protected void btnAdd_Click(object sender, EventArgs e)
{
using (SqlConnection con = new SqlConnection(Util.GetConnection()))
{
con.Open();
string SQL = @"INSERT INTO Products VALUES(@Name, @CatID, @Code,
@Description, @Image, @Price, @IsFeatured, @Available,
@Criticallevel, @Maximum, @Status, @DateAdded, @DateModified)";
if (FileImageUpload.PostedFile != null)
{
string Image = Path.GetFileName(FileImageUpload.PostedFile.FileName); //Get image path
FileImageUpload.SaveAs(Server.MapPath("Image/" + Image)); //Save files to disk
using (SqlCommand cmd = new SqlCommand(SQL, con))
{
cmd.Parameters.AddWithValue("@Name", txtName.Text);
cmd.Parameters.AddWithValue("@CatID", ddlCategory.SelectedValue);
cmd.Parameters.AddWithValue("@Code", txtCode.Text);
cmd.Parameters.AddWithValue("@Description", txtDescription.Text);
cmd.Parameters.AddWithValue("@Image", "Image/" + Image);
cmd.Parameters.AddWithValue("@Price", txtPrice.Text);
cmd.Parameters.AddWithValue("@IsFeatured", ddlIsFeatured.SelectedValue);
cmd.Parameters.AddWithValue("@Available", 0);
cmd.Parameters.AddWithValue("@Criticallevel", txtCriticallevel.Text);
cmd.Parameters.AddWithValue("@Maximum", txtMaximum.Text);
cmd.Parameters.AddWithValue("@Status", "Active");
cmd.Parameters.AddWithValue("@DateAdded", DateTime.Now);
cmd.Parameters.AddWithValue("@DateModified", DBNull.Value);
cmd.ExecuteNonQuery();
Response.Redirect("Default.aspx");
}
}
}
}
protected void btnUpdate_Click(object sender, EventArgs e)
{
using (SqlConnection con = new SqlConnection(Util.GetConnection()))
{
con.Open();
string SQL = @"UPDATE Products SET Name = @Name, CatID = @CatID, Code = @Code, Description = @Description,
Image = @Image, Price = @Price, IsFeatured = @IsFeatured, Available = @Available,
Criticallevel = @Criticallevel, Maximum = @Maximum,
DateModified = @DateModified WHERE ProductID = @ProductID";
if (FileImageUpload.PostedFile != null)
{
string Image = Path.GetFileName(FileImageUpload.PostedFile.FileName); //Get image path
FileImageUpload.SaveAs(Server.MapPath("Image/" + Image)); //Save files to disk
using (SqlCommand cmd = new SqlCommand(SQL, con))
{
cmd.Parameters.AddWithValue("@Name", txtName.Text);
cmd.Parameters.AddWithValue("@CatID", ddlCategory.SelectedValue);
cmd.Parameters.AddWithValue("@Code", txtCode.Text);
cmd.Parameters.AddWithValue("@Description", txtDescription.Text);
cmd.Parameters.AddWithValue("@Image", "Image/" + Image);
cmd.Parameters.AddWithValue("@Price", txtPrice.Text);
cmd.Parameters.AddWithValue("@IsFeatured", ddlIsFeatured.SelectedValue);
cmd.Parameters.AddWithValue("@Available", 0);
cmd.Parameters.AddWithValue("@Criticallevel", txtCriticallevel.Text);
cmd.Parameters.AddWithValue("@Maximum", txtMaximum.Text);
cmd.Parameters.AddWithValue("@DateModified", DateTime.Now);
cmd.Parameters.AddWithValue("@ProductID", Request.QueryString["ID"].ToString());
cmd.ExecuteNonQuery();
Response.Redirect("Default.aspx");
}
}
}
}
