How to use LIKE in a t-sql dynamic statement in a stored procedure?

The % characters have to be in the search string…

SET @search = '%' + @search + '%'
SET @SQLQuery = 'SELECT * FROM [tblApps] WHERE [firstName] LIKE @search'

Note that the following would also work, but introduces potential for a SQL injection vulnerability…

-- DON'T do this!
SET @SQLQuery = 'SELECT * FROM [tblApps] WHERE [firstName] LIKE ''%' + @search + '%'''

How to pass query parameter and class attribute to Html.BeginForm in MVC?

@using (Html.BeginForm(“action”, “controller”, new { ReturnUrl=”myurl” }, FormMethod.Post, new { @class = “auth-form” })) { … }

@using (Html.BeginForm(“ActionName”, “ControllerName”, new { Id = Model.Id }, FormMethod.Post, new { enctype = “multipart/form-data” }))