Most likely the problem occurs because your data operations concatenate the values directly to the SQL statement. This leaves you open to SQL injections and introduces problems with implicit data type conversions.
As for cure, you should use
MySqlParameter[
^] with all the statements. For example
cmd.CommandText = "Insert into tblinfo(patient_no,last_name,first_name,middle_initial,birthdate,gender,phone_no,address) VALUES (:patient_no, :last_name, :first_name, :middle_initial, :birthdate, :gender, :phone_no, :address) "
cmd.Parameters.AddWithValue("patient_no", txtpatientno.Text)
cmd.Parameters.AddWithValue("last_name", txtlname.Text)
cmd.Parameters.AddWithValue("first_name", txtfname.Text)
cmd.Parameters.AddWithValue("middle_initial", txtmid.Text)
cmd.Parameters.AddWithValue("birthdate", txtbday.Text)
cmd.Parameters.AddWithValue("gender", txtgender.Text )
cmd.Parameters.AddWithValue("phone_no", txtphoneno.Text )
cmd.Parameters.AddWithValue("address", txtaddress.Text)
cmd.ExecuteNonQuery()