public ActionResult MachineDetail(int id)
{
try
{
var model = new MachineDetailViewModel();
using (var connection = new SqlConnection(conString))
{
//Ja jag vet att sqlinjection kan sabba databasen
string query = @"SELECT Machines.Id, Machines.Name, MachineInfoes.ModelName, MachineInfoes.SerialNumber, MachineInfoes.MachineWeight" +
@" FROM Machines INNER JOIN MachineInfoes On Machines.Id = MachineInfoes.Id" +
$" WHERE Machines.Id = {id}";
var command = new SqlCommand(query, connection);
connection.Open();
var reader = command.ExecuteReader();
while (reader.Read())
{
model.MachineId = (int)reader[0];
model.Name = (string)reader[1];
model.ModelName = (string)reader[2];
model.SerialNumber = (string)reader[3];
model.MachineWeight = (int)reader[4];
}
}
return View(model);
}
catch (Exception)
{
return RedirectToAction("Index", "Machines");
throw;
}
}
public ActionResult DetailListOfMachines()
{
var model = new MachineDetailViewModelList();
using (var connection = new SqlConnection(conString))
{
string query = @"SELECT Machines.Id, Machines.Name, MachineInfoes.ModelName, MachineInfoes.SerialNumber, MachineInfoes.MachineWeight" +
@" FROM Machines INNER JOIN MachineInfoes On Machines.Id = MachineInfoes.Id";
var command = new SqlCommand(query, connection);
connection.Open();
var reader = command.ExecuteReader();
while (reader.Read())
{
var x = new MachineDetailViewModel
{
MachineId = (int) reader[0],
Name = (string) reader[1],
ModelName = (string) reader[2],
SerialNumber = (string) reader[3],
MachineWeight = (int) reader[4]
};
model.MachineList.Add(x);
}
}
return View(model);
}
