public void add()
{
string sql = @"INSERT INTO datafsa(typefsa, idcategory, name, description)
VALUES (@typefsa, @idcategory, @name, @description)";
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@typefsa",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.typefsa
},
new SqlParameter()
{
ParameterName = "@idcategory",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.idcategory
},
new SqlParameter()
{
ParameterName = "@name",
SqlDbType = System.Data.SqlDbType.VarChar,
Value = this.name
},
new SqlParameter()
{
ParameterName = "@description",
SqlDbType = System.Data.SqlDbType.VarChar,
Value = this.description
},
};
db.runSQL(sql, parameters);
}
public void add()
{
string sql = @"INSERT INTO userfsa_regs(iduser, idfsa, typefsa, personalrating, watchedeps, statusfsa, favorite)
VALUES (@iduser, @idfsa, @typefsa, @personalrating, @watchedeps, @statusfsa, @favorite)";
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@iduser",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.iduser
},
new SqlParameter()
{
ParameterName = "@idfsa",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.idfsa
},
new SqlParameter()
{
ParameterName = "@typefsa",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.typefsa
},
new SqlParameter()
{
ParameterName = "@personalrating",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.personalrating
},
new SqlParameter()
{
ParameterName = "@watchedeps",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.watchedeps
},
new SqlParameter()
{
ParameterName = "@statusfsa",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.statusfsa
},
new SqlParameter()
{
ParameterName = "@favorite",
SqlDbType = System.Data.SqlDbType.Bit,
Value = this.favorite
},
};
db.runSQL(sql, parameters);
}
public void add()
{
string sql = @"INSERT INTO shop_cart(iduser, idfsa, typefsa, quantity)
VALUES (@iduser, @idfsa, @typefsa, @quantity)";
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@iduser",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.iduser
},
new SqlParameter()
{
ParameterName = "@idfsa",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.idfsa
},
new SqlParameter()
{
ParameterName = "@typefsa",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.typefsa
},
new SqlParameter()
{
ParameterName = "@quantity",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.quantity
},
};
db.runSQL(sql, parameters);
}
static public void suspendAccount(int id)
{
Classes.DataBase db = new Classes.DataBase();
bool sus = readSuspendStatus(id);
if (sus == true)
{
sus = false;
}
else
{
sus = true;
}
string strSQL = "UPDATE users SET issuspended=@issuspended WHERE iduser=@iduser";
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@issuspended", SqlDbType = SqlDbType.Bit, Value = sus
},
new SqlParameter()
{
ParameterName = "@iduser", SqlDbType = SqlDbType.Int, Value = id
}
};
db.runSQL(strSQL, parameters);
}
public void add()
{
string sql = @"INSERT INTO fsa_comments(iduser, idfsa, typefsa, message, isactive)
VALUES (@iduser, @idfsa, @typefsa, @message, @isactive)";
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@iduser",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.iduser
},
new SqlParameter()
{
ParameterName = "@idfsa",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.idfsa
},
new SqlParameter()
{
ParameterName = "@typefsa",
SqlDbType = System.Data.SqlDbType.Int,
Value = this.typefsa
},
new SqlParameter()
{
ParameterName = "@message",
SqlDbType = System.Data.SqlDbType.VarChar,
Value = this.message
},
new SqlParameter()
{
ParameterName = "@isactive",
SqlDbType = System.Data.SqlDbType.Bit,
Value = this.isactive
},
};
db.runSQL(sql, parameters);
}
public void add()
{
string sql = @"INSERT INTO categoriesfsa(name, description)
VALUES (@name, @description)";
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@name",
SqlDbType = System.Data.SqlDbType.VarChar,
Value = this.name
},
new SqlParameter()
{
ParameterName = "@description",
SqlDbType = System.Data.SqlDbType.VarChar,
Value = this.description
},
};
db.runSQL(sql, parameters);
}
static public void delete(int id)
{
Classes.DataBase db = new Classes.DataBase();
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@idfsa",
SqlDbType = System.Data.SqlDbType.Int,
Value = id
},
};
string strSQL = $@"DELETE FROM datafsa WHERE idcategory = @idcategory";
db.runSQL(strSQL, parameters);
}
static public void delete(int id)
{
Classes.DataBase db = new Classes.DataBase();
string sql = @"DELETE FROM shop_cart WHERE idcart=@idcart";
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@idcart",
SqlDbType = System.Data.SqlDbType.Int,
Value = id
},
};
db.runSQL(sql, parameters);
}
static public void update(int iduser, int quantity)
{
Classes.DataBase db = new Classes.DataBase();
string sql = @"UPDATE shop_cart SET quantity=@quantity WHERE iduser=@iduser";
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@iduser",
SqlDbType = System.Data.SqlDbType.Int,
Value = iduser
},
new SqlParameter()
{
ParameterName = "@quantity",
SqlDbType = System.Data.SqlDbType.Int,
Value = quantity
},
};
db.runSQL(sql, parameters);
}
static public void updatePassword(string guid, string newPassword)
{
Classes.DataBase db = new Classes.DataBase();
string sql = @"UPDATE users SET password = HASHBYTES('SHA2_512',@password), recuplink=null WHERE recuplink = @recuplink";
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@password",
SqlDbType = System.Data.SqlDbType.VarChar,
Value = newPassword
},
new SqlParameter()
{
ParameterName = "@recuplink",
SqlDbType = System.Data.SqlDbType.VarChar,
Value = guid
},
};
db.runSQL(sql, parameters);
}
static public void recoverPassword(string guid, string email)
{
Classes.DataBase db = new Classes.DataBase();
string sql = @"UPDATE users SET recuplink = @recuplink WHERE email=@email";
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@email",
SqlDbType = System.Data.SqlDbType.VarChar,
Value = email
},
new SqlParameter()
{
ParameterName = "@recuplink",
SqlDbType = System.Data.SqlDbType.VarChar,
Value = guid
},
};
db.runSQL(sql, parameters);
}
static public void updateEmail(int id, string newEmail)
{
Classes.DataBase db = new Classes.DataBase();
string sql = @"UPDATE users SET email = @email WHERE iduser = @iduser";
List <SqlParameter> parameters = new List <SqlParameter>()
{
new SqlParameter()
{
ParameterName = "@email",
SqlDbType = System.Data.SqlDbType.VarChar,
Value = newEmail
},
new SqlParameter()
{
ParameterName = "@iduser",
SqlDbType = System.Data.SqlDbType.Int,
Value = id
},
};
db.runSQL(sql, parameters);
}
