For optimization, quality and best practice standards, is this code the 'best' way to retrieve encrypted data from a MS SQL Server 2008 R2 db, and retrieve it, based on what the user enters in text boxes? (First Name, Last Name)

Public Class Form1
Dim eFirst As String
Dim eLast As String
Dim dFirst As String
Dim dLast As String
Public Sub Searchbtn_Click(sender As System.Object, e As System.EventArgs) Handles Searchbtn.Click
 Me.DataGridView1.Show()
 Dim SQLConnection As New SqlConnection("Data Source=SQLTEST_HR,4000\SQLEXPRESS;Integrated Security=True") 'Declare Connection String'
 Dim SqlCommand As New SqlCommand 'Declare variable for SQL command'
 
 Dim dt As New DataTable
 Dim strKey As String = "Key1" 'encryption Key'
 Dim clsEncrypt As clsCrypt 'Assigns a variable to clsCrypt class'
 clsEncrypt = New clsCrypt(strKey) ' creates a new instance of the clsCrypt class'
 eFirst = clsEncrypt.EncryptData(SearchFirsttxt.Text.Trim.ToUpper)
 eLast = clsEncrypt.EncryptData(SearchLastTxt.Text.Trim.ToUpper)
 SQLConnection.Open() 'Opens database Connection'
 SqlCommand.Connection = SQLConnection 'Assigns connection to the command'
 If SearchFirsttxt.Text = "" Then
 SqlCommand.CommandText = "Select * FROM PARTICIPANT WHERE LAST_NM_TXT = '" & eLast & "';"
 ElseIf SearchLastTxt.Text = "" Then
 SqlCommand.CommandText = "Select * FROM PARTICIPANT WHERE FIRST_NM_TXT = '" & eFirst & "';"
 ElseIf SearchFirsttxt.Text IsNot Nothing And SearchLastTxt.Text IsNot Nothing Then
 SqlCommand.CommandText = "Select * FROM PARTICIPANT WHERE FIRST_NM_TXT = '" & eFirst & "' and LAST_NM_TXT = '" & eLast & "';"
 Else
 SqlCommand.CommandText = "Select * FROM PARTICIPANT;"
 End If
 'SQL Command returns rows where values in database and textboxes are equal'
 Dim myAdapter As New SqlDataAdapter(SqlCommand) 'holds the data'
 myAdapter.Fill(dt) 'datatable that is populated into the holder (DataAdapter)'
 DataGridView1.DataSource = dt 'Assigns source of information to the gridview (DataTable)'
 Try
 For i As Integer = 0 To dt.Rows.Count - 1
 dt.Rows(i)("FIRST_NM_TXT") = clsEncrypt.DecryptData(dt.Rows(i)("FIRST_NM_TXT"))
 dt.Rows(i)("LAST_NM_TXT") = clsEncrypt.DecryptData(dt.Rows(i)("LAST_NM_TXT"))
 Next
 Catch ex As Exception
 MessageBox.Show("Either the first name or last name did not match. Please check your spelling.")
 End Try

For optimization, quality and best practice standards, which code the 'best' way to retrieve encrypted data from a MS SQL Server 2008 R2 db, and decrypt it, based on what the user enters in text boxes? (First Name, Last Name)

Note: I did not accommodate the text box values into the last code snippet.

Public Class Form1
Dim eFirst As String
Dim eLast As String
Dim dFirst As String
Dim dLast As String
Public Sub Searchbtn_Click(sender As System.Object, e As System.EventArgs) Handles Searchbtn.Click
 Me.DataGridView1.Show()
 Dim SQLConnection As New SqlConnection("Data Source=SQLTEST_HR,4000\SQLEXPRESS;Integrated Security=True") 'Declare Connection String'
 Dim SqlCommand As New SqlCommand 'Declare variable for SQL command'
 
 Dim dt As New DataTable
 Dim strKey As String = "Key1" 'encryption Key'
 Dim clsEncrypt As clsCrypt 'Assigns a variable to clsCrypt class'
 clsEncrypt = New clsCrypt(strKey) ' creates a new instance of the clsCrypt class'
 eFirst = clsEncrypt.EncryptData(SearchFirsttxt.Text.Trim.ToUpper)
 eLast = clsEncrypt.EncryptData(SearchLastTxt.Text.Trim.ToUpper)
 SQLConnection.Open() 'Opens database Connection'
 SqlCommand.Connection = SQLConnection 'Assigns connection to the command'
 If SearchFirsttxt.Text = "" Then
 SqlCommand.CommandText = "Select * FROM PARTICIPANT WHERE LAST_NM_TXT = '" & eLast & "';"
 ElseIf SearchLastTxt.Text = "" Then
 SqlCommand.CommandText = "Select * FROM PARTICIPANT WHERE FIRST_NM_TXT = '" & eFirst & "';"
 ElseIf SearchFirsttxt.Text IsNot Nothing And SearchLastTxt.Text IsNot Nothing Then
 SqlCommand.CommandText = "Select * FROM PARTICIPANT WHERE FIRST_NM_TXT = '" & eFirst & "' and LAST_NM_TXT = '" & eLast & "';"
 Else
 SqlCommand.CommandText = "Select * FROM PARTICIPANT;"
 End If
 'SQL Command returns rows where values in database and textboxes are equal'
 Dim myAdapter As New SqlDataAdapter(SqlCommand) 'holds the data'
 myAdapter.Fill(dt) 'datatable that is populated into the holder (DataAdapter)'
 DataGridView1.DataSource = dt 'Assigns source of information to the gridview (DataTable)'
 Try
 For i As Integer = 0 To dt.Rows.Count - 1
 dt.Rows(i)("FIRST_NM_TXT") = clsEncrypt.DecryptData(dt.Rows(i)("FIRST_NM_TXT"))
 dt.Rows(i)("LAST_NM_TXT") = clsEncrypt.DecryptData(dt.Rows(i)("LAST_NM_TXT"))
 Next
 Catch ex As Exception
 MessageBox.Show("Either the first name or last name did not match. Please check your spelling.")
 End Try

OR this way

 Me.DataGridView1.Show()
 Dim SQLConnection As New SqlConnection("Data Source=SQLTEST_HR,4000\SQLEXPRESS;Integrated Security=True") 'Declare Connection String
 Dim cmd As New SqlCommand 'Declare variable for SQL command
 Dim dt As New DataTable
 Dim strKey As String = "Key1" 'encryption Key
 Dim clsEncrypt As clsCrypt 'Assigns a variable to clsCrypt class
 clsEncrypt = New clsCrypt(strKey) ' creates a new isntance of the clsCrypt class
 Dim eFirst As String
 Dim eLast As String
 eFirst = clsEncrypt.EncryptData(SearchFirsttxt.Text.Trim.ToUpper)
 eLast = clsEncrypt.EncryptData(SearchLasttxt.Text.Trim.ToUpper)
 SQLConnection.Open() 'Opens database Connection
 cmd.Connection = SQLConnection 'Assigns connection to the command
If SearchFirsttxt.Text = "" AndAlso SearchLasttxt.Text = "" Then
 ' Both emtpy so search everything'
 cmd.CommandText = "SELECT * FROM PARTICIPANT;"
 ElseIf SearchFirsttxt.Text = "" AndAlso SearchLasttxt.Text <> "" Then
 ' Search the last only if you have a last and not a first'
 cmd.CommandText = "Select * FROM Participant Where LAST_NM_TXT = @searchLast"
 cmd.Parameters.AddWithValue("@searchLast", eLast)
 ElseIf SearchLasttxt.Text = "" AndAlso SearchFirsttxt.Text <> "" Then
 ' Search the first only if you have a first and not a last'
 cmd.CommandText = "Select * FROM Participant WHERE FIRST_NM_TXT = @searchFirst"
 cmd.Parameters.AddWithValue("@searchFirst", eFirst)
 Else
 ' Both filled so search exactly (not sure if this is needed)'
 cmd.CommandText = "Select * FROM Participant " & _
 "WHERE FIRST_NM_TXT = @searchFirst " & _
 "OR LAST_NM_TXT = @searchLast"
 cmd.Parameters.AddWithValue("@searchFirst", eFirst)
 cmd.Parameters.AddWithValue("@searchLast", eLast)
 End If
 Dim myAdapter As New SqlDataAdapter(cmd) 'holds the data
 Dim ds As DataSet = New DataSet()
 myAdapter.Fill(ds)
 dt.Load(ds.CreateDataReader())
 DataGridView1.DataSource = dt 'Assigns source of information to the gridview (DataTable)
 'DECRYPTS ENCRYPTED DATA IN SPECIFICIED DT ROWS IN THE DGV1
 Try
 For i As Integer = 0 To dt.Rows.Count - 1
 dt.Rows(i)("FIRST_NM_TXT") = clsEncrypt.DecryptData(dt.Rows(i)("FIRST_NM_TXT"))
 dt.Rows(i)("LAST_NM_TXT") = clsEncrypt.DecryptData(dt.Rows(i)("LAST_NM_TXT"))
 Next
 Catch ex As Exception
 MessageBox.Show("Either the first name or last name did not match. Please check your spelling.")
 End Try

OR --

Public Function GetDetails() As DataSet
 Dim conn As New SqlConnection("Data Source=SQLTEST_HR,4000\SQLEXPRESS;Integrated Security=True")
 Dim strKey As String = "MarkKey" 'encryption Key
 Dim clsEncrypt As clsCrypt 'Assigns a variable to clsCrypt class
 clsEncrypt = New clsCrypt(strKey) ' creates a new isntance of the clsCrypt class
 Try
 conn.Open()
 Dim SqlCmd As New SqlCommand("Select * From Participant", conn)
 Dim myAdapt As New SqlDataAdapter(SqlCmd)
 Dim DSEmp As New DataSet()
 myAdapt.Fill(DSEmp)
 Dim DTEmp As New DataTable()
 DTEmp.Load(DSEmp.CreateDataReader())
 DataGridView1.DataSource = DTEmp
 For i As Integer = 0 To DSEmp.Tables(0).Rows.Count - 1
 DSEmp.Tables(0).Rows(i)("FIRST_NM_TXT") = clsEncrypt.DecryptData(DSEmp.Tables(0).Rows(i)("FIRST_NM_TXT"))
 DSEmp.Tables(0).Rows(i)("LAST_NM_TXT") = clsEncrypt.DecryptData(DSEmp.Tables(0).Rows(i)("LAST_NM_TXT"))
 Next
 Return DSEmp
 Catch ex As Exception
 Throw (ex)
 Finally
 conn.Close()
 End Try
End Function
Private Sub LoadReport()
 Try
 Dim ds As New DataSet
 ds = GetDetails()
 Dim rds As ReportDataSource = New ReportDataSource("DataSet1", ds.Tables(0))
 rv1.LocalReport.DataSources.Clear()
 rv1.LocalReport.DataSources.Add(rds)
 rv1.RefreshReport()
 Catch ex As Exception
 End Try
End Sub
 Private Sub Form2_Load(sender As System.Object, e As System.EventArgs) Handles MyBase.Load
 LoadReport()
End Sub

This is my first project I am doing in VB.NET, and also my first real programming project. There is sensitive data, so I am utilizing Microsoft's Encryption/Decryption class (clsCrypt)

For optimization, quality and best practice standards, is this code the 'best' way to retrieve ecnrypted data from a MS SQL Server 2008 R2 db, and retrieve it, based on what the user enters in text boxes? (First Name, Last Name)

This is my first project I am doing in VB.NET, and also my first real programming project. There is sensitive data, so I am utilizing Microsoft's Encryption/Decryption class (clsCrypt).

For optimization, quality and best practice standards, is this code the 'best' way to retrieve encrypted data from a MS SQL Server 2008 R2 db, and retrieve it, based on what the user enters in text boxes? (First Name, Last Name)