Class reference (associations)
i want to know whether this code correct? or any improvments?. i want to place a order which refer the customer customer class to get customer id . i used following method to do it .code works fine. so i want know whether i use object oriented concept correctly.
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;
/// <summary>
/// Summary description for TCO
/// </summary>
namespace TCO {
public class Customer
{
private string _customerID;
private string _customerName;
private string _customerAddress;
public string CustomerID
{
get
{
return _customerID;
}
set
{
_customerID = value;
}
}
public string customerName
{
get
{
return _customerName;
}
set
{
_customerName = value;
}
}
public string customerAddress
{
get
{
return _customerAddress;
}
set
{
_customerAddress = value;
}
}
public Customer()
{
}
public string selectCustomer(string CName)
{
string C_ID="";
SqlConnection conn = new SqlConnection(@"server=home; integrated security = true; database = test");
string sqlselect = @"select CusID from testCustomer where CusName = '"+CName+"' ";
SqlDataReader reader = null;
conn.Open();
SqlCommand cmd = new SqlCommand(sqlselect, conn);
reader = cmd.ExecuteReader();
while (reader.Read())
{
C_ID = reader.GetValue(0).ToString();
}
return C_ID;
}
public void Insert()
{
SqlConnection conn = new SqlConnection(@"server=home; integrated security = true; database = test");
string sqlins = @"insert into testCustomer(CusID,CusName,CusAddress)values('" + _customerID + "','" + _customerName + "','" + customerAddress + "')";
SqlCommand cmd = new SqlCommand(sqlins,conn);
try
{
conn.Open();
cmd.ExecuteNonQuery();
}
catch (SqlException ex)
{
}
finally {
conn.Close();
}
}
}
public class Order
{
private string _OrderID;
private string _Quantity;
private string _OrderDetails;
private string _OrderCustomerName;
public string OrderID
{
get {
return _OrderID;
}
set {
_OrderID = value;
}
}
public string Quantity
{
get {
return _Quantity;
}
set
{
_Quantity = value;
}
}
public string OrderDetiails
{
get
{
return _OrderDetails;
}
set
{
_OrderDetails = value;
}
}
public string OrderCustomerName
{
get
{
return _OrderCustomerName;
}
set
{
_OrderCustomerName = value;
}
}
public Order()
{
}
public void Insert()
{
Customer Customer1 = new Customer();
string OrderCustomerID;
OrderCustomerID = Customer1.SelectCustomer(_OrderCustomerName);
SqlConnection conn = new SqlConnection(@"server=home; integrated security = true; database = test");
string sqlins = @"insert into testOrder(OrderID,Qty,Details,CusID)values('" + _OrderID + "','" + _Quantity + "','" + _OrderDetails + "','" + OrderCustomerID + "')";
SqlCommand cmd = new SqlCommand(sqlins, conn);
try
{
conn.Open();
cmd.ExecuteNonQuery();
}
catch (SqlException ex)
{
}
finally
{
conn.Close();
}
}
}
}
protected void Button1_Click(object sender, EventArgs e)
{
TCO.Order order1 = new TCO.Order();
order1.OrderID = TextBox1.Text;(order id)
order1.Quantity = TextBox2.Text;(quntity)
order1.OrderDetiails = TextBox3.Text;(order details)
order1.OrderCustomerName = TextBox4.Text;(customer name)
order1.Insert();
GridView1.DataBind();
}