public static void editEmployee(Employee employee)
{
using (SqlConnection conn = DBConnection.GetConnection())
{
conn.Open();
string username = employee.username;
string firstname = employee.firstname;
string lastname = employee.lastname;
string gender = employee.gender;
string address = employee.address;
int role = employee.role;
string dob = DBConnection.FormatDate(employee.birthday);
string joindate = DBConnection.FormatDate(employee.joindate);
string sql = @"UPDATE Emplopyee SET FirstName = N'" + firstname
+ "', LastName = N'" + lastname
+ "', Gender = '" + gender
+ "', Birthdate = '" + dob
+ "', Address = N'" + address
+ "', JoinDate = '" + joindate
+ "', Role = " + role
+ " WHERE Username = '******'";
SqlCommand command = new SqlCommand(sql, conn);
command.ExecuteNonQuery();
conn.Close();
}
}
public static void EditCombo(Combo combo, int id)
{
using (SqlConnection conn = DBConnection.GetConnection())
{
conn.Open();
string comboname = combo.comboName;
string image = combo.image;
string daystart = DBConnection.FormatDate(combo.dayStart);
string dayend = DBConnection.FormatDate(combo.dayEnd);
int total = combo.total;
string discountmoney = combo.discountMoney;
string sql = @"UPDATE Combo SET ComboName = N'" + comboname
+ "', DayStart = '" + daystart
+ "', DayEnd = '" + dayend
+ "', Total = " + total
+ ", Discount = N'" + 0
+ "', DiscountMoney = N'" + discountmoney
+ "', Image = N'" + image
+ "' WHERE Id =" + id;
try
{
SqlCommand command = new SqlCommand(sql, conn);
command.ExecuteNonQuery();
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
conn.Close();
}
}
public static void AddInvoice(Invoice invoice)
{
using (SqlConnection conn = DBConnection.GetConnection())
{
conn.Open();
int cusid = invoice.customer_id;
string totalmoney = invoice.totalmoney;
string amount = invoice.amount;
string createday = DBConnection.FormatDate(invoice.creatday);
string note = invoice.ordernote;
string postcode = invoice.postcode;
string address = invoice.customeraddress;
string status = invoice.status;
string sql = "insert into Invoice VALUES (" + cusid + ",'" + totalmoney + "','" + amount + "','" + createday
+ "','" + note + "','" + postcode + "',N'" + address + "','" + status + "')";
SqlCommand command = new SqlCommand(sql, conn);
command.ExecuteNonQuery();
conn.Close();
}
}
public static void AddKhach(string firstname, string lastname, string phone, string address)
{
using (SqlConnection conn = DBConnection.GetConnection())
{
conn.Open();
string username = RandomUsername();
string password = DBConnection.HashPassword(phone);
string email = username + "@gmail.com";
string gender = "Male";
string day = DBConnection.FormatDate(DateTime.Now);
int isNew = 2;
string status = "Active";
string sql = "insert into Customer VALUES ('" + username + "','" + password + "','" + email + "',N'" + firstname
+ "',N'" + lastname + "','" + gender + "','" + day + "',N'" + address + "','" + phone
+ "','" + day + "'," + isNew + ",N'" + status + "')";
SqlCommand command = new SqlCommand(sql, conn);
command.ExecuteNonQuery();
conn.Close();
}
}
public static void AddCombo(Combo combo)
{
using (SqlConnection conn = DBConnection.GetConnection())
{
conn.Open();
string comboname = combo.comboName;
string image = combo.image;
string daystart = DBConnection.FormatDate(combo.dayStart);
string dayend = DBConnection.FormatDate(combo.dayEnd);
int total = combo.total;
string discountmoney = combo.discountMoney;
string sql = @"INSERT INTO Combo VALUES" +
"(N'" + comboname + "','" + daystart + "','" + dayend + "'," + total +
", N'', N'" + discountmoney + "', N'" + image + "')";
SqlCommand com = new SqlCommand(sql, conn);
com.ExecuteNonQuery();
conn.Close();
}
}
public static void addEmployee(Employee employee)
{
using (SqlConnection conn = DBConnection.GetConnection())
{
conn.Open();
string username = employee.username;
string firstname = employee.firstname;
string lastname = employee.lastname;
string gender = employee.gender;
string address = employee.address;
int role = employee.role;
DateTime dob = employee.birthday;
string password = DBConnection.HashPassword(dob.Day.ToString("dd") + dob.Month.ToString("MM") + dob.Year.ToString());
string joindate = DBConnection.FormatDate(employee.joindate);
string sql = @"INSERT INTO Emplopyee VALUES" +
"('" + username + "','" + password + "',N'" + firstname + "',N'" + lastname +
"','" + gender + "','" + DBConnection.FormatDate(dob) + "',N'" + address + "','" + joindate + "'," + role + ", 'Active')";
SqlCommand com = new SqlCommand(sql, conn);
com.ExecuteNonQuery();
conn.Close();
}
}
public static DataTable Search(DateTime start, DateTime end, string text)
{
using (SqlConnection conn = DBConnection.GetConnection())
{
conn.Open();
string sql = "select * from Combo where DayStart>='" + DBConnection.FormatDate(start) + "' and DayEnd <='" + DBConnection.FormatDate(end) + "' and ComboName like N'%" + text + "%'";
SqlCommand command = new SqlCommand(sql, conn);
SqlDataAdapter dataAdapter = new SqlDataAdapter(command);
DataTable dt = new DataTable();
dataAdapter.Fill(dt);
conn.Close();
return(dt);
}
}