I totally agree with Naerling - Use a parametrized query - It will save you lots of headaches. What if your company name has a single quote or any other special character - your query will bomb out. Parameterized queries solve so many problems with nulls, boolean values, dates, special characters in strings.
Maybe also do a bit of validation on the data before you write it to the database.
Limit input length on your text boxes to the size of your database field
Me.com.Text.MaxLength = 10
Mask the text boxes that contain numeric fields.
You can use a MaskedTextBox instead of a TextBox
Or
You can handle the keypress event and limit the input
Private Sub buy.Text_KeyPress(sender As Object, e As System.Windows.Forms.KeyPressEventArgs) Handles buy.Text.KeyPress
If Asc(e.KeyChar) = 8 Or Asc(e.KeyChar) = 127 Then
Exit Sub
End If
If Asc(e.KeyChar) < 47 Or Asc(e.KeyChar) > 57 Then
e.Handled = True
Exit Sub
End If
End Sub
Or with more control over the input
Private Sub buy.Text_KeyPress(sender As Object, e As System.Windows.Forms.KeyPressEventArgs) Handles buy.Text.KeyPress
Dim decPlaces As Integer = 0
Dim MaxIntVal As Long = 999999
Dim AllowNeg As Boolean = False
' Allow Backspace or delete
If Asc(e.KeyChar) = 8 Or Asc(e.KeyChar) = 127 Then
Exit Sub
End If
'If decimal places are not allowed, ignore '.'
If decPlaces = 0 And e.KeyChar = "." Then
e.Handled = True
Exit Sub
End If
'If the box already has '.' dont alow another one
If sender.Text.Contains(".") And e.KeyChar = "." Then
e.Handled = True
Exit Sub
End If
'If negative values are not allowed, ingnore '-'
If Not AllowNeg And e.KeyChar = "-" Then
e.Handled = True
Exit Sub
End If
'If there is not already a '-' then put the '-' in front
If e.KeyChar = "-" And Not (sender.text.contains("-")) Then
sender.text = "-" & sender.text
e.Handled = True
Exit Sub
End If
If sender.Text.Length >= 1 And e.KeyChar = "-" Then
e.Handled = True
Exit Sub
End If
If Asc(e.KeyChar) = 45 Or e.KeyChar = "." Then ' '-' or '.' respectively
Exit Sub
End If
'Limit the number of decimal places
If sender.Text.Contains(".") Then
If sender.Text.Length > sender.Text.IndexOf(".") + decPlaces Then
e.Handled = True
Exit Sub
End If
End If
'Limit the value to a maximum
If sender.Text.Length > 2 Then
If Not (Asc(e.KeyChar) < 47) And Not (Asc(e.KeyChar) > 57) Then
If Math.Truncate(Math.Abs(CDbl(sender.Text & e.KeyChar))) > MaxIntVal Then
e.Handled = True
Exit Sub
End If
End If
End If
'Ignore characters that are not numeric
If Asc(e.KeyChar) < 47 Or Asc(e.KeyChar) > 57 Then
e.Handled = True
Exit Sub
End If
End Sub