protected void Button1_Click(object sender, EventArgs e) { dbconnection db4 = new dbconnection(); SqlCommand cmd5 = new SqlCommand(); if (FileUpload1.HasFile) { string strname = FileUpload1.FileName.ToString(); FileUpload1.PostedFile.SaveAs(Server.MapPath("~/questionpaper/") + strname); cmd5.CommandText = "insert into tblQuestion values(@qid,@course,@sem,@sub,@year,@,@qp)"; cmd5.Parameters.AddWithValue("@qid", TextBox1.Text); cmd5.Parameters.AddWithValue("@course", DropDownList1.SelectedItem.Text); cmd5.Parameters.AddWithValue("@sem", DropDownList2.SelectedItem.Text); cmd5.Parameters.AddWithValue("@sub", DropDownList3.SelectedItem.Text); cmd5.Parameters.AddWithValue("@year", TextBox2.Text); cmd5.Parameters.AddWithValue("@", TextBox3.Text); cmd5.Parameters.AddWithValue("@qp", strname); db4.execute(cmd5); } dbconnection db5 = new dbconnection(); SqlCommand cmd6 = new SqlCommand(); cmd6.CommandText = "update key_gen set QID=@idd"; cmd6.Parameters.AddWithValue("@idd", x); db5.execute(cmd6); }
protected void Page_Load(object sender, EventArgs e) { dbconnection db = new dbconnection(); SqlCommand cmd = new SqlCommand(); cmd.CommandText = "select NoteID from key_gen"; SqlDataReader dr = db.executeread(cmd); dr.Read(); x = dr.GetInt32(0); x++; string NID = "NOTE" + x.ToString(); TextBox1.Text = NID; if (!IsPostBack) { dbconnection db1 = new dbconnection(); SqlCommand cmd1 = new SqlCommand(); cmd1.CommandText = "select distinct Course from tblSubject"; SqlDataReader dr1 = db1.executeread(cmd1); DropDownList1.Items.Add("--Select Course--"); while (dr1.Read()) { DropDownList1.Items.Add(dr1.GetString(0).ToString()); } } }
protected void Button2_Click(object sender, EventArgs e) { dbconnection db2 = new dbconnection(); SqlCommand cmd2 = new SqlCommand(); cmd2.CommandText = "insert into tblFaculty values(@tid,@tname,@qualif,@dept,@date,@phone,@status)"; cmd2.Parameters.AddWithValue("@tid", TextBox1.Text); cmd2.Parameters.AddWithValue("@tname", TextBox2.Text); cmd2.Parameters.AddWithValue("@qualif", DropDownList1.SelectedItem.Text); cmd2.Parameters.AddWithValue("@dept", DropDownList2.SelectedItem.Text); cmd2.Parameters.AddWithValue("@date", TextBox3.Text); cmd2.Parameters.AddWithValue("@phone", TextBox4.Text); cmd2.Parameters.AddWithValue("@status", "ok"); db2.execute(cmd2); dbconnection db3 = new dbconnection(); SqlCommand cmd3 = new SqlCommand(); cmd3.CommandText = "update key_gen set TID=@id"; cmd3.Parameters.AddWithValue("@id", x); db3.execute(cmd3); dbconnection db4 = new dbconnection(); SqlCommand cmd4 = new SqlCommand(); cmd4.CommandText = "insert into tblLogin values (@uid,@pwd,@type)"; cmd4.Parameters.AddWithValue("@uid", TextBox1.Text); cmd4.Parameters.AddWithValue("@pwd", TextBox4.Text); cmd4.Parameters.AddWithValue("@type", "Faculty"); db4.execute(cmd4); Response.Redirect("Admin_FacultyReg.aspx"); }
protected void btnSignIn_Click(object sender, EventArgs e) { dbconnection dbconn = new dbconnection(); string query = "select * from SignUp where Email='" + txtMail.Text + "' and Password='******'"; string colname = "select Email,Password from SignUp"; if (dbconn.checkData(colname, query) == true) { Response.Write("<script LANGUAGE='JavaScript' >alert('You are loged in')</script>"); Response.Redirect("ClientHome.aspx"); } else { string quer = "select * from AddAdmin where Email='" + txtMail.Text + "' and Password='******'"; string colnam = "select Email,Password from Admin"; if (dbconn.checkData(colnam, quer) == true) { Response.Write("<script LANGUAGE='JavaScript' >alert('Welcome to the Website')</script>"); Response.Redirect("AdminHome.aspx"); } else { Response.Write("<script LANGUAGE='JavaScript' >alert('Wrong Email or Password')</script>"); } } }
protected void Button1_Click(object sender, EventArgs e) { FileUpload1.SaveAs(Server.MapPath(@"~\qp\" + FileUpload1.FileName.ToString())); String str = FileUpload1.FileName.ToString(); dbconnection db = new dbconnection(); cmd.CommandText = "insert into tb_qp values(@a,@b,@c,@d,@e,@f)"; cmd.Parameters.AddWithValue("@a", TextBox1.Text); cmd.Parameters.AddWithValue("@b", DropDownList1.SelectedItem.Text); cmd.Parameters.AddWithValue("@c", DropDownList3.SelectedItem.Text); cmd.Parameters.AddWithValue("@d", TextBox7.Text); cmd.Parameters.AddWithValue("@e", str); cmd.Parameters.AddWithValue("@f", TextBox8.Text); db.execute(cmd); dbconnection db1 = new dbconnection(); cmd.CommandText = "select qp_id from tb_id"; SqlDataReader dr = db1.executeread(cmd); dr.Read(); int x = dr.GetInt32(0); dbconnection db2 = new dbconnection(); cmd.CommandText = "update tb_id set qp_id=@x"; cmd.Parameters.AddWithValue("@x", x++); db2.execute(cmd); Response.Redirect("add_qp.aspx"); }
protected void Button1_Click(object sender, EventArgs e) { if (FileUpload1.HasFile) { string strname = FileUpload1.FileName.ToString(); FileUpload1.PostedFile.SaveAs(Server.MapPath("~/books/") + strname); dbconnection db4 = new dbconnection(); SqlCommand cmd4 = new SqlCommand(); cmd4.CommandText = "insert into tblBook values(@bid,@name,@cat,@sub,@auth,@publish,@ver,@book,@state)"; cmd4.Parameters.AddWithValue("@bid", TextBox1.Text); cmd4.Parameters.AddWithValue("@name", TextBox2.Text); cmd4.Parameters.AddWithValue("@cat", DropDownList1.SelectedItem.Text); cmd4.Parameters.AddWithValue("@sub", TextBox3.Text); cmd4.Parameters.AddWithValue("@auth", TextBox4.Text); cmd4.Parameters.AddWithValue("@publish", TextBox5.Text); cmd4.Parameters.AddWithValue("@ver", TextBox6.Text); cmd4.Parameters.AddWithValue("@book", strname); cmd4.Parameters.AddWithValue("@state", TextBox8.Text); db4.execute(cmd4); } dbconnection db5 = new dbconnection(); SqlCommand cmd5 = new SqlCommand(); cmd5.CommandText = "update key_gen set BookID=@idd"; cmd5.Parameters.AddWithValue("@idd", x); db5.execute(cmd5); Response.Redirect("LibraryHome.aspx"); }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { SqlCommand cmd = new SqlCommand(); DropDownList1.Items.Add("--Select--"); DropDownList2.Items.Add("--Select--"); DropDownList3.Items.Add("--Select--"); dbconnection db1 = new dbconnection(); cmd.CommandText = "select course_id from tb_course "; SqlDataReader dr1 = db1.executeread(cmd); while (dr1.Read()) { String s = dr1[0].ToString(); DropDownList1.Items.Add(s); } dbconnection db2 = new dbconnection(); cmd.CommandText = "select teacher_id from tb_teacher "; SqlDataReader dr2 = db2.executeread(cmd); while (dr2.Read()) { String s = dr2[0].ToString(); DropDownList3.Items.Add(s); } } }
public ActionResult staffcheck(string idno) { SqlConnection con = new dbconnection().openconnection(); SqlCommand cmd = con.CreateCommand(); cmd.CommandType = System.Data.CommandType.Text; cmd.CommandText = "select * from [reservation] where identifynumber='" + idno + "' "; SqlDataReader dr = cmd.ExecuteReader(); List <rad.Models.result> rl = new List <rad.Models.result>(); if (dr.HasRows) { while (dr.Read()) { rl.Add(new result { firstname = dr["firstname"].ToString(), lastname = dr["lastname"].ToString(), checkin = (DateTime.Parse(dr["checkin"].ToString())).ToShortDateString(), checkout = (DateTime.Parse(dr["checkout"].ToString())).ToShortDateString(), roomid = int.Parse(dr["roomid"].ToString()), resrvationid = ((dr["reservationid"].ToString())) } ); } Session["table"] = rl; } else { Session["checkreservation "] = "sorry you are entered wrong details"; } return(RedirectToAction("dashboardother", "login")); }
protected void DropDownList3_SelectedIndexChanged(object sender, EventArgs e) { String s = DropDownList1.SelectedItem.Text; String c = DropDownList2.SelectedItem.Text; String n = DropDownList3.SelectedItem.Text; DropDownList4.Items.Clear(); dbconnection db2 = new dbconnection(); SqlCommand cmd = new SqlCommand(); cmd.CommandText = "select course_id from tb_course where course=@d and stream=@f"; cmd.Parameters.AddWithValue("@d", DropDownList1.SelectedItem.Text); cmd.Parameters.AddWithValue("@f", DropDownList2.SelectedItem.Text); SqlDataReader drr = db2.executeread(cmd); drr.Read(); String id = drr.GetString(0); dbconnection dbc = new dbconnection(); cmd.CommandText = "select subject from tb_subject where crs_id=@id and sem=@g"; cmd.Parameters.AddWithValue("@id", id); cmd.Parameters.AddWithValue("@g", n); SqlDataReader dr = dbc.executeread(cmd); DropDownList4.Items.Add("--Select Subject--"); while (dr.Read()) { String x = dr[0].ToString(); DropDownList4.Items.Add(x); } }
public ActionResult messageviews() { SqlConnection con = new dbconnection().openconnection(); SqlCommand cmd = con.CreateCommand(); cmd.CommandType = System.Data.CommandType.Text; cmd.CommandText = "select * from [feedbacks]"; SqlDataReader dr = cmd.ExecuteReader(); List <rad.Models.home.feedbacks> mess = new List <rad.Models.home.feedbacks>(); if (dr.HasRows) { while (dr.Read()) { mess.Add(new home.feedbacks { message = dr["message"].ToString(), email = dr["email"].ToString(), feedbackid = int.Parse(dr["feedbackid"].ToString()) } ); Session["feedback"] = mess; } } return(View()); }
protected void Page_Load(object sender, EventArgs e) { dbconnection db = new dbconnection(); SqlCommand cmd = new SqlCommand(); cmd.CommandText = "select BookID from key_gen"; SqlDataReader dr = db.executeread(cmd); dr.Read(); x = dr.GetInt32(0); x++; string B = "BOOK" + x.ToString(); TextBox1.Text = B; if (!IsPostBack) { DropDownList1.Items.Add("Select Category"); DropDownList1.Items.Add("Computer Science"); DropDownList1.Items.Add("Electronics"); DropDownList1.Items.Add("Mechanical"); DropDownList1.Items.Add("Civil"); } }
protected void Page_Load(object sender, EventArgs e) { dbconnection db = new dbconnection(); cmd.CommandText = "select qp_id from tb_id"; SqlDataReader dr = db.executeread(cmd); dr.Read(); int x = dr.GetInt32(0); x++; String id = "QPEXM" + x.ToString(); TextBox1.Text = id; if (!IsPostBack) { dbconnection db1 = new dbconnection(); cmd.CommandText = "select crs_id from tb_subject"; SqlDataReader dr1 = db1.executeread(cmd); DropDownList1.Items.Add("--Select Course Id--"); DropDownList2.Items.Add("--Select Semester--"); DropDownList3.Items.Add("--Select Subject--"); while (dr1.Read()) { DropDownList1.Items.Add(dr1[0].ToString()); } } TextBox7.Text = DateTime.Now.ToShortDateString(); }
protected void Button1_Click(object sender, EventArgs e) { dbconnection db4 = new dbconnection(); SqlCommand cmd5 = new SqlCommand(); if (FileUpload1.HasFile) { string strname = FileUpload1.FileName.ToString(); FileUpload1.PostedFile.SaveAs(Server.MapPath("~/notes/") + strname); cmd5.CommandText = "insert into tblnotes values(@nid,@course,@sem,@sub,@teach,@note,@rem)"; cmd5.Parameters.AddWithValue("@nid", TextBox1.Text); cmd5.Parameters.AddWithValue("@course", DropDownList1.SelectedItem.Text); cmd5.Parameters.AddWithValue("@sem", DropDownList2.SelectedItem.Text); cmd5.Parameters.AddWithValue("@sub", DropDownList3.SelectedItem.Text); cmd5.Parameters.AddWithValue("@teach", Label2.Text); cmd5.Parameters.AddWithValue("@note", strname); cmd5.Parameters.AddWithValue("@rem", TextBox2.Text); db4.execute(cmd5); dbconnection db5 = new dbconnection(); SqlCommand cmd6 = new SqlCommand(); cmd6.CommandText = "update key_gen set NoteID=@idd"; cmd6.Parameters.AddWithValue("@idd", x); db5.execute(cmd6); } }
protected void Button1_Click(object sender, EventArgs e) { dbconnection db = new dbconnection(); cmd.CommandText = "select ebk_id from tb_id"; SqlDataReader dr = db.executeread(cmd); dr.Read(); int id = dr.GetInt32(0); id++; dbconnection db1 = new dbconnection(); cmd.CommandText = "update tb_id set ebk_id=@d"; cmd.Parameters.AddWithValue("@d", id); db1.execute(cmd); FileUpload1.SaveAs(Server.MapPath(@"~\ebooks\" + FileUpload1.FileName.ToString())); string a = FileUpload1.FileName.ToString(); dbconnection db7 = new dbconnection(); cmd.CommandText = "insert into tb_ebook values(@a,@b,@v,@c,@f,@g,@h,@i,@j)"; cmd.Parameters.AddWithValue("@a", TextBox1.Text); cmd.Parameters.AddWithValue("@b", DropDownList1.SelectedItem.Text); cmd.Parameters.AddWithValue("@v", TextBox8.Text); cmd.Parameters.AddWithValue("@c", TextBox3.Text); cmd.Parameters.AddWithValue("@f", TextBox4.Text); cmd.Parameters.AddWithValue("@g", Convert.ToInt32(TextBox5.Text)); cmd.Parameters.AddWithValue("@h", Convert.ToInt32(TextBox6.Text)); cmd.Parameters.AddWithValue("@i", a); cmd.Parameters.AddWithValue("@j", TextBox7.Text); db7.execute(cmd); Response.Redirect("add_ebooks.aspx"); }
protected void Page_Load(object sender, EventArgs e) { dbconnection db = new dbconnection(); cmd.CommandText = "select ebk_id from tb_id "; SqlDataReader dr = db.executeread(cmd); dr.Read(); int id = dr.GetInt32(0); id++; String eid = "EBKID" + id.ToString(); TextBox1.Text = eid; if (!IsPostBack) { dbconnection db1 = new dbconnection(); cmd.CommandText = "select distinct stream from tb_course"; SqlDataReader dr1 = db1.executeread(cmd); DropDownList1.Items.Add("--Select Department--"); while (dr1.Read()) { String s = dr1.GetString(0); DropDownList1.Items.Add(s); } } }
protected void Page_Load(object sender, EventArgs e) { dbconnection db = new dbconnection(); SqlCommand cmd = new SqlCommand(); cmd.CommandText = "select tchr_id from tb_id"; SqlDataReader dr = db.executeread(cmd); dr.Read(); int x = dr.GetInt32(0); x++; String d = "AWHTCH" + x.ToString(); TextBox1.Text = d; if (!IsPostBack) { dbconnection db1 = new dbconnection(); cmd.CommandText = "select distinct stream from tb_course"; SqlDataReader dr1 = db1.executeread(cmd); DropDownList1.Items.Add("--Select--"); while (dr1.Read()) { String s = dr1[0].ToString(); DropDownList1.Items.Add(s); } } }
protected void Button2_Click(object sender, EventArgs e) { dbconnection db2 = new dbconnection(); SqlCommand cmd2 = new SqlCommand(); cmd2.CommandText = "insert into tblStudent values(@sid,@sname,@course,@sem,@add,@phone,@email,@status)"; cmd2.Parameters.AddWithValue("@sid", TextBox1.Text); cmd2.Parameters.AddWithValue("@sname", TextBox2.Text); cmd2.Parameters.AddWithValue("@course", DropDownList1.SelectedItem.Text); cmd2.Parameters.AddWithValue("@sem", DropDownList2.SelectedItem.Text); cmd2.Parameters.AddWithValue("@add", TextBox3.Text); cmd2.Parameters.AddWithValue("@phone", TextBox4.Text); cmd2.Parameters.AddWithValue("@email", TextBox5.Text); cmd2.Parameters.AddWithValue("@status", "ok"); db2.execute(cmd2); dbconnection db3 = new dbconnection(); SqlCommand cmd3 = new SqlCommand(); cmd3.CommandText = "update key_gen set StudID=@idd"; cmd3.Parameters.AddWithValue("@idd", x); db3.execute(cmd3); dbconnection db4 = new dbconnection(); SqlCommand cmd4 = new SqlCommand(); cmd4.CommandText = "insert into tblLogin values (@uid,@pwd,@type)"; cmd4.Parameters.AddWithValue("@uid", TextBox1.Text); cmd4.Parameters.AddWithValue("@pwd", TextBox4.Text); cmd4.Parameters.AddWithValue("@type", "Student"); db4.execute(cmd4); Response.Redirect("Admin_StudentReg.aspx"); }
protected void Button1_Click(object sender, EventArgs e) { dbconnection db1 = new dbconnection(); SqlCommand cmd = new SqlCommand(); cmd.CommandText = "insert into tb_course values(@a,@b,@c,@d)"; cmd.Parameters.AddWithValue("@a", TextBox1.Text); cmd.Parameters.AddWithValue("@b", TextBox2.Text); cmd.Parameters.AddWithValue("@c", TextBox3.Text); cmd.Parameters.AddWithValue("@d", TextBox4.Text); db1.execute(cmd); dbconnection db2 = new dbconnection(); cmd.CommandText = "select course_id from tb_id"; SqlDataReader dr = db2.executeread(cmd); dr.Read(); int x = dr.GetInt32(0); x++; cmd.CommandText = "update tb_id set course_id=@v"; cmd.Parameters.AddWithValue("@v", x); db2.execute(cmd); Response.Write("<script>alert('Data inserted successfully')</script>"); Response.Redirect("addcourse.aspx"); }
protected void DropDownList2_SelectedIndexChanged(object sender, EventArgs e) { DropDownList3.Items.Clear(); DropDownList3.Items.Add("--Select--"); dbconnection db1 = new dbconnection(); cmd.CommandText = "select crs_id from tb_course where stream=@f and no_sem=@g"; cmd.Parameters.AddWithValue("@f", DropDownList1.SelectedItem.Text); cmd.Parameters.AddWithValue("@g", DropDownList2.SelectedItem.Text); SqlDataReader dr1 = db1.executeread(cmd); dr1.Read(); String id = dr1.GetString(0); dbconnection db = new dbconnection(); cmd.CommandText = "select subject from tb_subject where crs_id=@d"; cmd.Parameters.AddWithValue("@d", id); SqlDataReader dr = db.executeread(cmd); while (dr.Read()) { String s = dr[0].ToString(); DropDownList2.Items.Add(s); } }
protected void Page_Load(object sender, EventArgs e) { dbconnection db1 = new dbconnection(); SqlCommand cmd1 = new SqlCommand(); cmd1.CommandText = "select * from tblFaculty"; DataList1.DataSource = db1.executeread(cmd1); DataList1.DataBind(); if (Request.QueryString["id"] != null) { Panel1.Visible = true; string cid = Request.QueryString["id"]; dbconnection db2 = new dbconnection(); SqlCommand cmd2 = new SqlCommand(); cmd2.CommandText = "select * from tblFaculty where TeacherID=@cid"; cmd2.Parameters.AddWithValue("@cid", cid); SqlDataReader dr = db2.executeread(cmd2); dr.Read(); Label11.Text = dr.GetString(0); Label12.Text = dr.GetString(1); Label13.Text = dr.GetString(2); Label14.Text = dr.GetString(3); Label16.Text = dr.GetString(4); Label6.Text = dr.GetString(5); } }
protected void Button2_Click(object sender, EventArgs e) { dbconnection db = new dbconnection(); SqlCommand cmd = new SqlCommand(); cmd.CommandText = "select * from tblLogin where Username=@uid and Password=@pwd"; cmd.Parameters.AddWithValue("@uid", TextBox1.Text); Session["uid"] = TextBox1.Text; cmd.Parameters.AddWithValue("@pwd", TextBox2.Text); SqlDataReader dr = db.executeread(cmd); dr.Read(); type = dr.GetString(2); if (type == "Admin") { Response.Redirect("AdminHome.aspx"); } else if (type == "Faculty") { Response.Redirect("FacultyHome.aspx"); } else if (type == "Librarian") { Response.Redirect("LibraryHome.aspx"); } else if (type == "Student") { Response.Redirect("StudentHome.aspx"); } }
protected void DropDownList1_SelectedIndexChanged(object sender, EventArgs e) { String x = DropDownList1.SelectedItem.Text; dbconnection db1 = new dbconnection(); SqlCommand cmd = new SqlCommand(); cmd.CommandText = "select name,dept,status from tb_teacher where teacher_id=@d"; cmd.Parameters.AddWithValue("@d", x); SqlDataReader dr = db1.executeread(cmd); dr.Read(); String n = dr.GetString(0); String dt = dr.GetString(1); String sts = dr.GetString(2); if (sts.Equals("suspend")) { Button3.Visible = true; Button1.Visible = false; } else { Button3.Visible = false; Button1.Visible = true; } TextBox1.Text = n; TextBox2.Text = dt; TextBox3.Text = sts; }
protected void Button1_Click(object sender, EventArgs e) { dbconnection db = new dbconnection(); cmd.CommandText = "delete from tb_subject where sub_id=@d"; cmd.Parameters.AddWithValue("@d", DropDownList1.SelectedItem.Text); db.execute(cmd); }
protected void Button1_Click(object sender, EventArgs e) { dbconnection db = new dbconnection(); cmd.CommandText = "delete from tb_student where std_id=@d"; cmd.Parameters.AddWithValue("@d", DropDownList1.SelectedItem.Text); db.execute(cmd); Response.Redirect("remove_student.aspx"); }
protected void Button1_Click(object sender, EventArgs e) { dbconnection db3 = new dbconnection(); SqlCommand cmd3 = new SqlCommand(); cmd3.CommandText = "delete from tblFaculty where TeacherID=@cc"; cmd3.Parameters.AddWithValue("@cc", Label11.Text); db3.execute(cmd3); Response.Redirect("Admin_RemoveFaculty.aspx"); }
protected void Button2_Click(object sender, EventArgs e) { dbconnection db = new dbconnection(); SqlCommand cmd = new SqlCommand(); cmd.CommandText = "delete from tb_teacher where teacher_id=@d"; cmd.Parameters.AddWithValue("@d", DropDownList1.SelectedItem.Text); db.execute(cmd); TextBox3.Text = "Removed!!"; }
protected void Button1_Click(object sender, EventArgs e) { String str = TextBox1.Text; dbconnection db = new dbconnection(); cmd.CommandText = "select * from tb_ebook where bkname=@n"; cmd.Parameters.AddWithValue("@n", str); DataList1.DataSource = db.executeread(cmd); DataList1.DataBind(); }
protected void Button3_Click(object sender, EventArgs e) { dbconnection db = new dbconnection(); cmd.CommandText = "select * from tb_ebook where category=@a and subject=@b"; cmd.Parameters.AddWithValue("@a", DropDownList1.SelectedItem.Text); cmd.Parameters.AddWithValue("@b", DropDownList2.SelectedItem.Text); DataList1.DataSource = db.executeread(cmd); DataList1.DataBind(); }
protected void DropDownList3_SelectedIndexChanged(object sender, EventArgs e) { string subject = DropDownList3.SelectedItem.Text; dbconnection db3 = new dbconnection(); SqlCommand cmd3 = new SqlCommand(); cmd3.CommandText = "select * from tblQuestion where Subject=@id"; cmd3.Parameters.AddWithValue("@id", subject); DataList1.DataSource = db3.executeread(cmd3); DataList1.DataBind(); }
protected void Button3_Click(object sender, EventArgs e) { string subject = DropDownList3.SelectedItem.Text; dbconnection db4 = new dbconnection(); SqlCommand cmd4 = new SqlCommand(); cmd4.CommandText = "select * from tblBook where Subject=@id1"; cmd4.Parameters.AddWithValue("@id1", subject); DataList1.DataSource = db4.executeread(cmd4); DataList1.DataBind(); }