wrote:
if (cmd.ToString ()=="")
Well, that obviously doesn't work. You should read the documentation instead of guessing wildly.
ExecuteNonQuery means nothing is returned. You want to execute scalar perhaps, as only one value is expected, or you may want to select count(code) to make sure you expect one value.
wrote:
String str2 = "select code from state where code='" + this.txtstatecode.Text + "'";
There are at least three reasons I would fire you if you wrote this code for me. I assume you're not being paid, that would be obscene. But, if you want to learn, you should try to achieve a professional standard, not perpetuate the same mistakes.
1 - your variable name is meaningless
2 - you are writing SQL in the presentation layer
3 - your code means that if I wanted to attack your site, so long as I had access to this page, I could erase your entire database.
Read Code Complete for ideas on how to logically lay out readable code. Read up on n-tiered development and write data layers. Read up on SQL injection attacks, and protect against them. Buy a book on C#, so you can learn how ADO.NET works, instead of guessing.