public DataTable GetStock(StockTbInput stockTbInput)
{
DataTable dt = new DataTable();
using (SqlConnection con = new SqlConnection("Data Source=SAI-PC\\SQLEXPRESS; UID=sa; Password=Pass$123;Database=AllSampleCode;"))
{
//con.Open();
//var query = "select * from StockTb where Name='" + stockTbInput.Name +"'";
//SqlCommand cmd = new SqlCommand(query, con) { CommandType = CommandType.Text };
//SqlDataAdapter da = new SqlDataAdapter();
//da.SelectCommand = cmd;
//da.Fill(dt);
con.Open();
var @query = "select * from StockTb where Name=@Name";
SqlCommand cmd = new SqlCommand(query, con)
{
CommandType = CommandType.Text
};
cmd.Parameters.AddWithValue("@Name", stockTbInput.Name.Trim());
SqlDataAdapter da = new SqlDataAdapter();
da.SelectCommand = cmd;
da.Fill(dt);
}
return(dt);
}
public IActionResult Post([FromBody] StockTbInput stockTbInput)
{
if (stockTbInput != null)
{
List <StockTb> stocklList = ConvertDataTable <StockTb>(GetStock(stockTbInput));
return(Ok(stocklList));
}
else
{
return(BadRequest());
}
}
