public static void UpdateUser(UserE user)
{
SqlCommand com = new SqlCommand("UpdateUser", Connection.Con); // Prodecure
com.CommandType = CommandType.StoredProcedure;
com.Parameters.Add(new SqlParameter("@id", user.UserID));
com.Parameters.Add(new SqlParameter("@userEmail", user.UserEmail));
com.Parameters.Add(new SqlParameter("@userPassword", user.UserPassword));
com.Parameters.Add(new SqlParameter("@userName", user.UserName));
com.Parameters.Add(new SqlParameter("@userSurname", user.UserSurname));
com.Parameters.Add(new SqlParameter("@userPhone", user.UserPhone));
com.Parameters.Add(new SqlParameter("@birthdate", user.UserBirth));
com.Parameters.Add(new SqlParameter("@userAddress", user.Address));
com.Parameters.Add(new SqlParameter("@gender", user.Gender));
com.Parameters.Add(new SqlParameter("@bodyPhoto", user.UserBodyPhoto));
com.Parameters.Add(new SqlParameter("@isAdmin", user.isAdmin));
if (com.Connection.State == ConnectionState.Closed)
{
com.Connection.Open();
}
SqlDataReader rd = com.ExecuteReader();
com.Dispose();
com.Connection.Close();
}
protected void saveButton_Click(object sender, EventArgs e)
{
if (changePasswordBox.Text == confirmBox.Text) // Same password control
{
UserE user = Session["user"] as UserE;
string path = "/img/NoUser.jpg";
string fileName = avatarUpload.PostedFile.FileName;
if (fileName != "")
{
path = "/img/" + user.UserID.ToString() + "-" + fileName;
string tmp = Server.MapPath(path);
avatarUpload.PostedFile.SaveAs(tmp);
}
user.UserName = nameBox.Text;
user.UserSurname = surnameBox.Text;
user.Address = addressBox.Text;
user.UserPhone = phoneBox.Text;
user.UserBodyPhoto = path;
user.Gender = ddlGender.Text;
user.UserPassword = Util.MD5hash(changePasswordBox.Text);
BusinessLayers.Business.updateUser(user);
// user.UserBirth = DateTime.Parse(.Text);
successLabel.Text = "Success save";
successLabel.Visible = true;
}
else
{
successLabel.Text = "Passwords are not the same.";
successLabel.Visible = true;
}
}
protected void Submit1_Click(object sender, EventArgs e)
{
int controlEmail = BusinessLayers.Business.checkUserEmail(emailBox.Text);
if (controlEmail != -1)
{
successLabel.Text = "This mail already exists";
successLabel.Visible = true;
}
else
{
UserE user = new UserE();
user.UserName = nameBox.Text;
user.UserSurname = surnameBox.Text;
user.UserEmail = emailBox.Text;
user.UserBirth = DateTime.ParseExact(birthBox.Text, "yyyy-MM-dd", CultureInfo.CurrentCulture);
if (passwordBox.Text == passwordConfirmBox.Text) // Same password control
{
user.UserPassword = Util.MD5hash(passwordBox.Text);
int id = BusinessLayers.Business.insertUser(user);
Logging.logRegister(id.ToString());
successLabel.Text = "Success Register";
successLabel.Visible = true; // Register success message
Response.AddHeader("REFRESH", "2;URL=Default.aspx"); // Waiting 2 second
}
else
{
successLabel.Text = "Passwords are not the same.";
successLabel.Visible = true;
}
}
}
/// <summary>
/// agrega un usuario a la BD
/// </summary>
/// <param name="oUser">Objeto de la clase UserE</param>
/// <returns>Retorna un boleano dando a conocer si se guardo en la BD o no</returns>
public bool agregarUser(UserE oUser)
{
this.limpiarError();
bool estado = true;
try
{
string sql = "INSERT INTO scheventos.usuario(" +
"usuario, nombre, contrasenna, rol) " +
"VALUES(@user, @nombre, @contrasenna, @rol); ";
NpgsqlParameter oParametro = new NpgsqlParameter();
Parametro oP = new Parametro();
oP.agregarParametro("@user", NpgsqlDbType.Varchar, oUser.User);
oP.agregarParametro("@nombre", NpgsqlDbType.Varchar, oUser.Nombre);
oP.agregarParametro("@contrasenna", NpgsqlDbType.Varchar, oUser.Contrasenna);
oP.agregarParametro("@rol", NpgsqlDbType.Varchar, oUser.Rol);
this.conexion.ejecutarSQL(sql, oP.obtenerParametros());
if (this.conexion.IsError)
{
estado = false;
this.errorMsg = this.conexion.ErrorDescripcion;
}
}
catch (Exception e)
{
estado = false;
this.errorMsg = e.Message;
}
return(estado);
}
/// <summary>
/// Modifica user de la BD
/// </summary>
/// <param name="oUserE">Objeto de la clase UserE</param>
/// <param name="pUser">String que contiene el "user" para realizar la busqueda en la BD</param>
/// /// <param name="oUser">Objeto User para realizar todos los cambios en BD</param>
/// <returns>Retorna un boleano dando a conocer si se borro en la bd o no</returns>
public bool modificarCliente(UserE oUserE, string pUser)
{
bool estado = true;
try
{
string sql = "UPDATE scheventos.usuario " +
"SET usuario = @user, nombre = @nombre, contrasenna = @contrasenna, rol = @rol " +
"WHERE usuario = @idUser;";
NpgsqlParameter oParametro = new NpgsqlParameter();
Parametro oP = new Parametro();
oP.agregarParametro("@user", NpgsqlDbType.Varchar, oUserE.User);
oP.agregarParametro("@nombre", NpgsqlDbType.Varchar, oUserE.Nombre);
oP.agregarParametro("@contrasenna", NpgsqlDbType.Varchar, oUserE.Contrasenna);
oP.agregarParametro("@rol", NpgsqlDbType.Varchar, oUserE.Rol);
oP.agregarParametro("@idUser", NpgsqlDbType.Varchar, pUser);
this.conexion.ejecutarSQL(sql, oP.obtenerParametros());
if (this.conexion.IsError)
{
estado = false;
this.errorMsg = this.conexion.ErrorDescripcion;
}
}
catch (Exception e)
{
estado = false;
this.errorMsg = e.Message;
}
return(estado);
}
/// <summary>
/// Borra el usuario deseado de la BD
/// </summary>
/// <param name="oUserE">Objeto de la clase UserE</param>
/// <returns>Retorna un boleano dando a conocer si se borro en la BD o no</returns>
public bool borrarUser(UserE oUserE)
{
bool estado = true;
try
{
string sql = "DELETE FROM scheventos.usuario WHERE usuario = @user";
NpgsqlParameter[] parametros = new NpgsqlParameter[1];
parametros[0] = new NpgsqlParameter();
parametros[0].NpgsqlDbType = NpgsqlDbType.Varchar;
parametros[0].ParameterName = "@user";
parametros[0].Value = oUserE.User;
this.conexion.ejecutarSQL(sql, parametros);
if (this.conexion.IsError)
{
estado = false;
this.errorMsg = this.conexion.ErrorDescripcion;
}
}
catch (Exception e)
{
estado = false;
this.errorMsg = e.Message;
}
return(estado);
}
// Register Statement
public static int InsertUser(UserE user)
{
SqlCommand com = new SqlCommand("InsertUser", Connection.Con); // Prodecure
com.CommandType = CommandType.StoredProcedure;
if (user.Address == null)
{
com.Parameters.Add(new SqlParameter("@address", DBNull.Value));
}
else
{
com.Parameters.Add(new SqlParameter("@address", user.Address));
}
com.Parameters.Add(new SqlParameter("@name", user.UserName));
com.Parameters.Add(new SqlParameter("@surname", user.UserSurname));
com.Parameters.Add(new SqlParameter("@email", user.UserEmail));
com.Parameters.Add(new SqlParameter("@password", user.UserPassword));
if (user.UserPhone != null)
{
com.Parameters.Add(new SqlParameter("@phone", user.UserPhone));
}
else
{
com.Parameters.Add(new SqlParameter("@phone", DBNull.Value));
}
com.Parameters.Add(new SqlParameter("@birthdate", user.UserBirth));
if (user.UserPhone != null)
{
com.Parameters.Add(new SqlParameter("@bodyPhoto", user.UserBodyPhoto));
}
else
{
com.Parameters.Add(new SqlParameter("@bodyPhoto", DBNull.Value));
}
if (com.Connection.State == ConnectionState.Closed)
{
com.Connection.Open();
}
SqlDataReader rd = com.ExecuteReader();
int insertId = 0;
if (rd.HasRows)
{
rd.Read();
insertId = Convert.ToInt32(rd[0]);
}
com.Dispose();
com.Connection.Close();
return(insertId);
}
public FrmMain(UserE oUserE)
{
InitializeComponent();
this.oUserE = oUserE;
this.OpcionesDeInterfaz();
this.CenterToScreen();
this.CargarDGview();
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["user"] == null)
{
Response.Redirect("~/Logon.aspx");
}
UserE currentUser = Session["user"] as UserE;
if (!Page.IsPostBack)
{
addressBox.Text = currentUser.Address;
nameBox.Text = currentUser.UserName;
surnameBox.Text = currentUser.UserSurname;
phoneBox.Text = currentUser.UserPhone;
birthBox.Text = currentUser.UserBirth.ToString("yyyy-MM-dd");
//TODO gender
}
}
/// <summary>
/// Obtiene una lista cargada de todo los eventos, se filtra con el parametro pEstado
/// </summary>
/// <returns>Retorna una lista de tipo EventoE</returns>
public List <UserE> obtenerUsuarios()
{
this.limpiarError();
List <UserE> users = new List <UserE>();
DataSet dsetUsers;
string sql = "SELECT * FROM scheventos.usuario";
dsetUsers = this.conexion.ejecutarConsultaSQL(sql);
string error = this.conexion.ErrorDescripcion;
foreach (DataRow tupla in dsetUsers.Tables[0].Rows)
{
UserE oEventos = new UserE(tupla[0].ToString(), tupla[1].ToString(),
tupla[2].ToString(), tupla[3].ToString());
users.Add(oEventos);
}
return(users
);
}
/// <summary>
/// Obtiene un UserE de la BD
/// </summary>
/// <returns>Retorna un objeto UserE</returns>
public UserE obtenerUser(string pUser)
{
this.limpiarError();
DataSet dsetUsers;
UserE user = null;
string sql = "SELECT * FROM scheventos.usuario WHERE usuario= " + "'" + pUser + "'";
dsetUsers = this.conexion.ejecutarConsultaSQL(sql);
string error = this.conexion.ErrorDescripcion;
if (!this.conexion.IsError)
{
if (dsetUsers.Tables[0].Rows.Count > 0)
{
user = new UserE(dsetUsers.Tables[0].Rows[0]["usuario"].ToString(), dsetUsers.Tables[0].Rows[0]["nombre"].ToString(),
dsetUsers.Tables[0].Rows[0]["contrasenna"].ToString(), dsetUsers.Tables[0].Rows[0]["rol"].ToString());
}
}
return(user);
}
// Logon Statement
// Control email and password by database
public static UserE validateUser(string email, string password)
{
UserE user = null;
SqlCommand com = new SqlCommand("ValidateUser", Connection.Con); // Prodecure
com.CommandType = CommandType.StoredProcedure;
com.Parameters.Add(new SqlParameter("@Email", email));
com.Parameters.Add(new SqlParameter("@Password", password));
if (com.Connection.State == ConnectionState.Closed)
{
com.Connection.Open();
}
SqlDataReader rd = com.ExecuteReader();
if (rd.HasRows)
{
if (rd.Read())
{
user = new UserE
{
UserID = Convert.ToInt32(rd["UserID"]),
Address = rd["UserAddress"] == DBNull.Value ? "" : rd["UserAddress"].ToString(),
UserBodyPhoto = rd["BodyPhoto"] == DBNull.Value?"": rd["BodyPhoto"].ToString(),
UserBirth = DateTime.Parse(rd["UserBirth"].ToString()),
UserPhone = rd["UserPhone"] == DBNull.Value ? "" : rd["UserPhone"].ToString(),
UserEmail = rd["UserEmail"].ToString(),
UserName = rd["UserName"].ToString(),
UserPassword = rd["UserPassword"].ToString(),
UserSurname = rd["UserSurname"].ToString(),
Gender = rd["Gender"] == DBNull.Value ? "" : rd["Gender"].ToString(),
isAdmin = Convert.ToBoolean(rd["isAdmin"])
};
}
}
com.Dispose();
com.Connection.Close();
return(user);
}
// UserPage Start
public static void updateUser(UserE user)
{
UserC.UpdateUser(user);
}
//Register Start
public static int insertUser(UserE user)
{
return(UserC.InsertUser(user));
}