Solved

parameters  in  query which uses "IN" keyword

Posted on 2011-02-16
8
303 Views
Last Modified: 2012-05-11
Hi All,
I know how to use parameterized query. But I am not sure how can I implement parameterized query in query like " select * from visitors where visitortype in ('abc','pqr')"

the following code does not give any error but it is not giving desired result either. In sql query analyser, I tested same query and it returns few rows, but in application it returns 0 rows.

How can I use parameters in query which uses "IN" keyword

  OleDbConnection con = new OleDbConnection("-----connection string-----");
            string strCmd = "select * from visitors where visitortype in (?)";
            OleDbCommand cmd = new OleDbCommand(strCmd, con);
            cmd.Parameters.Add("test", OleDbType.VarChar);
            cmd.Parameters["test"].Value = "'abc','pqr'";
            OleDbDataAdapter adp = new OleDbDataAdapter(cmd);
            DataSet ds = new DataSet();
            con.Open();
            adp.Fill(ds);
            con.Close();

            Response.Write(ds.Tables[0].Rows.Count.ToString());
0
Comment
Question by:hiteshspatel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 10

Expert Comment

by:ALaRiva
ID: 34912051
The IN cannot refer to a parameter.

Basically, what your code is seeing is that it's looking for that value in ONE LONG STRING, versus looking for that value in multiple values list.

The general way to get around this is by concatenating the SQL Command.

So something like this...
string strCmd = "select * from visitors where visitortype in (" + varValues + ")";

Where varValues is the string of values you want to use.  You'll have to go around the parameter method, and just take whatever you planned on putting into the parameter, and put it into a variable that you can concatenate with the SQL Statement.

hth

- Anthony
0
 
LVL 9

Expert Comment

by:rawinnlnx9
ID: 34912064
I think you want to use the Contains() function.

Select * From Table1
   Where Contains('lname', 'smi*')
0
 
LVL 10

Expert Comment

by:himanshut
ID: 34912172
Well the best way would be,

Iterate through the table rows and call the stored proc just before the for loop ends, and give the parameter as (assuming @ID is the paramater you want to use with IN), where id= @ID

roughly it should look like
for(....)
{
// code
call stored proc...
where Id = @ID
}
so that each time your for loop executes it will filter the query more efficiently


Hope that helps,
Cheers!
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 13

Expert Comment

by:Rahul Agarwal
ID: 34913315
try this statement :

OleDbConnection con = new OleDbConnection("-----connection string-----");
            string strCmd = "select * from visitors where visitortype in (@test)";
            OleDbCommand cmd = new OleDbCommand(strCmd, con);
            cmd.Parameters.Add("@test", OleDbType.VarChar);
            cmd.Parameters["@test"].Value = "'abc','pqr'";

            OleDbDataAdapter adp = new OleDbDataAdapter(cmd);
            DataSet ds = new DataSet();
            con.Open();
            adp.Fill(ds);
            con.Close();

            Response.Write(ds.Tables[0].Rows.Count.ToString());
0
 
LVL 9

Expert Comment

by:rawinnlnx9
ID: 34913355
Oops I way misunderstood this question. Sorry for my way-off comment.
0
 

Author Comment

by:hiteshspatel
ID: 34915879
@alariva,

I do not want use direct SQL statement. because some one may insert value with single quote like "John 's car". In this case, sql statement will be broken.


@agarwalrahul,

I am using Oledb provider so I cannot use "@" sign in parameter.
0
 

Accepted Solution

by:
hiteshspatel earned 0 total points
ID: 34930048
Hi All,
Thanks for your input.
I solved my problem in following way:

I converted query "select * from visitors where visitortype in ('abc','pqr')" into
 "select * from visitors where (visitortype = 'abc' or visitortype = 'pqr') and then used parameters.
My query is totally dynamic, the number of columns are decided as per end-user's configuration. So I could not use any other option.


0
 

Author Closing Comment

by:hiteshspatel
ID: 34959254
I really appreciate the input from experts. But I solved my problem the way I mentioned.

Thanks,
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
Exception Handling is in the core of any application that is able to dignify its name. In this article, I'll guide you through the process of writing a DRY (Don't Repeat Yourself) Exception Handling mechanism, using Aspect Oriented Programming.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question