public ActionResult Edit(AppLogic.User user) { if (!ModelState.IsValid) { return(View(user)); } else { const string query = @"update Users set Username = @username, Email = @email, Description = @description, City = @city, Street = @street where Id = @id;"; SqlParameter userId = new SqlParameter("@id", System.Data.SqlDbType.Int) { Value = user.Id }; SqlParameter userFullName = new SqlParameter("@username", System.Data.DbType.String) { Value = user.Username }; SqlParameter userEmail = new SqlParameter("@email", System.Data.DbType.String) { Value = user.Email }; SqlParameter userDescr = new SqlParameter("@description", System.Data.DbType.String) { Value = user.Description }; SqlParameter userCity = new SqlParameter("@city", System.Data.DbType.String) { Value = user.City }; SqlParameter userStreet = new SqlParameter("@street", System.Data.DbType.String) { Value = user.Street }; var command = new SqlCommand { CommandText = query, Connection = connection }; command.Parameters.Add(userId); command.Parameters.Add(userFullName); command.Parameters.Add(userEmail); command.Parameters.Add(userDescr); command.Parameters.Add(userCity); command.Parameters.Add(userStreet); command.ExecuteNonQuery(); } return(RedirectToAction("Index")); }
public ActionResult Add(AppLogic.User user) { //user.Id = _repo.GetAll().Count + 1; const string query = @"insert into Users (Username, Email, Description, City, Street) values (@username, @email, @description, @city, @street); select cast(scope_identity() as int);"; SqlParameter userFullName = new SqlParameter("@username", System.Data.DbType.String) { Value = user.Username }; SqlParameter userEmail = new SqlParameter("@email", System.Data.DbType.String) { Value = user.Email }; SqlParameter userDescr = new SqlParameter("@description", System.Data.DbType.String) { Value = user.Description }; SqlParameter userCity = new SqlParameter("@city", System.Data.DbType.String) { Value = user.City }; SqlParameter userStreet = new SqlParameter("@street", System.Data.DbType.String) { Value = user.Street }; var command = new SqlCommand { CommandText = query, Connection = connection }; command.Parameters.Add(userFullName); command.Parameters.Add(userEmail); command.Parameters.Add(userDescr); command.Parameters.Add(userCity); command.Parameters.Add(userStreet); command.ExecuteNonQuery(); return(RedirectToAction("Index")); }