You have several issues to deal with here (apart from posting so much code that isn't relevant to your problem)
Firstly, spot the error in the preparation of the sql ... you haven't closed the single quotes on any the cbo_xxxx.Text lines
2nd - You are checking the value of chk_
Action.Checked but using cbo_
Reason.Text
3rd (and yet the most important) - you should NEVER use string concatenation to build a sql query, especially if user input is involved. Use
Parameterized Queries[
^] to avoid
SQL Injection[
^]. One of the other nice things about using command parameters is that you don't have to worry about those single quotes.
4th - you are adding the word "AND" regardless of whether you have added in any filters. If you debug this code with no checkboxes checked you end up with SQL of
Select * From Customers Where AND AND
which does not make any sense at all. If just Supplier is checked then you get
Select * From Customers Where SupplierName = 'cbo_Supplier.Text AND AND
Ironically if both Suppler and Action are checked you end up with something that is almost there (if it wasn't for error 1 above)
Select * From Customers Where SupplierName = 'cbo_Supplier.Text AND ActionType = 'cbo_Action.Text AND Reason = 'cbo_Reason.Text
Try something like this instead
Dim cmd As OleDbCommand = New OleDbCommand()
Dim sqlQry As String = "Select * From Customers "
sqlQry &= IIf(chk_Supplier.Checked Or chk_Action.Checked Or chk_Reason.Checked, " WHERE ", "")
If chk_Supplier.Checked Then
sqlQry &= "SupplierName = @Supplier"
cmd.Parameters.AddWithValue("@Supplier", cbo_Supplier.Text)
End If
If chk_Action.Checked Then
sqlQry &= IIf(chk_Supplier.Checked, " AND ", "")
sqlQry &= "ActionType = @Action"
cmd.Parameters.AddWithValue("@Action", cbo_Action.Text)
End If
If chk_Reason.Checked Then
sqlQry &= IIf(chk_Supplier.Checked Or chk_Action.Checked, " AND ", "")
sqlQry &= "Reason = @Reason"
cmd.Parameters.AddWithValue("@Reason", cbo_Reason.Text)
End If
cmd.CommandText = sqlQry