// insert a new supplier into Suppliers table
        // return new supplier ID
        public static int AddSupplier(Suppliers supplier)
        {
            List <int> supList    = SuppliersDB.GetSuppliersIds();
            int        maxCount   = supList.Count();
            int        supplierId = maxCount + 1;

            // create the connection
            using (SqlConnection connection = TravelExpertsDB.GetConnection())
            {
                // create INSERT command
                // CustomerID is IDENTITY so no value provided
                string insertStatement = "INSERT INTO Suppliers(SupName) " +
                                         "OUTPUT inserted.SupplierId " +
                                         "VALUES(@SupName)";

                using (SqlCommand cmd = new SqlCommand(insertStatement, connection))
                {
                    //supply paramter value, this way can avoid sql injection problem
                    cmd.Parameters.AddWithValue("@SupName", supplier.SupName);
                    // execute INSERT command
                    try
                    {
                        // open the connection
                        connection.Open();
                        // execute insert command and get inserted ID
                        supplierId = (int)cmd.ExecuteScalar();
                    }
                    catch (Exception ex)
                    {
                        throw ex;
                    }
                    finally // executes always
                    {
                        connection.Close();
                    }
                }
            }
            return(supplierId);
        }
        // delete a supplier from Suppliers table
        // return indicator of success
        public static bool DeleteSupplier(Suppliers supplier)
        {
            bool success = false;

            // create the connection
            using (SqlConnection connection = TravelExpertsDB.GetConnection())
            {
                string deleteStatement1 =
                    "DELETE FROM Packages_Products_Suppliers " +
                    "WHERE  ProductSupplierId IN " +
                    "(SELECT ProductSupplierId " +
                    "FROM Products_Suppliers " +
                    "WHERE SupplierId=@SupplierId)";

                string deleteStatement2 =
                    "DELETE FROM Products_Suppliers " +
                    "WHERE SupplierId=@SupplierId";

                string deleteStatement3 =
                    "DELETE FROM Suppliers " +
                    "WHERE SupplierId=@SupplierId " +                                 // need for identification
                    "AND (SupName=@SupName OR SupName IS NULL AND @SupName IS NULL)"; // the AND is to ensure no one is updating this product

                connection.Open();
                // start a location transaction
                SqlTransaction sqlTran = connection.BeginTransaction();

                // Enlist a command in the current transaction
                SqlCommand command = connection.CreateCommand();
                command.Transaction = sqlTran;
                //supply paramter value, this way can avoid sql injection problem
                command.Parameters.AddWithValue("@SupplierId", supplier.SupplierId);
                command.Parameters.AddWithValue("@SupName", supplier.SupName);

                try
                {
                    // Execute three separate commands
                    command.CommandText = deleteStatement1;
                    command.ExecuteNonQuery();
                    command.CommandText = deleteStatement2;
                    command.ExecuteNonQuery();
                    command.CommandText = deleteStatement3;
                    command.ExecuteNonQuery();

                    // Commit the transaction
                    sqlTran.Commit();
                    success = true;
                }
                catch (Exception)
                {
                    try
                    {
                        //Atttemp to roll back the transaction
                        sqlTran.Rollback();
                        success = false;
                    }
                    catch (Exception exRollback)
                    {
                        throw exRollback;
                    }
                }
                finally // executes always
                {
                    connection.Close();
                }
            }
            //return the indicator of success
            return(success);
        }