using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.UI; using System.Web.UI.WebControls; using System.Data; using System.Data.SqlClient; public partial class viewappointment : System.Web.UI.Page { SqlConnection con = new SqlConnection("Data Source=DESKTOP-9RP88PP;Initial Catalog=Project;Integrated Security=True"); string uname; protected void Page_Load(object sender, EventArgs e) { uname=Session["email"].ToString(); con.Open(); string sql = "select * from appointmt where doctor_name='" + uname + "'"; SqlDataAdapter adp = new SqlDataAdapter(sql, con); DataSet ds = new DataSet(); adp.Fill(ds); GridView1.DataSource = ds; GridView1.DataBind(); con.Close(); } protected void GridView1_SelectedIndexChanged(object sender, EventArgs e) { } }
string sql = "select * from appointmt where doctor_name='" + uname + "'";
using (SqlConnection con = new SqlConnection("Data Source=DESKTOP-9RP88PP;Initial Catalog=Project;Integrated Security=True")) { const string sql = "select * from appointmt where doctor_name = @uname"; SqlDataAdapter adp = new SqlDataAdapter(sql, con); adp.SelectCommand.Parameters.AddWithValue("@uname", uname); DataSet ds = new DataSet(); adp.Fill(ds); GridView1.DataSource = ds; GridView1.DataBind(); }
email
doctor_name
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)