public bool AddComment(Comment newComment, string Login) { using (var connection = new SqlConnection(connectionsString)) { var command = new SqlCommand("insert into BlogDB.Comments (UserID, Comment, BlogID) values (@userid ,@comment, @blogid)",connection); command.Parameters.AddWithValue("@userid", FindId(Login)); command.Parameters.AddWithValue("@comment", newComment.CommentText); command.Parameters.AddWithValue("@blogid", newComment.BlogID); connection.Open(); return command.ExecuteNonQuery() == 1; } }
public IEnumerable<Comment> ShowComment(string BlogID) { var result = new List<Comment>(); using (var connection = new SqlConnection(connectionsString)) { var command = new SqlCommand("select UserID, Comment, CommentID from BlogDB.Comments where BlogID=@blogid", connection); command.Parameters.AddWithValue("@blogid", BlogID); connection.Open(); using (var reader = command.ExecuteReader()) { while (reader.Read()) { var comment = new Comment(); comment.Login = GetLoginByID(reader.GetInt32(0)); comment.CommentText = reader.GetString(1); comment.CommentID = reader.GetInt32(2); result.Add(comment); } } } return result; }