C# – How would you pass through “>=” in the querystring

asp.netcquery-stringsql

I would like to pass some operators through as querystring parameters so that I can convert them, along with a value into an SQL query. The idea would be to let the querystring parameters dictate wether the page returns search results where prices are equal to, greater than or equal to, greater than, less than or less than or equal to as follows:

=, >=, >, < and <=

I'm not sure what the best practise is for passing these operators through is, could anybody help me out? Would you pass through ascii codes or simply text like e, gte, gt, lt, lte and then convert them on results page that builds the query?

Thanks guys!

Best Answer

As user Kon said, use HttpServerUtility.UrlEncode. I've once written a tiny little class to simplify working with query strings so that I do not have to call Server.UrlEncode.

As a side note, keep an eye on SQL injection aka Little Bobby Tables:

Little Bobby Tables (Source)

Related Solutions

C# – How to get the index of the current iteration of a foreach loop

Ian Mercer posted a similar solution as this on Phil Haack's blog:

foreach (var item in Model.Select((value, i) => new { i, value }))
{
    var value = item.value;
    var index = item.i;
}

This gets you the item (item.value) and its index (item.i) by using this overload of LINQ's Select:

the second parameter of the function [inside Select] represents the index of the source element.

The new { i, value } is creating a new anonymous object.

Heap allocations can be avoided by using ValueTuple if you're using C# 7.0 or later:

foreach (var item in Model.Select((value, i) => ( value, i )))
{
    var value = item.value;
    var index = item.i;
}

You can also eliminate the item. by using automatic destructuring:

<ol>
foreach ((MyType value, Int32 i) in Model.Select((value, i) => ( value, i )))
{
    <li id="item_@i">@value</li>
}
</ol>

Sql – How to return only the Date from a SQL Server DateTime datatype

SELECT DATEADD(dd, 0, DATEDIFF(dd, 0, @your_date))

for example

SELECT DATEADD(dd, 0, DATEDIFF(dd, 0, GETDATE()))

gives me

2008-09-22 00:00:00.000

Pros:

No varchar<->datetime conversions required
No need to think about locale

Best Answer

Related Solutions

C# – How to get the index of the current iteration of a foreach loop

Sql – How to return only the Date from a SQL Server DateTime datatype

Related Topic