增删改查

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

/// <summary>
/// personOperate 的摘要描述
/// </summary>
public class personOperate
{
public personOperate()
{
   //
   // TODO: 在此加入建構函式的程式碼
   //
}
    public static SqlConnection createcon()
    {
        return new SqlConnection("server=.;database=person;uid=sa;pwd=;");

    }
    public static bool findPerson(string pID)
    {
        SqlConnection con = personOperate.createcon();
        con.Open();
        SqlCommand cmd=new SqlCommand("select count(*) from person where pID='"+pID+"'",con);
        int count = Convert.ToInt32(cmd.ExecuteScalar());
        if (count > 0)
        {
            return true;
        }
        else
        {
            return false;
        }
    }
    public static DataTable selectAllPerson()
    {
        SqlConnection con = personOperate.createcon();
        SqlDataAdapter sda = new SqlDataAdapter();
        sda.SelectCommand = new SqlCommand("select * from person", con);
        DataSet ds = new DataSet();
        sda.Fill(ds, "person");
        return ds.Tables["person"];

    }
    public static bool insertOperate(person p)
    {
        try
        {
            SqlConnection con = personOperate.createcon();
            con.Open();
            SqlCommand cmd = new SqlCommand("insert into person values(@pID,@pName,@pSex)", con);
            SqlParameter para = new SqlParameter("@pID", SqlDbType.VarChar, 10);
            para.Value = p.pID;
            cmd.Parameters.Add(para);
            para = new SqlParameter("@pName", SqlDbType.VarChar, 20);
            para.Value = p.pName;
            cmd.Parameters.Add(para);
            para = new SqlParameter("@pSex", SqlDbType.VarChar, 2);
            para.Value = p.pSex;
            cmd.Parameters.Add(para);
            cmd.ExecuteNonQuery();
            return true;
        }
        catch (Exception e)
        {
            return false;
        }
    }
    public static bool updateOperate(person p)
    {
        try
        {
            SqlConnection con = personOperate.createcon();
            con.Open();
            SqlCommand cmd=new SqlCommand("update person set pName='"+p.pName+"',pSex='"+p.pSex+"' where pID='"+p.pID+"'",con);
            cmd.ExecuteNonQuery();
            return true;
        }
        catch (Exception e)
        {
            return false;
        }
    }
    public static bool deleteOperate(string pID)
    {
        try
        {
            SqlConnection con = personOperate.createcon();
            con.Open();
            SqlCommand cmd=new SqlCommand("delete from person where pID='"+pID+"'",con);
            cmd.ExecuteNonQuery();
            return true;
        }
        catch(Exception e)
        {
            return false;
        }
    }
}