You forgot a quote before the semicolon and you shouldn't put a comma before the
WHERE
keyword. Also, you use string concatenation to create the queries. That's not a good idea, because now you aren't protected against
SQL Injection[
^]. Use parameterized queries instead. Using parameterized queries also improves the readability and you'll make less syntax errors:
Dim SqlQuery As String = "UPDATE CustomerT SET [Contact] = @Contact, [FirstName] = @FirstName, [Address] = @Address WHERE CustomerID = @ID;"
Dim SqlCommand As New OleDbCommand
With SqlCommand
.CommandText = SqlQuery
With .Parameters
.AddWithValue("@Contact", txtcontact.Text)
.AddWithValue("@FirstName", txtfirstname.Text)
.AddWithValue("@LastName", txtlastname.Text)
.AddWithValue("@Address", txtaddress.Text)
.AddWithValue("@ID", txtid.Text)
End With
.Connection = conn
.ExecuteNonQuery()
End With