insert data into sqlclient in vb

Question

i need help. i try to add data into database using below coding. but the data can't save into the database. it's mean nothing happen in database after i click the 'SAVE' button

please check my coding. tq

Imports System.Data.SqlClient

Public Class frmAddNewStaffAdmin

 Dim con As SqlClient.SqlConnection
 Dim dbSource As String
 Dim cmd As SqlClient.SqlCommand

 Private Sub btnSave_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnSave.Click
    Try
        If Len(Trim(cboRole.Text)) = 0 Then
            MessageBox.Show("Please select user type", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
            cboRole.Focus()
            Return
        ElseIf Len(Trim(txtStaffID.Text)) = 0 Then
            MessageBox.Show("Please enter Staff ID", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
            txtStaffID.Focus()
            Return
        ElseIf Len(Trim(txtStaffName.Text)) = 0 Then
            MessageBox.Show("Please enter Staff Name", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
            txtStaffName.Focus()
            Return
        ElseIf Len(Trim(txtUsername.Text)) = 0 Then
            MessageBox.Show("Please enter Username", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
            txtUsername.Focus()
            Return
        ElseIf Len(Trim(txtPassword.Text)) = 0 Then
            MessageBox.Show("Please enter Password", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
            txtPassword.Focus()
            Return

        End If

        dbSource = "Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\HMS.mdf;Integrated Security=True;User Instance=True"

        con = New SqlConnection(dbSource)

        con.Open()

        Dim sql As String = "INSERT INTO [User] (Staff_ID, Staff_Role, Staff_Name, Username, Password) VALUES ('" & txtStaffID.Text & "', '" & cboRole.Text & "', '" & txtStaffName.Text & "', '" & txtUsername.Text & "', '" & txtPassword.Text & "' ) "

        cmd = New SqlCommand(sql)

        cmd.Connection = con

        cmd.ExecuteReader()

        MessageBox.Show("Successfully saved", "Record", MessageBoxButtons.OK, MessageBoxIcon.Information)

        con.Close()



    Catch ex As Exception
        MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
    End Try

 End Sub
End Class

Answer 1

There are two errors in your code

Change

Dim sql As String = "INSERT INTO [User] (Staff_ID, Staff_Role, Staff_Name, Username, Password) VALUES ('" & txtStaffID.Text & "', '" & cboRole.Text & "', '" & txtStaffName.Text & "', '" & txtUsername.Text & "', '" & txtPassword.Text & "' ) "

to

Dim sql As String = "INSERT INTO [User] (Staff_ID, Staff_Role, Staff_Name, Username, [Password]) VALUES ('" & txtStaffID.Text & "', '" & cboRole.Text & "', '" & txtStaffName.Text & "', '" & txtUsername.Text & "', '" & txtPassword.Text & "' ) "

Edit:

Use the Query like this

    Dim sql As String = "INSERT INTO [User] (Staff_ID, Staff_Role, Staff_Name, Username, [Password]) VALUES (@StaffID,@Role,@StaffName,@Username,@Password) "

   Cmd.Parameters.AddWithValue("@Staff_ID", txtStaffID.Text)
   Cmd.Parameters.AddWithValue("@Role", cboRole.Text)
   Cmd.Parameters.AddWithValue("@StaffName", txtStaffName.Text)
   Cmd.Parameters.AddWithValue("@Username", txtUsername.Text )
   Cmd.Parameters.AddWithValue("@Password", txtPassword.Text)

1. Changes made Password to [Password] because Password is a reserved keyword.

2. Change cmd.ExecuteReader() to cmd.ExecuteNonQuery()

Difference between ExecuteNonQuery and ExecuteReader

ExecuteNonQuery

ExecuteNonQuery method will return number of rows effected with INSERT, DELETE or UPDATE operations. This ExecuteNonQuery method will be used only for insert, update and delete, Create, and SET statements. (Read More about ExecuteNonQuery)

SqlCommand.ExecuteNonQuery MSDN Documentation

ExecuteReader

Execute Reader will be used to return the set of rows, on execution of SQL Query or Stored procedure using command object. This one is forward only retrieval of records and it is used to read the table values from first to last.(Read More about ExecuteReader)

SqlCommand.ExecuteReader MSDN Documentation

Answer 2

Use cmd.ExecuteNonQuery() not cmd.ExecuteReader()