Adding strings with special characters within in SQL Server database by C# ASP.NET application

Question

How can I add in a table with a column of type string (in SQL Server) an string like "jaja@yahoo.com" , I have problems with special character('@' in this case).Thanks

System.Data.SqlClient.SqlConnection con = new System.Data.SqlClient.SqlConnection(
                         "Data Source=BOGDAN-PC\\BOGDAN;Initial Catalog=ePlanning;Integrated Security=SSPI;Connect Timeout=10;TrustServerCertificate=True ");
                string[] id_dep = ddDepartament.SelectedItem.Text.Split('.');
                con.Open();



                string final = tbemailangajat.Text.

                string sqlstring = " Update angajati set nume='" + tbNumeangajat.Text + "' ,prenume= '" + tbPrenumeangajat.Text + "',email= '" + final + "',telefon= '" + tbTelefonAngajat.Text + "',id_functie= " + ddFunctieAngajat.SelectedItem.Text[0].ToString() + ",id_departament= " + ddDepartament.SelectedItem.Text[0].ToString() + " where id_angajat = " + int.Parse(tbID.Text) + ";";
                System.Data.SqlClient.SqlCommand comm = new System.Data.SqlClient.SqlCommand(sqlstring, con);
                //  System.Data.SqlClient.SqlDataReader reader;
                comm.ExecuteNonQuery();
                con.Close();

Answer 1

don't use sql injection, use parameterized queries instead.

command.CommandText = "insert into table (column) values(@p1)";
command.Parameters.AddWithValue("p1", "email@address.com");

Answer 2

varchar should allow for the @ symbol, but for some symbols it requires nvarchar instead of varchar. nvarchar stores unicode and is used to support symbols outside of the ASCII range.