CODEWITHSUNDEEP
c#sql
Turc
Turc

Reputation: 27

Error to make SQLite command in C# using variables?

I have problem in C# to make a SQLite command. I've trying to use code like this:

SQLiteCommand komenda = new SQLiteCommand("SELECT cena FROM dniowka WHERE (model = '@Name' AND element = '@Name2')", cnn);

but it doesn't work... :( before i used LIKE statement: 

SQLiteCommand komenda = new SQLiteCommand("SELECT cena FROM dniowka WHERE model LIKE @Name AND element LIKE @Name2", cnn);

it works. But I have a little problem. When I have a few records that contain "AL" for example, "1AL, 2AL, AL ...". I do not know how to do to get the only one record "AL" (@ Name2 = AL).

Does anyone have any idea?

[P. S. sorry for my english ..]

Upvotes: 1

Views: 167

Answers (2)

Soner Gönül
Soner Gönül

Reputation: 98750

Because you don't need to use apostrof when you using parameterized queries.

Use parameters in your query like model = @Name not model = '@Name'

The right usage of this;

SQLiteCommand komenda = new SQLiteCommand("SELECT cena FROM dniowka 
                            WHERE model = @Name 
                            AND element = @Name2", cnn);

komenda.Parameters.AddWithValue("@Name", Name);
komenda.Parameters.AddWithValue("@Name2", Name2);

Upvotes: 1

mikey
mikey

Reputation: 5160

instead of LIKE you can use =

e.g.

"SELECT cena FROM dniowka WHERE model = @Name AND element = @Name2"

Note that I didn't include single quotes:

'@Name' <-- BAD

@Name <-- GOOD

Upvotes: 2

Related Questions