报表众多的系统,“多个可选条件拼接”就会大量存在。因为程序员需要根据条件录入框的的值是否存在来决定是否拼接这个对应条件。有点抽象,还是看代码。
string sql =
@"select n.vchcode,n.summary,n.Comment,e.fullname efullname
from dlyndx n left join employee e on n.etypeid = e.id
where n.draft=0 ";
if (queryParams.vchCode != "")
{
sql += " and n.number like @number";
dbHelper.AddParameter("@number", AppUtils.GetLikeStr(queryParams.vchCode));
}
if (queryParams.comment != "")
{
sql += " and n.comment like @comment";
dbHelper.AddParameter("@comment", AppUtils.GetLikeStr(queryParams.comment));
}
这个sql的最大问题是,sql的条件部分和sql主题不在一起,并且需要根据外部条件(这里是单据号,备注等查询字段是否有值)来决定是否拼接sql。改进的方法当然是把sql都放在一块代码内,参数都放到以外一块内代码内。
看看新的代码:
string sql = @"
select n.vchcode,n.summary,n.Comment,e.fullname efullname
from dlyndx n left join employee e on n.etypeid = e.id
where n.draft=0
and (@enableNumber and n.number like @number)
and (@enableComment and and n.comment like @comment)
";
dbHelper.AddParameter("@enableNumber", queryParams.vchCode != "");
dbHelper.AddParameter("@number", AppUtils.GetLikeStr(queryParams.vchCode));
dbHelper.AddParameter("@enableComment",queryParams.comment != "");
dbHelper.AddParameter("@comment", AppUtils.GetLikeStr(queryParams.comment));
代码混合是问题的温床,这段代码做到了sql和参数的分离,sql和代码不会胶合在一起。容易阅读。