|
Some of our members use the GinAndTonic() method, which does a delete brain operation as a side effect.
Software Zen: delete this;
|
|
|
|
|
But why would anyone write it like that in the first place??? It's horrible. And let's not even begin to talk about why it should be a stored procedure...
"If you think it's expensive to hire a professional to do the job, wait until you hire an amateur." Red Adair.
nils illegitimus carborundum
me, me, me
|
|
|
|
|
Simple... "best practices".
|
|
|
|
|
I see little reason to not use a parametrized query like that. OK, if it is static enough top define a const, there is a small case against storing all your query code in the binary instead of the more accessible DB server, but not much else of a case.
|
|
|
|
|
It's not the end of the world, certainly; my preference is to keep databasey stuff in the database. It's just neater; besides, all those +++ and line breaks: FUGLY!!!
"If you think it's expensive to hire a professional to do the job, wait until you hire an amateur." Red Adair.
nils illegitimus carborundum
me, me, me
|
|
|
|
|
Yes, he could hide the queries in resources files, not out in public code.
|
|
|
|
|
mark merrens wrote: But why would anyone write it like that in the first place???
How else are you going to code a string which contains SQL? One really long line?
mark merrens wrote: And let's not even begin to talk about why it should be a stored procedure...
Presumably you mean it should be a proc instead. Perhaps. But some procs might be rather long when expressed as a SQL string - so same problem.
|
|
|
|
|
What's wrong with it? I mean, it's simple enough I'd put it on one line, but I don't see anything in principle wrong with putting it on several, and as C# doesn't have multi-line string constants, you have to write it as it is there. Edit: apparently @ strings will let you do multi-line constants.
Making code a stored procedure hides it away from the developer and makes it harder to see. Select queries should almost never be in one because it makes you go and look at the database to find out what the code is doing ... or, to put it another way, those queries are part of the business logic and should be in the code. But I have a somewhat old fashioned view of the database as essentially a minimally intelligent data store.
|
|
|
|
|
I like the database to take that strain: it's what it is there for, after all. And I never, ever put SQL in code: I either use a view or a stored procedure.
"If you think it's expensive to hire a professional to do the job, wait until you hire an amateur." Red Adair.
nils illegitimus carborundum
me, me, me
|
|
|
|
|
Oh yes, I have to agree. Prevents SQL injection attacks.
|
|
|
|
|
Also you can fake multiline strings (in VB.NET, say) with an inline XML document, of which the text is then converted to a string.
|
|
|
|
|
Yeah, this code is incredibly silly.
Anybody knows it should be private static readonly string SQL =
modified 15-Apr-13 19:24pm.
|
|
|
|
|
I don't know if you are being serious or if you are joking, after all, you are saying something intermediary... it is not an horror, but it is not right... it's strange.
|
|
|
|
|
Edited my post...
|
|
|
|
|
Indeed, not a candidate for StringBuilderhood. And I write it as
private const string SQL =
@"
SELECT ID
, NAME
, BIRTHDAY
FROM TABLE
WHERE NAME LIKE @PARAM
" ;
so it prints out nice in error messages [added>>] and I can very easily copy/paste it between a code file and SSMS or other SQL executor.
|
|
|
|
|
|
PIEBALDconsult wrote: And I write it as
So to be clear your code looks like the following?
And this format is 'better'?
namespace mystuff.otherStuff
{
public static class MyDbConstants
{
private const string SQL1 =
@"
SELECT ID
, NAME
, BIRTHDAY
FROM TABLE
WHERE NAME LIKE @PARAM
" ;
private const string SQL2 =
@"
SELECT ID
, NAME
, BIRTHDAY
FROM TABLE_OTHER
WHERE NAME LIKE @PARAM
" ;
private const string SQL3 =
@"
SELECT ID
, NAME
, BIRTHDAY
FROM TABLE_OTHER2
WHERE NAME LIKE @PARAM
" ;
|
|
|
|
|
No, I don't use const s for SQL.
|
|
|
|
|
PIEBALDconsult wrote:
No, I don't use const s for
SQL.
Then we have a term definition problem because I responded to what you said...
"And I [PIEBALDconsult] write it as ...private const string SQL"
|
|
|
|
|
|
PIEBALDconsult wrote: I meant "that".
No idea what that means.
|
|
|
|
|
Looks pretty damned neat to me. I always write out my SQL with each identifier or keyword on its own line. Much easier to read and diagnose.
|
|
|
|
|
Brady Kelly wrote: Looks pretty damned neat to me.
I don't know what you are referring to.
I have no problem with multi-line SQL constructs.
|
|
|
|
|
PIEBALDconsult wrote: so it prints out nice in error messages. If that is where you want it printed out nicely, you could use:
...= "\nSELECT ID\n, NAME\n, BIRTHDAY\nFROM TABLE\nWHERE NAME LIKE @PARAM\n";
The thing I don't like about @"... is that intellesense puts in indents you don't want, while most of the time, intellesense is so handy, I don't like working without it. Of course, you might be one of those people who like readable code too.
|
|
|
|
|
The "Best Practice" is not to use string concatenation in a loop. The reason is that under the hood when concatinating two strings, a third string will be created large enough to bold both source strings. The source strings will be copied to that new string, the original string destroyed, then recreated and the contents of the temporary string copied into it, then the temporary string destroyed. The concatination that you are showing should be fine, unless it is being performed in a loop.
|
|
|
|