public static int AddAccount(Account a, string role)
{
string sql = @"INSERT INTO [dbo].[Account]
([id]
,[username]
,[password]
,[email]
,[role])
VALUES
(@id,
@username,
@password,
@email,
@role)";
SqlParameter param1 = new SqlParameter("@id", SqlDbType.NVarChar);
param1.Value = a.UserID;
SqlParameter param2 = new SqlParameter("@username", SqlDbType.NVarChar);
param2.Value = a.Name;
SqlParameter param3 = new SqlParameter("@password", SqlDbType.NVarChar);
param3.Value = a.Password;
SqlParameter param4 = new SqlParameter("@email", SqlDbType.NVarChar);
param4.Value = a.Email;
SqlParameter param5 = new SqlParameter("@role", SqlDbType.NChar);
param5.Value = role;
return(DAO.ExecuteSQLWithParameters(sql, param1, param2, param3, param4, param5));
}
public static int Updatepost(News ne, int id, string writer)
{
string sql = @"UPDATE [dbo].[Post] SET [title] = @tittle, [shortDesc] = @shortDesc, [longDesc] = @longDesc, [imgLink]=@imgLink, [date]=@date, [TopicID]=@topic, [writer]= @writer where PostID =" + id;
SqlParameter param1 = new SqlParameter("@tittle", SqlDbType.NVarChar);
param1.Value = ne.Tittle;
SqlParameter param2 = new SqlParameter("@shortDesc", SqlDbType.NVarChar);
param2.Value = ne.ShortDesc;
SqlParameter param3 = new SqlParameter("@longDesc", SqlDbType.NVarChar);
param3.Value = ne.LongDesc;
SqlParameter param4 = new SqlParameter("@imgLink", SqlDbType.NVarChar);
param4.Value = ne.imgLink;
SqlParameter param5 = new SqlParameter("@date", SqlDbType.Date);
param5.Value = ne.date;
SqlParameter param6 = new SqlParameter("@topic", SqlDbType.Int);
param6.Value = ne.Topic;
SqlParameter param7 = new SqlParameter("@writer", SqlDbType.NVarChar);
param7.Value = writer;
return(DAO.ExecuteSQLWithParameters(sql, param1, param2, param3, param4, param5, param6, param7));
}
public static int InsertTopic(string topic)
{
string sql = @"INSERT INTO [dbo].[Topic](TopicName) VALUES(@topic)";
SqlParameter param1 = new SqlParameter("@topic", SqlDbType.NVarChar);
param1.Value = topic;
return(DAO.ExecuteSQLWithParameters(sql, param1));
}
public static int DeleteCmt(int id)
{
string sql = @"DELETE FROM [dbo].[Comment]
WHERE commentID =@id";
SqlParameter param1 = new SqlParameter("@id", SqlDbType.Int);
param1.Value = id;
return(DAO.ExecuteSQLWithParameters(sql, param1));
}
public static int DeleteAcc(string id)
{
string sql = @"DELETE FROM [dbo].[Account]
WHERE id =@id";
SqlParameter param1 = new SqlParameter("@id", SqlDbType.NVarChar);
param1.Value = id;
return(DAO.ExecuteSQLWithParameters(sql, param1));
}
public static int UpdateAcc(Account a, string id)
{
string sql = @"Update dbo.Account set username = @username, password=@password,email=@email,role=@role where id =@uid ";
SqlParameter param1 = new SqlParameter("@uid", SqlDbType.NVarChar);
param1.Value = id;
SqlParameter param2 = new SqlParameter("@username", SqlDbType.NVarChar);
param2.Value = a.Name;
SqlParameter param3 = new SqlParameter("@password", SqlDbType.NVarChar);
param3.Value = a.Password;
SqlParameter param4 = new SqlParameter("@email", SqlDbType.NVarChar);
param4.Value = a.Email;
SqlParameter param5 = new SqlParameter("@role", SqlDbType.NChar);
param5.Value = a.Role;
return(DAO.ExecuteSQLWithParameters(sql, param1, param2, param3, param4, param5));
}
public static int InsertPost(News ne, string writer)
{
string sql = @"INSERT INTO [dbo].[Post]
([title]
,[shortDesc]
,[longDesc]
,[imgLink]
,[date]
,[TopicID]
,[writer])
VALUES
(@tittle
,@shortDesc
,@longDesc
,@imgLink
,@date
,@topic
,@writer)";
SqlParameter param1 = new SqlParameter("@tittle", SqlDbType.NVarChar);
param1.Value = ne.Tittle;
SqlParameter param2 = new SqlParameter("@shortDesc", SqlDbType.NVarChar);
param2.Value = ne.ShortDesc;
SqlParameter param3 = new SqlParameter("@longDesc", SqlDbType.NVarChar);
param3.Value = ne.LongDesc;
SqlParameter param4 = new SqlParameter("@imgLink", SqlDbType.NVarChar);
param4.Value = ne.imgLink;
SqlParameter param5 = new SqlParameter("@date", SqlDbType.NVarChar);
param5.Value = ne.date;
SqlParameter param6 = new SqlParameter("@topic", SqlDbType.Int);
param6.Value = ne.Topic;
SqlParameter param7 = new SqlParameter("@writer", SqlDbType.NVarChar);
param7.Value = writer;
return(DAO.ExecuteSQLWithParameters(sql, param1, param2, param3, param4, param5, param6, param7));
}
public static int AddComment(int postID, string content, string accID)
{
string sql = @"INSERT INTO [dbo].[comment]
([postID]
,[content]
,[account ID])
VALUES
(@postID
,@content
,@accID)";
SqlParameter param1 = new SqlParameter("@postID", SqlDbType.Int);
param1.Value = postID;
SqlParameter param2 = new SqlParameter("@content", SqlDbType.NVarChar);
param2.Value = content;
SqlParameter param3 = new SqlParameter("@accID", SqlDbType.NVarChar);
param3.Value = accID;
return(DAO.ExecuteSQLWithParameters(sql, param1, param2, param3));
}