Please don't use inline queries, it opens your code to
Sql Injection attack.
So, change the following query...
string cmdStr = "select count(*) from CompanyProfile where CompanyName='" + TextBox9cmpynam.Text + "'";
to...
string query = "select * from CompanyProfile where CompanyName=@CompanyName";
SqlCommand cmd = new SqlCommand(query, con);
cmd.Parameters.AddWithValue("@CompanyName", TextBox9cmpynam.Text);
After that debug your code and find if there are any rows present in the
DataSet
ds
when the following code line executes..
da.Fill(ds, "CompanyProfile");
[Update]
Use the below code...
protected void Button1_Click1(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["CRegConnectionString"].ConnectionString);
string query = "select * from CompanyProfile where CompanyName = @CompanyName";
SqlCommand cmd = new SqlCommand(query, con);
cmd.Parameters.Add(new SqlParameter("@CompanyName", TextBox9cmpynam.Text.Trim()));
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
try
{
da.Fill(ds, "CompanyProfile");
if(ds != null && ds.Tables["CompanyProfile"] != null && ds.Tables["CompanyProfile"].Rows.Count > 0)
{
Panel1.Visible = true;
TextBox1cmpynm.Text = ds.Tables["CompanyProfile"].Rows[0]["CompanyName"].ToString();
TextBox2briefprofle.Text = ds.Tables["CompanyProfile"].Rows[0]["BriefProfile"].ToString();
TextBox3addr.Text = ds.Tables["CompanyProfile"].Rows[0]["Address"].ToString();
TextBox4state.Text = ds.Tables["CompanyProfile"].Rows[0]["State"].ToString();
TextBox5country.Text = ds.Tables["CompanyProfile"].Rows[0]["Country"].ToString();
TextBox6phno.Text = ds.Tables["CompanyProfile"].Rows[0]["PhoneNo"].ToString();
TextBox7website.Text = ds.Tables["CompanyProfile"].Rows[0]["Website"].ToString();
TextBox8emailid.Text = ds.Tables["CompanyProfile"].Rows[0][""].ToString();
con.Close();
}
else
{
Panel1.Visible = false;
}
}
catch (Exception er)
{
Response.Write("Something really bad happend .....Please try again");
}
}