Comparing values from an other database

suryateja_ambati

Hi, I am creating a web registration form using ASP.Net VS2010 & MS SQL Server 2008, where I have fields like Name(Textbox), Surname(Textbox), Date of birth(Calender), Valid Id Type(Which is a dropdown list consists of Passport and Taxcode), Id Number(Textbox), and some other general information fields.
Here I would like to ask you to solve my doubt, that when I press my save button to register this form to my new registration table(db), my webpage must verify the Name, Surname, Valid ID type and ID number from an another table which I already furnished those data. If all those fields are present in the another database then my webpage has to save.
If any field doesn't match to the given, it must throw an error either a validation error or message box or exception.
As soon as the form get successfully registered those details must be deleted from the previous database to reduce duplication.
The Members who are in my previous database only get registered in this database.

Please try to solve this,
Many Many thanks in advance.
Student under data crisis.
private void btn_saveregform_Click(object sender, EventArgs e)
{
SqlConnection con1 = new SqlConnection("server=SURI-PC;Database=OVS;integrated security=true");

        string Path = tb_brws.Text;
        if (Path == "")
        {
            //Photo photo = new Photo();
            photo.Show();
            this.Close();
        }
        string uid = System.Guid.NewGuid().ToString().Replace("-", "").ToUpper();
       tb_uid.Text = uid.ToString();
       Random slumpGenerator = new Random(); int tal;
       tal = slumpGenerator.Next(00000000, 99999999);
       tb_pass.Text = tal.ToString();
       string password = tb_pass.Text;
       //string repassword = tb_repass.Text;
       string valid = cb_Id.SelectedItem.ToString();
       string idno = tb_id_no.Text;
       string name = tb_name.Text;
       string sname = tb_Sname.Text;
       string sex = "Male";
       string dob = dtp_dob.Text.ToString();
       string nation = cb_nation.SelectedText.ToString();
       string via = tb_via.Text;
       string num = tb_num.Text;
       string city = tb_city.Text;
       string reg = cb_reg.SelectedItem.ToString();
       string country = cb_country.SelectedItem.ToString();
       string email = tb_email.Text;
       string tel = tb_tel.Text;
       string mob = tb_mob.Text;
       if (rb_Male.Checked == true)
       {
           sex = "Male";
       }
       else
       {
           sex = "Female";
       }
       try
       {

           SqlCommand cmd = new SqlCommand("select * from id_val where id_type ='" + valid + "', idno = '" + idno + "' and sname = '" +sname+ "'");
           con.Open();
           SqlDataReader dr = cmd.ExecuteReader();
           int count = 0;
           while (dr.Read())
           {
               count = count + 1;
           }
           if (count == 1)
           {
               //SqlConnection con1 = new SqlConnection("server=SURI-PC;Database=OVS;integrated security=true");
               //con.Open();
               SqlCommand cmd1 = new SqlCommand("insert into memRegForm (validid, idno, sname) values ('" + valid + "', '" + idno + "', '" + sname +"')", con);
               cmd1.ExecuteNonQuery();
               SqlCommand cmd2 = new SqlCommand("delete from id_val where id_type = '" + valid + "'", con);
               cmd2.ExecuteNonQuery();

           }
           else
               MessageBox.Show("Please Enter a valid Id type and number or you already registered");

           con.Close();
       }
       catch (Exception ex)
       {
           MessageBox.Show(ex.Message);
       }

       //SqlConnection con1 = new SqlConnection("server=SURI-PC;Database=OVS;integrated security=true");
        SqlCommand cmd3 = new SqlCommand("insert into memRegForm(uid, password, name, sex, dob, nation, via, num, city, region, country, email, tel, mob) values ('" + uid +"', '" +password+ "', '" + name +"', '" + sex +"', '" + dob +"', '" + nation +"', '" + via +"', '" + num +"', '" + city +"', '" + reg +"', '" + country +"', '" + email +"', '" + tel +"', '" + mob +"')", con);
        con.Open();
        cmd3.ExecuteNonQuery();
        con.Close();
        try
        {
            //Read Image Bytes into a byte array
            byte[] imageData = ReadFile(tb_brws.Text);

            //Initialize SQL Server Connection
            //SqlConnection CN = new SqlConnection(txtConnectionString.Text);

            //Set insert query
            string qry = "insert into imgDb (Path,ImageData) values(@Path, @imageData)";

            //Initialize SqlCommand object for insert.
            SqlCommand SqlCom = new SqlCommand(qry, con);

            //We are passing Original Image Path and Image byte data as sql parameters.
            SqlCom.Parameters.Add(new SqlParameter("@Path", (object)Path));
            SqlCom.Parameters.Add(new SqlParameter("@imageData", (object)imageData));

            //Open connection and execute insert query.
            con.Open();
            SqlCom.ExecuteNonQuery();
            con.Close();

            //Close form and return to list or images.
            this.Close();
        }
        catch (Exception ex)
        {
            MessageBox.Show(ex.ToString());
        }
    }