Start by fixing the
SQL Injection[
^] vulnerability in your code.
That will then tell you that you're trying to pass the
DropDownList
control to the query, instead of passing its selected value.
Also, you should wrap all objects that implement
IDisposable
in a
using
block.
And to retrieve a single value from the query, there's no need for a
DataReader
- just call
ExecuteScalar
.
protected void DropDownListLongName_SelectedIndexChanged(object sender, EventArgs e)
{
using (SqlConnection con2 = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["HotConnectionString"].ConnectionString))
using (SqlCommand scmd = new SqlCommand("Select User_ID from Table99 where LongName = @LongName", con2))
{
scmd.Parameters.AddWithValue("@LongName", DropDownListLongName.SelectedValue);
con2.Open();
TextBoxUser_ID.Text = Convert.ToString(smcd.ExecuteScalar());
}
}