Your code seems fine to me, and I am unsure as to what your exact issue is; however, to clear your TextBox
control’s .Text
property; assign it a value of string.Empty
.
textBox1.Text = string.Empty;
As far as your insert command, that looks fine. A point has been made that your code is vulnerable to SQL Injection, but unless you need to safeguard your information, then I wouldn’t worry too much. If you are worried about SQL Injection and how to protect against it, there are many posts here, and many articles online on how to protect your applications from this type of attack. Things to look into are:
- Parameterization of dynamic data and queries.
- Don’t overuse dynamically generated queries.
- Utilize
sp_executesql
when executing dynamic queries so that parameters can’t be manipulated.
1
solved Is SqlCommand the only way of adding,deleting and updating records?