4-9.ASP.NET Core Web API 入門教學 - 讀取資料之好想用SQL語法阿,小心SQL Injection

影片講解

單一資料表操作

var result = _todoContext.TodoLists.FromSqlRaw("select * from todolist");

[HttpGet("GetSQL")]
public IEnumerable<TodoList> GetSQL(string name)
{
    string sql = "select * from todolist where 1=1";

    if (!string.IsNullOrWhiteSpace(name))
    {
      sql = sql + "and name like N'%" + name + "%'";
    }

    var result = _todoContext.TodoLists.FromSqlRaw(sql);

    return result;
}

參考資料 
閒聊：用 LINQ 還是自己寫 SQL？ 
Entity Framework Core原始 SQL 查詢