Can someone please tell me what is wrong with the following sql query that im trying to execute?

Aaron soggi 246 Reputation points
2021-03-24T23:23:01.12+00:00 
 string query = "SELECT e.employeeId, e.firstName, e.lastName, e.position, e.contactNumber, el.email, el.password FROM employee e JOIN employeeLogin el ON e.employeeId = el.employeeId Where e.firstName LIKE @searchName% OR e.lastName LIKE @searchName% ";
            cmd = new SqlCommand(query, _IsqlDataFunctions.GetConnection());
            cmd.Parameters.AddWithValue("@searchName", txtAdminSearchName.Text);

I'm getting the error - "Incorrect syntax near the keyword OR"

i tried putting apostrophes around '@searchName%' but that returned nothing

Windows Forms
Windows Forms
A set of .NET Framework managed libraries for developing graphical user interfaces.
1,841 questions
SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
12,820 questions
C#
C#
An object-oriented and type-safe programming language that has its roots in the C family of languages and includes support for component-oriented programming.
10,319 questions
0 comments
Accepted answer
  1. Timon Yang-MSFT 9,576 Reputation points
    2021-03-25T01:37:21.323+00:00

    Try something like this: 

      "select * from scoretable where name like @name + '%'"

    Add a single quotation mark for the % sign, and add a + sign in front of it.

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Karen Payne MVP 35,196 Reputation points
    2021-03-25T11:58:43.017+00:00

    Replying in an answer as this is too long for using a comment

    Visual Studio does not link to SSMS, instead as mentioned already, write the SQL in SSMS and copy it to your code. For instance this method using this property for it's SQL copied from SSMS. The code was done with .NET Core 5, C#9 but with minor changes will work with older frameworks. What is important is how the SQL was written and copied to code. you can also place the SQL in a file e.g. someFile.sql or someFile.txt then use File.ReadAllText and assign to the CommandText of the Command object.

    Any ways, the code above mentioned is called inside a form here.

    See also

    Microsoft TechNet article I wrote for this topic Writing SQL for your application Part 1 and note in the article I also discuss writing unit test as an added pre-caution which test the SQL and the code using the SQL.

    1 person found this answer helpful.
    0 comments
  2. Karen Payne MVP 35,196 Reputation points
    2021-03-25T02:44:44.9+00:00

    A tip for writing SQL, write your statements in SSMS (SQL-Server Management Studio), most of what's shown below is mouse clicking using design query in editor 

    --- These become parameters in code  
DECLARE @FirstName NVARCHAR(MAX)= 'm%';  
DECLARE @LastName NVARCHAR(MAX)= 's%';  
  
SELECT E.EmployeeID,   
       E.LastName,   
       E.FirstName,   
       E.Address AS Street,   
       E.City,   
       E.PostalCode,   
       C.Name AS Country  
FROM Employees AS E  
     INNER JOIN Countries AS C ON E.CountryIdentifier = C.CountryIdentifier  
WHERE E.LastName LIKE @LastName OR E.FirstName LIKE @FirstName;

    Never write queries in code, write them in SSMS then paste into a string variable