You've created the command and added the parameters - congratulations on avoiding SQL injection, by the way! :) - but you've not executed the command.
You need to add the following lines to the bottom of your method:
bool closeConnection = false;
if (con.ConnectionState == ConnectionState.Closed)
{
con.Open();
closeConnection = true;
}
try
{
cmd.ExecuteNonQuery();
}
finally
{
if (closeConnection)
{
con.Close();
}
}
(This would be simpler if you declared your SqlConnection
locally and wrapped it in a using
block.)
As Ryan mentioned, you could also simplify adding the parameters by using
the AddWithValue
method[
^].
A tidied-up version of your method would look something like this:
protected void btnsave_Click(object sender, EventArgs e)
{
using (SqlConnection connection = new SqlConnection(ConnectionStringHere))
using (SqlCommand cmd = new SqlCommand("dbo.usp_Emp", connection))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@EmpName", txtEmp.Text);
cmd.Parameters.AddWithValue("@Job", jobdropdown.SelectedIndex.ToString());
cmd.Parameters.AddWithValue("@Salary", txtSalary.Text);
cmd.Parameters.AddWithValue("@DeptNo", deptdropdown.SelectedIndex.ToString());
cmd.Parameters.AddWithValue("@Username", txtUsername.Text);
cmd.Parameters.AddWithValue("@Password1", txtPassword.Text);
cmd.Parameters.AddWithValue("@UserType", usertypdropdown.SelectedItem.ToString());
cmd.Parameters.AddWithValue("@flag", 2);
connection.Open();
cmd.ExecuteNonQuery();
}
}