// Get Risk Record public RiskInfo GetRiskById(int?risid) { RiskInfo ris = new RiskInfo(); using (connectionString) { try { SqlCommand cmd = new SqlCommand("SP_GetRisk", connectionString); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@RiskID", risid); connectionString.Open(); SqlDataReader dr = cmd.ExecuteReader(); while (dr.Read()) { ris.ID = Convert.ToInt32(dr["ID"].ToString()); ris.RiskSummary = dr["RiskSummary"].ToString(); ris.RiskDescription = dr["RiskDescription"].ToString(); ris.RiskRating = Convert.ToDecimal(dr["RiskRating"].ToString()); } connectionString.Close(); } catch (Exception sqlCall) { Console.WriteLine(sqlCall.Message); } } return(ris); }
//Get All Risks from DB public IEnumerable <RiskInfo> GetRisks() { List <RiskInfo> RiskList = new List <RiskInfo>(); using (connectionString) { try { SqlCommand cmd = new SqlCommand("SP_GetAllRisks", connectionString); cmd.CommandType = CommandType.StoredProcedure; connectionString.Open(); SqlDataReader dr = cmd.ExecuteReader(); while (dr.Read()) { RiskInfo ris = new RiskInfo(); ris.ID = Convert.ToInt32(dr["ID"].ToString()); ris.RiskSummary = dr["RiskSummary"].ToString(); ris.RiskDescription = dr["RiskDescription"].ToString(); ris.RiskRating = Convert.ToDecimal(dr["RiskRating"].ToString()); RiskList.Add(ris); } connectionString.Close(); } catch (Exception sqlCall) { Console.WriteLine(sqlCall.Message); } } return(RiskList); }
// Insert Risk Into DB public void AddRisk(RiskInfo ris) { using (connectionString) { try { SqlCommand cmd = new SqlCommand("SP_InsertRisk", connectionString); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@RiskSummary", ris.RiskSummary); cmd.Parameters.AddWithValue("@RiskDescription", ris.RiskDescription); cmd.Parameters.AddWithValue("@RiskRating", ris.RiskRating); connectionString.Open(); cmd.ExecuteNonQuery(); connectionString.Close(); } catch (Exception sqlCall) { Console.WriteLine(sqlCall.Message); } } }