logo
Redian新闻
>未名空间
>JobHunting - 待字闺中
>
C#, recruiter发过来的面试题, 帮我看看解答
avatar
C#, recruiter发过来的面试题, 帮我看看解答# JobHunting - 待字闺中
p*1
1
Question:
Given the table [tSWIFT_History_Trades] , the C# structure TradeNAK and the
C# method UpdateTradeACKNAKDB as defined below:
CREATE TABLE [tSWIFT_History_Trades](
[Id] [bigint] IDENTITY(1,1) NOT NULL,
[BatchId] [varchar](25) NOT NULL,
[TradeId] [varchar](25) NOT NULL,
[Account] [varchar](25) NULL,
[TranType] [varchar](50) NULL,
[TradeDate] [int] NULL,
[SettleDate] [int] NULL,
[Exch] [varchar](50) NULL,
[DateSent] [datetime] NOT NULL
CONSTRAINT [DF_tSWIFT_History_Trades_Sent_DateSent] DEFAULT (getdate()),
[Status] [varchar](20) NOT NULL,
[AckNak] [varchar](7) NULL
CONSTRAINT [DF_tSWIFT_History_Trades_AckNak] DEFAULT ('Pending'),
[MachineIdReceived] [varchar](50) NULL,
[FileNameReceived] [varchar](100) NULL,
[DateReceived] [datetime] NULL,
[DirectoryArchivedReceived] [varchar](300) NULL,
[Error] [varchar](500) NULL,
[Price] [float] NULL CONSTRAINT [DF_tSWIFT_History_Trades_Price]
DEFAULT (0),
CONSTRAINT [PK_tSWIFT_History_Trades] PRIMARY KEY NONCLUSTERED ([Id] ASC )
GO
select count (*) from dbo.tSWIFT_History_Trades
--returns 568655
----------------------------------------------------------------
public struct TradeNAK
{ public string BatchId;
public string TradeId;
public bool AckNakSuccess;
public string ErrorText; }
--The number of trade acknowledgements (TradeNAKs) per batch (i.e. _lANT)
can reach 2000.
public int UpdateTradeACKNAKDB(List _lANT, string
strFileNameReceived, string strDirectoryArchivedReceived)
{
try
{
int j = 0;
for (int i = 0; i < _lANT.Count; i++)
{
if (_lANT[i].AckNakSuccess == true)
{
if (_lANT[i].ErrorText == null)
{
j += Convert.ToInt16(dba.ExecuteSQL("UPDATE
tSWIFT_History_Trades SET MachineIdReceived = '" + System.Environment.
UserName.ToUpper() + "', FileNameReceived = '" + strFileNameReceived + "',
DirectoryArchivedReceived = '" + strDirectoryArchivedReceived + "',
DateReceived = GetDate(), AckNak = 'ACK' WHERE (BatchId = '" + _lANT[i].
BatchId + "' AND TradeId = '" + _lANT[i].TradeId + "')"));
}
else
{
j += Convert.ToInt16(dba.ExecuteSQL("UPDATE
tSWIFT_History_Trades SET MachineIdReceived = '" + System.Environment.
UserName.ToUpper() + "', FileNameReceived = '" + strFileNameReceived + "',
DirectoryArchivedReceived = '" + strDirectoryArchivedReceived + "',
DateReceived = GetDate(), AckNak = 'ACK', [Error] = '" + _lANT[i].ErrorText.
Replace("'", "''") + "' WHERE (BatchId = '" + _lANT[i].BatchId + "' AND
TradeId = '" + _lANT[i].TradeId + "')"));
}
}
else
{
if (_lANT[i].ErrorText == null)
{
j += Convert.ToInt16(dba.ExecuteSQL("UPDATE
tSWIFT_History_Trades SET MachineIdReceived = '" + System.Environment.
UserName.ToUpper() + "', FileNameReceived = '" + strFileNameReceived + "',
DirectoryArchivedReceived = '" + strDirectoryArchivedReceived + "',
DateReceived = GetDate(), AckNak = 'NAK' WHERE (BatchId = '" + _lANT[i].
BatchId + "' AND TradeId = '" + _lANT[i].TradeId + "')"));
}
else
{
j += Convert.ToInt16(dba.ExecuteSQL("UPDATE
tSWIFT_History_Trades SET MachineIdReceived = '" + System.Environment.
UserName.ToUpper() + "', FileNameReceived = '" + strFileNameReceived + "',
DirectoryArchivedReceived = '" + strDirectoryArchivedReceived + "',
DateReceived = GetDate(), AckNak = 'NAK', [Error] = '" + _lANT[i].ErrorText.
Replace("'", "''") + "' WHERE (BatchId = '" + _lANT[i].BatchId + "' AND
TradeId = '" + _lANT[i].TradeId + "')"));
}
}
}
return j;
}
catch (Exception ex)
{
throw ex;
}
}
First briefly describe this method does?
1. Describe how the method can be changed, improved or written better.
2. Include an explanation for how and why your solution is better.
3. Rewrite UpdateTradeACKNAKDB function
avatar
p*1
2
My answer:
Problems with the above codes:
1. We do not have to have the sql string everywhere, it can be simplified to
be put in just 1 place.
2. This code is not using parameters properly thus allowing for SQL
injection attacks.
My below solution would solve the above 2 problems. In my industry
experience, I did not have experience to put SQL parameters into dba.
ExecuteSQL, so, I convert to SqlCommand.
public int UpdateTradeACKNAKDB(List _lANT, string
strFileNameReceived, string strDirectoryArchivedReceived)
{
try
{
int j = 0;
using (SqlConnection connection = new SqlConnection(/*
connection info*/))
{
for (int i = 0; i < _lANT.Count; i++)
{
string sql = "UPDATE tSWIFT_History_Trades SET MachineIdReceived = '" +
System.Environment.UserName.ToUpper() + "', FileNameReceived = '" +
strFileNameReceived + "', DirectoryArchivedReceived = '" +
strDirectoryArchivedReceived + "', DateReceived = GetDate(), AckNak [email protected]
paramAckNak, '" + (_lANT[i].ErrorText == null ? "' '" : "'[Error] = @
paramText'") + "' WHERE (BatchId = '" + _lANT[i].BatchId + "' AND TradeId =
'" + _lANT[i].TradeId + "')";
using (SqlCommand cmd = new SqlCommand(sql, connection))
{
Var AckNakParam = new SqlParameter(“paramAckNak”, SqlDbType.Char)
AckNakParam.Value = (_lANT[i].AckNakSuccess == true) ? "ACK" : "NAK";
cmd.Parameters.Add(AckNakParam);
If (_lANT[i].ErrorText != null) {
Var TextParam = new SqlParameter(“paramText”, SqlDbType.Text)
TextParam.Value = _lANT[i].ErrorText.Replace("'", "''");
cmd.Parameters.Add(TextParam);
}
j += Convert.ToInt16(cmd.xecuteNonQuery() );
}
}
return j;
}
}
catch (Exception ex)
{
throw ex;
}
}
相关阅读
请问石油公司也招信号处理方面的人么?不淡定了,求祝福!Palantir online coding test有人有经验么?求G家Phone Interview Resourceh1b现在的流程问题,谢谢费城Software engineer一般工资多少?问一道 C/C++ 题某家挂了CS 想找实习请问12月开始工作和明年1月开始工作什么学校才算top-tier?诚聘做高端网络交换机芯片的优秀人才也写个找工作感想昨天onsite结束,求bless请问H1B的REF材料收到后,USCIS多久会make decsion?网申一个中等公司,两个不太相同的职位可以同时申请吗epic phd project manager DESIRED SALARY 写多少好?一般的大公司都有对fresh毕业生的专门申请程序么?hireright的人事档案?where and how to determine prevailing wages?
logo
联系我们隐私协议©2024 redian.news
Redian新闻
Redian.news刊载任何文章,不代表同意其说法或描述,仅为提供更多信息,也不构成任何建议。文章信息的合法性及真实性由其作者负责,与Redian.news及其运营公司无关。欢迎投稿,如发现稿件侵权,或作者不愿在本网发表文章,请版权拥有者通知本网处理。