Start by fixing the
SQL Injection[
^] vulnerability.
You'll also need to wrap the
Employee Name
field in square brackets. You should generally avoid creating columns or tables with spaces or other special characters in their name.
You should wrap the connection and command objects in
Using
blocks, to ensure that they're always cleaned up properly.
Private Sub cmdadd_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles cmdadd.Click
Try
Using sqlconn As New OleDb.OleDbConnection("Provider=Microsoft.ACE.OLEDB.12.0;Data Source=D:\Tubewell\Tubewell\Tubewell.accdb")
Using sqlquery As New OleDb.OleDbCommand("INSERT INTO Employee_Details(EmpNo, [Employee Name], Status) VALUES (?, ?, ?)", sqlconn)
sqlquery.Parameters.AddWithValue("@EmpNo", txtempno.Text)
sqlquery.Parameters.AddWithValue("@Name", txtempname.Text)
sqlquery.Parameters.AddWithValue("@Status", ComboBox1.Text)
sqlconn.Open()
sqlquery.ExecuteNonQuery()
End Using
End Using
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
End Sub
If you're still getting the exception, set a breakpoint on the
MessageBox.Show
line, and examine the full details of the exception.