Trying to get the memberid from table

I am trying to get the memberid from database according to text entered in the textbox like this way

开发者_如何学CString sql =@" SELECT member_Id FROM members where (member_Firstname,'',member_Lastname) ="+tbMemberName.Text;

How can this be done?

Try this:

String sql =@" SELECT member_Id FROM members where CONCAT(member_Firstname,'',member_Lastname) = '"+tbMemberName.Text+"'";

Also, this is vulnerable to sql injection.

Due to security and performance reasons, I would personally split the members's name in first/ last before compiling the query. Now, I'm not familiar with the language you use to call this query, but I'll formulate something that will hopefully make sense, regardless of it's stupidity:

String sql =@" SELECT member_Id FROM members WHERE member_Lastname = "+safely_escaped(tbMembername.Last.Text)+" AND member_Firstname = "+safely_escaped(tbMembername.First.Text)+"

This will allow for a more precise analysis of the names before inserting it into the query and it will allow you to use an index (which is not possible with any of the previously shown examples). Just to be clear, the index, most efficiently in this case, would be INDEX (member_Lastname, member_Firstname).

If that's C# that you're writing, as you've commented, you'll want to start using parameters to avoid SQL injection.

string getMember= @"SELECT member_Id FROM members 
                    WHERE member_Firstname like @userText
                    OR    member_Lastname like  @userText;";

MySqlCommand m = new MySqlCommand(getMember);
m.Parameters.AddWithValue("@userText", tbMemberName.Text + "%");

var reader = m.ExecuteReader();