public void UpdateAccount(Account account) { string query = "UPDATE [Employees] SET [LastName] = " + "@lastName" + ", [FirstName] = " + "@firstName" + ", [Address] = " + "@address" + ", [Phone] = " + "@phone" + ", [DateOfBirth] = " + "@dateOfBirth" + " WHERE [Username] = " + "@username"; var parameters = new SqlParameter[6]; parameters[0] = new SqlParameter("@lastName", SqlDbType.NVarChar); parameters[0].Value = account.LastName; parameters[1] = new SqlParameter("@firstName", SqlDbType.NVarChar); parameters[1].Value = account.FirstName; parameters[2] = new SqlParameter("@address", SqlDbType.NVarChar); parameters[2].Value = account.Address; parameters[3] = new SqlParameter("@phone", SqlDbType.NVarChar); parameters[3].Value = account.Phone; parameters[4] = new SqlParameter("@dateOfBirth", SqlDbType.DateTime); parameters[4].Value = account.DateOfBirth; parameters[5] = new SqlParameter("@username", SqlDbType.NVarChar); parameters[5].Value = account.Username; connection.ExecuteInsertQuery(query, parameters); }
private void saveButton_Click(object sender, EventArgs e) { string lastName = lastNameTextBox.Text, firstName = firstNameTextBox.Text, address = addressTextBox.Text, phone = phoneTextBox.Text; DateTime dateOfBirth = dateOfBirthPicker.Value; bool hasBlankFields = lastName == "" || firstName == "" || address == "" || phone == ""; if (hasBlankFields) { MessageBox.Show("Please fill in all fields.", "Error"); return; } bool phoneNumberIsValid = phone.Any((c) => !char.IsDigit(c)); if (phoneNumberIsValid) { MessageBox.Show("Phone number must consist only numbers."); return; } if (dateOfBirth > DateTime.Today) { MessageBox.Show("Hư cấu."); return; } var newInfo = new Account(username, lastName, firstName, address, phone, dateOfBirth); dataAccess.UpdateAccount(newInfo); MessageBox.Show("Success."); Close(); }