c#搜索功能查询

c#搜索功能查询

本文介绍了c#搜索功能查询/代码的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在开发Windows应用程式。

I am developing Windows application.

我正在执行搜寻功能。

5个过滤器[搜索类别]。

I have 5 filters [Search categories].

Partycode,branchId,Symbol,BuySell,TerminalId。

Partycode , branchId , Symbol ,BuySell , TerminalId.

如果所有文本框

如果Partycode已填写,则只显示特定参与方代码的数据。

If Partycode is filled then it should show data for particular party code only.

如果party代码和branchId文本框填充,那么它应该给出具有特定终端Id的参数的数据。
...并且所有排列和组合的条件继续。

If party code and branchId text boxes are filled then it should give data for particode with particular terminal Id....And Conditions goes on for all permutations and combinations.

我写了不同的if else语句。这些变成了许多If-Else语句。

I am writting different if else statement. These are becoming many If-Else statement.

有没有特定的方法来写这种情况的查询?或者有.NET提供的任何功能来处理它吗?

Is there particular way to write query for this situation? Or is there any functionality .NET provides to deal with it?

或者我正在朝着正确的方向[有很多If-Else语句]?

Or i am going in the right direction[With lots of If-Else statements]?

我有尝试>>

 private void btnRefresh_Click_1(object sender, EventArgs e)
        {
            string SQL = "";
            if ((txtSearchPartyCode.Text == "") && (txtSearchBranchId.Text == "") && (txtSearchSymbol.Text == "") && (txtSearchTerminalId.Text == "")&&(cmbBuySell.Text==""))
            {

                SQL = "select Party_Code,TradeNo,Scrip_Code,Inst_Type,Expirydate,Strike_price,Option_type,TerminalId,Branch_Id,Buy_Sell,Trade_Qty,Market_Rate,Sauda_Date,OrderNo from tradeFile";

            }
            else
                if ((txtSearchPartyCode.Text != "") && (txtSearchBranchId.Text == "") && (txtSearchSymbol.Text == "") && (txtSearchTerminalId.Text == "")&&(cmbBuySell.Text==""))
                {

                        SQL="select Party_Code,TradeNo,Scrip_Code,Inst_Type,Expirydate,Strike_price,Option_type,TerminalId,Branch_Id,Buy_Sell,Trade_Qty,Market_Rate,Sauda_Date,OrderNo from tradeFile where Party_Code='"+txtSearchPartyCode.Text+"'";

                }
                else
                    if ((txtSearchPartyCode.Text == "") && (txtSearchBranchId.Text != "") && (txtSearchSymbol.Text == "") && (txtSearchTerminalId.Text == "")&&(cmbBuySell.Text==""))
                    {
                        SQL="select Party_Code,TradeNo,Scrip_Code,Inst_Type,Expirydate,Strike_price,Option_type,TerminalId,Branch_Id,Buy_Sell,Trade_Qty,Market_Rate,Sauda_Date,OrderNo from tradeFile where Branch_Id='"+txtSearchBranchId.Text+"'";
                    }
            else
                        if ((txtSearchPartyCode.Text == "") && (txtSearchBranchId.Text == "") && (txtSearchSymbol.Text != "") && (txtSearchTerminalId.Text == "")&&(cmbBuySell.Text==""))
                        {
                            SQL="select Party_Code,TradeNo,Scrip_Code,Inst_Type,Expirydate,Strike_price,Option_type,TerminalId,Branch_Id,Buy_Sell,Trade_Qty,Market_Rate,Sauda_Date,OrderNo from tradeFile where Scrip_Code='"+txtSearchSymbol.Text+"'";
                        }
            else
                        if ((txtSearchPartyCode.Text == "") && (txtSearchBranchId.Text == "") && (txtSearchSymbol.Text == "") && (txtSearchTerminalId.Text != "")&&(cmbBuySell.Text==""))
                        {
                            SQL="select Party_Code,TradeNo,Scrip_Code,Inst_Type,Expirydate,Strike_price,Option_type,TerminalId,Branch_Id,Buy_Sell,Trade_Qty,Market_Rate,Sauda_Date,OrderNo from tradeFile where TerminalId='"+txtSearchTerminalId.Text+"'";
                        }
            else
                            if((txtSearchPartyCode.Text == "") && (txtSearchBranchId.Text == "") && (txtSearchSymbol.Text == "") && (txtSearchTerminalId.Text == "")&&(cmbBuySell.Text!=""))
                            {
                                float buy_Sell=0;
                                if(cmbBuySell.Text=="Buy")
                                    buy_Sell=1;
                                else
                                    if(cmbBuySell.Text=="Sell")
                                        buy_Sell=2;
                                SQL="select Party_Code,TradeNo,Scrip_Code,Inst_Type,Expirydate,Strike_price,Option_type,TerminalId,Branch_Id,Buy_Sell,Trade_Qty,Market_Rate,Sauda_Date,OrderNo from tradeFile where Buy_Sell='"+buy_Sell+"'";
                            }

                   try
                   {
                    da = new SqlDataAdapter(SQL, con);
                    DataSet ds = new DataSet();
                    da.Fill(ds);
                    gvTradeFile.DataSource = ds.Tables[0];
                   }
                   catch(Exception ex)
                   {
                       MessageBox.Show(ex.Message);
                   }
        }

请把我拉出来。

推荐答案

首先,直接回答您的问题:

First, a direct answer to your question:

private void btnRefresh_Click_1(object sender, EventArgs e)
{
    var sb = new StringBuilder("select Party_Code,TradeNo,Scrip_Code,Inst_Type,Expirydate,Strike_price,Option_type,TerminalId,Branch_Id,Buy_Sell,Trade_Qty,Market_Rate,Sauda_Date,OrderNo from tradeFile");
    if (!string.IsNullOrEmpty(txtSearchPartyCode.Text))
        sb.AppendFormat(" where Party_Code='{0}'", txtSearchPartyCode.Text);
    if (!string.IsNullOrEmpty(txtSearchBranchId.Text))
        sb.AppendFormat(" where Branch_Id='{0}'", txtSearchBrandId.Text);
    // ...and so on...
    sb.Append(";");
    try
    {
        da = new SqlDataAdapter(sb.ToString(), con);
        DataSet ds = new DataSet();
        da.Fill(ds);
        gvTradeFile.DataSource = ds.Tables[0];
    }
    catch(Exception ex)
    {
       MessageBox.Show(ex.Message);
    }
}

更改您的代码,有点容易。

Change your code to something like this and your life might be a little easier.

其次,一些建议。你的代码使你很明显你是一个新手,也许值得你花一些时间阅读更好的方式使用数据库。有数据库包装器等,你可以使用,它可能不是最好的想法,直接像这样查询数据库。您还需要清理您的用户输入,您的代码容易遭受SQL注入(一个好的数据库包装器将为您执行此操作)。

Secondly, some advice. Your code makes it apparent that you're a novice, and it might be worth your while to invest some time in reading about better ways to work with databases. There are database wrappers and such you can work with, and it's probably not the best idea to be querying the database directly like this. You also need to sanitize your user input, your code is vulnerable to SQL injection (a good database wrapper will do this for you).

这篇关于c#搜索功能查询/代码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-25 19:32