1. 首頁
  2. 問答
  3. 有沒有更好的方法來寫這個?檢查場景

有沒有更好的方法來寫這個?檢查場景

2012-03-17 125 views
2

所以我有這個代碼檢查4個參數(作者,標題,關鍵字和主題)爲我正在進行的項目做一些動態sql查詢生成,我只是想知道是否有人知道更好的方法寫出來。我感覺這是一種非常低效的方式,但這樣做很晚,而且我很累。請讓我知道,如果你知道有更好的方法來做到這一點,那麼這裏只是一堆if/else case檢查語句。有沒有更好的方法來寫這個?檢查場景

謝謝!

if(_author!=null) 
       { 
        query += authorQ; 
        if(_title != null) 
        { 
         if(conjunct[0] == 0) 
         { 
          query += " AND "; 
          query += titleQ; 
         } 
         else 
         { 
          query += " OR "; 
          query += titleQ; 
         } 
         if(_keyword != null) 
         { 
          if(conjunct[1] == 0) 
          { 
           query += " AND "; 
           query += keywordQ; 
          } 
          else 
          { 
           query += " OR "; 
           query += keywordQ; 
          } 
          if(_subject != null) 
          { 
           if(conjunct[2] == 0) 
           { 
            query += " AND "; 
            query += subjectQ; 
           } 
           else 
           { 
            query += " OR "; 
            query += subjectQ; 
           } 
          }        
         } 
         else 
         { 
          if(_subject != null) 
          { 
           if(conjunct[2] == 0) 
           { 
            query += " AND "; 
            query += subjectQ; 
           } 
           else 
           { 
            query += " OR "; 
            query += subjectQ; 
           } 
          }      
         } 
        }//title = null 
        else 
        { 
         if(_keyword != null) 
         { 
          if(conjunct[1] == 0) 
          { 
           query += " AND "; 
           query += keywordQ; 
          } 
          else 
          { 
           query += " OR "; 
           query += keywordQ; 
          } 
          if(_subject != null) 
          { 
           if(conjunct[2] == 0) 
           { 
            query += " AND "; 
            query += subjectQ; 
           } 
           else 
           { 
            query += " OR "; 
            query += subjectQ; 
           } 
          }        
         } 
         else //keyword null 
         { 
          if(_subject != null) 
          { 
           if(conjunct[2] == 0) 
           { 
            query += " AND "; 
            query += subjectQ; 
           } 
           else 
           { 
            query += " OR "; 
            query += subjectQ; 
           } 
          } 
          //if subject's null at this point we don't care 
         } 
        } 
       } 
       else //author null 
       { 
        if(_title != null) 
        { 
         if(conjunct[0] == 0) 
         { 
          query += " AND "; 
          query += titleQ; 
         } 
         else 
         { 
          query += " OR "; 
          query += titleQ; 
         } 
         if(_keyword != null) 
         { 
          if(conjunct[1] == 0) 
          { 
           query += " AND "; 
           query += keywordQ; 
          } 
          else 
          { 
           query += " OR "; 
           query += keywordQ; 
          } 
          if(_subject != null) 
          { 
           if(conjunct[2] == 0) 
           { 
            query += " AND "; 
            query += subjectQ; 
           } 
           else 
           { 
            query += " OR "; 
            query += subjectQ; 
           } 
          }        
         } 
         else 
         { 
          if(_subject != null) 
          { 
           if(conjunct[2] == 0) 
           { 
            query += " AND "; 
            query += subjectQ; 
           } 
           else 
           { 
            query += " OR "; 
            query += subjectQ; 
           } 
          }      
         } 
        }//title = null 
        else 
        { 
         if(_keyword != null) 
         { 
          if(conjunct[1] == 0) 
          { 
           query += " AND "; 
           query += keywordQ; 
          } 
          else 
          { 
           query += " OR "; 
           query += keywordQ; 
          } 
          if(_subject != null) 
          { 
           if(conjunct[2] == 0) 
           { 
            query += " AND "; 
            query += subjectQ; 
           } 
           else 
           { 
            query += " OR "; 
            query += subjectQ; 
           } 
          }        
         } 
         else //keyword null 
         { 
          if(_subject != null) 
          { 
           if(conjunct[2] == 0) 
           { 
            query += " AND "; 
            query += subjectQ; 
           } 
           else 
           { 
            query += " OR "; 
            query += subjectQ; 
           } 
          } 
          //if subject's null at this point we don't care 
         } 
        } 
       }

來源

2012-03-17 noname

+0

您可以查詢+ = variableName;在if語句中,你可以使用三元運算符:例如: - query + =(conjunct [0] == 0?「AND」:「OR」); query + = titleQ; – 2012-03-17 07:34:33

+0

我知道一個非常棒的方式,'但它晚了,我很累';) – DaveFar 2012-03-17 11:44:57

+0

此外,很多代碼是「死」,即無法訪問,只需將其放入最新版本的eclipse中,並啓用所有警告。 。 – Adam 2012-03-17 11:53:00

回答

2

怎麼樣更加結構化和可擴展的方法,請參見下面的例子。順便說一句,您不應該真正將用戶輸入直接放入SQL查詢中 - 而是使用準備好的語句來設法防止注入攻擊。

// test values 
String _author = "authorfoo"; 
String _title = "titlebar"; 
String _keyword = null; 
String _subject = "subjectfoo"; 
String authorQ = "author=" + _author; 
String subjectQ = "subject=" + _subject; 
String titleQ = "title="+ _title; 
String keywordQ = "keyword=" + _keyword; 
int conjunct[] = new int[]{ 0, 1, 1, 0}; 

// query building code 
String []inputs = {_author, _title, _keyword, _subject}; 
String []queries = {authorQ, titleQ, keywordQ, subjectQ}; 
StringBuilder builder = new StringBuilder(); 
for (int i = 0 ; i < inputs.length; i++) { 
    if (inputs[i] != null) { 
     if (builder.length() > 0) { // don't start query with connective 
      if (conjunct[i] == 0) { 
       builder.append(" AND "); 
      } else { 
       builder.append(" OR "); 
      } 
     } 
     builder.append(queries[i]); 
    } 
} 
String query = builder.toString(); 
System.out.println(query);

來源

2012-03-17 11:50:46 Adam

+0

哇,好多了。我絕對不應該在午夜過後寫代碼。同樣,對於sql注入項目,我們不需要擔心這個類,因此直接用戶輸入。感謝或你的幫助,你搖滾! – noname 2012-03-18 00:43:17

0 
a = _author ? authorQ : 1; 
t = _title ? titleQ : 1; 
k = _keyword ? keywordQ : 1; 
s = _subject ? subjectQ : 1; 

c1 = conjunct[0] ? " OR " : " AND "; 
c2 = conjunct[1] ? " OR " : " AND "; 
c3 = conjunct[2] ? " OR " : " AND "; 

query += a + c1 + t + c2 + k + c3 + s;

來源

2012-03-17 08:10:28

+0

因此,對於_author == null和conunction [0]!= 0查詢變爲... 1或....那個sql查詢計算的是什麼? – DaveFar 2012-03-17 11:43:34

相關問題

 相關問題