public string[] setBookData1(SearchBookResult bookDataResult) { string[] returnValue = new string[2]; returnValue[0] = "0"; returnValue[1] = "0"; DataBase Base = new DataBase(); using (SqlConnection Sqlconn = new SqlConnection(Base.GetConnString())) { try { StaffDataBase sDB = new StaffDataBase(); List<string> CreateFileName = sDB.getStaffDataName(HttpContext.Current.User.Identity.Name); Sqlconn.Open(); string sql = "UPDATE BookDatabase SET BookName=@executionTitle, Author=@executionAuthor, Press=@executionPress, PressDate=@executionPressDate, " + "Remark=@executionRemark, UpFileBy=@UpFileBy, UpFileDate=(getDate()),bookUseTo=@executionbookUseTo,bookComefrom=@executionbookComefrom,bookGeter=@executionbookGeter,bookScrapstatus=@executionbookScrapstatus WHERE BookID=@bID AND isDeleted=0"; SqlCommand cmd = new SqlCommand(sql, Sqlconn); cmd.Parameters.Add("@bID", SqlDbType.BigInt).Value = bookDataResult.bID; cmd.Parameters.Add("@executionTitle", SqlDbType.NVarChar).Value = Chk.CheckStringFunction(bookDataResult.executionTitle); cmd.Parameters.Add("@executionAuthor", SqlDbType.NVarChar).Value = Chk.CheckStringFunction(bookDataResult.executionAuthor); cmd.Parameters.Add("@executionPress", SqlDbType.NVarChar).Value = Chk.CheckStringFunction(bookDataResult.executionPress); cmd.Parameters.Add("@executionPressDate", SqlDbType.Date).Value = Chk.CheckStringtoDateFunction(bookDataResult.executionPressDate); cmd.Parameters.Add("@executionRemark", SqlDbType.NVarChar).Value = Chk.CheckStringFunction(bookDataResult.executionRemark); cmd.Parameters.Add("@UpFileBy", SqlDbType.Int).Value = Chk.CheckStringtoIntFunction(CreateFileName[0]); cmd.Parameters.Add("@executionbookUseTo", SqlDbType.Int).Value = Chk.CheckStringFunction(bookDataResult.executionbookUseTo); cmd.Parameters.Add("@executionbookComefrom", SqlDbType.NVarChar).Value = Chk.CheckStringFunction(bookDataResult.executionbookComefrom); cmd.Parameters.Add("@executionbookGeter", SqlDbType.NVarChar).Value = Chk.CheckStringFunction(bookDataResult.executionbookGeter); cmd.Parameters.Add("@executionbookScrapstatus", SqlDbType.Int).Value = Chk.CheckStringtoIntFunction(bookDataResult.executionbookScrapstatus); returnValue[0] = cmd.ExecuteNonQuery().ToString(); Sqlconn.Close(); } catch (Exception e) { returnValue[0] = "-1"; returnValue[1] = e.Message.ToString(); } } return returnValue; }
public string[] setBookData1(SearchBookResult bookDataResult) { AdministrationDataBase aDB = new AdministrationDataBase(); aDB.libraryFunction(); if (int.Parse(aDB._StaffhaveRoles[1]) == 1) { return aDB.setBookData1(bookDataResult); } else { return new string[2] { _noRole, _errorMsg }; } }