Excute query from asp page

Sep 25 2015 7:02 AM
In this code when i run this 2 query is execute but 1st query is not excute .here 1st query come from a text box and 2nd written by me but if i pass query direct then it work and if i give in this type then its not work ...
 
else
{

Session["DB"] = DropDownList4.SelectedItem.Text;
string sam =word0 + " " + word1 + " " + word2 + " " + abc + "='" + abc4 + "' " + word4 + " " + abc2 + "='" + abc5 + "'";
string sam2 = "insert into testing values(12,'sasasas')";


SqlConnection con = new SqlConnection("Data Source=server;Initial Catalog='" + Session["DB"]+ "';Persist Security Info=True;User ID=sa;Password=password");


SqlCommand com = new SqlCommand();
com.Connection = con;
com.CommandText = sam;
com.CommandText = sam2;
com.CommandType = CommandType.Text;
try
{
con.Open();
com.ExecuteNonQuery();

}
catch (SqlException sa)
{
Response.Write(sa.Message);

}
finally {

con.Close();
}
}
}

Answers (7)