private void btnAddRecord_Click(object sender, EventArgs e) { int cardNumber = Convert.ToInt32(cbCardNumber.SelectedValue); int idPatient = Convert.ToInt32(cbPatient.SelectedValue); int idDiagnosis = Convert.ToInt32(cbDiagnosis.SelectedValue); int idContract = GetContract(cbDoctor.Text); int idChamber = Convert.ToInt32(cbChamber.SelectedValue); int number = _random.Next(1000); string record = txtRecord.Text; bool result; do { string query = "INSERT INTO [Запись в карточке пациента] " + "([Код карточки], [Код диагноза], [Код пациента], " + "[Код врача], [Код палаты], Номер, Наименование) " + "VALUES (" + cardNumber + "," + idDiagnosis + ", " + idPatient + "," + idContract + "," + idChamber + "," + number + ", '" + record + "');"; result = _sqlServer.InsertData(query); } while (_sqlServer.SqlError()); if (result) { MessageBox.Show("Данные успешно добавлены!"); } }
private void Login(string user, string password, string userType, string server, string port) { string query = "SELECT * FROM Security s WHERE s.[Login] = '" + user + "' AND s.Password = '******'"; int rowsCount; do { var identity = SqlServer.SelectDataTable(query); rowsCount = identity.Rows.Count; } while (SqlServer.SqlError()); try { if (rowsCount == 1) { DataConnection.UserType = userType; DataConnection.User = user; DataConnection.Password = password; DataConnection.Ip = server; DataConnection.Port = port; MessageBox.Show("Успешное подключение!"); Close(); } else if (rowsCount <= 0) { MessageBox.Show(@"Имя пользователя или пароль некорректны!"); } } catch (SqlException exception) { MessageBox.Show(exception.Message, @"Ошибка"); SqlServer = null; } finally { txtUserName.Clear(); txtPassword.Clear(); } }