I'm attempting to build a query from within a method that takes the text
entered by a user and removes the spaces. The spaces are replaced by + '%' +
. This is for use in a SQL Server Database and it worked fine in classic ASP
where I built it with VBScript and passed the query as one string.
Now using the SQLClient on ASP.NET, it is taking the single quotes and
replacing them with two single quotes, my guess is that it thinks the single
quote is part of the string.
So if the user types in (search text),
I want the where clause to be:
WHERE ProductNumber LIKE '%' + search + '%' + text +'%'
But what I'm getting is:
WHERE ProductNumber LIKE ' '%' ' + search + ' '%' ' + text + ' '%' '
The query is in a stored procedure, so in the above example, I'm passing (or
attempting to rather) '%' + search + '%' + text + '%' to an input parameter.
It seems not to do this when I query directly by passing an entire SQL
String from ASP.NET. It's just when passing these parameters to a stored
And of course this returns no results. How can I prevent this from
Thanks in advance.