public void Update(RiskManagementPlan riskManagementPlan)
{
CommonFunctions.UpdateApostrophe(riskManagementPlan);
StringBuilder sb = new StringBuilder();
sb.Append("UPDATE StudentRiskManagement SET ");
sb.Append("Risk = '" + riskManagementPlan.Risk + "',");
sb.Append("RiskManagementName = '" + riskManagementPlan.RiskManagementName + "',");
sb.Append("EmergencyResponse = '" + riskManagementPlan.EmergencyResponse + "' ");
sb.Append("WHERE StudentRiskManagementId = " + riskManagementPlan.StudentRiskManagementId);
string sql = sb.ToString();
dbc.ExecuteCommand(sql);
}
public int Add(RiskManagementPlan riskManagementPlan, int StudentId)
{
CommonFunctions.UpdateApostrophe(riskManagementPlan);
StringBuilder sb = new StringBuilder();
sb.Append("INSERT INTO StudentRiskManagement (StudentId, Risk,RiskManagementName,EmergencyResponse) VALUES (");
sb.Append(StudentId + ",'");
sb.Append(riskManagementPlan.Risk + "','");
sb.Append(riskManagementPlan.RiskManagementName + "','");
sb.Append(riskManagementPlan.EmergencyResponse + "')");
string sql = sb.ToString();
return(dbc.ExecuteCommand(sql));
}
public List <RiskManagementPlan> GetList(int PersonId)
{
List <RiskManagementPlan> list = new List <RiskManagementPlan>();
DataTable dt = dbc.GetDataTable("SELECT * FROM vw_StudentRiskManagement WHERE StudentId=" + PersonId);
foreach (DataRow dr in dt.Rows)
{
RiskManagementPlan riskManagementPlan = new RiskManagementPlan
{
StudentRiskManagementId = (int)dr["StudentRiskManagementId"],
StudentId = (int)dr["StudentId"],
Risk = dr["Risk"].ToString(),
RiskManagementName = dr["RiskManagementName"].ToString(),
EmergencyResponse = dr["EmergencyResponse"].ToString()
};
list.Add(riskManagementPlan);
}
return(list);
}
