Insert and update data to database using sqlcommand with parameters in asp.net
public SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["SLMFConnection"].ToString());
public string conStr = ConfigurationManager.ConnectionStrings["SLMFConnection"].ToString();
SqlCommand cmd;
try
{
if (con.State == ConnectionState.Closed)
{
con.Open();
}
cmd = new SqlCommand("select * from [inner] where country='"+ddcountry.SelectedValue+"' and page='"+ddname.SelectedValue+"'", con);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
dr.Close();
cmd = new SqlCommand("update [inner] set lblp1=@lblp1 where country=@country and page=@page", con);
cmd.Parameters.Add("@page", SqlDbType.VarChar, 50).Value = ddname.SelectedValue;
cmd.Parameters.Add("@lblp1", SqlDbType.NText).Value = CKEditor1.Text;
cmd.Parameters.Add("@country", SqlDbType.VarChar, 5000).Value = ddcountry.SelectedValue;
//cmd = new SqlCommand("update [inner] set lblp1=N'"+CKEditor1.Text+"' where country='"+ddcountry.SelectedValue+"' and page='"+ddname.SelectedValue+"'", con);
cmd.ExecuteNonQuery();
}
else
{
dr.Close();
cmd = new SqlCommand("insert into [inner] values(@country,@page,@lblp1)", con);
cmd.Parameters.Add("@page", SqlDbType.VarChar, 50).Value = ddname.SelectedValue;
cmd.Parameters.Add("@lblp1", SqlDbType.NText).Value = CKEditor1.Text;
cmd.Parameters.Add("@country", SqlDbType.VarChar, 5000).Value = ddcountry.SelectedValue;
//cmd = new SqlCommand("insert into [inner] values('"+ddcountry.SelectedValue+"','"+ddname.SelectedValue+"',N'"+CKEditor1.Text+"')", con);
cmd.ExecuteNonQuery();
}
con.Close();
clsAlert.Show("Data Saved Successfully");
CKEditor1.ReadOnly = true;
}
catch (Exception ex)
{
}
public string conStr = ConfigurationManager.ConnectionStrings["SLMFConnection"].ToString();
SqlCommand cmd;
try
{
if (con.State == ConnectionState.Closed)
{
con.Open();
}
cmd = new SqlCommand("select * from [inner] where country='"+ddcountry.SelectedValue+"' and page='"+ddname.SelectedValue+"'", con);
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
dr.Close();
cmd = new SqlCommand("update [inner] set lblp1=@lblp1 where country=@country and page=@page", con);
cmd.Parameters.Add("@page", SqlDbType.VarChar, 50).Value = ddname.SelectedValue;
cmd.Parameters.Add("@lblp1", SqlDbType.NText).Value = CKEditor1.Text;
cmd.Parameters.Add("@country", SqlDbType.VarChar, 5000).Value = ddcountry.SelectedValue;
//cmd = new SqlCommand("update [inner] set lblp1=N'"+CKEditor1.Text+"' where country='"+ddcountry.SelectedValue+"' and page='"+ddname.SelectedValue+"'", con);
cmd.ExecuteNonQuery();
}
else
{
dr.Close();
cmd = new SqlCommand("insert into [inner] values(@country,@page,@lblp1)", con);
cmd.Parameters.Add("@page", SqlDbType.VarChar, 50).Value = ddname.SelectedValue;
cmd.Parameters.Add("@lblp1", SqlDbType.NText).Value = CKEditor1.Text;
cmd.Parameters.Add("@country", SqlDbType.VarChar, 5000).Value = ddcountry.SelectedValue;
//cmd = new SqlCommand("insert into [inner] values('"+ddcountry.SelectedValue+"','"+ddname.SelectedValue+"',N'"+CKEditor1.Text+"')", con);
cmd.ExecuteNonQuery();
}
con.Close();
clsAlert.Show("Data Saved Successfully");
CKEditor1.ReadOnly = true;
}
catch (Exception ex)
{
}
Category:
