7

I'm working on some SQL code.

I'm familiar with the syntax

SELECT * FROM myTable WHERE myColumn in ('1','2','3');

Suppose I'm writing some C# code where I want to use a C# array where I used ('1','2','3'). How do I do that?

Improve this question
2
  • 3
    Are you using LINQ to SQL? If not, what are you using for data access? Commented Dec 9, 2010 at 0:56
  • Is myColumn string or integer data? If integer, you should use tsql : myColumn in (1,2,3) Commented Dec 9, 2010 at 1:01

4 Answers 4

Reset to default
12

You can build your SQL string dynamically.

If you know that the data in the array is good (not supplied by the user), you can just do a string.Join.

var sql = string.Format("SELECT * FROM myTable WHERE myColumn in ({0})", string.Join(", ", myArray));

If you don't know that it is sanitized data, then you should use a Command with parameters.

var myArray = new string[] { "1", "2", "3" };
//var sql = string.Format("SELECT * FROM myTable WHERE myColumn in ({0})", string.Join(", ", myArray));

var cmd = new System.Data.SqlClient.SqlCommand();
var sql = new System.Text.StringBuilder();
sql.Append("SELECT * FROM myTable WHERE myColumn in (");
for (var i = 0; i < myArray.Length; i++)
{
    cmd.Parameters.Add("@" + i, myArray[i]);
    if (i > 0) sql.Append(", ");
    sql.Append("@" + i);
}
sql.Append(")");
cmd.CommandText = sql.ToString();
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Check the following answer for an extension method that is a bit nicer to use than this answer. stackoverflow.com/questions/2377506/…
2

SQL doesn't support using a single variable for a comma separated list of values via the IN clause, so that means your C# code has to convert the array into that comma separated list. That list is then concatenated into the query before the query is executed.

Otherwise, you need to look at using the databases' native dynamic SQL syntax - but that still means you have to get the C# array into SQL to be manipulated...

Improve this answer

Comments

0

I would go through a for loop and format it the way you want. For example suppose you have an array with: 6,3,abc. Use a for loop to add it to a general string so the outcome is: (6,3,abc); Not to hard, and then just insert that into the statement.

Improve this answer

Comments

-1

You simply need to do a string.Join to create the array into a string which you can pass as a parameter to the query.

For example:

var values = new string[] { "1", "2", "3" };
var parameterString = string.Join(",", values);

var sql = "SELECT * FROM myTable WHERE myColumn in (@param)";

var cmd = new SqlCommand(sql, connectionstring);
cmd.Parameters.AddWithValue("@param", parameterString);
var reader = cmd.ExecuteReader();
Improve this answer

1 Comment

Yes Donnie, you are correct with the mainstream sql engines - I am used to querying an Infomix SE database over an ODBC connection, of which this syntax is accepted.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.