Solved

parameters  in  query which uses "IN" keyword

Posted on 2011-02-16
8
286 Views
Last Modified: 2012-05-11
Hi All,
I know how to use parameterized query. But I am not sure how can I implement parameterized query in query like " select * from visitors where visitortype in ('abc','pqr')"

the following code does not give any error but it is not giving desired result either. In sql query analyser, I tested same query and it returns few rows, but in application it returns 0 rows.

How can I use parameters in query which uses "IN" keyword

  OleDbConnection con = new OleDbConnection("-----connection string-----");
            string strCmd = "select * from visitors where visitortype in (?)";
            OleDbCommand cmd = new OleDbCommand(strCmd, con);
            cmd.Parameters.Add("test", OleDbType.VarChar);
            cmd.Parameters["test"].Value = "'abc','pqr'";
            OleDbDataAdapter adp = new OleDbDataAdapter(cmd);
            DataSet ds = new DataSet();
            con.Open();
            adp.Fill(ds);
            con.Close();

            Response.Write(ds.Tables[0].Rows.Count.ToString());
0
Comment
Question by:hiteshspatel
8 Comments
 
LVL 10

Expert Comment

by:ALaRiva
ID: 34912051
The IN cannot refer to a parameter.

Basically, what your code is seeing is that it's looking for that value in ONE LONG STRING, versus looking for that value in multiple values list.

The general way to get around this is by concatenating the SQL Command.

So something like this...
string strCmd = "select * from visitors where visitortype in (" + varValues + ")";

Where varValues is the string of values you want to use.  You'll have to go around the parameter method, and just take whatever you planned on putting into the parameter, and put it into a variable that you can concatenate with the SQL Statement.

hth

- Anthony
0
 
LVL 9

Expert Comment

by:rawinnlnx9
ID: 34912064
I think you want to use the Contains() function.

Select * From Table1
   Where Contains('lname', 'smi*')
0
 
LVL 10

Expert Comment

by:himanshut
ID: 34912172
Well the best way would be,

Iterate through the table rows and call the stored proc just before the for loop ends, and give the parameter as (assuming @ID is the paramater you want to use with IN), where id= @ID

roughly it should look like
for(....)
{
// code
call stored proc...
where Id = @ID
}
so that each time your for loop executes it will filter the query more efficiently


Hope that helps,
Cheers!
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
LVL 13

Expert Comment

by:agarwalrahul
ID: 34913315
try this statement :

OleDbConnection con = new OleDbConnection("-----connection string-----");
            string strCmd = "select * from visitors where visitortype in (@test)";
            OleDbCommand cmd = new OleDbCommand(strCmd, con);
            cmd.Parameters.Add("@test", OleDbType.VarChar);
            cmd.Parameters["@test"].Value = "'abc','pqr'";

            OleDbDataAdapter adp = new OleDbDataAdapter(cmd);
            DataSet ds = new DataSet();
            con.Open();
            adp.Fill(ds);
            con.Close();

            Response.Write(ds.Tables[0].Rows.Count.ToString());
0
 
LVL 9

Expert Comment

by:rawinnlnx9
ID: 34913355
Oops I way misunderstood this question. Sorry for my way-off comment.
0
 

Author Comment

by:hiteshspatel
ID: 34915879
@alariva,

I do not want use direct SQL statement. because some one may insert value with single quote like "John 's car". In this case, sql statement will be broken.


@agarwalrahul,

I am using Oledb provider so I cannot use "@" sign in parameter.
0
 

Accepted Solution

by:
hiteshspatel earned 0 total points
ID: 34930048
Hi All,
Thanks for your input.
I solved my problem in following way:

I converted query "select * from visitors where visitortype in ('abc','pqr')" into
 "select * from visitors where (visitortype = 'abc' or visitortype = 'pqr') and then used parameters.
My query is totally dynamic, the number of columns are decided as per end-user's configuration. So I could not use any other option.


0
 

Author Closing Comment

by:hiteshspatel
ID: 34959254
I really appreciate the input from experts. But I solved my problem the way I mentioned.

Thanks,
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We all know that functional code is the leg that any good program stands on when it comes right down to it, however, if your program lacks a good user interface your product may not have the appeal needed to keep your customers happy. This issue can…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question