// POST: api/Meds
public string Post([FromBody] CreateMed value)
{
_conn = new SqlConnection(Utils.Utils.GetConnectionString());
var queryInsert = Utils.Utils.getInsert();
SqlCommand insertCommand = new SqlCommand(queryInsert, _conn);
insertCommand.Parameters.AddWithValue("@name", value.name);
insertCommand.Parameters.AddWithValue("@exp_date", value.exp_date);
insertCommand.Parameters.AddWithValue("@pieces", value.pieces);
insertCommand.Parameters.AddWithValue("@base_subst", value.base_subst);
insertCommand.Parameters.AddWithValue("@quantity", value.quantity);
insertCommand.Parameters.AddWithValue("@description", value.description);
_conn.Open();
int result = insertCommand.ExecuteNonQuery();
if (result > 0)
{
return("true");
}
else
{
return("false");
}
}
public string Put(int id, [FromBody] CreateMed value)
{
using var _conn = new SqlConnection(Utils.QueryMed.GetConnectionString());
var queryUpdate = Utils.QueryMed.getUpdate() + id;
SqlCommand updateCommand = new SqlCommand(queryUpdate, _conn);
updateCommand.Parameters.AddWithValue("@name", value.name);
updateCommand.Parameters.AddWithValue("@exp_date", value.exp_date);
updateCommand.Parameters.AddWithValue("@pieces", value.pieces);
updateCommand.Parameters.AddWithValue("@base_subst", value.base_subst);
updateCommand.Parameters.AddWithValue("@quantity", value.quantity);
updateCommand.Parameters.AddWithValue("@description", value.description);
updateCommand.Parameters.AddWithValue("@userEmail", value.userEmail);
_conn.Open();
int result = updateCommand.ExecuteNonQuery();
if (result > 0)
{
return("true");
}
else
{
return("false");
}
}
