There are a couple of things here:
The first thing you need to do is put a breakpoint on the
try
statement, and examine your com.CommandText to check exactly what is being sent to the SQL server. Without knowing the content of ta1 and va you are just guessing at this stage.
The other is that you really shouldn't do that at all - use Parametrized queries instead because if you don't you are leaving yourself open to accidental or deliberate SQL Inject attacks, which could damage or destroy you database.
com.CommandText="UPDATE notification SET ntext = @NT where nid=@NI";
com.Parameters.AddWithValue("@NT", ta1.Value.Replace("\'","\'\'"));
com.Parameters.AddWithValue("@NI", va);
You may well find that you original problem disappears at the same time...