尝试使用第三行.

Try using the third line.

string productid = pid.Text;
            string productname = pn.Text;
            SqlConnection conn = new SqlConnection("Data Source=FAROOQPC\\SQLEXPRESS; Database=db_first; Integrated Security=SSPI");
            command.CommandType = CommandType.StoredProcedure;
            command.Parameters.Add("@ProductID", SqlDbType.VarChar).Value = productid;
            command.Parameters.Add("@ProductName", SqlDbType.VarChar).Value = productname;   
            SqlCommand command = new SqlCommand("GetProducts", conn);            
            SqlDataAdapter adapter = new SqlDataAdapter(command);
            DataSet ds = new DataSet();
            adapter.Fill(ds, "Products");
            DataTable dt = ds.Tables[0];
            foreach (DataRow dr in dt.Rows)
            {
                Password.Text = dr["@ProductName"].ToString();
                //code for remaining text boxes
            }

希望它能起作用.

Hope it will work.

实际上非常容易. SP中的SQL语句调用必须已经包含参数定义:

It''s actually quite easy. The SQL statement callin you SP has to include the parameter definition already:

SqlCommand command = new SqlCommand("GetProducts @ProductID", conn);

SqlCommand就是真正的名字.为sql命令本身不存在的内容提供参数将使您无所适从.

干杯！

-MRB

The SqlCommand is what will be really called. Supplying a parameter for something that is not present in the sql command itself would get you nowhere.

Cheers!

-MRB