error object reference not set to an instance of an object in vb

Question

i have a problem. when i running the project and after i click "SAVE" button, this error message will display https://www.dropbox.com/s/drpopoqi3etob3d/Presentation1.png

below is the code of the project

Imports System.Data.SqlClient

Public Class frmAddNewStaffAdmin

Dim con As SqlClient.SqlConnection
Dim dbSource As String
Dim cmd As SqlClient.SqlCommand

Private Sub btnSave_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnSave.Click
    Try
        If Len(Trim(cboRole.Text)) = 0 Then
            MessageBox.Show("Please select user type", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
            cboRole.Focus()
            Return
        ElseIf Len(Trim(txtStaffID.Text)) = 0 Then
            MessageBox.Show("Please enter Staff ID", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
            txtStaffID.Focus()
            Return
        ElseIf Len(Trim(txtStaffName.Text)) = 0 Then
            MessageBox.Show("Please enter Staff Name", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
            txtStaffName.Focus()
            Return
        ElseIf Len(Trim(txtUsername.Text)) = 0 Then
            MessageBox.Show("Please enter Username", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
            txtUsername.Focus()
            Return
        ElseIf Len(Trim(txtPassword.Text)) = 0 Then
            MessageBox.Show("Please enter Password", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
            txtPassword.Focus()
            Return

        End If

        dbSource = "Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\HMS.mdf;Integrated Security=True;User Instance=True"

        con = New SqlConnection(dbSource)

        con.Open()

        Dim sql As String = "INSERT INTO [User] ([Staff_ID], [Staff_Role], [Staff_Name], [Username], [Password]) VALUES (@StaffID, @Role, @StaffName, @Username, @Password) "

        cmd.Connection = con

        cmd.ExecuteNonQuery()

        cmd.Parameters.AddWithValue("@Staff_ID", txtStaffID.Text)
        cmd.Parameters.AddWithValue("@Role", cboRole.Text)
        cmd.Parameters.AddWithValue("@StaffName", txtStaffName.Text)
        cmd.Parameters.AddWithValue("@Username", txtUsername.Text)
        cmd.Parameters.AddWithValue("@Password", txtPassword.Text)

        cmd = New SqlCommand(sql)


        MessageBox.Show("Successfully saved", "Record", MessageBoxButtons.OK, MessageBoxIcon.Information)

        con.Close()



    Catch ex As Exception
        MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
    End Try

End Sub

Private Sub btnCancel_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnCancel.Click

    Me.Hide()
    frmStaffAdmin.Show()

End Sub

End Class

Answer 1

Your code is not correctly ordered. You use the SqlCommand before its initialization and of course this results in the mentioned error

    dbSource = "Data Source=.\SQLEXPRESS;AttachDbFilename=|DataDirectory|\HMS.mdf;Integrated Security=True;User Instance=True"

    con = New SqlConnection(dbSource)

    con.Open()

    Dim sql As String = "INSERT INTO [User] ([Staff_ID], [Staff_Role], [Staff_Name], [Username], [Password]) VALUES (@StaffID, @Role, @StaffName, @Username, @Password) "

    cmd = New SqlCommand(sql)

    cmd.Connection = con
    cmd.Parameters.AddWithValue("@StaffID", txtStaffID.Text)
    cmd.Parameters.AddWithValue("@Role", cboRole.Text)
    cmd.Parameters.AddWithValue("@StaffName", txtStaffName.Text)
    cmd.Parameters.AddWithValue("@Username", txtUsername.Text)
    cmd.Parameters.AddWithValue("@Password", txtPassword.Text)

    cmd.ExecuteNonQuery()

    MessageBox.Show("Successfully saved", "Record", MessageBoxButtons.OK, MessageBoxIcon.Information)

    con.Close()

Moved the initialization of the SqlCommand before its first usage and moved the ExecuteNonQuery as the last instruction