public ActionResult Create(PracownikAdresUser collection)
{
try
{
using (SqlConnection sqlConn = new SqlConnection(StringsqlConn))
{
sqlConn.Open();
string query = "INSERT INTO adres VALUES(@Ulica, @Lokal, @NumerLokal,@KodPocztowy, @Miasto);";
SqlCommand sqlQuery = new SqlCommand(query, sqlConn);
sqlQuery.Parameters.AddWithValue("@Ulica", collection.Ulica);
sqlQuery.Parameters.AddWithValue("@Lokal", collection.Lokal);
sqlQuery.Parameters.AddWithValue("@NumerLokal", collection.NumerLokal);
sqlQuery.Parameters.AddWithValue("@KodPocztowy", collection.KodPocztowy);
sqlQuery.Parameters.AddWithValue("@Miasto", collection.Miasto);
sqlQuery.ExecuteNonQuery();
query = "SELECT TOP 1 id_adres FROM adres ORDER BY id_adres DESC;";
sqlQuery = new SqlCommand(query, sqlConn);
int id_adres = Convert.ToInt32(sqlQuery.ExecuteScalar());
query = "INSERT INTO siteUser VALUES(@UserPassword, @UserLogin, @UserRole);";
sqlQuery = new SqlCommand(query, sqlConn);
sqlQuery.Parameters.AddWithValue("@UserPassword", collection.UserPassword);
sqlQuery.Parameters.AddWithValue("@UserLogin", collection.UserLogin);
sqlQuery.Parameters.AddWithValue("@UserRole", "pracownik");
sqlQuery.ExecuteNonQuery();
query = "SELECT TOP 1 id_siteUser FROM siteUser ORDER BY id_siteUser DESC;";
sqlQuery = new SqlCommand(query, sqlConn);
int id_siteUser = Convert.ToInt32(sqlQuery.ExecuteScalar());
DateTime data = DateTime.Today;
query = "INSERT INTO pracownik VALUES(@IdAdres,@IdSiteUser,@Imie, @Nazwisko, @DataZatrudnienia,@Email,@Telefon);";
sqlQuery = new SqlCommand(query, sqlConn);
sqlQuery.Parameters.AddWithValue("@IdAdres", id_adres);
sqlQuery.Parameters.AddWithValue("@IdSiteUser", id_siteUser);
sqlQuery.Parameters.AddWithValue("@Imie", collection.Imie);
sqlQuery.Parameters.AddWithValue("@Nazwisko", collection.Nazwisko);
sqlQuery.Parameters.AddWithValue("@DataZatrudnienia", data.ToString());
sqlQuery.Parameters.AddWithValue("@Email", collection.Email);
sqlQuery.Parameters.AddWithValue("@Telefon", collection.Telefon);
sqlQuery.ExecuteNonQuery();
}
return(RedirectToAction(nameof(Index)));
}
catch
{
return(View());
}
}
public ActionResult Edit(int id, PracownikAdresUser collection)
{
if (ModelState.IsValid)
{
using (SqlConnection sqlConn = new SqlConnection(StringsqlConn))
{
sqlConn.Open();
string query = "select id_adres from pracownik where id_pracownik=@ID;";
SqlCommand sqlQuery = new SqlCommand(query, sqlConn);
sqlQuery.Parameters.AddWithValue("@ID", id);
int id_adres = Convert.ToInt32(sqlQuery.ExecuteScalar());
query = "select id_siteUser from pracownik where id_pracownik=@ID;";
sqlQuery = new SqlCommand(query, sqlConn);
sqlQuery.Parameters.AddWithValue("@ID", id);
int id_user = Convert.ToInt32(sqlQuery.ExecuteScalar());
query = "update adres set ulica=@Ulica, lokal=@Lokal, numer_lokal=@NumerLokal,kod_pocztowy=@KodPocztowy, miasto=@Miasto where id_adres=@ID";
sqlQuery = new SqlCommand(query, sqlConn);
sqlQuery.Parameters.AddWithValue("@ID", id_adres);
sqlQuery.Parameters.AddWithValue("@Ulica", collection.Ulica);
sqlQuery.Parameters.AddWithValue("@Lokal", collection.Lokal);
sqlQuery.Parameters.AddWithValue("@NumerLokal", collection.NumerLokal);
sqlQuery.Parameters.AddWithValue("@KodPocztowy", collection.KodPocztowy);
sqlQuery.Parameters.AddWithValue("@Miasto", collection.Miasto);
sqlQuery.ExecuteNonQuery();
query = "update siteUser set user_password=@UserPassword, user_login=@UserLogin, user_role=@UserRole where id_siteUser=@ID;";
sqlQuery = new SqlCommand(query, sqlConn);
sqlQuery.Parameters.AddWithValue("@ID", id_user);
sqlQuery.Parameters.AddWithValue("@UserPassword", collection.UserPassword);
sqlQuery.Parameters.AddWithValue("@UserLogin", collection.UserLogin);
sqlQuery.Parameters.AddWithValue("@UserRole", collection.UserRole);
sqlQuery.ExecuteNonQuery();
query = "update pracownik set imie=@Imie, nazwisko=@Nazwisko, data_zatrudnienia=@DataZatrudnienia,email=@Email,telefon=@Telefon where id_pracownik=@ID;";
sqlQuery = new SqlCommand(query, sqlConn);
sqlQuery.Parameters.AddWithValue("@ID", id);
sqlQuery.Parameters.AddWithValue("@Imie", collection.Imie);
sqlQuery.Parameters.AddWithValue("@Nazwisko", collection.Nazwisko);
sqlQuery.Parameters.AddWithValue("@DataZatrudnienia", collection.DataZatrudnienia);
sqlQuery.Parameters.AddWithValue("@Email", collection.Email);
sqlQuery.Parameters.AddWithValue("@Telefon", collection.Telefon);
sqlQuery.ExecuteNonQuery();
}
return(RedirectToAction(nameof(Index)));
}
else
{
return(View());
}
}
