報表衆多的系統,“多個可選條件拼接”就會大量存在。因爲程序員需要根據條件錄入框的的值是否存在來決定是否拼接這個對應條件。有點抽象,還是看代碼。
string sql =
@"select n.vchcode,n.summary,n.Comment,e.fullname efullname
from dlyndx n left join employee e on n.etypeid = e.id
where n.draft=0 ";
if (queryParams.vchCode != "")
{
sql += " and n.number like @number";
dbHelper.AddParameter("@number", AppUtils.GetLikeStr(queryParams.vchCode));
}
if (queryParams.comment != "")
{
sql += " and n.comment like @comment";
dbHelper.AddParameter("@comment", AppUtils.GetLikeStr(queryParams.comment));
}
這個sql的最大問題是,sql的條件部分和sql主題不在一起,並且需要根據外部條件(這裏是單據號,備註等查詢字段是否有值)來決定是否拼接sql。改進的方法當然是把sql都放在一塊代碼內,參數都放到以外一塊內代碼內。
看看新的代碼:
string sql = @"
select n.vchcode,n.summary,n.Comment,e.fullname efullname
from dlyndx n left join employee e on n.etypeid = e.id
where n.draft=0
and (@enableNumber and n.number like @number)
and (@enableComment and and n.comment like @comment)
";
dbHelper.AddParameter("@enableNumber", queryParams.vchCode != "");
dbHelper.AddParameter("@number", AppUtils.GetLikeStr(queryParams.vchCode));
dbHelper.AddParameter("@enableComment",queryParams.comment != "");
dbHelper.AddParameter("@comment", AppUtils.GetLikeStr(queryParams.comment));
代碼混合是問題的溫牀,這段代碼做到了sql和參數的分離,sql和代碼不會膠合在一起。容易閱讀。