There are so many things wrong here...
The first is that the "current folder" is a very poor place to store your PDF files:
PdfWriter wri = PdfWriter.GetInstance(doc, new FileStream("Donorcard.pdf", FileMode.Create));
And that's probably the source of your problem. So create a "Documents" folder, give it the appropriate write permissions, and use that instead.
But more importantly, Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead. This is especially important in a web app where anyone, anywhere in the world, can delete your database by typing in text boxes...