Also, instead of using those strings you can just directly point at the textboxes.
The reason I convert the textbox's contents into a string variable is to work with them easier and to give the user a sense of stability. We run the replace command against the variable instead of the string so we don't interfere with what the user entered (in case they mess up the password, we could accidentally throw them off even more.) For instance, if someone entered a password which contained an apostrophe, it would mess up the SQL statement if you pointed directly to the textbox. The SQL statement would cut off the password string prematurely because it uses apostrophes, not quotes, to wrap around text and indicate a string.
Saying textbox1.text = replace(textbox1.text, "'", "''") will actually change text within the textbox, while saying textVar = replace(textbox1.text, "'", "''") will simply adjust the variable and the user won't see it.
If you enter '' (double apostrophe) into an SQL statement, it gets treated as a single apostrophe within a string, instead of the single apostrophe used to wrap around strings. Know what I mean?
As far as his error, it has to do with how he's executing the command. The code I posted is for a reader, now you need to use ExecuteNonQuery.
The code should look something like this:
Dim usernameString as string = usernameTextBox.text
Dim passwordString as string = passwordTextBox.text
usernameString = replace(usernameString, "'", "''")
passwordString = replace(passwordString, "'", "''")
Dim SQLString as string = "INSERT INTO USERS (USERNAME, PASSWORD) VALUES ('" & usernameString & '", '" & passwordString & "')"
Dim dbPath = "C:\Whatever\Whatever.mdb"
Dim connectionString As String = "Provider=Microsoft.Jet.OLEDB.4.0;" & "Data Source=" & dbPath
Dim dbCon As New OleDbConnection(connectionString)
Try
dbCon.Open()
Dim cmd As New OleDbCommand(SQLString, dbCon)
cmd.ExecuteNonQuery() '<This is what you were missing.
dbCon.Close()
Catch ex As System.Exception
MessageBox.Show("Error: " & vbNewLine & ex.Message)
Exit Sub
End Try
Notice how here we don't need a data reader since we're simply inserting data into the database. There's nothing we are grabbing, just sending a command out to the database.