public static bool check_login(string user_name, string pwd)
{
SqlCommand cmd = new SqlCommand();
cmd.CommandText = "select id from Users where User_name=@uname and Password=@pwd;";
cmd.Parameters.AddWithValue("@uname", user_name);
cmd.Parameters.AddWithValue("@pwd", pwd);
DataTable dt;
dt = DBlayer.select_query(cmd);
if (dt.Rows.Count > 0)
{
return(true);
}
else
{
return(false);
}
}
public static int add_user(string name, string email, string user_name, DateTime birth_date, string password, string phone, string address, string photo)
{
string query = @"INSERT INTO [dbo].[Users]
([email]
,[User_name]
,[Name]
,[birth_date]
,[Password]
,[phone]
,[address]
,[photo])
VALUES(@email,@uname,@name,@bdate,@pwd,@phone,@address,@photo)";
SqlCommand cmd = new SqlCommand(query);
cmd.Parameters.AddWithValue("@email", email);
cmd.Parameters.AddWithValue("@uname", user_name);
cmd.Parameters.AddWithValue("@name", name);
cmd.Parameters.AddWithValue("@pwd", password);
cmd.Parameters.AddWithValue("@phone", phone);
cmd.Parameters.AddWithValue("@address", address);
cmd.Parameters.AddWithValue("@photo", photo);
cmd.Parameters.AddWithValue("@bdate", birth_date);
return(DBlayer.DML(cmd));
}
