You can pass parameters to a raw SQL query executed using the FromSqlRaw method. This helps to prevent SQL injection attacks and makes the code more readable.
using EntityFrameworkCore_ConsoleApp.Models;
using Microsoft.Data.SqlClient;
using Microsoft.EntityFrameworkCore;
namespace EntityFrameworkCore_ConsoleApp
{
public class Program
{
static void Main(string[] args)
{
using (var databaseContext = new DatabaseContext())
{
var status = true;
var products = databaseContext.Products.FromSqlRaw("select * from product where status = {0}", status).ToList();
products.ForEach(product =>
{
Console.WriteLine("Id: " + product.Id);
Console.WriteLine("Name: " + product.Name);
Console.WriteLine("Price: " + product.Price);
Console.WriteLine("Quantity: " + product.Quantity);
Console.WriteLine("Description: " + product.Description);
Console.WriteLine("Status: " + product.Status);
Console.WriteLine("Photo: " + product.Photo);
Console.WriteLine("Created: " + product.Created.ToString("dd/MM/yyyy"));
Console.WriteLine("Category Id: " + product.CategoryId);
Console.WriteLine("---------------------");
});
}
}
}
}
Output
Id: 9
Name: Tivi 1
Price: 10
Quantity: 15
Description: Description 1
Status: True
Photo: photo1.gif
Created: 20/10/2023
Category Id: 1
---------------------
Id: 12
Name: Laptop 1
Price: 15
Quantity: 16
Description: Description 3
Status: True
Photo: photo4.gif
Created: 20/10/2021
Category Id: 2
---------------------
Id: 14
Name: Computer 1
Price: 17
Quantity: 34
Description: Description 5
Status: True
Photo: photo6.gif
Created: 20/12/2023
Category Id: 3
---------------------
Id: 16
Name: Computer 3
Price: 19
Quantity: 18
Description: Description 7
Status: True
Photo: photo8.gif
Created: 20/05/2023
Category Id: 3
---------------------
Use AND condition in Where:
using EntityFrameworkCore_ConsoleApp.Models;
using Microsoft.Data.SqlClient;
using Microsoft.EntityFrameworkCore;
namespace EntityFrameworkCore_ConsoleApp
{
public class Program
{
static void Main(string[] args)
{
using (var databaseContext = new DatabaseContext())
{
var min = 5;
var max = 20;
var products = databaseContext.Products.FromSqlRaw("select * from product where price >= {0} and price <= {1}", min, max).ToList();
products.ForEach(product =>
{
Console.WriteLine("Id: " + product.Id);
Console.WriteLine("Name: " + product.Name);
Console.WriteLine("Price: " + product.Price);
Console.WriteLine("Quantity: " + product.Quantity);
Console.WriteLine("Description: " + product.Description);
Console.WriteLine("Status: " + product.Status);
Console.WriteLine("Photo: " + product.Photo);
Console.WriteLine("Created: " + product.Created.ToString("dd/MM/yyyy"));
Console.WriteLine("Category Id: " + product.CategoryId);
Console.WriteLine("---------------------");
});
}
}
}
}
Output
Id: 9
Name: Tivi 1
Price: 10
Quantity: 15
Description: Description 1
Status: True
Photo: photo1.gif
Created: 20/10/2023
Category Id: 1
---------------------
Id: 10
Name: Tivi 2
Price: 5
Quantity: 22
Description: Description 2
Status: False
Photo: photo2.gif
Created: 20/04/2022
Category Id: 1
---------------------
Id: 11
Name: Tivi 3
Price: 20
Quantity: 4
Description: Description 2
Status: False
Photo: photo3.gif
Created: 20/11/2022
Category Id: 1
---------------------
Id: 12
Name: Laptop 1
Price: 15
Quantity: 16
Description: Description 3
Status: True
Photo: photo4.gif
Created: 20/10/2021
Category Id: 2
---------------------
Id: 14
Name: Computer 1
Price: 17
Quantity: 34
Description: Description 5
Status: True
Photo: photo6.gif
Created: 20/12/2023
Category Id: 3
---------------------
Id: 16
Name: Computer 3
Price: 19
Quantity: 18
Description: Description 7
Status: True
Photo: photo8.gif
Created: 20/05/2023
Category Id: 3
---------------------
Use OR condition in Where:
using EntityFrameworkCore_ConsoleApp.Models;
using Microsoft.Data.SqlClient;
using Microsoft.EntityFrameworkCore;
namespace EntityFrameworkCore_ConsoleApp
{
public class Program
{
static void Main(string[] args)
{
using (var databaseContext = new DatabaseContext())
{
var price1 = 5;
var price2 = 15;
var price3 = 20;
var products = databaseContext.Products.FromSqlRaw("select * from product where price = {0} or price = {1} or price = {2}", price1, price2, price3).ToList();
products.ForEach(product =>
{
Console.WriteLine("Id: " + product.Id);
Console.WriteLine("Name: " + product.Name);
Console.WriteLine("Price: " + product.Price);
Console.WriteLine("Quantity: " + product.Quantity);
Console.WriteLine("Description: " + product.Description);
Console.WriteLine("Status: " + product.Status);
Console.WriteLine("Photo: " + product.Photo);
Console.WriteLine("Created: " + product.Created.ToString("dd/MM/yyyy"));
Console.WriteLine("Category Id: " + product.CategoryId);
Console.WriteLine("---------------------");
});
}
}
}
}
Output
Id: 10
Name: Tivi 2
Price: 5
Quantity: 22
Description: Description 2
Status: False
Photo: photo2.gif
Created: 20/04/2022
Category Id: 1
---------------------
Id: 11
Name: Tivi 3
Price: 20
Quantity: 4
Description: Description 2
Status: False
Photo: photo3.gif
Created: 20/11/2022
Category Id: 1
---------------------
Id: 12
Name: Laptop 1
Price: 15
Quantity: 16
Description: Description 3
Status: True
Photo: photo4.gif
Created: 20/10/2021
Category Id: 2
---------------------
You can also pass parameters with the SqlParameter method as below:
using EntityFrameworkCore_ConsoleApp.Models;
using Microsoft.Data.SqlClient;
using Microsoft.EntityFrameworkCore;
namespace EntityFrameworkCore_ConsoleApp
{
public class Program
{
static void Main(string[] args)
{
using (var databaseContext = new DatabaseContext())
{
var param1 = new SqlParameter("@min", 5);
var param2 = new SqlParameter("@max", 20);
var products = databaseContext.Products.FromSqlRaw("select * from product where price >= @min and price <= @max", param1, param2).ToList();
products.ForEach(product =>
{
Console.WriteLine("Id: " + product.Id);
Console.WriteLine("Name: " + product.Name);
Console.WriteLine("Price: " + product.Price);
Console.WriteLine("Quantity: " + product.Quantity);
Console.WriteLine("Description: " + product.Description);
Console.WriteLine("Status: " + product.Status);
Console.WriteLine("Photo: " + product.Photo);
Console.WriteLine("Created: " + product.Created.ToString("dd/MM/yyyy"));
Console.WriteLine("Category Id: " + product.CategoryId);
Console.WriteLine("---------------------");
});
}
}
}
}
Output
Id: 9
Name: Tivi 1
Price: 10
Quantity: 15
Description: Description 1
Status: True
Photo: photo1.gif
Created: 20/10/2023
Category Id: 1
---------------------
Id: 10
Name: Tivi 2
Price: 5
Quantity: 22
Description: Description 2
Status: False
Photo: photo2.gif
Created: 20/04/2022
Category Id: 1
---------------------
Id: 11
Name: Tivi 3
Price: 20
Quantity: 4
Description: Description 2
Status: False
Photo: photo3.gif
Created: 20/11/2022
Category Id: 1
---------------------
Id: 12
Name: Laptop 1
Price: 15
Quantity: 16
Description: Description 3
Status: True
Photo: photo4.gif
Created: 20/10/2021
Category Id: 2
---------------------
Id: 14
Name: Computer 1
Price: 17
Quantity: 34
Description: Description 5
Status: True
Photo: photo6.gif
Created: 20/12/2023
Category Id: 3
---------------------
Id: 16
Name: Computer 3
Price: 19
Quantity: 18
Description: Description 7
Status: True
Photo: photo8.gif
Created: 20/05/2023
Category Id: 3
---------------------