You are using the scalar variable
@id and
@password. You should also mention what type of parameter is this! Add the following line of code.
SqlCommand cmd = new SqlCommand("Select uname, pswd from emp_details where uname = @id and pswd = @password ", conn);
cmd.Parameters.Add(new SqlParameter("@id", System.Data.SqlDbType.VarChar)).Value = TextBox1.Text;
cmd.Parameters.Add(new SqlParameter("@password", System.Data.SqlDbType.VarChar)).Value = TextBox2.Text;
Here,
cmd.Parameters.Add(new SqlParameter("@id", System.Data.SqlDbType.VarChar)).Value = TextBox1.Text;
is telling the compiler that the parameter
@id is of type
SQL VarChar, and then assigning the value
TextBox1.Text to the parameter
@id.
Now, since your parameters are declared, when the compiler reaches at this line
SqlDataReader dr = cmd.ExecuteReader();
It knows the data type of your parameter and you will not get the error you mentioned in your question.
Hope that helps.
Cheers,
Naman