我想使用基于参数的查询填充数据网格。但是,我希望能够输入可能包含通配符的多个参数。但是,以下测试查询不正确。
我出错的任何想法?
SELECT `Customer ID`, `Company Name`, `Address Line 3` FROM XTest.all WHERE `Company Name` LIKE '%'+@Company+'%' ORDER BY `Company Name`;
答案 0 :(得分:1)
您需要在""双引号中包含列名(取决于SQL模式的设置)。
请检查此链接并按照@DRapp的回答。 这是链接:mysql parameterized query in ASP.NET
根据答案,您需要使用?代替@。
试试这个:
SELECT `Customer ID`, `Company Name`, `Address Line 3`
FROM XTest.all
WHERE `Company Name` LIKE concat('%',? + "Company",'%')
ORDER BY `Company Name`;
objCommand.Parameters.AddWithValue("?Company", "CompanyValue");
答案 1 :(得分:1)
string company = "%" + your_criteria_on_company + "%";
string sql = "SELECT
`Customer ID`, `Company Name`, `Address Line 3`
FROM XTest.all
WHERE
`Company Name` LIKE @Company
ORDER BY `Company Name`";
SqlCommand sqlCommand = new SqlCommand( sql, dbConnection );
sqlCommand.Parameters.AddWithValue( "@Company", company );
' add more of your code here
' and then
sqlCommand.Prepare();
MySqlDataReader resultSet = sqlCommand.ExecuteReader();
请参阅: