我从前端获取数组以根据SQL查询内部执行过滤器。
我想在阵列上应用LIKE
滤镜。如何在LIKE
函数中添加数组?
我使用Angular和Html作为前端,Node作为后端。
从前端传入的数组:
[ "Sports", "Life", "Relationship", ...]
SQL查询是:
SELECT *
FROM Skills
WHERE Description LIKE ('%Sports%')
SELECT *
FROM Skills
WHERE Description LIKE ('%Life%')
SELECT *
FROM Skills
WHERE Description LIKE ('%Relationship%')
但我从前端获得一个数组 - 如何为此创建查询?
在SQL Server 2017中,您可以使用OPENJSON
按原样使用JSON字符串:
SELECT *
FROM skills
WHERE EXISTS (
SELECT 1
FROM OPENJSON('["Sports", "Life", "Relationship"]', '$') AS j
WHERE skills.description LIKE '%' + j.value + '%'
)
例如,对于SQL Server 2016+和STRING_SPLIT()
:
DECLARE @Str NVARCHAR(100) = N'mast;mode'
SELECT name FROM sys.databases sd
INNER JOIN STRING_SPLIT(@Str, N';') val ON sd.name LIKE N'%' + val.value + N'%'
-- returns:
name
------
master
model
值得一提的是输入数据要严格控制,因为这种方式会导致SQL注入攻击
作为替代方案,更安全,更简单的方法:可以通过以下方式在应用程序端生成SQL:
Select * from Skills
WHERE (
Description Like '%Sports%'
OR Description Like '%Life%'
OR Description Like '%Life%'
)
对map()
数组进行简单的words
调用将允许您生成相应的查询,然后您可以执行这些查询(首先将它们连接到一个字符串中)。
演示:
var words = ["Sports", "Life", "Relationship"];
var template = "Select * From Skills Where Description Like ('%{0}%')";
var queries = words.map(word => template.replace('{0}', word));
var combinedQuery = queries.join("\r\n");
console.log(queries);
console.log(combinedQuery);