views:

45

answers:

1

As part of an effort to stop using dynamic SQL generation and encourage use of bind variables, I am running into some problems.

I am querying an Oracle 9i database from an ASP.NET page using Oracle Data Providers for .NET

The query is

sql = "SELECT somedata FROM sometable WHERE machine = :machineName ";

I define the Oracle Parameter as follows

OracleParameter parameter = new OracleParameter();
parameter.ParameterName = "machineName";
parameter.OracleDbType = OracleDbType.Varchar2;
parameter.Value = machine; //machine is a variable of type string
parameterList.Add(parameter);

This works fine for "=" operator. But I just can't seem to get it to work with "LIKE". I don't know how to format the query so that it accepts usage of the "%" wildcard.

I have tried:

sql = "SELECT somedata FROM sometable WHERE machine LIKE :machineName% ";
sql = "SELECT somedata FROM sometable WHERE machine LIKE ':machineName%' ";
sql = "SELECT somedata FROM sometable WHERE machine LIKE :machineName||% ";

and also:

parameter.Value = machine+'%';

but all I get are ORA-00911 (illegal character) and ORA-01036 (illegal name/value) exceptions.

What am I doing wrong?

+3  A: 

Try:

sql = "SELECT somedata FROM sometable WHERE machine LIKE :machineName || '%' ";

Because of the BIND variable, there wouldn't need to be single quotes around it. But the % is not, so I would expect it needing to be encapsulated.

OMG Ponies
You, sir, are correct. That was indeed the last option, the one I missed. Thank you!
PJ