asp.net - SQL statement error Incorrect syntax near the keyword 'WHERE' -

i getting error when call , sql statement:

incorrect syntax near keyword 'where'

what doing wrong?

public static dscustomer retrievemultiplecustomers(int custid = 0, string custlast = null, string custphone = null, string custemail = null) {     dscustomer ds;     oledbconnection connection = connection();     oledbdataadapter sqlda;     bool blnsubselect = false;     string strsubselect = "select * customer";     if (custid != 0)     {         strsubselect = strsubselect + " custid = " + custid;         blnsubselect = true;     }     else     {         if (custlast != null)         {             strsubselect = strsubselect + " custlast ='" + custlast + "'";             blnsubselect = true;         }         if (custphone !=null && custemail==null && custlast==null)         {             strsubselect = strsubselect + " custphone ='" + custphone + "'";         }          if (custemail != null && custphone == null && custlast ==null)         {             strsubselect = strsubselect + " custemail = '" + custemail + "'";         }          if (custlast != null && custphone != null && custemail ==null)         {             strsubselect = strsubselect + " custlast ='"+custlast+"' , custphone ='"+custphone+"'";         }     } } 

you can use "and" add these sql way：

    public static dscustomer retrievemultiplecustomers(int custid = 0, string custlast = null, string custphone = null, string custemail = null)     {         dscustomer ds;         oledbconnection connection = connection();         oledbdataadapter sqlda;         bool blnsubselect = false;         string strsubselect = "select * customer 1=1 ";         if (custid != 0)         {             strsubselect = strsubselect + " , custid = " + custid;             blnsubselect = true;         }         else         {             if (custlast != null)             {                 strsubselect = strsubselect + " , custlast ='" + custlast + "'";                 blnsubselect = true;             }             if (custphone != null && custemail == null && custlast == null)             {                 strsubselect = strsubselect + " , custphone ='" + custphone + "'";             }              if (custemail != null && custphone == null && custlast == null)             {                 strsubselect = strsubselect + " , custemail = '" + custemail + "'";             }              if (custlast != null && custphone != null && custemail == null)             {                 strsubselect = strsubselect + " , custlast ='" + custlast + "' , custphone ='" + custphone + "'";             }          }     }