The problem is most likely in the WHERE clause of your Sql statement. Incidentally, your Sql is also rip for Sql Injection attacks. Instead of doing string manipulation, it is a best practice to use SqlParameters. Try the following instead and let me know how you get on.
string str = "select Sign_in, Date from Attendance where Eno= @Eno and Date = @Date";
var cmd = new SqlCommand(str, conn);
cmd.Parameters.AddWithValue("Eno", b);
cmd.Parameters.AddWithValue("Date", dateTimePicker1.Value.Date);
var dr = cmd.ExecuteReader();
Cheers,
Rob
No comments:
Post a Comment