Ok, assuming this grid view:
Ok, now we assume that some city will be passed - but as noted , we want "Like with %
Our code could look like this:
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
LoadGrid(Request.QueryString["City"]);
}
}
void LoadGrid(string strCity = "")
{
using (SqlCommand cmdSQL = new SqlCommand("SELECT * FROM tblHotels",
new SqlConnection(Properties.Settings.Default.TEST3)))
{
if ((strCity != "") & (strCity != null))
{
cmdSQL.CommandText += " WHERE City Like @City + '%' ";
cmdSQL.Parameters.Add("@City", SqlDbType.NVarChar).Value = strCity;
}
cmdSQL.Connection.Open();
GridView1.DataSource = cmdSQL.ExecuteReader();
GridView1.DataBind();
}
}
and our output would now be say for passing Jasp this:
So, I not only in above show how you use Like, but I also made it optional, so if nothing is passed, then all records show.
but, the meat and potatoes part is the like - you have to add it to the sql as a + '%'
But, we still have sql injection protection here - since we don't ever concatenate the passed value.
Regards,
Albert D. Kallal (Access MVP 2003-2017)
Edmonton, Alberta Canada