public string changePassword([FromBody] TamuModel tamu) { try { connection = new SqlConnection(ConnectionModel.connectionString); connection.Open(); string email = tamu.email; string password = EncryptionModel.encryption(tamu.password); string passwordRepeat = EncryptionModel.encryption(tamu.confirm); command = new SqlCommand("SELECT * FROM tamu WHERE email = '" + email + "' AND password LIKE '" + password + "'", connection); reader = command.ExecuteReader(); reader.Read(); if (reader.HasRows) { reader.Close(); command = new SqlCommand("UPDATE tamu SET password = '******' WHERE email = '" + email + "' AND password LIKE '" + password + "'", connection); command.ExecuteReader(); connection.Close(); return("Success"); } else { reader.Close(); connection.Close(); return("Fail"); } } catch (Exception) { return("Fail"); } }
public List <CheckBookingModel> check(TamuModel tamu) { try { List <CheckBookingModel> model = new List <CheckBookingModel>(); connection = new SqlConnection(ConnectionModel.connectionString); connection.Open(); command = new SqlCommand("select detail_booking.id, CONVERT(date, tgl_booking) as tgl_booking, CONVERT(date, tgl_check_in) as tgl_check_in, CONVERT(date, tgl_check_out) as tgl_check_out, total_transaksi, nomor, jenis_kamar.nama, tamu.nama, email from booking inner join detail_booking on booking.id = detail_booking.id_booking inner join kamar_hotel on detail_booking.id_kamar = kamar_hotel.id inner join jenis_kamar on kamar_hotel.id_jenis_kamar = jenis_kamar.id inner join tamu on booking.nik_tamu = tamu.id where email = '" + tamu.email + "' and nik = '" + tamu.nik + "' and tgl_check_in >= convert(date, getdate())", connection); reader = command.ExecuteReader(); while (reader.Read()) { model.Add(new CheckBookingModel { id = Convert.ToInt32(reader[0]), tgl_booking = Convert.ToString(reader[1]), tgl_check_in = Convert.ToString(reader[2]), tgl_check_out = Convert.ToString(reader[3]), total = Convert.ToInt32(reader[4]), nomor = Convert.ToInt32(reader[5]), jenis = Convert.ToString(reader[6]), nama = Convert.ToString(reader[7]), email = Convert.ToString(reader[8]), }); } connection.Close(); return(model); } catch (Exception) { return(null); } }
public TamuModel login([FromBody] TamuModel tamu) { try { connection = new SqlConnection(ConnectionModel.connectionString); connection.Open(); string email = tamu.email; string password = EncryptionModel.encryption(tamu.password); command = new SqlCommand("SELECT * FROM tamu WHERE email = '" + email + "' AND password LIKE '" + password + "'", connection); reader = command.ExecuteReader(); reader.Read(); if (reader.HasRows) { tamu.id = Convert.ToInt32(reader[0]); tamu.nik = Convert.ToString(reader[1]); tamu.nama = Convert.ToString(reader[2]); tamu.email = Convert.ToString(reader[3]); tamu.nohp = Convert.ToString(reader[4]); tamu.alamat = Convert.ToString(reader[5]); tamu.password = Convert.ToString(reader[6]); connection.Close(); return(tamu); } else { connection.Close(); return(null); } } catch (Exception) { return(null); } }