public string changePassword([FromBody] TamuModel tamu)
{
try
{
connection = new SqlConnection(ConnectionModel.connectionString);
connection.Open();
string email = tamu.email;
string password = EncryptionModel.encryption(tamu.password);
string passwordRepeat = EncryptionModel.encryption(tamu.confirm);
command = new SqlCommand("SELECT * FROM tamu WHERE email = '" + email + "' AND password LIKE '" + password + "'", connection);
reader = command.ExecuteReader();
reader.Read();
if (reader.HasRows)
{
reader.Close();
command = new SqlCommand("UPDATE tamu SET password = '******' WHERE email = '" + email + "' AND password LIKE '" + password + "'", connection);
command.ExecuteReader();
connection.Close();
return("Success");
}
else
{
reader.Close();
connection.Close();
return("Fail");
}
} catch (Exception)
{
return("Fail");
}
}
public List <CheckBookingModel> check(TamuModel tamu)
{
try
{
List <CheckBookingModel> model = new List <CheckBookingModel>();
connection = new SqlConnection(ConnectionModel.connectionString);
connection.Open();
command = new SqlCommand("select detail_booking.id, CONVERT(date, tgl_booking) as tgl_booking, CONVERT(date, tgl_check_in) as tgl_check_in, CONVERT(date, tgl_check_out) as tgl_check_out, total_transaksi, nomor, jenis_kamar.nama, tamu.nama, email from booking inner join detail_booking on booking.id = detail_booking.id_booking inner join kamar_hotel on detail_booking.id_kamar = kamar_hotel.id inner join jenis_kamar on kamar_hotel.id_jenis_kamar = jenis_kamar.id inner join tamu on booking.nik_tamu = tamu.id where email = '" + tamu.email + "' and nik = '" + tamu.nik + "' and tgl_check_in >= convert(date, getdate())", connection);
reader = command.ExecuteReader();
while (reader.Read())
{
model.Add(new CheckBookingModel
{
id = Convert.ToInt32(reader[0]),
tgl_booking = Convert.ToString(reader[1]),
tgl_check_in = Convert.ToString(reader[2]),
tgl_check_out = Convert.ToString(reader[3]),
total = Convert.ToInt32(reader[4]),
nomor = Convert.ToInt32(reader[5]),
jenis = Convert.ToString(reader[6]),
nama = Convert.ToString(reader[7]),
email = Convert.ToString(reader[8]),
});
}
connection.Close();
return(model);
}
catch (Exception)
{
return(null);
}
}
public TamuModel login([FromBody] TamuModel tamu)
{
try
{
connection = new SqlConnection(ConnectionModel.connectionString);
connection.Open();
string email = tamu.email;
string password = EncryptionModel.encryption(tamu.password);
command = new SqlCommand("SELECT * FROM tamu WHERE email = '" + email + "' AND password LIKE '" + password + "'", connection);
reader = command.ExecuteReader();
reader.Read();
if (reader.HasRows)
{
tamu.id = Convert.ToInt32(reader[0]);
tamu.nik = Convert.ToString(reader[1]);
tamu.nama = Convert.ToString(reader[2]);
tamu.email = Convert.ToString(reader[3]);
tamu.nohp = Convert.ToString(reader[4]);
tamu.alamat = Convert.ToString(reader[5]);
tamu.password = Convert.ToString(reader[6]);
connection.Close();
return(tamu);
}
else
{
connection.Close();
return(null);
}
} catch (Exception)
{
return(null);
}
}