private string Insert(UserLite user) { try { #region Functionality string scopeKey = "201"; long UserID = user.UserID; string Name = user.Name; string MobileNumber = user.MobileNumber; string Organization = user.Organization; string Address = user.Address; string EmailAddress = user.EmailAddress; string Location = user.Location; string Photopath = user.Photopath; SqlConnection sqlConnection1 = new SqlConnection("DefaultConnection"); SqlCommand cmd = new SqlCommand(); cmd.CommandType = System.Data.CommandType.Text; cmd.CommandText = "INSERT into User (UserID,Name,MobileNumber,Organization,Address,EmailAddress,Location,Photopath) VALUES (" + UserID + "," + Name + "," + MobileNumber + "," + Organization + "," + Address + "," + EmailAddress + "," + Location + "," + Photopath + ")"; cmd.Connection = sqlConnection1; sqlConnection1.Open(); cmd.ExecuteNonQuery(); sqlConnection1.Close(); return(scopeKey); #endregion Functionality } catch (SqlException ex) { return("Data not inserted !" + ex); } }
public static string Post(UserLite user, out int statusCode) { string scopeKey = null; statusCode = StatusCodes.Status400BadRequest; if (user == null) { return(scopeKey); } // Insert record into database. scopeKey = user.Insert(user); return(scopeKey); }