E
Eirik Eldorsen
What is the recommended method to add a row to a db? I've used the following
code since I started using ASP.NET. It's simple, but it gets very hard to
manage when the tables get big. And I have to check the inputdata for , and
'
public static int Create(int areaID, int createdByID, bool active, string
title)
{
string cmd =
@"INSERT INTO TableName(AreaID, TypeID, CreatedByID, Active, Title) " +
@"VALUES ("+areaID+", 1, " + createdByID + ", " + active + ", '" + title
+ "')";
return DBFactory.UpdateDB(cmd);
}
public static int UpdateDB(string cmd)
{
OleDbConnection connection = new
OleDbConnection(ConfigurationSettings.AppSettings["ConnectionString"]);
connection.Open( );
OleDbCommand command = new OleDbCommand( );
command.Connection = connection;
command.CommandText = cmd;
command.ExecuteNonQuery( );
command.CommandText = "SELECT @@Identity";
int id = (int)command.ExecuteScalar();
connection.Close();
return id;
}
code since I started using ASP.NET. It's simple, but it gets very hard to
manage when the tables get big. And I have to check the inputdata for , and
'
public static int Create(int areaID, int createdByID, bool active, string
title)
{
string cmd =
@"INSERT INTO TableName(AreaID, TypeID, CreatedByID, Active, Title) " +
@"VALUES ("+areaID+", 1, " + createdByID + ", " + active + ", '" + title
+ "')";
return DBFactory.UpdateDB(cmd);
}
public static int UpdateDB(string cmd)
{
OleDbConnection connection = new
OleDbConnection(ConfigurationSettings.AppSettings["ConnectionString"]);
connection.Open( );
OleDbCommand command = new OleDbCommand( );
command.Connection = connection;
command.CommandText = cmd;
command.ExecuteNonQuery( );
command.CommandText = "SELECT @@Identity";
int id = (int)command.ExecuteScalar();
connection.Close();
return id;
}