[shafran]

 Private Sub Button3_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button3.Click
        con1.Open()
        cmd.Connection = con1
        cmd.CommandText = "update Employee set Emp_Name='" & TextBox2.Text & "',Address='" & TextBox3.Text & "',Position='" & TextBox4.Text & "',NIC_No='" & TextBox5.Text & "',Marital_Status='" & TextBox6.Text & "',Department='" & TextBox7.Text & "',Date_of_Join='" & TextBox8.Text & "',Contact_No=" & TextBox9.Text & " where Emp_ID='" & Textbox1.Text & "'"
        x = cmd.ExecuteNonQuery()
        If (x = 1) Then
            MsgBox("Update Success")
        End If
        con1.Close()
        clear()

[tycos]

You have not said what your error is?

You SQL comes out as:

update Employee set 
Emp_Name='value',
Address='value',
Position='value',
NIC_No='value',
Marital_Status='value',
Department='value'
,Date_of_Join='value',
Contact_No=value 
where Emp_ID='value'

[andrewsw]

What error messages do you receive?
In what sense does it not work?
Use parameterized queries or prepared statements.
Print out the CommandText - check it and try and execute it in SS Management Studio.

This post has been edited by andrewsw: 16 February 2013 - 04:45 AM

[tycos]

As Andrew said reading values in from a textbox to a line of SQL is bad practice:

Why not create a function to handle your SQL statements which you can call:

' Generic Function to handle Queries 

 Public Shared Function execSQLQuery(ByVal cmd As MySqlCommand) As Boolean
        Try
            Dim myConnection As MySqlConnection

            myConnection = New MySqlConnection(ConfigurationSettings.AppSettings("ConnString"))
            cmd.CommandType = CommandType.Text
            cmd.Connection = myConnection

            myConnection.Open()
            reader = cmd.ExecuteNonQuery
            myConnection.Close()
            Return True
        Catch ex As Exception
            Return False
        End Try
    End Function 

' A Call to the function with Parameters
' cmd.Parameters.Add("?fieldname", datatype, length).Value = Textbox.text

        Dim cmd As New MySqlCommand
        Try
            cmd.CommandText = "UPDATE news set Headline=?title, content=?news, postedBy=?postedBy, shortdesc=?shortdesc, image_id=?image_id where ID =?id"
            cmd.Parameters.Add("?id", MySqlDbType.Int32, 11).Value = id
            cmd.Parameters.Add("?postedBy", MySqlDbType.VarChar, 255).Value = postedBy
            cmd.Parameters.Add("?title", MySqlDbType.VarChar, 255).Value = title
            cmd.Parameters.Add("?news", MySqlDbType.Text).Value = news
            cmd.Parameters.Add("?image_id", MySqlDbType.Int32, 11).Value = image_id
            cmd.Parameters.Add("?shortdesc", MySqlDbType.VarChar, 255).Value = shortdesc
            Return execSQLQuery(cmd)
        Catch ex As Exception
            Return False
        End Try

[CharlieMay]

Also, I believe Position will need to be enclosed in square brackets as I think it might be a keyword.
Sorry, don't have a way to check that right now but try:

...[Position]=...

[andrewsw]

http://msdn.microsof...y/ms189822.aspx

Position is a reserved word in ODBC. Personally, if I am suspicious of a particular word I might enclose it in brackets. Preferring compound, as opposed to single, words and abbreviated forms such as Posn prevents such concerns, although some people prefer not to use abbreviated versions.