Private Sub Button1_Click_1(sender As Object, e As EventArgs) Handles Button1.Click

    Try
        '  Dim i As Integer
        Dim sql As String
        Dim cmd As New OleDb.OleDbCommand
        conn.Open()
        sql = “Select * from tblBooks where AUTHOR like '" & TextBox1.Text & "'"
        cmd.Connection = conn
        cmd.CommandText = sql

    Catch ex As Exception
        MsgBox(ex.Message)
    Finally
        conn.Close()
    End Try
End Sub

my search button is currently looking like this. Id appreciate any help

CodePudding user response：

Do not declare connections outside of the method where they are used. Connections, commands and DataReaders have a Dispose method which must be called to release unmanaged resources. The language provides Using blocks to close and dispose these objects.

Never concatenate strings to build sql strings. Always use parameters to avoid sql injection.

You set up a command but you never executed it and even if you did execute it you haven't provided any way to display the return.

Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
    Dim dt As New DataTable
    Dim sql = "Select * from tblBooks where AUTHOR like @Author;"
    Try
        Using conn As New OleDbConnection("Your connection string"),
            cmd As New OleDbCommand(sql, conn)
            cmd.Parameters.Add("@Author", OleDbType.VarChar).Value = $"*{TextBox1.Text}*"
            conn.Open()
            Using reader = cmd.ExecuteReader
                dt.Load(reader)
            End Using 'Closes and disposes reader
        End Using 'Closes and disposes connection and disposes command
        DataGridView1.DataSource = dt
    Catch ex As Exception
        MsgBox(ex.Message)
    End Try
End Sub

CodePudding user response：

As is, it will only return an exact match. Try adding wildcards:

sql = "Select * from tblBooks where AUTHOR like '*" & TextBox1.Text & "*'"