbo.Users u
where
u.SystemUser = 1
and u.Status = @Status";
The problem with this is that indentation is lost when going to a new line and I have to add it myself.
Does anyone know of a better way? I know stored procedures are a possibility (eliminating this indentation problem), but I'm not sure if they are necessarily better for pure data retrieval.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
忽略那些讨厌 TSQL 的人;了解一些 TSQL 本身并没有什么问题!不管怎样,我会通过(如果我保留你的格式,这不是我的规范 - 但是......嗯)来解决这个问题;
通过将 TSQL 保持在左侧,任何缩进等都可以在 IDE 中更轻松地完成,但它也使您的 TSQL 更短,并且在查看跟踪时更容易调试,因为它不是奇怪的 30 个字符在
select之前以换行符开头也有助于保持整洁。就我个人而言,我还发现代码缩进和 TSQL 缩进之间的不相交有助于找到 TSQL - 而且 TSQL 对我来说非常重要,所以这是一件好事。强调我们刚刚改变了“世界”(因为缺乏更好的术语)也没有什么害处。
Ignore the TSQL haters; there's nothing inherently wrong with knowing some TSQL! Anyway, I would approach this by (if I keep your formatting, which isn't my norm - but... meh);
By keeping your TSQL over to the left, any indentation etc is easier to do in the IDE, but it also makes your TSQL shorter, and is easier to debug when looking at a trace, as it isn't bizarrely 30-something characters in. Starting with a newline before the
selectalso helps keep things tidy.Personally, I also find the disjoint between the code indent and the TSQL indent helps find TSQL - and TSQL is pretty important to me, so this is a good thing. And emphasising that we've just switched "world" (for want of a better term) is not harmful, either.
您至少应该考虑使用 LINQ。它确实有一个学习曲线,但它会给您带来由编译器检查查询语法的优势。
您没有说明这是否是一个 Web 应用程序,但如果您从用户输入(例如从 Web url 或从浏览器发布的数据)获取查询的任何输入,则在发送到之前将用户输入嵌入到字符串中与执行查询的其他方法相比,查询引擎还面临更大的 SQL 注入攻击风险。
使用实体框架是另一种很好的方法。我最近使用了Code First方法,它非常优雅。最后,存储过程也是一个好方法。
You should at least consider using LINQ. It does have a learning curve, but it will give you the advantage of the query syntax being checked by the compiler.
You do not say whether this is a web-application or not, but if you are getting any input to your query from user input (say from a web url or posted data from a browser), embedding user input in a string before sending to the query engine also risks SQL injection attack more than other methods of executing a query.
Using Entity Framework is another excellent approach. I have used the Code First method recently and it is very elegant. Finally a stored procedure is a good method too.
首先,只有当人们能够看到 SQL 的格式时,它的格式才重要。
如果您确实想要保留缩进,可以将字符串放入资源中(在资源编辑器中使用 SHIFT+ENTER 插入新行)。感谢 Visual Studio 的魔力,访问资源变得很容易 (Properties.Resources.*)。
如果您使用 WPF,您还可以使用 XAML 资源。
First off, the formatting of your SQL is important only if human beings are going to see it.
If you really want to preserve the indentation, you could put the string in a resource (use SHIFT+ENTER in resource editor to insert new lines). Thanks to Visual Studio magic, accessing resources is easy (Properties.Resources.*).
If you are using WPF, you could also play with XAML resources.
您始终可以这样做:
至少这样,您的 IDE 会缩进字符串,而不是 SQL。如果你这样做,你必须小心地在每行添加一个前导空格。
更好的选择是使用 LINQ:
You could always do this:
At least that way, your IDE will indent the string, and just not the SQL. If you go this way, you have to be careful to add a leading space to each line.
A better bet would be to go with LINQ:
或者您可以使用不同的方式来获取
纯数据您可以使用
存储过程LINQ 2 SQL
实体框架
ADO.NET
硬编码 SQL 语法并不是最佳实践。
or you can use different ways to get your
pure datayou may use
stored proceduesLINQ 2 SQL
Entity Framework
ADO.NET
hardcoded sql syntax is not that best practice.