There are a couple of ways of doing this. As you are already passing in the parameter as a comma-separated list ('42,40') then you can use Dynamic SQL e.g.
DECLARE @EmpIDtte AS varchar(50)
SET @EmpIDtte = '42,40'
DECLARE @sql nvarchar(max)
SET @sql = 'select * from MulitSearch_Portal '
IF @EmpIDtte IS NOT NULL
SET @sql = @sql + 'WHERE LegalTypeID IN (' + @EmpIDtte + ')'
EXEC sp_sqlexec @sql
Alternatively you could pass the IDs required in a table variable e.g.
CREATE TYPE [dbo].[ItemList] AS TABLE(
[ItemID] [int] NOT NULL
)
go
DECLARE @ids ItemList
INSERT INTO @ids (ItemID) VALUES (42), (40)
select * from MulitSearch_Portal where LegalTypeID in (SELECT ItemID FROM @ids)
More information -
Table Value Parameters in SQL Server 2008 and .NET (C#)[
^]
[EDIT - Option 1 with additional parameters]
DECLARE @sql nvarchar(max)
SET @sql = 'select * from MulitSearch_Portal'
IF @EmpIDtte IS NOT NULL
SET @sql = @sql + ' WHERE LegalTypeID IN (' + @EmpIDtte + ')'
IF @CompanyCategoryID IS NOT NULL
SET @sql = @sql + CASE WHEN @EmpIDtte IS NULL THEN ' WHERE ' ELSE ' and ' END + ' CompanyCategoryID IN (' + @CompanyCategoryID + ')'