Method1
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using sql = System.Data.SqlClient;
public partial class _Default : System.Web.UI.Page
{
sql.SqlConnection sqlcon;
sql.SqlCommand sqlcmd;
string Emp_Name,Emp_ID,Salary;
string connstr;
protected void Page_Load(object sender, EventArgs e)
{
Emp_Name = "Raj";
Emp_ID = "3421";
Salary = "20000";
connstr = "Data Source=SRV4;Initial Catalog=Employee;Integrated Security=True";
sqlcon = new sql.SqlConnection(connstr);
sqlcmd = sqlcon.CreateCommand();
sqlcmd.CommandText = "INSERT INTO EmployeeDetails VALUES ('" + Emp_Name+ "','" +
Emp_ID + "','" +
Salary + "')";
sqlcon.Open();
sqlcmd.ExecuteNonQuery();
sqlcon.Close();
}
}
Method2(Prefered Method)
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using sql = System.Data.SqlClient;
public partial class _Default : System.Web.UI.Page
{
sql.SqlConnection sqlcon;
sql.SqlCommand sqlcmd;
string Emp_Name,Emp_ID,Salary;
string connstr;
protected void Page_Load(object sender, EventArgs e)
{
Emp_Name = "Raj";
Emp_ID = "3421";
Salary = "20000";
connstr = "Data Source=SRV4;Initial Catalog=Employee;Integrated Security=True";
sqlcon = new sql.SqlConnection(connstr);
sqlcmd = sqlcon.CreateCommand();
sqlcmd.CommandText = "INSERT INTO EmployeeDetails VALUES (@name,@id,@salary)";
sqlcmd.Parameters.AddWithValue("@name", Emp_Name);
sqlcmd.Parameters.AddWithValue("@id", Emp_ID);
sqlcmd.Parameters.AddWithValue("@salary", Salary);
sqlcon.Open();
sqlcmd.ExecuteNonQuery();
//inside for loop use below code
sqlcmd.Parameters.Clear();
sqlcon.Close();
}
}