/// <summary> /// /// </summary> /// <param name="patient"></param> public void InsertDoctor(Doctor doc) { StringBuilder sql = new StringBuilder(); sql.Append(" INSERT INTO [HealthCare].[dbo].[Doctor] ([signInName],[password],[secQues] ,[secAns],[LicType],[Title] "); sql.Append(" ,[FirstName],[LastName] ,[dateBirth] ,[Gender],[Email],[zip],[NationalProviderID],[PrimarySpl] ,[OffAddr] "); sql.Append(",[City] ,[State] ,[phone]) "); sql.Append(" VALUES( '" + doc.UserID + "', '"); sql.Append(doc.Password + "', '"); sql.Append(doc.SecQues + "', '"); sql.Append(doc.SecAns + "', '"); sql.Append(doc.License_Type + "','"); sql.Append(doc.Title + "','"); sql.Append(doc.fName + "', '"); sql.Append(doc.LName + "', '"); sql.Append(doc.DateOfBirth + "','"); sql.Append(doc.gender + "','"); sql.Append(doc.email + "', '"); sql.Append(doc.zip + "', '"); sql.Append(doc.National_PrvID + "','"); sql.Append(doc.Primary_spl+ "','"); sql.Append(doc.officeAdr + "', '"); sql.Append(doc.City + "', '"); sql.Append(doc.State + "', '"); sql.Append(doc.Phone + "') "); // Assign new customer Id back to business object int id = Db.Insert(sql.ToString(), true); doc.DoctorID = id; //return sql.ToString(); }
public void AddDoctor(Doctor doctor) { //string sql = string.Empty; // TODO: add security here.. // TODO: add argument validation here.. // Run within the context of a database transaction. // The Decorator Design Pattern. using (TransactionDecorator transaction = new TransactionDecorator()) { doctorDAO.InsertDoctor(doctor); transaction.Complete(); } apptDAO.calSetup(doctor.DoctorID); }