public void CreateOwner(OwnerDTO ownerDTO) { sqlConnection.Open(); string sqlQuery = " insert into Owner values('" + ownerDTO.OwnerID + "','" + ownerDTO.OwnerNAME + "','" + ownerDTO.OwnerPASSWORD + "')"; sqlCommand = new SqlCommand(sqlQuery, sqlConnection); sqlCommand.ExecuteNonQuery(); sqlConnection.Close(); }
public void UpdateOwner(OwnerDTO ownerDTO) { sqlConnection.Open(); string sqlQuery = "Update Owner SET OwnerID='" + ownerDTO.OwnerID + "' where OwnerID='" + ownerDTO.OwnerID + "'"; sqlCommand = new SqlCommand(sqlQuery, sqlConnection); sqlCommand.ExecuteNonQuery(); string sqlQuery1 = "Update Owner SET OwnerName='" + ownerDTO.OwnerNAME + "' where OwnerID='" + ownerDTO.OwnerID + "'"; sqlCommand1 = new SqlCommand(sqlQuery1, sqlConnection); sqlCommand1.ExecuteNonQuery(); string sqlQuery2 = "Update Owner SET Password='******' where OwnerID='" + ownerDTO.OwnerID + "'"; sqlCommand2 = new SqlCommand(sqlQuery2, sqlConnection); sqlCommand2.ExecuteNonQuery(); sqlConnection.Close(); }