public bool InsertStudent(StudentModel student) { using (SqlConnection studentConnection = new SqlConnection(connectionString)) { studentConnection.Open(); string command = "INSERT INTO Student(StudentId, StudentName, Course, Year, Picture) VALUES(@studentId, @studentName, @course, @year, @picture);"; SqlCommand insertCommand = new SqlCommand(command, studentConnection); insertCommand.Parameters.AddWithValue("@studentName", student.StudentName); insertCommand.Parameters.AddWithValue("@studentId", student.StudentId); insertCommand.Parameters.AddWithValue("@course", student.Course); insertCommand.Parameters.AddWithValue("@year", student.Year); var val = student.ConvertImageToByteArray(); if (val == null) { insertCommand.Parameters.AddWithValue("@picture", new byte[0]); } else { insertCommand.Parameters.AddWithValue("@picture", val); } int affected = insertCommand.ExecuteNonQuery(); return(affected > 0); } }
public bool UpdateStudent(StudentModel student) { using (SqlConnection studentConnection = new SqlConnection(connectionString)) { studentConnection.Open(); string command = "UPDATE Student SET Course=@course, StudentName=@studentName, StudentId=@studentId, Year=@year, Picture=@picture WHERE Id=@id;"; SqlCommand updateCommand = new SqlCommand(command, studentConnection); updateCommand.Parameters.AddWithValue("@course", student.Course); updateCommand.Parameters.AddWithValue("@studentName", student.StudentName); updateCommand.Parameters.AddWithValue("@studentId", student.StudentId); updateCommand.Parameters.AddWithValue("@year", student.Year); var val = student.ConvertImageToByteArray(); if (val == null) { updateCommand.Parameters.AddWithValue("@picture", new byte[0]); } else { updateCommand.Parameters.AddWithValue("@picture", val); } updateCommand.Parameters.AddWithValue("@id", student.Id); int affected = updateCommand.ExecuteNonQuery(); return(affected > 0); } }