多条件查询--使用dapper命令参数动态拼接出最安全的sql语句
publicList<MSys_Admin>GetAdminList(MSys_Admin model)
{
string sqlText ="select count(1) from Sys_Admin where 1=1";
var p =newDynamicParameters();
if(!string.IsNullOrEmpty(model.LoginName))
{
sqlText +=" and LoginName like @LoginName";
p.Add("LoginName", model.LoginName+"%");
}
if(!string.IsNullOrEmpty(model.Name))
{
sqlText +=" and Name like @Name";
p.Add("Name","%"+ model.Name+"%");
}
using(var conn =Common.GetConn())
{
conn.Open();
var r = conn.Query<MSys_Admin>(sqlText, p);
conn.Close();
return r.ToList();
}
}
搜索 :abp dapper 拼接
标签:LoginName,Name,拼接,sqlText,sql,model,dapper,conn From: https://www.cnblogs.com/wl-blog/p/17400807.html