DELETE FROM tblArtworkApprovalUsers WHERE (userID NOT IN (@UserIDList)) AND (approvalID = (SELECT ID FROM

Question

0

Asked: May 20, 20262026-05-20T12:51:52+00:00 2026-05-20T12:51:52+00:00

DELETE FROM tblArtworkApprovalUsers WHERE (userID NOT IN (@UserIDList)) AND (approvalID = (SELECT ID FROM

0

DELETE FROM tblArtworkApprovalUsers
WHERE     (userID NOT IN (@UserIDList)) AND (approvalID =
                          (SELECT     ID
                            FROM          tblArtworkApprovals
                            WHERE      (templateID = @TemplateID)))

This is in my table adapter. @UserIDList needs to accept something like:

2,44,12,70

How can I make this query accept that string?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-20T12:51:52+00:00

NOT IN <expr> requires an expression and not a string. So if you are passing the parameter and not constructing the SQL dynamically this cannot be done.

Alternative is to create the SQL dynamically (while being aware of SQL Injection):

string commad = @"DELETE FROM tblArtworkApprovalUsers " +
             "WHERE (userID NOT IN ({0})) AND (approvalID ="+
                          "(SELECT     ID " +
                            "FROM          tblArtworkApprovals " +
                            "WHERE      (templateID = {1})))";

command = string.Format(command, userIDList, templateID);

UPDATE

Craig pointed to a better solution here which does not provide much better performance (since parameters are variable and query plan does not get cached unless it is exactly the same) but help with SQL injection attack:
Parameterize an SQL IN clause

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

DELETE FROM tblArtworkApprovalUsers WHERE (userID NOT IN (@UserIDList)) AND (approvalID = (SELECT ID FROM

Leave an answerCancel reply

1 Answer

UPDATE

Leave an answer
Cancel reply