In addition to what Krunal says, don't do it like that.
Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.
SqlDataAdapter da = new SqlDataAdapter("select * from tbl_reg where user_nm=@UN", conn);
da.SelectCommand.Parameters.AddWithValue("@UN", userInput);