That code is...um...odd.
You create a command (which is commented as a SELECT), execute it, but throw away the results, and then dispose of it, and close the connection.
Then you try to do an INSERT operation...which presumably is giving you a problem.
The SELECT code does nothing useful: so get rid of it.
con = new SqlConnection(connetionString);
try
{
con.Open();
sql1 = "INSERT INTO Features(Feature_Project_id, Feature_Project_Name, Feature_Description) VALUES ('"+cmd+"', '" + s + "','" + textBox1.Text + "')";
cmd = new SqlCommand(sql1, con);
cmd.ExecuteNonQuery();
cmd.Dispose();
con.Close();
MessageBox.Show (" ExecuteNonQuery in SqlCommand executed !!");
}
catch (Exception er)
{
MessageBox.Show(er.Message);
}
}
And your INSERT may start to work.
But... don't do it like that! Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
using (con = new SqlConnection(connetionString))
{
try
{
con.Open();
sql1 = "INSERT INTO Features(Feature_Project_id, Feature_Project_Name, Feature_Description) VALUES (@PID, @PNM, @DESC)";
using (cmd = new SqlCommand(sql1, con))
{
cmd.Parameters.AddWithValue("@PID", cmd);
cmd.Parameters.AddWithValue("@PNM", s);
cmd.Parameters.AddWithValue("@DESC", textBox1.Text);
cmd.ExecuteNonQuery();
}
MessageBox.Show(" ExecuteNonQuery in SqlCommand executed !!");
}
catch (Exception er)
{
MessageBox.Show(er.Message);
}
}