how to convert sql query into linq

Question

0.00/5 (No votes)

See more:

i want to convert below query in linq query. i try but i get the exception:

C#

string query = "select * from OrderItems where itemname is not null";
           if (!string.IsNullOrEmpty(item))
           {
               query += " and itemname=" + item;
           }
           if (!string.IsNullOrEmpty(description))
           {
               query += " and description=" + description;
           }
           if (!string.IsNullOrEmpty(price))
           {
               query += " and price=" + price;
           }

my tried code is below:

C#

var InventoryData = GetItems().ToList();
           if (!string.IsNullOrEmpty(item))
           {
               InventoryData += InventoryData.ToList().Where(d => d.InventoryId == item).ToList();
           }

please help: showing error + sign.

please help thanks in advance.

Posted 19-Jan-16 1:40am

Member 10371658

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Andy Lanng · Accepted Answer · 2016-01-19T02:50:00

your close, but you should just use "=", not "+=" The clauses will accumulate the way you intend:

C#

//string query = "select * from OrderItems where itemname is not null";
var query = GetItems(); // keep it queriable for now.  As soon as you perform "ToList()" the database is queried.  You should wait until you refine the criteria

if (!string.IsNullOrEmpty(item))
//    query += " and itemname=" + item;
      query = query.Where(d => d.itemname == item);
if (!string.IsNullOrEmpty(description))
//    query += " and description=" + description;
      query = query.Where(d => d.description == description);
if (!string.IsNullOrEmpty(price))
//    query += " and price=" + price;
      query = query.Where(d => d.price == price);
  
var InventoryData = query.ToList(); //The query to the db will include all the where clauses you add

Richard Deeming · Accepted Answer · 2016-01-19T02:49:00

First of all, your SQL code is vulnerable to SQL Injection[^]. NEVER use string concatenation to build a SQL query. ALWAYS use a parameterized query.

Secondly, to apply filters to a LINQ query, you just chain calls to the Where method:

C#

var query = GetItems();
if (!string.IsNullOrEmpty(item))
{
    query = query.Where(d => d.ItemName == item);
}
if (!string.IsNullOrEmpty(description))
{
    query = query.Where(d => d.Description == description);
}
if (!string.IsNullOrEmpty(price))
{
    // TODO: Use the correct data type to store the price.
    query = query.Where(d => d.Price == price);
}

var inventoryData = query.ToList();

NB: Your GetItems method should return an IQueryable<T> instance, so that the filters are passed to the SQL query. Don't call ToList until you have built the entire query; otherwise, all of the data will be loaded into memory before the filtering takes place.

Everything you wanted to know about SQL injection (but were afraid to ask) | Troy Hunt[^]
How can I explain SQL injection without technical jargon? | Information Security Stack Exchange[^]
Query Parameterization Cheat Sheet | OWASP[^]
SQL injection attack mechanics | Pluralsight [^]

how to convert sql query into linq

2 solutions

Solution 2

Solution 1

Add your solution here

Preview 0