Hi,
By using a parametrized query you can eliminate the messy string concatenation and other problems associated with it and sql injection. It is also much easier to read and update in the future if you need to add another parameter.
cn.ConnectionString = @"ConnectionString";
cn.Open();
SqlCommand com = new SqlCommand();
com.Connection = cn;
com.CommandType = CommandType.Text;
com.CommandText = "insert into Persons_info(perId, latinName, gender, dob, pob, phone, passport, curAdd, status) values (@perId, @latinName, @gender, @dob, @pob, @phone, @passport, @curAdd, @status)"
com.Parameters.Add(new SqlParameter("@perId", txtId.Text));
com.Parameters.Add(new SqlParameter("@latinName", txtLatinName.Text));
com.Parameters.Add(new SqlParameter("@gender", cbGender.Text));
com.Parameters.Add(new SqlParameter("@dob", dTPdob.Text));
com.Parameters.Add(new SqlParameter("@pob", txtPob.Text));
com.Parameters.Add(new SqlParameter("@phone", txtPhone.Text));
com.Parameters.Add(new SqlParameter("@passport", txtPassport.Text));
com.Parameters.Add(new SqlParameter("@curAdd", txtCurAdd.Text));
com.Parameters.Add(new SqlParameter("@status", cbStatus.Text));
com.ExecuteNonQuery();
MessageBox.Show("Saving is done!");