VB.NET(2003) SQL Parameter

Private Function QueryOrder(ByVal strOrder As String, ByVal oleCon As OleDb.OleDbConnection) As Boolean
        Dim ds As DataSet
        Dim dataCount As Integer
        Dim da As OleDb.OleDbDataAdapter
        Dim cmd As OleDb.OleDbCommand
        Try
            ds = New DataSet
            Dim strSql As String = "SELECT CustomerCode as CstCode,PartNo As PN,ConfirmDelDate As DueDate,Cast((Qty*1000) as integer) As SumQty," & _
                                       "Cast((ShippedQty*1000) As Integer) As ShippedQty,ShipQty='',NonConvCOID As ID,COIDLevel,Status From tbl_backlog " & _
                                       "Where OrderNo= ? " & _
                                       "And NonConvCOID Like 'FZ%TA' " & _
                                       "And Undone='FALSE' Order by ConfirmDelDate ASC"

            If oleCon.State = ConnectionState.Closed Or oleCon.State = ConnectionState.Broken Then
                oleCon.Open()
            End If
            cmd = oOleDBC.CreateCommand()
            cmd.CommandType = CommandType.Text
            cmd.CommandText = strSql
            cmd.Connection = oleCon
            da = New OleDb.OleDbDataAdapter(cmd)
            da.SelectCommand.Parameters.Add("@OrderNo", OleDb.OleDbType.VarChar, 30).Value = strOrder
            dataCount = da.Fill(ds, "OrderInfo")
            If dataCount = 0 Then
                PopMsg("Warning", "Can not find data!", MsgBoxStyle.Critical, "OrderNo:" & strOrder)
                Return False
            End If
            For n As Integer = ds.Tables("OrderInfo").Rows.Count - 1 To 0 Step -1
                If ds.Tables("OrderInfo").Rows(n)("Status").ToString = "Shipped" Then
                    ds.Tables("OrderInfo").Rows(n).Delete()
                End If
            Next
            ds.Tables("OrderInfo").AcceptChanges()

            If ds.Tables("OrderInfo").Rows.Count = 0 Then
                PopMsg("Warning", "The Order has been shipped!", MsgBoxStyle.Critical, "OrderNo:" & strOrder)
                Return False
            End If
            BuildListViewFromTable(lvOI, False, "OrderInfo", ds)
            For i As Integer = 0 To lvOI.Columns.Count - 1
                If lvOI.Columns(i).Text = "ID" Then lvOI.Columns(i).Width = 0
                If lvOI.Columns(i).Text = "COIDLevel" Then lvOI.Columns(i).Width = 0
                If lvOI.Columns(i).Text = "Status" Then lvOI.Columns(i).Width = 0
            Next
            Return True
        Catch ex As Exception
            Return False
        Finally
            cmd.Dispose()
            da.Dispose()
            cmd = Nothing
            da = Nothing
            oleCon.Close()
        End Try
    End Function