c# asp.net check if column in database contains string

Question

In my database, the column is stored as 'Here is jurong', I want to read out the database row if the column contains the word jurong. I tried using like but it cant work

Here is the code, please help

cmd = new SqlCommand("Select * from Thread WHERE (Delete_Status='No') AND (Thread_Location = '" + searchTB.Text + "' OR Thread_Title = '" + searchTB.Text + "' OR Thread_Description LIKE '%' + @Thread_Description + '%') ORDER BY ThreadID DESC ", con);
                cmd.Parameters.Add("@Thread_Description", SqlDbType.VarChar).Value = searchTB.Text;

SqlDataAdapter da = new SqlDataAdapter(cmd);
            DataSet ds = new DataSet();
            da.Fill(ds);
            reptater.DataSource = ds;
            reptater.DataBind();

question from:https://stackoverflow.com/questions/66056623/c-sharp-asp-net-check-if-column-in-database-contains-string

Answer 1

Does that SQL statement return rows when you run it in the database? Also, I'd be careful of SQL injection attacks when passing values not through parameters.

Should your 'reptater' bind to a DataTable rather than a DataSet?

cmd = new SqlCommand("SELECT * FROM Thread WHERE (Delete_Status='No') AND (Thread_Location = @SearchTxt OR Thread_Title = @SearchTxt OR Thread_Description LIKE '%' + @SearchTxt + '%') ORDER BY ThreadID DESC ", con);

cmd.Parameters.Add("@SearchTxt", SqlDbType.VarChar);
cmd.Parameters["@SearchTxt"].Value = searchTB.Text;

SqlDataAdapter da = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
da.Fill(ds);
reptater.DataSource = ds; //ds.Tables[0]; ?
reptater.DataBind();