ExecuteSqlInterpolated[
^] expects the parameter to be a
FormattableString[
^].
Unfortunately, using
var
with an interpolated string creates a
string
variable instead. The parameter values will be injected directly into the resulting string, and you would leave yourself open to SQL Injection. Thankfully, you get a compiler error instead:
cannot convert from 'string' to 'System.FormattableString'
.
You'll also need to remove the single quotes from around the
{itemNo}
placeholder. EF will use a properly parameterized query, so this placeholder will be replaced with the parameter name. You don't need the quotes when you're using parameters.
You can either declare the variable type explicitly:
FormattableString myCommand = $"select MD.size from tbl_Stock_Master_data MD inner join tbl_StockGroupMaster on StkGrpID = ItemGroupID LEFT JOIN tbl_StockSizeOrdering O ON MD.SIZE = O.Size where itemno = {itemNo}";
var size = motherLoadContext.Database.ExecuteSqlInterpolated(myCommand);
or inline the query variable:
var size = motherLoadContext.Database.ExecuteSqlInterpolated($"select MD.size from tbl_Stock_Master_data MD inner join tbl_StockGroupMaster on StkGrpID = ItemGroupID LEFT JOIN tbl_StockSizeOrdering O ON MD.SIZE = O.Size where itemno = {itemNo}");