use parameters like below
int val1 = int.Parse(val1.Text, NumberStyles.AllowThousands);
int val2 = int.Parse(val2.Text, NumberStyles.AllowThousands);
int val3 = int.Parse(val3.Text, NumberStyles.AllowThousands);
cmd.CommandText = "INSERT INTO tbl (fld1,fld2,fld3) VALUES (@val1, @val2, @val3)";
cmd.Parameters.AddWithValue("@val1", val1);
cmd.Parameters.AddWithValue("@val1", val2);
cmd.Parameters.AddWithValue("@val1", val3);
if you have issue with int.parse method for inputs, you can try with int.TryParse
int num;
if (int.TryParse(val1.Text, NumberStyles.AllowThousands,
CultureInfo.InvariantCulture, out num))
{
}
Submit an article or tip