Have a look at your code,
while (reader.Read())
{
emp = new Reservation();
emp.Id = Convert.ToInt32(reader.GetValue(0));
emp.Room_No = reader.GetValue(1).ToString();
emp.Room_Description = reader.GetValue(2) as string;
emp.Room_Capacity = (reader.GetValue(3) as int?) ?? 0;
emp.Room_Type = reader.GetValue(4) as string;
emp.Location = reader.GetValue(5) as string;
emp.Start_Date = reader.GetValue(6) as string;
emp.Start_Time = reader.GetValue(7) as string;
emp.End_Time = reader.GetValue(8) as string;
emp.Meeting_Title = reader.GetValue(9) as string;
emp.Reservation_Reason = reader.GetValue(10) as string;
emp.Status = reader.GetValue(11) as string;
emp.Attendance = (reader.GetValue(12) as int?) ?? 0;
emp.Remarks = reader.GetValue(13) as string;
emp.Mail_To = reader.GetValue(14) as string;
emp.Mail_CC = reader.GetValue(15) as string;
}
conn.Close();
return emp;
You are returning the "emp" object, and in every iteration of record, you are creating a new instance of it, and you are setting its value to the current record — which, by the end of the iteration is the last record. That is why, your API only returns the last one.
Instead of this, I would recommend that you add a generic List type and store the emp objects in that list. Something like this,
List<Reservation> emps = new List<Reservation>();
while (reader.Read()) {
emp = new Reservation();
emps.Add(emp);
}
return emps;
To return the "emps" you will also need to change the signature,
public List<Reservation> Get(int id) {
After all of this, you should look into the SQL Injection hack, which your code can easily be attacked with. Never concatenate the SQL queries, always try to parametrize them to save yourself.
SQL injection - Wikipedia[
^]