public string[] setPurchaseData1(SearchPurchaseResult purchaseDataResult) { string[] returnValue = new string[2]; returnValue[0] = "0"; returnValue[1] = "0"; DataBase Base = new DataBase(); using (SqlConnection Sqlconn = new SqlConnection(Base.GetConnString())) { try { StaffDataBase sDB = new StaffDataBase(); List<string> CreateFileName = sDB.getStaffDataName(HttpContext.Current.User.Identity.Name); Sqlconn.Open(); string sql = "UPDATE PropertyPurchase SET InputDate=@executionPurchaseDate, CompanyName=@executionFirmName, CompanyTel=@executionFirmTel, " + "Quantity=@executionQuantity,Price=@executionPrice, UpFileBy=@UpFileBy, UpFileDate=(getDate()) WHERE ID=@pID AND isDeleted=0"; SqlCommand cmd = new SqlCommand(sql, Sqlconn); cmd.Parameters.Add("@pID", SqlDbType.BigInt).Value = purchaseDataResult.pID; cmd.Parameters.Add("@executionFirmName", SqlDbType.NVarChar).Value = Chk.CheckStringFunction(purchaseDataResult.executionFirmName); cmd.Parameters.Add("@executionFirmTel", SqlDbType.NVarChar).Value = Chk.CheckStringFunction(purchaseDataResult.executionFirmTel); cmd.Parameters.Add("@executionPurchaseDate", SqlDbType.Date).Value = Chk.CheckStringtoDateFunction(purchaseDataResult.executionPurchaseDate); cmd.Parameters.Add("@executionQuantity", SqlDbType.Int).Value = Chk.CheckStringtoIntFunction(purchaseDataResult.executionQuantity); cmd.Parameters.Add("@executionPrice", SqlDbType.Decimal).Value = Chk.CheckStringtoDecimalFunction(purchaseDataResult.executionPrice); cmd.Parameters.Add("@UpFileBy", SqlDbType.Int).Value = Chk.CheckStringtoIntFunction(CreateFileName[0]); returnValue[0] = cmd.ExecuteNonQuery().ToString(); Sqlconn.Close(); } catch (Exception e) { returnValue[0] = "-1"; returnValue[1] = e.Message.ToString(); } } return returnValue; }
public string[] setPurchaseData1(SearchPurchaseResult purchaseDataResult) { OtherDataBase sDB = new OtherDataBase(); if (int.Parse(sDB._StaffhaveRoles[1]) == 1) { return sDB.setPurchaseData1(purchaseDataResult); } else { return new string[2] { _noRole, _errorMsg }; } }