For starters, when you quote your parameter reference in your SQL CommandText (e.g. ...[fullreport] = '@word'
...) you are actually just using the literal value '@word'
. It is not being interpreted as a parameterized query. To do that you would just use ...[fullreport] = @word
...)
Secondly, I do not -think- you can assign multiple parameters with the same parameter name as you are doing in the loop. Each parameter you add should have a unique name.