Hi there,
Your code is probably working exactly as you have written it. At a quick glance I can see a basic flaw in your "Button1_Click" event (which I have assumed is your search function?).
You have put this section of code in:
if (dr.HasRows)
{
dr.Read();
rep_bind();
GridView1.Visible = true;
TextBox1.Text = "";
Label1.Text = "";
}
Which, will mean that if the search result has rows then it just calls the standard rep_bind method.
This rep_bind method does not do any filtering based on your search criteria, hence I suspect you are seeing that the list populates but does not filter.
I would suggest having the rep_bind method defined with a "filter" parameter that gets appended to the end of your SQL query. Then in your filter search, you could pass the "filter" code in.
This is not the best method, because it means you end up querying the database multiple times.
An alternative would be to re-work the code so that even when you are "searching" you only query the data one to both perform the search and to return the results.
Also, I suggest you look at some of the following links as your current search query is susceptible to SQL Injection attacks.
Using SQLParameters with VB.NET/C#[
^]
http://csharp-station.com/Tutorial/AdoDotNet/Lesson06[
^]
http://johnhforrest.com/2010/10/parameterized-sql-queries-in-c/[
^]