public bool add(MedsDTO m) { try { string query = "insert into Medicine (Name, Quantity, Price, Supplier) values ('" + m.NAME + "'," + m.QUANTITY + "," + m.PRICE + ",'" + m.SUPPLIER + "')"; c.sqlComm = new SqlCommand(query, c.SqlConn); c.sqlComm.ExecuteNonQuery(); c.SqlConn.Close(); return true; } catch (Exception e) { MessageBox.Show(e.ToString()); return false; } }
public bool update(MedsDTO m) { string query = "update Medicine set Quantity=" + m.QUANTITY + ", Price=" + m.PRICE + ", Supplier='" + m.SUPPLIER + "' where Name='" + m.NAME + "'"; try { c.sqlComm = new SqlCommand(query, c.SqlConn); c.sqlComm.ExecuteNonQuery(); c.SqlConn.Close(); return true; } catch (Exception e) { MessageBox.Show(e.ToString()); c.SqlConn.Close(); return false; } }