Refactor SQL handling in EnvelopeGenerator application

- Added `System.Data` using directive in `EnvelopeCreateReadSQL.cs`.
- Updated SQL command strings to use parameter placeholders.
- Corrected method name from `CreateParmas` to `CreateParams` and added output parameter `@OutUid`.
- Made similar updates in `EnvelopeReceiverAddReadSQL.cs`.
- Introduced `ParamsExtensions` class with `ToSqlParam` method for converting .NET objects to SQL-safe parameter strings.

EnvelopeGenerator.Application/SQL/EnvelopeCreateReadSQL.cs

@@ -1,6 +1,7 @@
 using Dapper;
 using EnvelopeGenerator.Application.Contracts.SQLExecutor;
 using EnvelopeGenerator.Domain.Entities;
+using System.Data;
 
 namespace EnvelopeGenerator.Application.SQL;
 
@@ -10,18 +11,17 @@ namespace EnvelopeGenerator.Application.SQL;
 public class EnvelopeCreateReadSQL : ISQL<Envelope>
 {
     /// <summary>
-    /// 
+    /// USER_ID, TITLE, TFAEnabled, MESSAGE
     /// </summary>
     public string Raw => @"
-        USE [DD_ECM];
         DECLARE @OUT_UID varchar(36);
 
         EXEC [dbo].[PRSIG_API_CREATE_ENVELOPE]
-            @USER_ID = @UserId,
+            {0},
-            @TITLE = @Title,
+            {1},
-            @TFAEnabled = @TfaEnabled,
+            {2},
-            @MESSAGE = @Message,
+            {3},
-            @OUT_UID = @OUT_UID OUTPUT;
+            @OUT_UID OUTPUT;
 
         SELECT TOP(1) *
         FROM [dbo].[TBSIG_ENVELOPE]
@@ -36,13 +36,14 @@ public class EnvelopeCreateReadSQL : ISQL<Envelope>
     /// <param name="message"></param>
     /// <param name="tfaEnabled"></param>
     /// <returns></returns>
-    public static DynamicParameters CreateParmas(int userId, string title = "", string message = "", bool tfaEnabled = false)
+    public static DynamicParameters CreateParams(int userId, string title = "", string message = "", bool tfaEnabled = false)
     {
         var parameters = new DynamicParameters();
         parameters.Add("@UserId", userId);
         parameters.Add("@Title", title);
         parameters.Add("@TfaEnabled", tfaEnabled ? 1 : 0);
         parameters.Add("@Message", message);
+        parameters.Add("@OutUid", dbType: DbType.String, size: 36, direction: ParameterDirection.Output);
         return parameters;
     }
 }

EnvelopeGenerator.Application/SQL/EnvelopeReceiverAddReadSQL.cs

@@ -10,16 +10,16 @@ namespace EnvelopeGenerator.Application.SQL;
 public class EnvelopeReceiverAddReadSQL : ISQL<Envelope>
 {
     /// <summary>
-    /// 
+    /// ENV_UID, EMAIL_ADRESS, SALUTATION, PHONE, 
     /// </summary>
     public string Raw => @"
 		DECLARE	@OUT_RECEIVER_ID int
 
 		EXEC	[dbo].[PRSIG_API_CREATE_RECEIVER]
-				@ENV_UID,
+				{0},
-				@EMAIL_ADRESS,
+				{1},
-				@SALUTATION,
+				{2},
-				@PHONE,
+				{3},
 				@OUT_RECEIVER_ID OUTPUT
 
 		SELECT TOP(1) *

EnvelopeGenerator.Application/SQL/ParamsExtensions.cs

@@ -0,0 +1,28 @@
+namespace EnvelopeGenerator.Application.SQL;
+
+/// <summary>
+/// Extension method for converting objects to SQL parameter strings.
+/// </summary>
+public static class ParamsExtensions
+{
+    /// <summary>
+    /// Converts a .NET object to its corresponding SQL-safe parameter string.
+    /// </summary>
+    /// <param name="obj">The object to convert.</param>
+    /// <returns>A string representing the SQL parameter.</returns>
+    public static string ToSqlParam(this object? obj)
+    {
+        if (obj is null)
+            return "NULL";
+        else if (obj is string strVal)
+            return $"'{strVal}'";
+        else if (obj is bool boolVal)
+            return boolVal ? "1" : "0";
+        else if (obj is double doubleVal)
+            return $"'{doubleVal}'";
+        else if (obj is int intVal)
+            return intVal.ToString();
+        else
+            throw new NotSupportedException($"Type '{obj.GetType().FullName}' is not supported for SQL parameter conversion.");
+    }
+}