Click here to Skip to main content
15,745,438 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
Hi everyone,

i am working with a web application where i am inserting data to database on button click.the page in which this works(admin.aspx) is located in folder called 'admin'.i have written below connectionstring in web.config file.....

<connectionStrings><br />
    <add name="leave" connectionString="server=PRANAV\SQLEXPRESS;Database=leave management;Integrated Security=true"<br />
      providerName="System.Data.SqlClient" /><br />
    <add name="leave managementConnectionString" connectionString="Data Source=PRANAV\SQLEXPRESS;Initial Catalog="leave management";Integrated Security=True"<br />
      providerName="System.Data.SqlClient" /><br />

further my code is as follows....

SqlConnection conn = new SqlConnection();
conn.ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings["leave"].ConnectionString;
SqlCommand cmd = new SqlCommand("insert into emp_details VALUES('" + TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox3.Text + "','" + TextBox5.Text + "','" + DropDownList1.SelectedValue + "')", conn);

Above code works fine,even i have debugged it also...the problem is data is not being inserted in the database...i am not able to figure out where the problem is?any help would be greatly appriciated.....if any additional detail is needed,let me know....Thanks.....
Updated 12-Feb-13 23:24pm
KanetiyaNik 13-Feb-13 5:22am    
Will you give the detail about what is Roles.AddUserToRole function is used for??
Thanks7872 13-Feb-13 5:24am    
that is just m adding user to role...its my mistake to post that line here cz its irrelavant to this question....
KanetiyaNik 13-Feb-13 5:25am    
And where Is "cmd.ExctueNonQuery()"??
If I m not wrong you just forget to excute the command...
You have just give query to SqlCommand Object but forget to exctue it...
So just use cmd.ExcuteNonQuery()
Than only your command will excute...
Thanks7872 13-Feb-13 5:39am    
it works now....thanks...that was the only silly of me.....
KanetiyaNik 13-Feb-13 8:02am    
Good Luck..:-)

How do you know the code works? It clearly doesn't, or the database would be updated...

The first thing to do is to add an ExecuteNonQuery call to the command object...

Then, when that works, don't do it like that! Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
Share this answer

The code looks pretty ok, its strange that the row aint being inserted in the table.
However, u might want to debug by catching an int variable as return when the insert statement takes place and alert a message when the return value is greater than 0.

have a look at the below code:

public int InsertName(string xname)
    int ret;
    SqlCommand cmd = new SqlCommand("Insert into Sample.dbo.tblName values('" + xname + "')", xconn);
        ret = cmd.ExecuteNonQuery();

    catch (Exception)

    return ret;


and on the click of a button or any other event the code will be like below:

private void btnAdd_Click(object sender, EventArgs e)
        if (!string.IsNullOrEmpty(txtName.Text))
            DataBaseLayer obj = new DataBaseLayer();
            int param=obj.InsertName(txtName.Text);
            if (param > 0)
                MessageBox.Show("your name has been can now go to the main page");

            NewForm obj2 = new NewForm();


Try to debug like this, you might find whether the insert statement is actually executing or not.
Hope it helps.

Share this answer

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900