public static int AddWorker(Worker worker)
{
OpenConnection();
// create new StoredProcedure command
cmd = new SqlCommand("sp_AddWorker", con);
cmd.CommandType = CommandType.StoredProcedure;
EncryptPassword en = new EncryptPassword();
en.HashedPass = worker.Password;
// add the parameters
cmd.Parameters.AddWithValue("@IdNumber", worker.IdNumber);
cmd.Parameters.AddWithValue("@FirstName", worker.FirstName);
cmd.Parameters.AddWithValue("@LastName", worker.LastName);
cmd.Parameters.AddWithValue("@Password", en.HashedPass);
cmd.Parameters.AddWithValue("@Phone", worker.Phone != null ? worker.Phone : "");
cmd.Parameters.AddWithValue("@Email", worker.Email != null ? worker.Email : "");
cmd.Parameters.AddWithValue("@Picture", worker.Picture != null ? worker.Picture : "");
cmd.Parameters.AddWithValue("@Type", worker.Type);
sqlParm = new SqlParameter("@res", DbType.Int32);
sqlParm.Direction = ParameterDirection.Output;
// add the result parameter
cmd.Parameters.Add(sqlParm);
cmd.ExecuteNonQuery();
int res = (int)cmd.Parameters["@res"].Value;
CloseConnection();
return(res);
}
/// <summary>
/// Check id and password with database
/// </summary>
/// <param name="id">User ID Number</param>
/// <param name="pass">User Password</param>
/// <returns>SqlDataReader - Result from sp</returns>
public static Worker Login(string id, string pass)
{
OpenConnection();
EncryptPassword encryptPass = new EncryptPassword();
encryptPass.HashedPass = pass;
// create new StoredProcedure command
cmd = new SqlCommand("sp_Login", con);
cmd.CommandType = CommandType.StoredProcedure;
// add the id and pass parameters
cmd.Parameters.AddWithValue("@id", id);
cmd.Parameters.AddWithValue("@pass", encryptPass.HashedPass);
// return the reader
reader = cmd.ExecuteReader();
Worker w = null;
if (reader.Read())
{
w = new Worker()
{
IdNumber = reader.GetString(1),
FirstName = reader.GetString(2),
LastName = reader.GetString(3),
Email = reader.GetString(4),
Phone = reader.GetString(5),
IsAdmin = reader.GetBoolean(6)
};
}
CloseConnection();
return(w);
}
