Hmm. It is the basic concept of string concatenation; consider the following:
'For the purposes below, assume the Text property of TextBox1 contains the value Hello
Dim someString as String = TextBox1.Text
Dim someString2 as String = "TextBox1.Text"
Dim someString3 as String = someString & " " & someString2
Console.WriteLine(someString) 'Outputs: Hello
Console.WriteLine(someString2) 'Outputs TextBox1.Text
Console.WriteLine(someString3) 'Outputs Hello TextBox1.Text
So, in your example:
Dim Str As String = "INSERT INTO tablename (username, password) Values(Text1Box1.text,textbox2.text)"
The string INSERT INTO tablename (username, password) Values(Text1Box1.text,textbox2.text) is passed to the database because you have defined it as a string literal (everything is wrapped in " ") to actually appened your values to the string you need to use the Concatenate operator (&) as I outlined in my previous post.
The reason for the ' that directly preceed and follow " is because that is how most databases interpet string values. If you change my code to:
Dim Str As String = "INSERT INTO tablename (username, password) Values(" & Text1Box1.text & "," & textbox2.text &")"
A string that looks something like the following will be passed in:
INSERT INTO tablename (username, password) Values(SomeUsername, SomePassword)
Which is obviously an error. My original code will pass a sting into your database that looks like this:
INSERT INTO tablename (username, password) Values('SomeUsername', 'SomePassword') which is valid.
Does that make sense?
Read this if you want to know how to get a correct reply for your question:
.: Wrox Technical Editor / Author :.
Wrox Books 24 x 7