As dbrenth has said: use ExecuteNonQuery rather than Executereader: it should work then.
The first comment he made refers to your concatenation of strings to form the SQL staement, and that it is a dangerous thing to do: Not only can it make code very difficult yo read, but it can also allow accidental or deliberate SQL injection accatks which can destroy your database.
In the example he gave, if your user types "x';DROP TABLE MS4--" and you submit your query as is, SQL will interpret it as two separate commands: An UPDATE command followed by a DROP TABLE command. It will then delete (with no undo facility) your entire MS4 table.
If you think this is unlikely, it is one of the first things people tried with the UK on-line census recently...and they were mostly upset when it didn't do any damage.
There are other malicious things you can do with it, but prevention is easy:
using (SqlConnection connection = new SqlConnection(ConnectionString.Conn))
{
connection.Open();
using (SqlCommand command = new SqlCommand("UPDATE MS4 SET Views = Views + 1 WHERE SheetName=@SN",connection))
{
command.Parameters.AddWithValue("@SN", textBox2.Text);
command.ExecuteNonQuery();
}
}
Please note that SQL connections and so forth are scarce resources, and you are responsible for disposing of those you create. The above is probably the easiest way.
[edit]Typo: should have been SqlCommand, typed SqlConnection :O - OriginalGriff[/edit]