How to get the Query String variable in ASP.NET and pass it as an Sql parameter?

Question

string userid = Request.QueryString[0].ToString();
string Qid = Request.QueryString[1].ToString();
string connection = ConfigurationManager.ConnectionStrings["dbconnection"].ConnectionString.ToString();
SqlConnection con = new SqlConnection(connection);
con.Open();

SqlCommand com = new SqlCommand("qualification", con);
com.Parameters.Add("@proctype",SqlDbType.Int).Value = 4;
com.Parameters.Add("@Qid", SqlDbType.Int).Value = Qid;
SqlDataReader reader = com.ExecuteReader();
while (reader.Read())
{
   drpqualification.SelectedItem.Text = reader["Qualification"].ToString();
   txtSubjects.Text = reader["Subject"].ToString();
   txtmarksobt.Text = reader["MarksObtained"].ToString();
   txtgrade.Text = reader["Percentage"].ToString();
   txtboard.Text = reader["BoardUniversity"].ToString();
}
reader.Close();
con.Close();
}

• and here the URL:http://localhost:35689/Academic_info.aspx?userid=94&Qid=14 i want to get the Qid only and pass it as Sql Parameter*

Answer 1

You should add values to parameters as below -

    command.Parameters.Add("@ID", SqlDbType.Int);
    command.Parameters["@ID"].Value = customerID;

    // Use AddWithValue to assign Demographics. 
    // SQL Server will implicitly convert strings into XML.
    command.Parameters.AddWithValue("@demographics", demoXml);

Check this URL - https://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlcommand.parameters(v=vs.110).aspx

And to fetch the query string, just use Request.QueryString["Qid"]. You don't need to .ToString() it.