SqlCommand cmd = new SqlCommand("Select uname, pswd from emp_details where uname = @id and pswd = @password ", conn);

$ b在上面的代码之后$ b，写下这些行

after your above code, write these lines

cmd.Parameters.Add(new SqlParameter("@id", "id here"));
cmd.Parameters.Add(new SqlParameter("@password", "password here"));

要添加到Faisalabadians所说的内容（并且他的内容是正确的），不要这样做！

永远不要存储密码明文 - 这是一个重大的安全风险。有关如何在此处执行此操作的信息：密码存储：如何做到这一点。 [ ^ ]

To add to what Faisalabadians says (and he is right as far as it goes), do not do it that way anyway!
Never store passwords in clear text - it is a major security risk. There is some information on how to do it here: Password Storage: How to do it.[^]

您正在使用标量变量 @id 和 @password 。你还应该提一下这是什么类型的参数！添加以下代码行。

You are using the scalar variable @id and @password. You should also mention what type of parameter is this! Add the following line of code.

SqlCommand cmd = new SqlCommand("Select uname, pswd from emp_details where uname = @id and pswd = @password ", conn);
cmd.Parameters.Add(new SqlParameter("@id", System.Data.SqlDbType.VarChar)).Value = TextBox1.Text;
cmd.Parameters.Add(new SqlParameter("@password", System.Data.SqlDbType.VarChar)).Value = TextBox2.Text;

这里，

Here,

cmd.Parameters.Add(new SqlParameter("@id", System.Data.SqlDbType.VarChar)).Value = TextBox1.Text;

告诉编译器参数 @id 的类型为 SQL VarChar ，然后将值 TextBox1.Text 赋值给参数 @id 。

现在，因为您的参数已声明，当编译器到达此行时

is telling the compiler that the parameter @id is of type SQL VarChar, and then assigning the value TextBox1.Text to the parameter @id.
Now, since your parameters are declared, when the compiler reaches at this line

SqlDataReader dr = cmd.ExecuteReader();

它知道参数的数据类型，你不会得到你在问题中提到的错误。



希望有所帮助。

干杯，

Naman

It knows the data type of your parameter and you will not get the error you mentioned in your question.

Hope that helps.
Cheers,
Naman