public bool checkPassword()
{
String hashedPassword = EncryptPassword.encryptString(password);
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["pizzaDB"].ConnectionString);
conn.Open();
string checkUser = "******";
SqlCommand cmd = new SqlCommand(checkUser, conn);
cmd.Parameters.AddWithValue("@userName", userName);
SqlDataReader dr = cmd.ExecuteReader();
while (dr.Read())
{
if (dr["Password"].ToString().Equals(hashedPassword))
//ERROR HERE????
{
dr.Close();
conn.Close();
return(true);
}
else
{
dr.Close();
conn.Close();
return(false);
}
}
//should proooooooobably have something else here
dr.Close();
conn.Close();
return(false);
}
public void resetPassword(string newpwd)
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["pizzaDB"].ConnectionString);
conn.Open();
string checkUser = "******";
SqlCommand comd = new SqlCommand(checkUser, conn);
comd.Parameters.AddWithValue("@userName", userName);
comd.Parameters.AddWithValue("@password", EncryptPassword.encryptString(newpwd));
comd.ExecuteNonQuery();
conn.Close();
}
public void insertData()
{
SqlConnection conn = new SqlConnection(System.Configuration.ConfigurationManager.ConnectionStrings["pizzaDB"].ConnectionString);
conn.Open();
string insertString = "insert into Customer (UserName, FName, LName, Email, Country, Password, Age, Gender) values (@UserName, @FName, @LName, @Email, @Country, @Password, @Age, @Gender)";
SqlCommand cmd = new SqlCommand(insertString, conn);
cmd.Parameters.AddWithValue("@UserName", userName);
cmd.Parameters.AddWithValue("@FName", fName);
cmd.Parameters.AddWithValue("@LName", lName);
cmd.Parameters.AddWithValue("@Email", email);
cmd.Parameters.AddWithValue("@Country", country);
cmd.Parameters.AddWithValue("@Password", EncryptPassword.encryptString(password));
cmd.Parameters.AddWithValue("@Age", Convert.ToInt32(age));
cmd.Parameters.AddWithValue("@Gender", gender);
cmd.ExecuteNonQuery();
conn.Close();
}