Two problems here:
1) Either one of your names is wrong: "txtEmpid", "txtName", or "txtEmailid" is incorrect, or one of them is not a textbox. This means that the "tn" variable gets a null, so you get the error when you try to use it's Text property. Check the names and types.
2) Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead. This is particularly a problem with website code, where your database can be deleted from the other side of the world...
"How to use parameterized queries and why?"
Why? To prevent me visiting your site from half a world away, and deleting your entire database by typing in your textboxes. Which seems like it might be a bad thing from your point of view.
Google for "Sql Injection" and "Bobby tables" and you will find good information on why you should never, ever concatenate SQL commands.
How? Parametrised queries are pretty easy: you provide a parameter name in your query, then add a parameter value to that:
using (SqlConnection con = new SqlConnection(strConnect))
{
con.Open();
using (SqlCommand com = new SqlCommand("UPDATE myTable SET myColumn1=@C1, myColumn2=@C2 WHERE Id=@ID", con))
{
com.Parameters.AddWithValue("@ID", id);
com.Parameters.AddWithValue("@C1", myValueForColumn1);
com.Parameters.AddWithValue("@C2", myValueForColumn2);
com.ExecuteNonQuery();
}
}
In this example, @ID, @C1 and @C2 are the parameter names (which should always start with '@').