HuaYiZhongHeng/BaiBuSanLouNew.git

huangxiaoqiang

8 天以前 12b786bdece4bde3716279ff386b58d776090bdb

优化 ServiceBase.cs 中的查询条件构建

在 `ServiceBase.cs` 文件中，修改了 `where` 字符串的构建逻辑，主要包括：
- 使用方括号包裹字段名以增强 SQL 查询的安全性。
- 增加对 `LinqExpressionType.ThanOrEqual` 和 `LinqExpressionType.LessThanOrEqual` 的支持，允许更复杂的查询条件。
- 添加空字符串检查，确保条件添加时不会出现语法错误。
这些更改提升了查询条件的灵活性和安全性。

已修改2个文件

	CodeManagement/WCS/WIDESEAWCS_Server/WIDESEAWCS_Core/BaseServices/ServiceBase.cs	27 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	CodeManagement/WMS/WIDESEA_WMSServer/WIDESEA_Core/BaseServices/ServiceBase.cs	27 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 CodeManagement/WCS/WIDESEAWCS_Server/WIDESEAWCS_Core/BaseServices/ServiceBase.cs

@@ -176,7 +176,7 @@
                        }
                        else
                        {
                            where += $"{searchParametersList[i].Name} like '%{searchParametersList[i].Value}%'";
                            where += $"[{searchParametersList[i].Name}] like '%{searchParametersList[i].Value}%'";
                        }
                    }
                    else
@@ -188,16 +188,33 @@
                        }
                        else
                        {
                            where += $" and {searchParametersList[i].Name} like '%{searchParametersList[i].Value}%'";
                            where += $" and [{searchParametersList[i].Name}] like '%{searchParametersList[i].Value}%'";
                        }
                    }
                }
                else
                {
                    if (string.IsNullOrEmpty(where))
                        where += $"{searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
                    if (searchParametersList[i].DisplayType.GetLinqCondition() == LinqExpressionType.ThanOrEqual)
                    {
                        if (string.IsNullOrEmpty(where))
                            where += $"{searchParametersList[i].Name} >= '{searchParametersList[i].Value}'";
                        else
                            where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType.GetLinqCondition()} '{searchParametersList[i].Value}'";
                    }
                    else if (searchParametersList[i].DisplayType.GetLinqCondition() == LinqExpressionType.LessThanOrEqual)
                    {
                        if (string.IsNullOrEmpty(where))
                            where += $"{searchParametersList[i].Name} <= '{searchParametersList[i].Value}'";
                        else
                            where += $" and {searchParametersList[i].Name} <= '{searchParametersList[i].Value}'";
                    }
                    else
                        where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
                    {
                        if (string.IsNullOrEmpty(where))
                            where += $"{searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
                        else
                            where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
                    }
                }
            }
            return where;

 CodeManagement/WMS/WIDESEA_WMSServer/WIDESEA_Core/BaseServices/ServiceBase.cs

@@ -139,7 +139,7 @@
                        }
                        else
                        {
                            where += $"{searchParametersList[i].Name} like '%{searchParametersList[i].Value}%'";
                            where += $"[{searchParametersList[i].Name}] like '%{searchParametersList[i].Value}%'";
                        }
                    }
                    else
@@ -151,16 +151,33 @@
                        }
                        else
                        {
                            where += $" and {searchParametersList[i].Name} like '%{searchParametersList[i].Value}%'";
                            where += $" and [{searchParametersList[i].Name}] like '%{searchParametersList[i].Value}%'";
                        }
                    }
                }
                else
                {
                    if (string.IsNullOrEmpty(where))
                        where += $"{searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
                    if (searchParametersList[i].DisplayType.GetLinqCondition() == LinqExpressionType.ThanOrEqual)
                    {
                        if (string.IsNullOrEmpty(where))
                            where += $"{searchParametersList[i].Name} >= '{searchParametersList[i].Value}'";
                        else
                            where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType.GetLinqCondition()} '{searchParametersList[i].Value}'";
                    }
                    else if (searchParametersList[i].DisplayType.GetLinqCondition() == LinqExpressionType.LessThanOrEqual)
                    {
                        if (string.IsNullOrEmpty(where))
                            where += $"{searchParametersList[i].Name} <= '{searchParametersList[i].Value}'";
                        else
                            where += $" and {searchParametersList[i].Name} <= '{searchParametersList[i].Value}'";
                    }
                    else
                        where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
                    {
                        if (string.IsNullOrEmpty(where))
                            where += $"{searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
                        else
                            where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
                    }
                }
            }
            return where;

			@@ -176,7 +176,7 @@
			}
			else
			{
			where += $"{searchParametersList[i].Name} like '%{searchParametersList[i].Value}%'";
			where += $"[{searchParametersList[i].Name}] like '%{searchParametersList[i].Value}%'";
			}
			}
			else
			@@ -188,16 +188,33 @@
			}
			else
			{
			where += $" and {searchParametersList[i].Name} like '%{searchParametersList[i].Value}%'";
			where += $" and [{searchParametersList[i].Name}] like '%{searchParametersList[i].Value}%'";
			}
			}
			}
			else
			{
			if (string.IsNullOrEmpty(where))
			where += $"{searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
			if (searchParametersList[i].DisplayType.GetLinqCondition() == LinqExpressionType.ThanOrEqual)
			{
			if (string.IsNullOrEmpty(where))
			where += $"{searchParametersList[i].Name} >= '{searchParametersList[i].Value}'";
			else
			where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType.GetLinqCondition()} '{searchParametersList[i].Value}'";
			}
			else if (searchParametersList[i].DisplayType.GetLinqCondition() == LinqExpressionType.LessThanOrEqual)
			{
			if (string.IsNullOrEmpty(where))
			where += $"{searchParametersList[i].Name} <= '{searchParametersList[i].Value}'";
			else
			where += $" and {searchParametersList[i].Name} <= '{searchParametersList[i].Value}'";
			}
			else
			where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
			{
			if (string.IsNullOrEmpty(where))
			where += $"{searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
			else
			where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
			}
			}
			}
			return where;

			@@ -139,7 +139,7 @@
			}
			else
			{
			where += $"{searchParametersList[i].Name} like '%{searchParametersList[i].Value}%'";
			where += $"[{searchParametersList[i].Name}] like '%{searchParametersList[i].Value}%'";
			}
			}
			else
			@@ -151,16 +151,33 @@
			}
			else
			{
			where += $" and {searchParametersList[i].Name} like '%{searchParametersList[i].Value}%'";
			where += $" and [{searchParametersList[i].Name}] like '%{searchParametersList[i].Value}%'";
			}
			}
			}
			else
			{
			if (string.IsNullOrEmpty(where))
			where += $"{searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
			if (searchParametersList[i].DisplayType.GetLinqCondition() == LinqExpressionType.ThanOrEqual)
			{
			if (string.IsNullOrEmpty(where))
			where += $"{searchParametersList[i].Name} >= '{searchParametersList[i].Value}'";
			else
			where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType.GetLinqCondition()} '{searchParametersList[i].Value}'";
			}
			else if (searchParametersList[i].DisplayType.GetLinqCondition() == LinqExpressionType.LessThanOrEqual)
			{
			if (string.IsNullOrEmpty(where))
			where += $"{searchParametersList[i].Name} <= '{searchParametersList[i].Value}'";
			else
			where += $" and {searchParametersList[i].Name} <= '{searchParametersList[i].Value}'";
			}
			else
			where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
			{
			if (string.IsNullOrEmpty(where))
			where += $"{searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
			else
			where += $" and {searchParametersList[i].Name} {searchParametersList[i].DisplayType} '{searchParametersList[i].Value}'";
			}
			}
			}
			return where;