Dim SQL As String = "INSERT INTO tblOrderLines(custref,orderref, Barcode, Product, price) values (@custref,@orderref, @Barcode, @Product, @price)"
Using command As New SqlCommand(SQL, con)
command.Parameters.Add("@custref", SqlDbType.VarChar).Value = strCustRef
command.Parameters.Add("@orderref", SqlDbType.VarChar).Value = strOrderRef
command.Parameters.Add("@Barcode", SqlDbType.VarChar).Value = lvItem.Text ' you don't need to replace symbols this way
command.Parameters.Add("@Product", SqlDbType.VarChar).Value = lvItem.SubItems(1).Text.ToString
command.Parameters.Add("@price", SqlDbType.VarChar).Value = lvItem.SubItems(2).Text.ToString
Dim result As Integer = command.ExecuteNonQuery()
' ...
End Using
|