protected void GridView1_RowUpdating(object sender, GridViewUpdateEventArgs e) { cn.Open(); int customerid = Convert.ToInt32(((TextBox)GridView1.Rows[e.RowIndex].Cells[0].Controls[0]).Text); String customername =(((TextBox)GridView1.Rows[e.RowIndex].Cells[1].Controls[0]).Text); String email = (((TextBox)GridView1.Rows[e.RowIndex].Cells[2].Controls[0]).Text); String amount = (((TextBox)GridView1.Rows[e.RowIndex].Cells[3].Controls[0]).Text); SqlCommand cmd = new SqlCommand("update customer set customername='" + TextBox2.Text + "' where customerid='" + TextBox1.Text + "' ",cn); cmd.ExecuteNonQuery(); cn.Close(); Console.WriteLine("update end"); BindGridview(); clear(); }
SqlCommand cmd = new SqlCommand("update customer set customername='" + TextBox2.Text + "' where customerid='" + TextBox1.Text + "' ",cn);
using (SqlCommand cmd = new SqlCommand("update customer set customername = @customername where customerid = @customerid",cn)) { cmd.Parameters.AddWithValue("@customername", TextBox2.Text); cmd.Parameters.AddWithValue("@customerid", TextBox1.Text); cmd.ExecuteNonQuery(); }
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)