nouraleyoon wrote:
string query = "insert into Log values('" + listView1.Items[cnt].Text +"')";
This does exactly what you asked. IF the user was able to enter the text, then they can also erase your DB because this is badly written. You should use parameterised queries and make it so that it pulls out the values you need, instead of passing them all as one value.
The fact that it's called listview1 makes me think you're just writing code for fun, and that's cool. read up on SQL injection, if you ever want to write production quality code.
The other thing is, look at the SQL you generate, then think about what it does, and how it needs to change to do what you want. Specifying the columns you want to insert into is one way to make this either crash or do what you want ( instead of 'working' but not doing what you hoped it would )