Click here to Skip to main content
14,983,982 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
The below i is my query
SQL
SELECT * FROM Products
WHERE Price BETWEEN 10 AND 20;


I have tried with below
C#
string query = SELECT * FROM Products
WHERE Price BETWEEN @fromNum AND @toNum;";

cmd.Parameters.Add("@fromNum" fromNumber);
cmd.Parameters.Add("@toNum" toNumber);
getting missing expression.

What I have tried:

I have tried with below
C#
string query ="SELECT * FROM Products
WHERE Price BETWEEN @fromNum AND @toNum;";

cmd.Parameters.Add("@fromNum" fromNumber);
cmd.Parameters.Add("@toNum" toNumber);
getting missing expression.
Posted
Updated 19-Jun-20 6:41am
v2
Comments
MadMyche 19-Jun-20 10:54am
   
Can you post the actual Exception you received?

I don't have Oracle - for which I'm pretty glad, if I'm honest - but with SQL Server, I'd suspect the problem is that you aren't using the query string - you don;t show in your code that the cmd object is connected to the query object, just that the parameter values are set.

No query in Oracle would seem to generate a "missing expression" error: ORA-00936: missing expression | TekStream[^] so I'd start there.
   
Comments
DGKumar 21-Jun-20 13:51pm
   
Please correct me something which is wrong in the below query
SELECT *
FROM tab1
WHERE timestamps BETWEEN TO_DATE ('2015-05-06T15:39:00', 'YYYY-MM-DD"T"HH24:MI:SS') AND TO_DATE('2015-04-06T15:39:00', 'YYYY-MM-DD"T"HH24:MI:SS');
How to add parameterised query for the above command
string query ="SELECT * FROM Products
WHERE Price BETWEEN :fromDate AND :toDate;";

cmd.Parameters.Add(":fromDate" fromDate);
cmd.Parameters.Add(":toDate" toDate);
Use AddWithValue and make sure to stipulate an int type, and also ensure fromNumber and toNumber are ints. If not use int.TryParse to convert them to ints. Those things will prevent SQL injection.
   
Comments
DGKumar 21-Jun-20 13:51pm
   
Please correct me something which is wrong in the below query
SELECT *
FROM tab1
WHERE timestamps BETWEEN TO_DATE ('2015-05-06T15:39:00', 'YYYY-MM-DD"T"HH24:MI:SS') AND TO_DATE('2015-04-06T15:39:00', 'YYYY-MM-DD"T"HH24:MI:SS');
How to add parameterised query for the above command
string query ="SELECT * FROM Products
WHERE Price BETWEEN :fromDate AND :toDate;";

cmd.Parameters.Add(":fromDate" fromDate);
cmd.Parameters.Add(":toDate" toDate);

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900