Do not concatenate strings from user input into your sql queries. You place yourself at high risk of
SQL Injection[
^] (the link also includes suggestions on how to address the issue)
When you are storing your data on the database you are just concatenating the text from each checkbox - there are no separators in there. So the
aa.Split()
is returning a single value (the full concatenated string). It will never match the text of any single checkbox therefore none of them will be checked.
You could put a separator between each
s = a.Text + s + ",";
and pass the separator into the Split
string[] a = aa.Split(',');
but to be honest this design is not good. (For "not good" read "really bad").
If you know the number of checkboxes up front then have a column for each of them on the database (using a BIT datatype). If the number of checkboxes is variable then have a row per checkbox (note the Id you currently use cannot be unique in that case)