<div>
Perfect. Thank you and thanks for the heads up on the sql injection.
</div>


Perfect. Thank you and thanks for the heads up on the sql injection.

<div>
<div class="content wysiwyg-content">
I have this C# statement:<br />

<pre><code id="code-10-29074773-1">BuildSql.AppendFormat(&quot;(UPPER(Field1) like '%{0}%' or UPPER(Field2) like '%{0}%' or UPPER(Field3) like '%{0}%')&quot;)</code></pre>
I want to replace the {0} with a string variable passed in. What is the proper syntax for that? Thanks.
</div>
</div>


I have this C# statement:
(CODE)
I want to replace the {0} with a string variable passed in. What is the proper syntax for that? Thanks.

What is the proper syntax when trying to insert a variable into a stringbuilder statement

The successor to Active Server Pages, ASP.NET websites utilize the .NET framework to produce dynamic, data and content-driven web applications and services. ASP.NET code can be written using any .NET supported language. As of 2009, ASP.NET can also apply the Model-View-Controller (MVC) pattern to web applications

ASP.NET

C# is an object-oriented programming language created in conjunction with Microsoft’s .NET framework. Compilation is usually done into the Microsoft Intermediate Language (MSIL), which is then JIT-compiled to native code (and cached) during execution in the Common Language Runtime (CLR).