SQLite Injection Not Work with Anonymous Type With Dapper

I’m Using Winform in UI, SQLite As Database And Dapper

I want to use Sql Injection But It’s not working properly

I Try This :

dataGridView1.DataSource = provider.Query<Person>($"SELECT * FROM[Person] WHERE IsActive = 1 AND Name LIKE '%@TEXT%'" , new { TEXT = filter });

But After Debugging, Query Is :

"SELECT * FROM[Person] WHERE IsActive = 1 AND Name LIKE '%@TEXT%'"

It’s Not Asyn To My Parameter….

and Also I Tried SqliteCommand.AddWithValue() , It’s Not Working Too.

You need to sign in to view this answers