public bool CreateUser(UserModel user)
{
bool success = false;
DataCheck dataCheck = new DataCheck();
if (dataCheck.UserAlreadyExists(user.UserName) == false && dataCheck.UserHasValues(user) && user.Password == user.PasswordConfirm)
{
string connectionString = ConnectionString.GetConnectionString();
string sqlStatement = "insert into dbo.Zaci(UserName, Password, UserJmeno, UserPrijmeni, UserTrida) VALUES(@username, @password, @userjmeno, @userprijmeni, @usertrida)";
SqlConnection connection = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(sqlStatement);
cmd.Parameters.Add("@username", System.Data.SqlDbType.VarChar, 40).Value = user.UserName;
cmd.Parameters.Add("@password", System.Data.SqlDbType.VarChar, 155).Value = PasswordCoding.EncodeToBase64(user.Password);
cmd.Parameters.Add("@userjmeno", System.Data.SqlDbType.VarChar, 20).Value = user.UserJmeno;
cmd.Parameters.Add("@userprijmeni", System.Data.SqlDbType.VarChar, 20).Value = user.UserPrijmeni;
cmd.Parameters.Add("@usertrida", System.Data.SqlDbType.VarChar, 3).Value = user.UserTrida;
cmd.Connection = connection;
connection.Open();
cmd.ExecuteNonQuery();
connection.Close();
success = true;
}
return(success);
}
public bool ZmenitHeslo(UserModel user)
{
bool success = false;
try
{
string connectionString = ConnectionString.GetConnectionString();
string sqlStatement = "UPDATE dbo.Zaci SET Password = @password WHERE Id = @userId";
SqlConnection connection = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand(sqlStatement);
cmd.Parameters.Add("@password", System.Data.SqlDbType.VarChar, 155).Value = PasswordCoding.EncodeToBase64(user.Password);
cmd.Parameters.Add("@userId", System.Data.SqlDbType.Int, 40).Value = user.Id;
cmd.Connection = connection;
connection.Open();
cmd.ExecuteNonQuery();
connection.Close();
success = true;
}
catch (Exception e)
{
Console.WriteLine("Chyba ve změně hesla u určitého žáka");
}
return(success);
}
