you need to use parameters in your where condition as below
SELECT product.P_ID, Product.P_Name,Product.Leadtime, Product.SafetyStockamount,
Monthlysales.Month, Monthlysales.totalsalesamount, (totalsalesamount/30) as Averagedailysales, ((totalsalesamount/30) * Leadtime + SafetyStockamount) as reorderpoint
FROM Product, Monthlysales
where Product.P_ID = Monthlysales.P_ID AND Product.P_ID =@P_ID AND Monthlysales.Month =@Month
C# code:
using (SqlConnection connection = new SqlConnection(connectionString))
{
connection.Open();
using (SqlCommand command = new SqlCommand(
"SELECT product.P_ID, Product.P_Name,Product.Leadtime, Product.SafetyStockamount," +
"Monthlysales.Month, Monthlysales.totalsalesamount, (totalsalesamount/30) as Averagedailysales, ((totalsalesamount/30) * Leadtime + SafetyStockamount) as reorderpoint " +
"FROM Product, Monthlysales "+
"where Product.P_ID = Monthlysales.P_ID AND Product.P_ID =@P_ID AND Monthlysales.Month =@Month ", connection))
{
command.Parameters.Add(new SqlParameter("P_ID", pid));
command.Parameters.Add(new SqlParameter("Month", month));
SqlDataAdapter adapter = new SqlDataAdapter(command);
DataSet ds = new DataSet();
adapter.Fill(ds);
}
}