c# - Select query with multiple like conditions in Sql -

- March 15, 2015

all,

i have view filtered data fetched sql query

view structure:

bridgeid      int name          varchar displayname   varchar

there search text box in user can enter 1 of values filtering.

due project old framework have query c# itself.

public static list<conferencebridges> getsearchlist(string search)         {             db db = new db(server_name, data_base_name);             string searchquery = string.format("select bridgeid,name,ownerid vconferencebridgesdetails bridgeid '%' + {0} + '%' or name like'%' + {0} + '%' or displayname '%' + {0} + '%'", search);             datatable table = db.getdata(searchquery);             list<conferencebridges> bridgelist = new list<conferencebridges>();             if (table != null && table.rows.count > 0)             {                 foreach (datarow item in table.rows)                 {                     bridgelist.add(new conferencebridges(item));                 }             }             return bridgelist;         }

the problems : when ever enter bridge id int passed string give error , string values give invalid column name.

how can make query accept parameters.

'%' + {0} + '%' wrong.

if search = "abc" generate: "name '%'+abc+'%'" invalid sql

if use '%{0}%' instead, have valid sql (if there no ' in search)

use this:

string searchquery = string.format("select bridgeid,name,ownerid vconferencebridgesdetails bridgeid '%{0}%' or name '%{0}%' or displayname '%{0}%'", search);

Search This Blog

Naan

c# - Select query with multiple like conditions in Sql -

Comments

Post a Comment

Popular posts from this blog

ios - UICollectionView Self Sizing Cells with Auto Layout -

node.js - ldapjs - write after end error -

DOM Manipulation in Wordpress (and elsewhere) using php -