I need to do a like search, in my SQL Server database. BUT, how

Question

Asked: May 25, 20262026-05-25T11:05:48+00:00 2026-05-25T11:05:48+00:00

I need to do a like search, in my SQL Server database. BUT, how do I do this, while still using parameters for my search value?

I am not talking about encapsulating in %‘s. I need to be able to add a % in the middle of the search word.

WHERE title LIKE '%foo%bar%'

as an example, but with params.

Edit:
To elaborate on the params:
I am using MS SQL 2008, and C#, so it would be:

WHERE title LIKE '@SearchParam'

and @SearchParam would then be set to "%foo%bar%".

I hope that makes sense?

You must login to add an answer.

Need An Account,

Editorial Team · Answer 1 · 2026-05-25T11:05:49+00:00

Editorial Team

This works fine

create proc dbo.lookupWild(@LIKEclause VARCHAR(20))
as
begin
    select * from teams where Name like @LIKEclause
end
go
exec lookupWild 'E%G%'

And things like ‘1=1 — drop table’ are not SQL injected, they are just part of the wildcard search

The Archive Base Latest Questions