You should make your query parameterized in order to make it proper SQL Store Procedure.
The SQL logic will be the same however you will be passing @variables(parameters) form your code to SQL.
Probably you should check this guidelines here, It will help you overall further for creating complex dynamic inline queries to sql store procedures.
Optimize-stored-procedures[
^]
Hope this will help you.