SQL statement not filtering rows
Question
The following code passes this row. The last column is named toscode . I am trying to weed out rows whose toscolumn contains "W1" anywhere in the name. No columns are set up as an index. Doesn't work.
I read that the $ (escape) in front of W1 is to prevent SQL injection. Not sure what the % do, but it might have to do with indexes which is maybe why it doesn't work.
| SPX | 0 | 8.3 | 8.7 | 2017-03-24 | 0 | 30 | PUT | 2400 | SPXW170324C02400000 | .SPXW1703242400 |
MySqlCommand cmd = conn.CreateCommand();
cmd.Parameters.AddWithValue("@symbol", symbol);
cmd.CommandText = @"select *
from contractdetails
where symbol = @symbol
&& toscode NOT LIKE '%$W1%'
&& Type = 'PUT'
&& oBid > .09
&& not ITM
&& Days > 10
&& Days < 120
order by Days asc";
1 answers
solution1
2 2017-02-22 23:44:57
your LIKE clause should be:
toscode NOT LIKE '%W1%'
remove the '$' -it doesnt belong or have any meaning in a LIKE clause. You would only have to worry about SQL injection if it was user provided input, which in your example is not the case.
the '%' character is a wildcard, so anything could be before or after 'W1' in your search
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.