The following parameterized code does not return any rows though the concatenated query works.
string middleOfString = "'," + serviceCode.ToString() + ",'";
string startOfString = "'[" + serviceCode.ToString() + ",'";
string endOfString = "'," + serviceCode.ToString() + "]'";
string queryString = "SELECT * FROM associationrules2 ";
queryString += "WHERE locate( @middleOfString, ItemsInInvoice)>0 AND Confidence >= @confidenceThreshold ";
queryString += "UNION ";
queryString += "SELECT * FROM associationrules2 ";
queryString += "WHERE locate( @startOfString, ItemsInInvoice)>0 AND Confidence >= @confidenceThreshold ";
queryString += "UNION ";
queryString += "SELECT * FROM associationrules2 ";
queryString += "WHERE locate( @endOfString, ItemsInInvoice)>0 AND Confidence >= @confidenceThreshold ";
This is the command instance
var cmd = new MySqlCommand(queryString, conn) {CommandType = CommandType.Text};
var param = new MySqlParameter
{
ParameterName = "@middleOfString",
Value = middleOfString
};
cmd.Parameters.Add(param);
param = new MySqlParameter
{
ParameterName = "@startOfString",
Value = startOfString
};
cmd.Parameters.Add(param);
param = new MySqlParameter
{
ParameterName = "@endOfString",
Value = endOfString
};
cmd.Parameters.Add(param);
param = new MySqlParameter
{
ParameterName = "@confidenceThreshold",
Value = confidenceThreshold
};
cmd.Parameters.Add(param);
This version works
string queryString = "SELECT * FROM associationrules2 ";
queryString +="WHERE locate(" + middleOfString + ",ItemsInInvoice)>0 AND Confidence >=" + confidenceThreshold + " ";
queryString +="UNION ";
queryString +="SELECT * FROM associationrules2 ";
queryString += "WHERE locate(" + startOfString + ",ItemsInInvoice)>0 AND Confidence >=" + confidenceThreshold + " ";
queryString +="UNION ";
queryString +="SELECT * FROM associationrules2 ";
queryString += "WHERE locate(" + endOfString + ",ItemsInInvoice)>0 AND Confidence >=" + confidenceThreshold ;
