public ReturnBid AddBid(Bid bid) { try { using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); string timeStamp = DateTime.Now.ToString("MM/dd/yy HH:mm"); SqlCommand cmd = new SqlCommand($"INSERT INTO bid (item_id, user_id, amount, time_placed) VALUES (@item_id, @user_id, @bid_amount, @now); Select @@IDENTITY;", conn); cmd.Parameters.AddWithValue("@item_id", bid.Item_ID); cmd.Parameters.AddWithValue("@user_id", bid.User_ID); cmd.Parameters.AddWithValue("@bid_amount", bid.Amount); cmd.Parameters.AddWithValue("@now", timeStamp); int newID = Convert.ToInt32(cmd.ExecuteScalar()); ReturnBid returnedBid = new ReturnBid(); returnedBid.Amount = bid.Amount; returnedBid.Item_ID = bid.Item_ID; returnedBid.Time_Placed = timeStamp; returnedBid.Bid_ID = newID; return(returnedBid); } } catch (SqlException) { throw; } }
public Item GetSingleItem(int item_Id) { Item returnItem = new Item(); try { using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); SqlCommand cmd = new SqlCommand($"Select * From Item WHERE item_id = @item_Id order by title; " + "Select * From item_category IC " + "JOIN Category C on IC.category_id = c.category_id WHERE IC.item_id = @item_Id; " + "SELECT * From bid " + "JOIN item on bid.item_id = item.item_id " + "JOIN users on users.user_id = bid.user_id WHERE item.item_id = @item_Id Order by amount desc", conn); cmd.Parameters.AddWithValue("@item_Id", item_Id); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { Item item = RowToObject(reader); returnItem = item; } reader.NextResult(); while (reader.Read()) { int item_ID = Convert.ToInt32(reader["item_id"]); string name = Convert.ToString(reader["name"]); // TODO: find the item with the id of 'item_id' Item foundItem = returnItem; // TODO: add name to list of categories foundItem.Categories.Add(name); } reader.NextResult(); while (reader.Read()) { ReturnBid bid = BidRowToObject(reader); int item_ID = Convert.ToInt32(reader["item_ID"]); // Attach bids to each item as list Item foundBid = returnItem; foundBid.Bids.Add(bid); } return(returnItem); } } catch (SqlException) { throw; } }
private static ReturnBid BidRowToObject(SqlDataReader rdr) { //string wholeAddress = Convert.ToString(rdr["username"]); //string bit = wholeAddress.Substring(0, 2); //string emailProvider = wholeAddress.Substring(wholeAddress.IndexOf("@"), 2); //string anonymousUser = bit + "**" + emailProvider + "****.com"; ReturnBid bid = new ReturnBid(); bid.Bid_ID = Convert.ToInt32(rdr["bid_id"]); bid.Item_ID = Convert.ToInt32(rdr["item_ID"]); bid.Amount = Convert.ToDecimal(rdr["amount"]); bid.User_Name = Convert.ToString(rdr["username"]); bid.Time_Placed = Convert.ToString(rdr["time_placed"]); return(bid); }
public List <Item> GetAllItems() { List <Item> returnItems = new List <Item>(); try { using (SqlConnection conn = new SqlConnection(connectionString)) { conn.Open(); SqlCommand cmd = new SqlCommand("GetAllItems", conn); cmd.CommandType = System.Data.CommandType.StoredProcedure; SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { Item item = RowToObject(reader); returnItems.Add(item); } reader.NextResult(); while (reader.Read()) { int item_ID = Convert.ToInt32(reader["item_id"]); string name = Convert.ToString(reader["name"]); // TODO: find the item with the id of 'item_id' Item foundItem = returnItems.Find(item => item.Item_ID == item_ID); // TODO: add name to list of categories foundItem.Categories.Add(name); } reader.NextResult(); while (reader.Read()) { ReturnBid bid = BidRowToObject(reader); int item_ID = Convert.ToInt32(reader["item_ID"]); // Attach bids to each item as list Item foundBid = returnItems.Find(item => item.Item_ID == item_ID); foundBid.Bids.Add(bid); } return(returnItems); } } catch (SqlException) { throw; } }
public ActionResult <Bid> AddNewBid(int itemID, Bid bid) { if (UserId == null) { return(Unauthorized()); } bid.User_ID = int.Parse(UserId); decimal amountToCheck = bidDao.GetHighestBidAmountForItem(itemID) + 1m; if (bid.Amount >= amountToCheck) { ReturnBid returnedBid = bidDao.AddBid(bid); return(Created("", returnedBid)); } else { return(BadRequest()); } // Error check that item_id inside the bid object matches url item_id // User id will be pulled by authorized logged in user, not userid from json }