Incorrect syntax near '='

Question

While I try to run this code, I get an error:

Incorrect syntax near '='

Can you please help me to correct this error.

String sDate = DateTime.Now.ToString();
    DateTime datevalue = (Convert.ToDateTime(sDate.ToString()));
    String dy = datevalue.Day.ToString();
    int mn = datevalue.Month;
    int yy = datevalue.Year;

var debit = _dbConnect.GetOneData("SELECT SUM(debit) FROM [sem_db].[dbo].[ledger] WHERE h_id = '9' & entry_date.Value.Month = 'mn' && entry_date.Value.Year = 'yy'");
public class DbConnect
{
    readonly SqlConnection _con = new SqlConnection();

    private void GetConnection()
    {
        _con.ConnectionString = ConfigurationManager.ConnectionStrings["sem_dbConnectionString"].ConnectionString;
        _con.Open();
        return;
    }

    public object GetOneData(string query)
    {
        GetConnection();
        var cmd = new SqlCommand(query, _con);
        var val = cmd.ExecuteScalar(); ------------>(error comes here)
        _con.Close();
        return val;
    }
}

Answer 1

var debit = _dbConnect.GetOneData("SELECT SUM(debit) FROM [sem_db].[dbo].[ledger] WHERE h_id = '9' & entry_date.Value.Month = 'mn' && entry_date.Value.Year = 'yy'")

Answer 2

var debit = _dbConnect.GetData_DataTable("select (sum(debit)-sum(credit)) as openingBalance from ledger where h_id='9' and cast( entry_date as date)< CAST( dateadd(MONTH ,-1, GETDATE())as date)");

Answer 3

In sql and operator is 'and' not '&&' Assuming you are usinc C# code Change

var debit = _dbConnect.GetOneData("SELECT SUM(debit) FROM [sem_db].[dbo].[ledger] WHERE h_id = '9' & entry_date.Value.Month = 'mn' && entry_date.Value.Year = 'yy'")

to

var debit = _dbConnect.GetOneData("SELECT SUM(debit) FROM [sem_db].[dbo].[ledger] WHERE h_id = '9' and [ledger].Month = '"+mn+"' and [ledger].Year = '"+yy+"'")

try to use parameterized query to avoid SQL Injection