public void Update(RiskManagementPlan riskManagementPlan) { CommonFunctions.UpdateApostrophe(riskManagementPlan); StringBuilder sb = new StringBuilder(); sb.Append("UPDATE StudentRiskManagement SET "); sb.Append("Risk = '" + riskManagementPlan.Risk + "',"); sb.Append("RiskManagementName = '" + riskManagementPlan.RiskManagementName + "',"); sb.Append("EmergencyResponse = '" + riskManagementPlan.EmergencyResponse + "' "); sb.Append("WHERE StudentRiskManagementId = " + riskManagementPlan.StudentRiskManagementId); string sql = sb.ToString(); dbc.ExecuteCommand(sql); }
public int Add(RiskManagementPlan riskManagementPlan, int StudentId) { CommonFunctions.UpdateApostrophe(riskManagementPlan); StringBuilder sb = new StringBuilder(); sb.Append("INSERT INTO StudentRiskManagement (StudentId, Risk,RiskManagementName,EmergencyResponse) VALUES ("); sb.Append(StudentId + ",'"); sb.Append(riskManagementPlan.Risk + "','"); sb.Append(riskManagementPlan.RiskManagementName + "','"); sb.Append(riskManagementPlan.EmergencyResponse + "')"); string sql = sb.ToString(); return(dbc.ExecuteCommand(sql)); }
public List <RiskManagementPlan> GetList(int PersonId) { List <RiskManagementPlan> list = new List <RiskManagementPlan>(); DataTable dt = dbc.GetDataTable("SELECT * FROM vw_StudentRiskManagement WHERE StudentId=" + PersonId); foreach (DataRow dr in dt.Rows) { RiskManagementPlan riskManagementPlan = new RiskManagementPlan { StudentRiskManagementId = (int)dr["StudentRiskManagementId"], StudentId = (int)dr["StudentId"], Risk = dr["Risk"].ToString(), RiskManagementName = dr["RiskManagementName"].ToString(), EmergencyResponse = dr["EmergencyResponse"].ToString() }; list.Add(riskManagementPlan); } return(list); }