sam
Reputation: 2616
parameterized query with where like clause
I am trying to perform parameterized query with where clause like I got no errors but I am not getting data but when I perform same query on sql server studio I got correct result
what the wrong with it ?
one last question in some case I would may not to pass one of these like parameter then how to avoid binding that parameter to query ?
public void GetPatientInfoFilter()
{
string connStr = ConfigurationManager.ConnectionStrings["SRJDconnstr"].ToString();
string cmdStr = @"SELECT ID,
DocNUM,
NAM+' '+LFNAME as FirstLastName,
FNAME,
SEX,
BIRTHDAY,
PHONE,
MOBILE,
ADDRESS
FROM SICK
WHERE DocNUM LIKE @DocNUM
AND NAM+' '+LFNAME LIKE @FLNAME
AND FNAME LIKE @FNAME";
using (SqlConnection conn = new SqlConnection(connStr))
using (SqlCommand cmd = new SqlCommand(cmdStr, conn))
{
conn.Open();
cmd.CommandText = cmdStr;
cmd.CommandType = CommandType.Text;
dtPatientInfo.Rows.Clear();
cmd.Parameters.Add(new SqlParameter("@DocNUM", SqlDbType.VarChar,10)).Value = "%" + TB_DocNum.Text + "%";
cmd.Parameters.Add(new SqlParameter("@FLNAME", SqlDbType.VarChar,200)).Value = "%" + TB_FirstLastName.Text + "%";
cmd.Parameters.Add(new SqlParameter("@FNAME", SqlDbType.VarChar,100)).Value = "%" + TB_FatherName.Text + "%";
SqlDataAdapter da = new SqlDataAdapter(cmd);
da.Fill(dtPatientInfo);
dataGridView1.DataSource = dtPatientInfo;
}
}
here is how I perform query in SSMS
SELECT ID,
DocNUM,
NAM+' '+LFNAME as FirstLastName,
FNAME,
SEX,
BIRTHDAY,
PHONE,
MOBILE,
ADDRESS
FROM SICK
WHERE DocNUM LIKE '%1%'
AND NAM+' '+LFNAME LIKE '%sa%'
AND FNAME LIKE '%b%'
Upvotes: 2
Views: 1519
Answers (1)
Joel Coehoorn
Reputation: 416149
Are you putting the % wildcards into the textboxes? I bet you want this:
string cmdStr =
@"SELECT ID,
DocNUM,
NAM+' '+LFNAME as FirstLastName,
FNAME,
SEX,
BIRTHDAY,
PHONE,
MOBILE,
ADDRESS
FROM SICK
WHERE DocNUM LIKE '%' + @DocNUM + '%'
AND NAM+' '+LFNAME LIKE '%' + @FLNAME + '%'
AND FNAME LIKE '%' + @FNAME + '%'";
You might also consider removing the leading wild cards, and only doing "starts with" matches, since what we have here prevents any possibility of any indexes helping this query.
Upvotes: 1
Related Questions
- How to parameterize query with like operator in Sql Server
- Parameterized Queries with LIKE and IN conditions
- How to Parameterize a query with Like operator
- Parameterised query breaks when doing LIKE condition. Why?
- How to execute parameterized SQL query (using LIKE with @ variable)
- Getting query to work with parameter and "like"
- How to Use 'Like' with a parameter
- Parameterize WHERE Clause in Query
- SQL Parameters with Like Terms in .Net
- using parameter in SQL with LIKE keyword