The length does not matter so much, but your code could be refactored to get rid of these flaws:
- There is no need to close then reopen the connection between each request.
- Never, ever, construct SQL queries by concatenating string obtained from user inputs. This leaves your code opened to SQL injection attacks. Better use parameterized queries instead.
For example:
sql = "Select * From wip_vg WHERE (no_lab = @noLab) and (char1s = @char1s)";
cmd.Parameters.AddWithValue("@noLab", tnolab.Text);
cmd.Parameters.AddWithValue("@char1s", Label65.Text);