how to handle "argumentexception was unhandled by user" error in asp.net?

Question

protected void Button2_Click(object sender, EventArgs e)
{
    using (SqlConnection con = new SqlConnection())
    {
        con.ConnectionString = @"ADMIN\LOCALHOST;Initial Catalog=maha;Integrated Security=True";
        con.Open();

        SqlCommand cmd = new SqlCommand("Insert into dbo.student Values ('" + TB1.Text + "','" + TB2.Text + "','" + TB3.Text + "','" + @rm + "')", con);

        cmd.ExecuteNonQuery();
        con.Close();
    }
}

score 0 · Answer 1 · edited May 23 '17 at 12:22

The connection string is wrong on ADMIN\LOCALHOST and from there come the error message.

Must be like:

 con.ConnectionString = @"Data Source=localhost;Initial Catalog=maha;Integrated Security=True";

Beside that you must parameterize your query , to avoid sql injection https://stackoverflow.com/search?q=sql+injection

How does the SQL injection from the "Bobby Tables" XKCD comic work?

and also you can read: Setting up connection string in ASP.NET to SQL SERVER

how to handle "argumentexception was unhandled by user" error in asp.net?

1 Answers1