哦，什么.停止！！！使用参数化查询来避免SQL注入

Oh what.Stop!!! Use Parameterized query to avoid SQL Injection

在connection

我希望问题是您在选择查询中遗漏了txtEmployId.Text值和txtEmplyName.Text值

I hope the problem is you have missesd txtEmployId.Text value and txtEmplyName.Text value in your select query

SqlConnection  connection= new SqlConnection(your Connection string);
string query = "SELECT CNIC, City, MobileNo, Address, Salary, DailyWage, Status   
       FROM  Employees WHERE EmployId =@EmpID AND Emplname = @Emplname ";
SqlCommand  command1 = new SqlCommand(query, connection); 
connection.Open();
command1.Parameters.AddWithValue("@EmpID",txtEmployId.Text);
command1.Parameters.AddWithValue("@Emplname",txtEmplyName.Text);
SqlDataReader reader1 = command1.ExecuteReader();


    while(reader1.Read())
   {
    this.txtCNIC.Text = (reader1["CNIC"].ToString());
    this.txtEmplyCity.Text = (reader1["City"].ToString());
    this.txtEmplyAddress.Text = (reader1["Address"].ToString());
    this.txtSalary.Text = (reader1["Salary"].ToString());
    this.txtDailyWage.Text = (reader1["DailyWage"].ToString());

        reader1.Close();
    }