public int ExecuteSql(string TableName, string[] ColNames, string[] ColValues)
{
string SQL1, SQL2;
if (ColNames.Length != ColValues.Length)
{
return(0);
}
try
{
con.Open();
SqlCommand cmd = new SqlCommand();
SQL1 = "";
SQL2 = "";
for (int i = 0; i < ColNames.Length; i++)
{
if (SQL1.ToString() == "")
{
SQL1 = ColNames[i].ToString();
SQL2 = "@" + ColNames[i].ToString();
}
else
{
SQL1 = SQL1 + ", " + ColNames[i].ToString();
SQL2 = SQL2 + ", " + "@" + ColNames[i].ToString();
}
// add parameter value
cmd.Parameters.AddWithValue("@" + ColNames[i], ColValues[i]); // (@param name, value)
}
string strCommand = "Insert into " + TableName + " ( " + SQL1 + " ) " + " VALUES ( " + SQL2 + " )";
cmd.CommandText = strCommand;
cmd.Connection = con;
return(cmd.ExecuteNonQuery());
}
catch (Exception ex)
{
return(0);
}
finally
{
con.Close();
}
}
public string SaveDataSimple(string TableName, string[] ColNames, string[] ColValues)
{
string SQL;
string SQL1, SQL2;
try
{
con.Open();
//SqlConnection con = new SqlConnection();
//conn.ConnectionString = System.Configuration.ConfigurationManager.ConnectionStrings["ConnectionString1"].ConnectionString;
SqlCommand cmd = new SqlCommand();
SQL1 = "";
SQL2 = "";
for (int i = 0; i < ColNames.Length; i++)
{
if (SQL1.ToString() == "")
{
SQL1 = ColNames[i].ToString();
SQL2 = "@" + ColNames[i].ToString();
}
else
{
SQL1 = SQL1 + ", " + ColNames[i].ToString();
SQL2 = SQL2 + ", " + "@" + ColNames[i].ToString();
}
// add parameter value
cmd.Parameters.AddWithValue("@" + ColNames[i], ColValues[i]); // (@param name, value)
}
string strCommand = "Insert into " + TableName + " ( " + SQL1 + " ) " + " VALUES ( " + SQL2 + " )";
cmd.CommandText = strCommand;
cmd.Connection = con;
cmd.ExecuteNonQuery();
return("1");
}
catch (Exception ex)
{
return("0");
}
finally
{
con.Close();
}
}
