Is there a way to use a LIKE statement using an ODBC connection in .net? I have tried everything I could think of, yet I always get a SQL exception.
SELECT field FROM table WHERE fieldName LIKE '%SOME_STRING%';
string sql = "SELECT field FROM table WHERE fieldName like '%?%';
I'm using Sybase SQL Anywhere 11.
You can use the LIKE statement as long as the database you're connecting to supports it. Whether you use ODBC or not shouldn't have anything to do with it.
One gotcha to watch out for is that different databases use different wildcards, and different syntax. (For example, MS Access uses the "*" as the wildcard, while SQL Server uses "%").
http://office.microsoft.com/en-us/access-help/like-operator-HP001032253.aspx
http://msdn.microsoft.com/en-us/library/ms179859.aspx
At any rate, look at the documentation for the database you're connecting to to see if it supports the LIKE statement, and the proper syntax.
or take a look at the answers here: Parameterized Queries with LIKE and IN conditions
Edit
I see you're trying to use an input parameter as part of the LIKE clause. I can't find documentaiton on this specific to Sybase, but even in the SQL Server side we need to (unfortunately) contencate the string in this case. I realize that this is bad from a SQL injection point of view, but I don't believe there is a way around it, so you'lll have to fall back on sanitizing/escaping the string.
Here's a post onn doing it in SQL Server. Hopefully this can translate into something that will work with Sybase ASA. http://palisade.plynt.com/issues/2006Jun/injection-stored-procedures/
As a last resort, you can use this:
string sql = "SELECT field FROM table WHERE fieldName like '%" + SOMESTRING.Replace("'", "''") + "%';