public void SubmitAccount() { var valid = true; try { if (ProfileID < 1) { valid = false; } if (Name == "") { valid = false; } if (Amount < 0.00) { valid = false; } if (LastUpdateDate < DateTime.Parse("2000/01/01")) { valid = false; } if (RecordBy == "") { valid = false; } if (RecordDate < DateTime.Parse("2000/01/01")) { valid = false; } } catch (NullReferenceException) { valid = false; } if (!valid) { throw new DatabaseException("Invalid parameters provided"); } using (var conn = DataAccess.EstablishConnection()) { var checkCmd = conn.CreateCommand(); try { checkCmd.CommandText = "SELECT AccountID FROM tblAccounts WHERE Acc_Name = @Name AND ProfileID = @ProfileID"; checkCmd.Parameters.Add("@ProfileID", DbType.Int32).Value = ProfileID; checkCmd.Parameters.Add("@Name", DbType.String).Value = Name; if (conn.State == ConnectionState.Closed) { conn.Open(); } var read = checkCmd.ExecuteReader(); if (read.HasRows) { throw new DatabaseException("An account with this name already exists"); } read.Close(); } finally { conn.Close(); checkCmd.Dispose(); } var cmd = conn.CreateCommand(); try { cmd.CommandText = "INSERT INTO tblAccounts (ProfileID, Acc_Name, Acc_Amount, Acc_LastUpdateDate, RecordBy, RecordDate) VALUES (@ProfileID, @Name, @Amount, @LastUpdateDate, @RecordBy, @RecordDate)"; cmd.Parameters.Add("@ProfileID", DbType.Int32).Value = ProfileID; cmd.Parameters.Add("@Name", DbType.String).Value = Name; cmd.Parameters.Add("@Amount", DbType.Double).Value = Amount; cmd.Parameters.Add("@LastUpdateDate", DbType.String).Value = LastUpdateDate.ToString("MM/dd/yyyy"); cmd.Parameters.Add("@RecordBy", DbType.String).Value = RecordBy; cmd.Parameters.Add("@RecordDate", DbType.String).Value = RecordDate.ToString("MM/dd/yyyy HH:mm"); if (conn.State == ConnectionState.Closed) { conn.Open(); } cmd.ExecuteNonQuery(); } finally { conn.Close(); cmd.Dispose(); } } }