https://github.com/smistry7/BeeseChurger.SqlBuilder
I’ve written a small SQL builder library to allow me to refactor long SQL strings in C# code without the dependency for a database connection like you would need to with similar libraries such as SqlKata. Feel free to make any recommendations/suggestions 🙂
Does the comment show the generated code?
var builder = SelectBuilder.Init() .Select(“*”) .From(“table”) .Where(“x = 2”) .And(“y = ‘John'”); Console.WriteLine(builder.Build()); // “SELECT * FROM table WHERE x = 2 AND y = ‘John’ ;
Am I missing something? This appears to be opening you to SQL injection
Yeah that’s right, I guess the point was to help me refactor SQL strings, so it’s open to SQL injection in the same way that a normal string would be. The responsibility to protect against it at the moment would be delegated to the ORM but yeah not ideal.
Let me know if I’ve misunderstood. I appreciate this feedback and will look into rectifying this
C# devs
null reference exceptions