Click here to Skip to main content
16,002,104 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Dear all,


I have web application and need to insert data to database.

I am using mssql database.
and my query like below;

sqlcommand cmd=new sqlcommand("insert into tbnm values('"+txtNm.text+"',etc..);


but some times when inserting values missing .This is not always but some times.

please help me.

and please tell which is the best method to insert into database


Regards andThanks,
Kalesh:confused:
Posted
Updated 26-Mar-10 20:24pm
v2

1 solution

You should use Parameterized Queries to perform any database operatiosn, it will help you to avoid any SQL Injection problems, and your code will be more readable.

Check this link Parameterized Queries[^]
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900