Even he don't know the basic, latest you should inform him, this is not the right way . You can tell me in this way, like
-------------------------------------------------------------------------------------------
You can use below code to insert records into database, where txtname and txtaddress is the input field. Before that you need to create connection object and set command property.
string query = "insert into tablename values ('"+txtname.text+"','"+txtaddress.text+"')";
But, This code can causes SQL Injection, which will break your application, For that you can use Parametrized query or Stored procedure.
Along with this, you can give few ref. of SQL Injection.
---------------------------------------------------------------------------------------------------------------------------
By which, at latest the guys will know something regarding SQL Injection and best practices of writing code.
Thanks !
Abhijit
Cheers !
Abhijit
Radhekrisna, if this helps please login to Mark As Answer. | Alert Moderator