In VBScript, VBA and VB5/6, SET is required to assign an object reference; to assign any other sort of data (including a string), just remove it:

sql = "Insert Into Products (ProductName,SupID,CatID,Price,Pic,Description) Values( '"&pName&"','"&pbId&"','"&pcId&"','"&price&"','"&pic&"','"&desc&"')" 

(In VBA and VB5/6 you could also use LET here.)

The reason SET works when assigning the result of a Request.Form("foo") call is because the Form collection is a collection of objects - the subsequent tests against "" and "-1" are valid only because the objects returned have a default parameterless property or method that return a string-compatible variant.

If I was to guess I'd say your problem is you're passing the SupID and CatID fields as strings when they are probably integers. The problem with handling INSERT this way is you leave yourself open to SQL Injection plus you encounter data type issues like you seem to be experiencing here.

Whenever possible when interacting with a database you should try to use Parameterised Queries. In Classic ASP the best object to do this is ADODB.Command.

Here is an example using your code;

NOTE: If you have problems with the ADO named constants like adParamInput then look in the links section below to see how to use the METADATA tag in your global.asa file to reference the ADO type library across your application.

Dim cmd, sql, conn_string, rs, data

'Wouldn't recommend storing your database inside your website root, instead
'store it outside in another folder and set up a variable in an include file
'to store the location. That way it is not accessible to everyone.
conn_string = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("WebData/DB.mdb") & ";"

Set cmd = Server.CreateObject("ADODB.Command")

sql = "SELECT * FROM Products WHERE ProductName = ?"
With cmd
  .ActiveConnection = conn_string
  .CommandType = adCmdText
  .CommandText = sql
  Call .Parameters.Append(.CreateParameter("@ProductName", adVarWChar, adParamInput, 50))
  Set rs = .Execute(, Array(pName))
  If Not rs.EOF Then data = rs.GetRows()
  Call rs.Close()
  Set rs = Nothing
End With

If IsArray(data) Then
  sql = ""
  sql = sql & "INSERT INTO Products (ProductName, SupID, CatID, Price, Pic, Description) " & vbCrLf
  sql = sql & "VALUES (?, ?, ?, ?, ?, ?)"

  Set cmd = Server.CreateObject("ADODB.Command")
  With cmd
    .ActiveConnection = conn_string
    .CommandType = adCmdText
    .CommandText = sql
    'Define Parameters
    'Making some assumptions about your data types, but you can modify these to fit
    'good guide for this is http://www.carlprothman.net/Technology/DataTypeMapping/tabid/97/Default.aspx
    Call .Parameters.Append(.CreateParameter("@ProductName", adVarWChar, adParamInput, 50))
    Call .Parameters.Append(.CreateParameter("@SupID", adInteger, adParamInput, 4))
    Call .Parameters.Append(.CreateParameter("@CatID", adInteger, adParamInput, 4))
    Call .Parameters.Append(.CreateParameter("@Price", adCurrency, adParamInput, 4))
    Call .Parameters.Append(.CreateParameter("@Pic", adVarWChar, adParamInput, 255))
    Call .Parameters.Append(.CreateParameter("@Description", adLongVarWChar, adParamInput, 1000))
    'Some of your variables may require conversion before setting the parameter values.
    .Parameters("@ProductName").Value = pName
    .Parameters("@SupID").Value = CLng(pbId)
    .Parameters("@CatID").Value = CLng(pcId)
    .Parameters("@Price").Value = price
    .Parameters("@Pic").Value = pic
    .Parameters("@Description").Value = desc

    'Execute Command
    .Execute()
  End With
  Set cmd = Nothing
  Call Response.write("<script language=""javascript"">alert('Product added succesfully!');</script>")
Else
  Call Response.Write("<script language=""javascript"">alert('Product already exist!');</script>") 
End If

Links

• Data Type Mapping
• Using METADATA to Import DLL Constants
• Answer from SQL insert into database with apostrophe