public static DbDataAdapter CreateDataAdapter(GmConnection conn, Document doc)
{
DbDataAdapter da = conn.CreateDataAdapter();
GmCommand cmd = conn.CreateCommand(selectCmdText);
cmd.AddInt("DocumentId", doc.DocumentId);
cmd.AddBool("FactFlag", false);
(da as IDbDataAdapter).SelectCommand = cmd.DbCommand;
cmd = conn.CreateCommand(insertCmdText);
cmd.AddString("ProductCode").SourceColumn = "ProductCode";
cmd.AddString("UnitCode").SourceColumn = "UnitCode";
cmd.AddInt("DocumentId", doc.DocumentId);
cmd.AddDecimal("Coef").SourceColumn = "Coef";
cmd.AddDecimal("Count").SourceColumn = "Count";
cmd.AddBool("FactFlag", true);
cmd.AddBool("HandledFlag").SourceColumn = "HandledFlag";
cmd.DbCommand.UpdatedRowSource = UpdateRowSource.FirstReturnedRecord;
(da as IDbDataAdapter).InsertCommand = cmd.DbCommand;
cmd = conn.CreateCommand(deleteCmdText);
cmd.AddInt("DocumentProductId").SourceColumn = "DocumentProductId";
(da as IDbDataAdapter).DeleteCommand = cmd.DbCommand;
cmd = conn.CreateCommand(updateCmdText);
cmd.AddInt("DocumentProductId").SourceColumn = "DocumentProductId";
cmd.AddDecimal("Count").SourceColumn = "Count";
cmd.AddBool("HandledFlag").SourceColumn = "HandledFlag";
(da as IDbDataAdapter).UpdateCommand = cmd.DbCommand;
return(da);
}
public void Write(LogType logType, string msg)
{
try
{
using (GmConnection conn = Global.CreateConnection())
{
GmCommand cmd = conn.CreateCommand("insert into Log values (@Time,@SessionId,@LogTypeId,@Page,@Message)");
cmd.AddDateTime("Time", DateTime.Now);
cmd.AddInt("SessionId", (int)sessionId);
cmd.AddInt("LogTypeId", (int)logType);
cmd.AddString("Page", page);
cmd.AddString("Message", msg, MaxLength.Log.Message);
cmd.ExecuteNonQuery();
}
}
catch
{
}
switch (logType)
{
case LogType.Error:
case LogType.Exception:
if (ctl != null)
{
ctl.Page.Response.Write(string.Format("<p>{0}</p>", msg));
}
break;
}
}
public void Update(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
// cmd.AddInt("RecordId", recordId);
cmd.AddDateTime("Date", date);
cmd.AddString("Name", name, MaxLength.UserInfo.Name);
cmd.AddString("Email", email, MaxLength.UserInfo.Email);
cmd.CommandText = "update UserInfo set Date=@Date,Name=@Name,Email=@Email";
if (psw.Length > 0)
{
cmd.CommandText += ",Psw=@Psw";
cmd.AddString("Psw", psw, MaxLength.UserInfo.Psw);
}
if (picture.Length > 0)
{
cmd.CommandText += ",Picture=@Picture";
cmd.AddString("Picture", picture, MaxLength.UserInfo.Picture);
}
// cmd.AddInt("UserRole", (int)userRole);
// cmd.AddInt("Status", (int)status);
cmd.CommandText += " where Id=@Id";
cmd.ExecuteNonQuery();
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("PassportId", passportId);
cmd.AddInt("InsuranceId", insuranceId);
cmd.AddInt("PatientIdentificationId", patientIdentificationId);
cmd.AddInt("DoctorId", doctorId);
cmd.AddInt("DiagnosisId", diagnosisId);
cmd.AddString("PatientData", patientData.GetXmlString());
cmd.AddString("PatientDescription", patientDescription.GetXmlString());
cmd.AddDateTime("AdmissionDate", admissionDate);
cmd.AddInt("WardId", wardId);
cmd.AddInt("PatientTypeId", (int)patientTypeId);
cmd.AddString("PatientDiagnoses", patientDiagnoses.GetXmlString());
cmd.AddString("DietNumber", dietNumber);
cmd.AddInt("Status", (int)status);
if (id == 0)
{
cmd.CommandText = "insert into Patients values (@PassportId,@InsuranceId,@PatientIdentificationId,@DoctorId,@DiagnosisId,@PatientData,@PatientDescription,@AdmissionDate,@WardId,@PatientTypeId,0,null,null,@PatientDiagnoses,@DietNumber, @Status) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = @"update Patients set PassportId=@PassportId,InsuranceId=@InsuranceId,PatientIdentificationId=@PatientIdentificationId,DoctorId=@DoctorId,DiagnosisId=@DiagnosisId,PatientData=@PatientData,PatientDescription=@PatientDescription,AdmissionDate=@AdmissionDate,WardId=@WardId,PatientTypeId=@PatientTypeId,PatientDiagnoses=@PatientDiagnoses,DietNumber=@DietNumber, Status=@Status where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("PositionId", positionId);
cmd.AddDateTime("Date", date);
cmd.AddString("Name", name);
cmd.AddString("Surname", surname);
cmd.AddString("Address", address);
cmd.AddString("Phone", phone);
cmd.AddString("Link", link);
cmd.AddString("Email", email);
cmd.AddString("Resume", resume);
cmd.AddString("Comments", comments);
cmd.AddInt("Status", (int)status);
if (id == 0)
{
cmd.CommandText = "insert into Candidates values (@PositionId,@Date,@Name,@Surname,@Address,@Phone,@Link,@Email,@Resume,@Comments,@Status) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
// cmd.CommandText = "update Competitors set PositionId=@PositionId,Date=@Date,Name=@Name,Surname=@Surname,Address=@Address,Phone=@Phone,Link=@Link,Email=@Email, Resume=@Resume, Comments=@Comments,Status=@Status where Id=@Id";
// cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddString("SerialNumber", serialNumber);
cmd.AddString("IssueDepartment", issueDepartment);
cmd.AddDateTime("IssueDate", issueDate);
cmd.AddString("DepartmentCode", departmentCode);
cmd.AddString("Surname", surname);
cmd.AddString("Name", name);
cmd.AddString("MiddleName", middleName);
cmd.AddInt("Gender", (int)gender);
cmd.AddDateTime("Birthday", birthday);
cmd.AddString("BirthPlace", birthPlace);
cmd.AddString("Registration", registration);
if (id == 0)
{
cmd.CommandText = "insert into Passports values (@SerialNumber,@IssueDepartment,@IssueDate,@DepartmentCode,@Surname,@Name,@MiddleName,@Gender,@Birthday,@BirthPlace,@Registration) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update Passports set SerialNumber=@SerialNumber,IssueDepartment=@IssueDepartment,IssueDate=@IssueDate,DepartmentCode=@DepartmentCode,Surname=@Surname,Name=@Name,MiddleName=@MiddleName,Gender=@Gender,Birthday=@Birthday,BirthPlace=@BirthPlace,Registration=@Registration where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public static Employee GetEmployee(GmConnection conn, string login, string password)
{
GmCommand cmd = conn.CreateCommand("select * from Employees where Login=@Login and Password=@Password");
cmd.AddString("Login", login);
cmd.AddString("Password", password);
using (DbDataReader dr = cmd.ExecuteReader())
{
if (dr.Read())
{
return(new Employee(dr));
}
}
return(null);
}
public static int GetArticleGroupId(GmConnection conn, string tag)
{
GmCommand cmd = conn.CreateCommand("select top(1) Id from Articles where IsGroup=1 and Tag=@Tag");
cmd.AddString("Tag", tag);
return(cmd.ExecuteScalarInt32());
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddString("Name", name, MaxLength.BannerTopics.Name);
cmd.AddInt("B1", b1);
cmd.AddInt("B2", b2);
cmd.AddInt("B3", b3);
cmd.AddInt("B4", b4);
cmd.AddInt("B5", b5);
cmd.AddInt("B6", b6);
cmd.AddInt("B7", b7);
cmd.AddInt("B8", b8);
cmd.AddInt("B9", b9);
if (id == 0)
{
cmd.CommandText = "insert into BannerTopics values (@Name,@B1,@B2,@B3,@B4,@B5,@B6,@B7,@B8,@B9) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update BannerTopics set Name=@Name,B1=@B1,B2=@B2,B3=@B3,B4=@B4,B5=@B5,B6=@B6,B7=@B7,B8=@B8,B9=@B9 where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddString("Name", name);
cmd.AddString("ShortName", shortName);
if (id == 0)
{
cmd.CommandText = "insert into PrescriptionTypes values (@Name,@ShortName) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update PrescriptionTypes set Name=@Name,ShortName=@ShortName where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("PassportId", passportId);
cmd.AddString("Login", login);
cmd.AddString("Password", password);
if (id == 0)
{
cmd.CommandText = "insert into Employees values (@Id,@PassportId,@Login,@Password) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update Employees set PassportId=@PassportId,Login=@Login,@Password=@Password where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddString("Name", name);
cmd.AddString("Code", code);
cmd.AddString("HandbookGroupId", handbookGroupId);
if (id == 0)
{
cmd.CommandText = "insert into AnalysisTypes values (@Name,@Code,@HandbookGroupId) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update AnalysisTypes set Name=@Name,Code=@Code,HandbookGroupId=@HandbookGroupId where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("ArticleId", articleId);
cmd.AddString("Key", key);
cmd.AddString("Value", value);
cmd.AddInt("Status", (int)status);
if (id == 0)
{
cmd.CommandText = "insert into ArticleParams values (@ArticleId,@Key,@Value,@Status) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update ArticleParams set [Key]=@Key,Value=@Value,Status=@Status where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("InsuranceCompanyId", insuranceCompanyId);
cmd.AddString("Number", number);
cmd.AddString("Series", series);
cmd.AddString("Delo", delo);
if (id == 0)
{
cmd.CommandText = "insert into Insurances values (@InsuranceCompanyId,@Number,@Series,@Delo) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update Insurances set InsuranceCompanyId=@InsuranceCompanyId,Number=@Number,Series=@Series,Delo=@Delo where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("UserId", userId);
cmd.AddString("Name", name);
cmd.AddString("Data", data.GetXmlString());
if (id == 0)
{
cmd.CommandText = "insert into WatchingSchemes values (@UserId,@Name,@Data) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update WatchingSchemes set UserId=@UserId,Name=@Name,Data=@Data where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void UpdateResume(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddString("Resume", resume);
if (id != 0)
{
cmd.CommandText = "update Candidates set Resume=@Resume where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddString("Name", name, MaxLength.Pages.Name);
cmd.AddInt("BannerTopicId", bannerTopicId);
cmd.AddString("Title", title, MaxLength.Pages.Title);
cmd.AddString("Description", description, MaxLength.Pages.Description);
cmd.AddString("Keywords", keywords, MaxLength.Pages.Keywords);
if (id == 0)
{
cmd.CommandText = "insert into Pages values (@Name,@BannerTopicId,@Title,@Description,@Keywords) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update Pages set Name=@Name,BannerTopicId=@BannerTopicId,Title=@Title,Description=@Description,Keywords=@Keywords where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("CommunityId", communityId);
cmd.AddString("Name", name, MaxLength.Galleries.Name);
cmd.AddString("Text", text, MaxLength.Galleries.Text);
cmd.AddInt("Status", (int)status);
cmd.AddString("Logo", logo, MaxLength.Galleries.Logo);
if (id == 0)
{
cmd.CommandText = "insert into Galleries values (@CommunityId,@Name,@Text,@Status,@Logo) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update Galleries set CommunityId=@CommunityId,Name=@Name,Text=@Text,Status=@Status,Logo=@Logo where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("ForumId", forumId);
cmd.AddDateTime("Date", date);
cmd.AddString("Name", name, MaxLength.ForumTopics.Name);
cmd.AddString("Description", description, MaxLength.ForumTopics.Description);
cmd.AddInt("Status", (int)status);
if (id == 0)
{
cmd.CommandText = "insert into ForumTopics values (@ForumId,@Date,@Name,@Description,@Status) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update ForumTopics set ForumId=@ForumId,Name=@Name,Description=@Description,Status=@Status where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("GalleryId", galleryId);
cmd.AddString("Filename", filename);
cmd.AddString("Name", name);
cmd.AddString("Text", text);
cmd.AddInt("Status", (int)status);
if (id == 0)
{
cmd.CommandText = "insert into GalleryImages values (@GalleryId,@Filename,@Name,@Text,@Status) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update GalleryImages set GalleryId=@GalleryId,Filename=@Filename,Name=@Name,Text=@Text,Status=@Status where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public static int GetArticleId(GmConnection conn, string tag)
{
int articleId = 0;
if (!String.IsNullOrWhiteSpace(tag))
{
GmCommand cmd = conn.CreateCommand("select Id from Articles where Tag=@Tag");
cmd.AddString("Tag", tag);
articleId = cmd.ExecuteScalarInt32();
}
return(articleId);
}
public int Save(GmConnection conn, bool newRecord)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("RestoredId", restoredId);
cmd.AddInt("UserId", userId);
cmd.AddInt("Version", version);
cmd.AddDateTime("Time", time);
cmd.AddString("Config", config.Serialize());
cmd.AddString("Comment", comment);
if (newRecord)
{
cmd.CommandText = "insert into ConfigRecords values (@Id,@RestoredId,@UserId,@Version,@Time,@Config,@Comment)";
}
else
{
cmd.CommandText = "update ConfigRecords set RestoredId=@RestoredId,UserId=@UserId,Version=@Version,Time=@Time,Config=@Config,Comment=@Comment where Id=@Id";
}
return(cmd.ExecuteNonQuery());
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("BannerGroupId", bannerGroupId);
cmd.AddString("Filename", filename, MaxLength.Banners.Filename);
cmd.AddString("Link", link, MaxLength.Banners.Link);
cmd.AddInt("Status", (int)status);
cmd.AddString("Name", name, MaxLength.Banners.Name);
cmd.AddString("Code", code, MaxLength.Banners.Code);
if (id == 0)
{
cmd.CommandText = "insert into Banners values (@BannerGroupId,@Filename,@Link,@Status,@Name,@Code) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update Banners set BannerGroupId=@BannerGroupId,Filename=@Filename,Link=@Link,Status=@Status,Name=@Name,Code=@Code where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddString("Name", name);
cmd.AddInt("RoleId", roleId);
cmd.AddString("Login", login);
cmd.AddString("Password", password);
cmd.AddBinary("Permissions").Value = permissions.Count == 0 ? (object)DBNull.Value : (object)permissions.GetBytes();
if (id == 0)
{
cmd.CommandText = "insert into Users values (@Name,@RoleId,@Login,@Password,@Permissions) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
string pswCmdText = password.Trim().Length == 0 ? "" : ",Password=@Password";
cmd.CommandText = string.Format("update Users set Name=@Name,RoleId=@RoleId,Login=@Login{0},Permissions=@Permissions where Id=@Id", pswCmdText);
cmd.ExecuteNonQuery();
}
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddString("Surname", surname);
cmd.AddString("Name", name);
cmd.AddString("MiddleName", middleName);
cmd.AddInt("Gender", (int)gender);
cmd.AddNullableDateTime("Birthday", birthday);
cmd.AddString("IdentificationData", identificationData.GetXmlString());
if (id == 0)
{
cmd.CommandText = "insert into PatientIdentifications values (@Surname,@Name,@MiddleName,@Gender,@Birthday,@IdentificationData) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update PatientIdentifications set Surname=@Surname,Name=@Name,MiddleName=@MiddleName,Gender=@Gender,Birthday=@Birthday,IdentificationData=@IdentificationData where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public static Article GetArticle(GmConnection conn, string tag)
{
GmCommand cmd = conn.CreateCommand("select * from Articles where Tag=@Tag");
cmd.AddString("Tag", tag);
using (GmDataReader dr = cmd.ExecuteReader())
{
if (dr.Read())
{
return(new Article(dr));
}
}
return(null);
}
public static User GetUser(GmConnection conn, string login)
{
GmCommand cmd = conn.CreateCommand("select * from Users where Login=@Login");
cmd.AddString("Login", login);
using (DbDataReader dr = cmd.ExecuteReader())
{
if (dr.Read())
{
return(new User(dr));
}
}
return(null);
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddString("Code", code);
cmd.AddString("Name", name);
cmd.AddInt("HospitalStayHigh", hospitalStayHigh);
cmd.AddInt("HospitalStayFirst", hospitalStayFirst);
cmd.AddInt("HospitalStaySecond", hospitalStaySecond);
cmd.AddInt("HospitalStayDay", hospitalStayDay);
cmd.AddString("MCode", code);
if (id == 0)
{
cmd.CommandText = "insert into Diagnoses values (@Code,@Name,@HospitalStayHigh,@HospitalStayFirst,@HospitalStaySecond,@HospitalStayDay,@MCode) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update Diagnoses set Code=@Code,Name=@Name,HospitalStayHigh=@HospitalStayHigh,HospitalStayFirst=@HospitalStayFirst,HospitalStaySecond=@HospitalStaySecond,HospitalStayDay=@HospitalStayDay,MCode=@MCode where Id=@Id";
cmd.ExecuteNonQuery();
}
}
public static UserInfo GetUserInfo(GmConnection conn, string login, string psw)
{
GmCommand cmd = conn.CreateCommand();
int pos = login.IndexOf('@');
if (pos >= 0)
{
cmd.CommandText = "select * from UserInfo where Email=@Email and Psw=@Psw";
cmd.AddString("@Email", login);
cmd.AddString("@Psw", psw);
}
else
{
int userId;
try
{
userId = int.Parse(login);
}
catch
{
return(null);
}
cmd.CommandText = "select * from UserInfo where Id=@Id and Psw=@Psw";
cmd.AddInt("@Id", userId);
cmd.AddString("@Psw", psw);
}
UserInfo userInfo = null;
using (DbDataReader dr = cmd.ExecuteReader())
{
if (dr.Read())
{
userInfo = new UserInfo(dr);
}
}
return(userInfo);
}
public void Save(GmConnection conn)
{
GmCommand cmd = conn.CreateCommand();
cmd.AddInt("Id", id);
cmd.AddInt("RecordId", recordId);
cmd.AddDateTime("Date", date);
cmd.AddString("Name", name, MaxLength.UserInfo.Name);
cmd.AddString("Email", email, MaxLength.UserInfo.Email);
cmd.AddString("Psw", psw, MaxLength.UserInfo.Psw);
cmd.AddInt("UserRole", (int)userRole);
cmd.AddInt("Status", (int)status);
cmd.AddString("Picture", picture, MaxLength.UserInfo.Picture);
if (id == 0)
{
cmd.CommandText = "insert into UserInfo values (@RecordId,@Date,@Name,@Email,@Psw,@UserRole,@Status,@Picture) select @@Identity";
id = (int)(decimal)cmd.ExecuteScalar();
}
else
{
cmd.CommandText = "update UserInfo set RecordId=@RecordId,Date=@Date,Name=@Name,Email=@Email,Psw=@Psw,UserRole=@UserRole,Status=@Status,Picture=@Picture where Id=@Id";
cmd.ExecuteNonQuery();
}
}
