Keyword not supported: ‘provider’

ado.netasp.netconnection-stringprovider

I'm Having this error:

Keyword not supported: 'provider'.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.ArgumentException: Keyword not supported: 'provider'.

Source Error:

Line 24:     {
Line 25:         Session["id"] = e.CommandArgument.ToString();
Line 26:         SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
Line 27:            con.Open();
Line 28:             SqlCommand cmd1 = new SqlCommand("INSERT INTO tb2 (id, name) SELECT id, name FROM tb1 where id='"+Session["id"].ToString()+"'", con);

Source File: c:\inetpub\wwwroot\logon\page.aspx    Line: 26 

Here's my full code:

<%@ Page Language="C#" Debug="true" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace = "System.Data.SqlClient" %>

<script runat="server" type="css">

protected void Page_Load(object sender, EventArgs e)
{
    if (!IsPostBack)
    {
        bind();
    }
}
protected void bind()
{
    PendingRecordsGridview.DataSourceID = "";
    PendingRecordsGridview.DataSource = sd1;
    PendingRecordsGridview.DataBind();
 }
protected void PendingRecordsGridview_RowCommand(object sender, GridViewCommandEventArgs e)
{
    if (e.CommandName == "accept")
    {
        Session["id"] = e.CommandArgument.ToString();
        SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString);
            con.Open();
            SqlCommand cmd1 = new SqlCommand("INSERT INTO tb2 (id, name) SELECT id, name FROM tb1 where id='"+Session["id"].ToString()+"'", con);
            SqlCommand cmd2 = new SqlCommand("delete from tb1 where id='"+Session["id"].ToString()+"'", con);
            cmd1.ExecuteNonQuery();
            cmd2.ExecuteNonQuery();
            bind();
    }
}
</script>
<form id="form1" runat="server">
<asp:GridView ID="PendingRecordsGridview" runat="server" AutoGenerateColumns="False" DataKeyNames="id" onrowcommand="PendingRecordsGridview_RowCommand" DataSourceID="sd1">
        <Columns>
            <asp:templatefield HeaderText="Accept">
                <ItemTemplate>
                    <asp:Button CommandArgument='<%# Bind("id") %>' ID="Button1" runat="server" CausesValidation="false" CommandName="accept" Text="Accept" />
                </ItemTemplate>
            </asp:templatefield>
            <asp:templatefield HeaderText="name" SortExpression="name">
                <EditItemTemplate>
                    <asp:TextBox ID="TextBox1" runat="server" Text='<%# Bind("name") %>'>
                    </asp:TextBox>
                </EditItemTemplate>
                <ItemTemplate>
                    <asp:Label ID="Label1" runat="server" Text='<%# Bind("name") %>'>
                    </asp:Label>
                </ItemTemplate>
            </asp:templatefield>
            <asp:templatefield HeaderText="id" SortExpression="id">
                <EditItemTemplate>
                    <asp:Label ID="Label1" runat="server" Text='<%# Eval("id") %>'>
                    </asp:Label>
                </EditItemTemplate>
                <ItemTemplate>
                    <asp:Label ID="Label2" runat="server" Text='<%# Bind("id") %>'>
                    </asp:Label>
                </ItemTemplate>
            </asp:templatefield>
        </Columns>
    </asp:GridView>
    <asp:SqlDataSource ID="sd1" runat="server" 
        ConnectionString="<%$ ConnectionStrings:ConnectionString %>" 
        ProviderName="<%$ ConnectionStrings:ConnectionString.ProviderName %>"
        SelectCommand="SELECT * FROM [tb1]" DeleteCommand="DELETE FROM [tb1] WHERE [id] = ?" InsertCommand="INSERT INTO [tb1] ([name]) VALUES (?)"  UpdateCommand="UPDATE [tb1] SET [name] = ? WHERE [id] = ?">
        <DeleteParameters>
            <asp:parameter Name="id" Type="Int32" />
        </DeleteParameters>
        <UpdateParameters>
            <asp:parameter Name="name" Type="String" />
            <asp:parameter Name="id" Type="Int32" />
        </UpdateParameters>
        <InsertParameters>
            <asp:parameter Name="name" Type="String" />
        </InsertParameters>
</asp:SqlDataSource>
</form>       

Web.config

<configuration>
    <connectionStrings>

        <add name="ConnectionString" connectionString="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\inetpub\wwwroot\logon\_private\db1.mdb"
            providerName="System.Data.OleDb" />
    </connectionStrings>
</configuration>

Please help! Thank you!

Best Solution

It looks like you are trying to access an Access database using a SQL Server connection object. (The connection config refers to the Jet database engine)

You should be using an OleDbConnection (and related OleDbCommand, etc.) instead.

For more information on connection strings see: http://connectionstrings.com/access

And, as was mentioned in the comments, your code is succeptable to SQL Injection attack. You might want to read up how to protect yourself from SQL Injection Attacks (The article is for SQL Server, but many of the concepts are also applicable to Access)