Instead of passing the SQL string to the adapter create a SqlCommand
], define the SqlParameters
] and use that command for your adapter. When doing this you also have to create the SqlConnection.
So something like:
Dim databaseConnection As New SqlConnection
Dim queryCommand As New SqlCommand
databaseConnection.ConnectionString = conStr
queryCommand.CommandText = "SELECT * FROM tblTest where Name=@NM and Rank=@RN"
queryCommand.Connection = databaseConnection
Dim dAdt As New SqlDataAdapter(queryCommand)