Click here to Skip to main content
14,304,697 members
Rate this:
Please Sign up or sign in to vote.
See more:
here session value is correct sql table is mapping with query, i have been written the code in page load for fetching into textboxes and i want update that data in updatebutton click was written code as fallows but the details are not not getting what was the problem help me from this.
using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;

public partial class update : System.Web.UI.Page
    SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["matrimonysite"].ConnectionString);
    protected void Page_Load(object sender, EventArgs e)
        SqlCommand cmd = new SqlCommand("select Fullname,Surname,Religion,Caste,Email,MobileNo,Address,Maritalstatus,City,Height,Weight,Complexion,Bloodgroup,Qualification,Workingin,Salary from Registration where Username='"+Session["User1"].ToString()+"' ", con);
        SqlDataReader dr;
        dr = cmd.ExecuteReader();
        txtId.Text = Session["USER1"].ToString();
        txtFullName.Text  = dr[0].ToString();
        txtSurname.Text = dr[1].ToString();
        txtReligion.Text = dr[2].ToString();
        txtGotra.Text = dr[3].ToString();
        txtEmail.Text = dr[4].ToString();
        txtAddress.Text = dr[6].ToString();
        txtMobile.Text = dr[5].ToString();
        txtMaritalstatus.Text = dr[7].ToString();
        txtCity.Text = dr[8].ToString();
        txtHeight.Text = dr[9].ToString();
        txtWeight.Text = dr[10].ToString();
        txtComplexion.Text = dr[11].ToString();
        txtBloodgroup.Text = dr[12].ToString();
        txtQualification.Text = dr[13].ToString();
        txtWorkingin.Text = dr[14].ToString();
        txtSalary.Text = dr[15].ToString();

    protected void txtId13_TextChanged(object sender, EventArgs e)

    protected void txtId_TextChanged(object sender, EventArgs e)

    protected void btnUpdate_Click(object sender, EventArgs e)
        SqlCommand cmd1 = new SqlCommand("update Registration  set Fullname='"+txtFullName.Text+"',Surname='"+txtSurname.Text+"',Religion='"+txtReligion.Text+"',Caste='"+txtGotra.Text+"',Email='"+txtEmail.Text+"',MobileNo='"+txtMobile.Text+"',Address='"+txtAddress.Text+"',Maritalstatus='"+txtMaritalstatus.Text+"',City='"+txtCity.Text+"',Height='"+txtHeight.Text+"',Weight='"+txtWeight.Text+"',Complexion='"+txtComplexion.Text+"',Bloodgroup='"+txtBloodgroup.Text+"',Qualification='"+txtQualification.Text+"',Workingin='"+txtWorkingin.Text+"',Salary='"+txtSalary.Text+"' where Username='"+Session["user1"].ToString()+"'", con);
        Response.Write("<script>alert('Your Details have been updated ')</script>");

    protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
Updated 12-Mar-19 20:57pm
Not Active 16-Dec-11 0:22am
Format code snippets
Member 10220367 3-Sep-13 7:49am
SNR infocom is working in software field..................
Add.d26 gf sec2 noida up
Not Active 16-Dec-11 0:33am
Don't repost the same question
Rate this:
Please Sign up or sign in to vote.

Solution 1

Put if(!isPostBack) in page load. look at the following code.

protected void Page_Load(object sender, EventArgs e)
     if(! isPostBack)
       //your code goes here
Rate this:
Please Sign up or sign in to vote.

Solution 2

First of all you should move the code out of the PageLoad method, put it in a seperate function and call that from PageLoad. Also use IsPostback to determined when to relaod the data.

Second, and most importantly, NEVER use unvalidated user input or string contantenation to form an inline SQL statement. EVER. You should use a stored procedure or parameterized query. If you don't understand these then do some research.
Rate this:
Please Sign up or sign in to vote.

Solution 3

I would suggest you some points.

1. As suggested by koolprasad2003, please put your code in the ISPOSTBACK condition

2. You code is open for SQL injections. So try to convert it in the parameterized stored procedures. You can get more details at here [^] and here[^]

3. You have not close the data reader in the page load function. Write dr.Close() before con.Close()

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100