As OP has indicated that "Above code its right" I will post this solution to close off the question.
OP has now added the use of
DATEADD()
rather than rely on the implicit conversion of
DATE_OF_COMPLAINT + 3
. However the code is still not quite right.
There is no point in creating a StringBuilder if you are then going to use String concatenation to generate it. That section would look better like this:
objSBQuery = New StringBuilder("Update DRL_COMPLAINTS_DETAILS_HDR SET DATE_OF_COMPLAINT = DATEADD(day,3,DATE_OF_COMPLAINT) WHERE COMPLAINTS_DTL_ID='"
objSBQuery.Append(strComplaintId)
objSBQuery.Append("' ")
However, that still leaves the code open to SQL Injection attacks. You should never concatenate strings like that to create SQL commands.
It should look more like:
Dim objSBQuery As String = "Update DRL_COMPLAINTS_DETAILS_HDR SET DATE_OF_COMPLAINT = DATEADD(DD,3,DATE_OF_COMPLAINT) WHERE COMPLAINTS_DTL_ID=@id"
clsInvCmn.Parameters.AddWithValue("@id", strComplaintId)
clsInvCmn.ExecuteQuery(objSBQuery)
But to do that you will need to implement some means of passing Parameters into the
clsInvCmn
class, whatever that might be.