protected void btnSubmit_Click(object sender, EventArgs e) { if (this.Page.IsValid) { BusinessLayer.Book book = new BusinessLayer.Book(); book.Title = this.txtTitle.Text; book.PageCount = Convert.ToInt32(this.txtPageCount.Text); book.Price = Convert.ToDecimal(this.txtPrice.Text); BusinessLayer.Author author = new BusinessLayer.Author(); author.FristName = this.txtAuthorFirstName.Text; author.LastName = this.txtAuthorLastName.Text; BusinessLayer.Type type = new BusinessLayer.Type(); type.Name = this.txtTypeName.Text; int result = DataAccessLayer.UtilityToolsBook.ExecuteInsertBook(book, author, type); if (result == 1) { this.lblResultMessageBook.Text = "Succesful submition!"; } else if (result == 0) { this.lblResultMessageBook.Text = "There was an error at the Database level"; } else { this.lblResultMessageBook.Text = "There was an error at the Method level"; } } }
public static int ExecuteInsertBook(Book book, Author author, LibraryWebApplication.BusinessLayer.Type type) { SqlConnection conn; SqlCommand cmd; using (conn = new SqlConnection(GetConnectionString())) { try { string sql = "INSERT INTO AuthorId (FirstName, LastName) VALUES (@FirstName, @LastName)" + "INSERT INTO TypeId (Name) VALUES (@Name)" + "INSERT INTO Book (Title, PageCount, Price, AuthorId, TypeId) VALUES (@Title, @PageCount, @Price, @AuthorId, @TypeId)"; //string sql = "sp_InsertBookInfo"; conn.Open(); using (cmd = new SqlCommand(sql, conn)) { SqlParameter[] param = new SqlParameter[8]; param[0] = new SqlParameter("@FirstName", System.Data.SqlDbType.VarChar, 20); param[1] = new SqlParameter("@LastName", System.Data.SqlDbType.VarChar, 20); param[2] = new SqlParameter("@Name", System.Data.SqlDbType.VarChar, 20); param[3] = new SqlParameter("@Title", System.Data.SqlDbType.VarChar, 20); param[4] = new SqlParameter("@PageCount", System.Data.SqlDbType.Int); param[5] = new SqlParameter("@Price", System.Data.SqlDbType.Decimal, 2); param[6] = new SqlParameter("@AuthorId", System.Data.SqlDbType.Int); param[7] = new SqlParameter("@TypeId", System.Data.SqlDbType.Int); param[0].Value = author.FirstName; param[1].Value = author.LastName; param[2].Value = type.Name; param[3].Value = book.Title; param[4].Value = book.PageCount; param[5].Value = book.Price; param[6].Value = author.AuthorId; param[7].Value = type.TypeId; foreach (SqlParameter p in param) { cmd.Parameters.Add(p); } cmd.CommandType = System.Data.CommandType.Text; return((int)cmd.ExecuteNonQuery()); } } catch (SqlException ex) { return(ex.ErrorCode); } } }