If
students_ID
field is numeric data type, below sql query is incorrect, because of single quote around expression (
'
):
string query = "Select bosh_rasm_ID, Tugal_rasm_ID from register where students_ID='" + getUquvchilar_ID() + "'";
As
Richard Deeming[
^] had mentioned in a comment to the question, do not use such of queries, use parametrized queries instead:
string query = "Select bosh_rasm_ID, Tugal_rasm_ID from register where students_ID=@stuId";
where
@stuid
is a named parameter. Use
AddWithValue
method to add parameter to the
MySqlCommad.ParameterCollection
cmd.Parameters.AddWithValue("@stuId", getUquvchilar_ID());
For further information, please see:
6.9.1 Preparing Statements in Connector/Net[
^]