That doesn't make a lot of sense.
You have a function
SelectMembers that (badly, and prone to SQL Injection attack) gets the count of the number of members whose username matches the parameter, and then throws it away.
Then you want to do something different, but you can't access the internals of the method.
What are you trying to do?
If you want to read the member details, then cut and paste your two code fragments together and create a new method:
public static void SelectMembersAndActuallyReadThemThisTime(string username)
{
SqlConnection con = Database.GetConnection();
SqlCommand cmd = new SqlCommand("select * from members where username=@" + username + "", con);
SqlDataReader dr=cmd.ExecuteReader();
while (dr.Read())
{
...
}
}Better still, use Parametrized Queries instead:
public static void SelectMembersAndActuallyReadThemThisTime(string username)
{
SqlConnection con = Database.GetConnection();
SqlCommand cmd = new SqlCommand("select * from members where username=@UN", con);
cmd.Parameters.AddWithValue("@UN", username);
SqlDataReader dr=cmd.ExecuteReader();
while (dr.Read())
{
...
}
}
Update from OP:
"if i have declare the sqldatareader in class file then how can i compare variables from another form textfield
like:
if (dr["username"].ToString() == txtUserNamr.Text)
how can i access txtUserName from member.aspx to class file"
In short: Don't.
The longer version: Don't do it. If you start accessing form variables in your class, you ties the two together: you cannot make changes to one without changing the other. This reduces reusability, and makes maintenance harder, as well as potentially reducing reliability.
Why do you need to?
You pass the username through to your routine, don't you? That is what the "username" parameter is for, isn't it?
If it isn't, what is it for?
You have already filtered the results from your database so it only returns the records that have that username: So where is the point in comparing it against a different value?
Submit an article or tip