public InputInvoiceDocumentResponse Create(InputInvoiceDocumentViewModel InputInvoiceDocument) { InputInvoiceDocumentResponse response = new InputInvoiceDocumentResponse(); using (SqliteConnection db = new SqliteConnection("Filename=SirmiumERPGFC.db")) { db.Open(); SqliteCommand insertCommand = db.CreateCommand(); insertCommand.CommandText = SqlCommandInsertPart; try { insertCommand = AddCreateParameters(insertCommand, InputInvoiceDocument); insertCommand.ExecuteNonQuery(); } catch (SqliteException error) { MainWindow.ErrorMessage = error.Message; response.Success = false; response.Message = error.Message; return(response); } db.Close(); response.Success = true; return(response); } }
public InputInvoiceDocumentResponse SetStatusDeleted(Guid identifier) { InputInvoiceDocumentResponse response = new InputInvoiceDocumentResponse(); using (SqliteConnection db = new SqliteConnection("Filename=SirmiumERPGFC.db")) { db.Open(); SqliteCommand insertCommand = new SqliteCommand(); insertCommand.Connection = db; //Use parameterized query to prevent SQL injection attacks insertCommand.CommandText = "UPDATE InputInvoiceDocuments SET ItemStatus = @ItemStatus WHERE Identifier = @Identifier"; insertCommand.Parameters.AddWithValue("@ItemStatus", ItemStatus.Deleted); insertCommand.Parameters.AddWithValue("@Identifier", identifier); try { insertCommand.ExecuteNonQuery(); } catch (SqliteException error) { MainWindow.ErrorMessage = error.Message; response.Success = false; response.Message = error.Message; return(response); } db.Close(); response.Success = true; return(response); } }
public InputInvoiceDocumentResponse GetInputInvoiceDocument(Guid identifier) { InputInvoiceDocumentResponse response = new InputInvoiceDocumentResponse(); InputInvoiceDocumentViewModel InputInvoiceDocument = new InputInvoiceDocumentViewModel(); using (SqliteConnection db = new SqliteConnection("Filename=SirmiumERPGFC.db")) { db.Open(); try { SqliteCommand selectCommand = new SqliteCommand( SqlCommandSelectPart + "FROM InputInvoiceDocuments " + "WHERE Identifier = @Identifier;", db); selectCommand.Parameters.AddWithValue("@Identifier", identifier); SqliteDataReader query = selectCommand.ExecuteReader(); if (query.Read()) { InputInvoiceDocumentViewModel dbEntry = Read(query); InputInvoiceDocument = dbEntry; } } catch (SqliteException error) { MainWindow.ErrorMessage = error.Message; response.Success = false; response.Message = error.Message; response.InputInvoiceDocument = new InputInvoiceDocumentViewModel(); return(response); } db.Close(); } response.Success = true; response.InputInvoiceDocument = InputInvoiceDocument; return(response); }