protected void btn_Add_Click(object sender, EventArgs e)
        {
            if (Filesave.HasFile)
            {
                DateTime now     = DateTime.Now;
                var      dateNow = now.ToString("MMMM dd, yyyy");

                Random r    = new Random();
                int    num  = r.Next();
                string file = Path.GetFileName(Filesave.PostedFile.FileName);
                Filesave.SaveAs(Server.MapPath("~/uploads/") + (num.ToString()) + "-" + file);

                conn.ConnectionString = ConfigurationManager.ConnectionStrings["MyConnection"].ToString();
                conn.Open();
                sql = "INSERT INTO archive_list (title, year, batch, date_added, file_name, file_path) VALUES (@title, @year, @batch, @date_added, @file_name, @file_path)";
                cmd = new SqlCommand(sql, conn);

                cmd.Parameters.AddWithValue("@title", title.Text.ToString());
                cmd.Parameters.AddWithValue("@year", yearLvl.Text.ToString());
                cmd.Parameters.AddWithValue("@batch", batchLvl.Text.ToString());
                cmd.Parameters.AddWithValue("@date_added", dateNow);
                cmd.Parameters.AddWithValue("@file_name", (num.ToString()) + "-" + file);
                cmd.Parameters.AddWithValue("@file_path", Server.MapPath("~/uploads/") + (num.ToString()) + "-" + file);
                cmd.ExecuteNonQuery();

                conn.Close();
                cmd.Dispose();
                Response.Redirect("archive.aspx");
            }
        }
        protected void btnUodate_Click(object sender, EventArgs e)
        {
            if (Filesave.HasFile)
            {
                Random r    = new Random();
                int    num  = r.Next();
                string file = Path.GetFileName(Filesave.PostedFile.FileName);
                Filesave.SaveAs(Server.MapPath("~/uploads/") + (num.ToString()) + "-" + file);

                conn.ConnectionString = ConfigurationManager.ConnectionStrings["MyConnection"].ToString();
                conn.Open();
                sql = "UPDATE archive_list SET title=@title, year=@year, batch=@batch,file_name=@file_name, file_path=@file_path WHERE books_id=@books_id";
                cmd = new SqlCommand(sql, conn);

                cmd.Parameters.AddWithValue("@books_id", book_id.Text.ToString());
                cmd.Parameters.AddWithValue("@title", title.Text.ToString());
                cmd.Parameters.AddWithValue("@year", yearLvl.Text.ToString());
                cmd.Parameters.AddWithValue("@batch", batchLvl.Text.ToString());
                cmd.Parameters.AddWithValue("@file_name", (num.ToString()) + "-" + file);
                cmd.Parameters.AddWithValue("@file_path", Server.MapPath("~/uploads/") + (num.ToString()) + "-" + file);

                cmd.ExecuteNonQuery();

                conn.Close();
                cmd.Dispose();
                Response.Redirect("archive.aspx");
            }
        }