context.Set<BlogKeyValuePair>()
.FromSql("SELECT [key], value FROM OPENJSON((SELECT JsonData FROM dbo.Blogs WHERE BlogId=1), '$.@path')",
new SqlParameter("@path", "path.to.data"));
在第一次看到这应该正常工作,@path应该被path.to.data替换,但事实并非如此,抛出SqlException并出现以下错误:
System.Data.SqlClient.SqlException:'@path'附近的语法不正确。
似乎SQL服务器不替换参数,因为它是OPENJSON函数内的参数。
寻找安全的解决方法。
SQL无法识别该变量,因为您将其放在字符串中:
-- Wrong:
OPENJSON((SELECT JsonData FROM dbo.Blogs WHERE BlogId = 1), '$.@path')
-- Correct:
OPENJSON((SELECT JsonData FROM dbo.Blogs WHERE BlogId = 1), '$.' + @path)
码:
context
.Set<BlogKeyValuePair>()
.FromSql(@"
SELECT [key], value
FROM OPENJSON((SELECT JsonData FROM dbo.Blogs WHERE BlogId = 1), '$.' + @path)",
new SqlParameter("@path", "path.to.data"));
这在SSMS中对我有用,所以@marsze的答案应该有效。
declare @path nvarchar(2000) = 'ArrayValue';
DECLARE @json NVARCHAR(4000) = N'{
"StringValue":"John",
"IntValue":45,
"TrueValue":true,
"FalseValue":false,
"NullValue":null,
"ArrayValue":["a","r","r","a","y"],
"ObjectValue":{"obj":"ect"}
}'
SELECT *
FROM OPENJSON(@json, '$.' + @path)