I suggest to replace your filter creating method with a more secure way to handle the content of the two textboxes and the situation in which one or both textboxes are empty
Dim client As String = If((TextBox1.Text.Length > 0), _
String.Format(" AND [client] LIKE '%{0}%'", TextBox1.Text.Replace("'", "''")),"")
Dim ref As String = If((TextBox2.Text.Length > 0), _
String.Format(" AND [REF] LIKE '%{0}%'", TextBox2.Text.Replace("'", "''"), "")
Return String.Format("{0} {1} {2}", datee, client, ref)
The replace call double a single quote inserted by your user in the textbox, the AND is directly inserted in the string for client and for ref, otherwise you get an invalid sql if one or both textboxes are empty