public static bool AddDrug(Drug drug) {
var command = CreateCommand(NewConnection(), "INSERT INTO drugs (title, type, quantity, price, description, picture) " +
"VALUES ('{0}', '{1}', '{2}', '{3}', '{4}', @Picture)",
drug.Title, drug.Type, drug.Quantity, drug.Price, drug.Description);
command.Parameters.AddWithValue("@Picture", drug.Picture);
return ExecuteQuery(command) > 0;
}
public static bool UpdateDrug(Drug drug) {
var command = CreateCommand(NewConnection(), "UPDATE drugs SET type='{1}', quantity='{2}', price='{3}', " +
"description='{4}' WHERE title='{0}'",
drug.Title, drug.Type, drug.Quantity, drug.Price, drug.Description);
return ExecuteQuery(command) > 0;
}
