If you're using .NET, try
Dapper[
^]:
using (var connection = new SqlConnection("..."))
{
var results = connection.Query<Employee>("SELECT * FROM Employee WHERE Emp_Name In @Names", new
{
Names = new List<string> { "One", "Two", "Three" }
});
}
List Support[
^]
If you can't use Dapper, you'll have to add each item as a separate parameter:
using (var connection = new SqlConnection("..."))
using (var command = new SqlCommand(string.Empty, connection))
{
var sb = new StringBuilder();
sb.Append("SELECT * FROM Employee WHERE Emp_Name In (");
for (int index = 0; index < list.Count; index++)
{
if (index != 0) sb.Append(", ");
string parameterName = "@Name" + index;
command.Parameters.AddWithValue(parameterName, list[index]);
sb.Append(parameterName);
}
sb.Append(')');
command.CommandText = sb.ToString();
...
}