private void RegisterButton_Click(object sender, EventArgs e)
        {
            string Name            = NameInput.Text;
            string Email           = EmailInput.Text;
            string Address         = AddressInput.Text;
            string PhoneNumber     = PhoneNumberInput.Text;
            string Password        = PasswordInput.Text;
            string ConfirmPassword = ConfirmPasswordInput.Text;
            //     MessageBox.Show(Name + Email + Address + Region + PhoneNumber + Password + ConfirmPassword);
            MedicalRepresentative mr = new MedicalRepresentative(Name, Password, Email, Address, PhoneNumber, null);

            mrdb.RegisterMR(mr);
            this.Visible = false;
        }
        public void RegisterMR(MedicalRepresentative mr)
        {
            int mrid = -1;

            using (SqlConnection con = new SqlConnection(cs))
            {
                SqlCommand cmd = new SqlCommand
                {
                    Connection  = con,
                    CommandText =
                        "INSERT INTO [dbo].[User] ([name], [password], [email], [role], [address], [phonenumber]) VALUES (@name, @password,@email, @role, @address,@phonenumber)"
                };

                cmd.Parameters.AddWithValue("@name", mr.Name);
                cmd.Parameters.AddWithValue("@email", mr.Email);
                cmd.Parameters.AddWithValue("@password", mr.Password);
                cmd.Parameters.AddWithValue("@role", "mr");
                cmd.Parameters.AddWithValue("@address", mr.Address);
                cmd.Parameters.AddWithValue("@phonenumber", mr.PhoneNumber);
                con.Open();
                cmd.ExecuteNonQuery();
            }
            using (SqlConnection con = new SqlConnection(cs))
            {
                SqlCommand cmd = new SqlCommand
                {
                    Connection  = con,
                    CommandText =
                        "select * from [dbo].[User] where email = @email and password = @password"
                };

                cmd.Parameters.Add(new SqlParameter("@email", mr.Email));
                cmd.Parameters.Add(new SqlParameter("@password", mr.Password));
                con.Open();
                using (SqlDataReader reader = cmd.ExecuteReader())
                {
                    if (reader.HasRows)
                    {
                        this.isLoggedin = true;
                        reader.Read();
                        mrid = reader.GetInt32(0);
                    }
                }
            }
            if (mrid != -1)
            {
                using (SqlConnection con = new SqlConnection(cs))
                {
                    SqlCommand cmd = new SqlCommand
                    {
                        Connection  = con,
                        CommandText =
                            "INSERT INTO [dbo].[Manager_Mr] ([mid], [mrid]) VALUES (@mid, @mrid)"
                    };

                    cmd.Parameters.AddWithValue("@mid", uid);
                    cmd.Parameters.AddWithValue("@mrid", mrid);
                    con.Open();
                    cmd.ExecuteNonQuery();
                }
            }
        }
Beispiel #3
0
 public bool removeMedicalRepresentative(MedicalRepresentative m)
 {
     MRs.Remove(m);
     return(true);
 }
Beispiel #4
0
 public bool addMedicalRepresentative(MedicalRepresentative m)
 {
     MRs.Add(m);
     return(true);
 }