public void Insert(FloraObj FLO)
{
string plantid;
List < FloraObj> returnList = new List<FloraObj>();
// check user name & password here ok or not
if ((FLO.Result = checkAdminLogin(FLO)) == "Authenticated")
{
returnList.Add(FLO);
//---If we are just a login object, then exit
if (FLO.IsLogin())
{
//---Add this object back on the list with the result and return
return;
}
if(string.IsNullOrEmpty(FLO.PlantId) && string.IsNullOrEmpty(FLO.Name))
{
FLO.Result = "Insert Failed: need plantid or name";
return;
}
//using parametirized query
string sqlInserString =
"INSERT INTO plant (plant_id,Name, Color_flower,color_foliage,color_fruit_seed,texture_foliage, shape, pattern,image) VALUES (@plant_id,@Name, @Color_flower,@color_foliage,@color_fruit_seed,@texture_foliage,@shape,@pattern,@image)";
SqlConnection conn = new SqlConnection(conn_string);
SqlCommand command = new SqlCommand();
command.Connection = conn;
command.Connection.Open();
command.CommandText = sqlInserString;
if (FLO.Type == null)
FLO.Type = "";
if (FLO.USState == null)
FLO.USState = "";
if (FLO.ColorFoliage == null)
FLO.ColorFoliage = "";
if (FLO.ColorFlower == null)
FLO.ColorFlower = "";
if (FLO.PlantId == null)
FLO.PlantId = "";
if (FLO.ColorFruitSeed == null)
FLO.ColorFruitSeed = "";
if (FLO.TextureFoliage == null)
FLO.TextureFoliage = "";
if (FLO.Shape == null)
FLO.Shape= "";
if (FLO.Pattern == null)
FLO.Pattern = "";
if (FLO.ImageURL == null)
FLO.ImageURL = "";
if (FLO.Name == null)
FLO.Name = "";
if (FLO.PlantId == null || FLO.PlantId == "")
{
plantid = getplantid(FLO.Name);
}
else
{
plantid = getplantid(FLO.PlantId);
}
SqlParameter plant_id = new SqlParameter("@plant_id",plantid );
SqlParameter Name = new SqlParameter("@Name", FLO.Name);
SqlParameter Color_flower = new SqlParameter("@Color_flower", FLO.ColorFlower);
SqlParameter Color_foliage = new SqlParameter("@Color_foliage", FLO.ColorFoliage);
SqlParameter Color_fruit_seed = new SqlParameter("@color_fruit_seed", FLO.ColorFruitSeed);
SqlParameter texture = new SqlParameter("@texture_foliage", FLO.TextureFoliage);
SqlParameter shape = new SqlParameter("@shape", FLO.Shape);
SqlParameter pattern = new SqlParameter("@pattern", FLO.Pattern);
SqlParameter image = new SqlParameter("@image", FLO.ImageURL);
command.Parameters.AddRange(new SqlParameter[]{
plant_id,Name, Color_flower,Color_foliage,Color_fruit_seed,texture, shape, pattern,image});
command.ExecuteNonQuery();
command.Connection.Close();
insertlocation(plantid, FLO.USState);
insertplanttype(plantid, FLO.Type);
FLO.PlantId = plantid;
FLO.Result = "Inserted Entry";
}
// Check Admin USer & pass.
}
// delete for plant table.
/// <summary>
/// Delete the passed in floraobj
/// </summary>
/// <param name="FLO"></param>
public void Delete(FloraObj FLO)
{
List<FloraObj> returnList = new List<FloraObj>();
if ((FLO.Result = checkAdminLogin(FLO)) == "Authenticated")
{
returnList.Add(FLO);
//---If we are just a login object, then exit
if (FLO.IsLogin())
{
//---Add this object back on the list with the result and return
return;
}
//using parametirized query
string sqlInserString = "DELETE FROM plant WHERE plant_id=@plant_id ";
SqlConnection conn = new SqlConnection(conn_string);
SqlCommand command = new SqlCommand();
command.Connection = conn;
command.Connection.Open();
command.CommandText = sqlInserString;
if(FLO.PlantId == "" || !checkplantid(FLO.PlantId))
{
FLO.Result = "Invalid plantID";
return;
}
SqlParameter plant_id = new SqlParameter("@plant_id", FLO.PlantId);
command.Parameters.AddRange(new SqlParameter[]{
plant_id});
command.ExecuteNonQuery();
command.Connection.Close();
Deletetype(FLO.PlantId);
Deletelocation(FLO.PlantId);
FLO.Result = "Deleted Entry";
}
else
{
//---Add this object back on the list with the result and return
returnList.Add(FLO);
}
}