Dan Miser
Thoughts from Dan Miser RSS 2.0
# Tuesday, October 30, 2007
Parameterized LIKE in MSSQL
Here are a couple of things to remember when you want to use a parameterized LIKE clause in a SELECT statement.

When using a parameter to an integer ID column, you need to break the statement apart so that the parameter stands apart from the wildcard characters: 


string sql = 
  @"SELECT * FROM myTable WHERE iId like '[%]' + @iId + '[%]'";

However, that same syntax will not work if you are using a varchar column. Instead, you need to embed the wildcard characters directly into the paramter's value: 


string sql =
  @"SELECT * FROM myTable WHERE vcDesc like @iId";

cmd.Parameters.Add(new SqlParameter("@vcDesc", "%" + desc + "%"));

The second syntax works in both cases, so it probably just makes sense to use that everywhere and not worry

Tuesday, October 30, 2007 2:07:42 PM (Central Standard Time, UTC-06:00)  #    Comments [0] -

Navigation
ALT.NET
Home
Categories
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Archive
<February 2012>
SunMonTueWedThuFriSat
2930311234
567891011
12131415161718
19202122232425
26272829123
45678910
Blogroll
[Feed] Chris Peterson
[Feed] Geoff Lane
[Feed] Hallvard Vossbotn
[Feed] Steve Trefethen
About the author/Disclaimer

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

© Copyright 2012
Dan Miser
Sign In
Statistics
Total Posts: 375
This Year: 3
This Month: 0
This Week: 0
Comments: 654
Themes
Pick a theme:
All Content © 2012, Dan Miser
DasBlog theme 'Business' created by Christoph De Baene (delarou)