Hi
I would suggest to use parametrized query. It will prevent SQL injection.
try this...
comm.CommandText = "INSERT INTO tblstock VALUES(@ProductID,@Stockdate,@ProductName,@Quantity)";
comm.Parameters.Add(new SqlParameter("@ProductID", dgvSales.Rows[i].Cells["Product ID"].Value));
comm.Parameters.Add(new SqlParameter("@Stockdate", dtpStockdate.Value.date));
comm.Parameters.Add(new SqlParameter("@ProductName", dgvSales.Rows[i].Cells["Product Name"].Value));
comm.Parameters.Add(new SqlParameter("@Quantity", dgvSales.Rows[i].Cells["Quantity"].Value));
Comm.Connection=conn;
conn.Open();
comm.ExecuteNonQuery();
conn.Close()