static public bool UpdateUser(RegularUser usr) //update user usr with the id equal to usr.id with its attributes
{
string conStr = @"Data Source=(localdb)\MSSQLLocalDB;Initial Catalog=DBofBlogApp;Integrated Security=True;Connect Timeout=30;Encrypt=False;TrustServerCertificate=False;ApplicationIntent=ReadWrite;MultiSubnetFailover=False";
SqlConnection con = new SqlConnection(conStr);
con.Open();
string query = $"update RegularUsers set username=@u, email=@e, password=@p where Id=@i";
SqlCommand cmd = new SqlCommand(query, con);
if (!string.IsNullOrEmpty(usr.picAddress))
{
query = $"update RegularUsers set username=@u, email=@e, password=@p, picaddress=@pa where Id=@i";
cmd = new SqlCommand(query, con);
SqlParameter p4 = new SqlParameter("pa", usr.picAddress);
cmd.Parameters.Add(p4);
}
SqlParameter p1 = new SqlParameter("u", usr.Username);
SqlParameter p2 = new SqlParameter("e", usr.Email);
SqlParameter p3 = new SqlParameter("p", usr.anotherPassword);
SqlParameter p5 = new SqlParameter("i", usr.Id);
cmd.Parameters.Add(p1);
cmd.Parameters.Add(p2);
cmd.Parameters.Add(p3);
cmd.Parameters.Add(p5);
int updatedRows = cmd.ExecuteNonQuery();
if (updatedRows >= 1)
{
con.Close();
return(true);
}
con.Close();
return(false);
}
static public bool AddUser(RegularUser usr) //adds user usr in DB.
{
string conStr = @"Data Source=(localdb)\MSSQLLocalDB;Initial Catalog=DBofBlogApp;Integrated Security=True;Connect Timeout=30;Encrypt=False;TrustServerCertificate=False;ApplicationIntent=ReadWrite;MultiSubnetFailover=False";
SqlConnection con = new SqlConnection(conStr);
con.Open();
string query = $"insert into RegularUsers(username,password,email) values(@u,@p,@e)";
SqlCommand cmd = new SqlCommand(query, con);
if (!string.IsNullOrEmpty(usr.picAddress))
{
query = $"insert into RegularUsers (username,email,password,picaddress) values(@u,@e,@p,@pa)";
cmd = new SqlCommand(query, con);
SqlParameter p4 = new SqlParameter("pa", usr.picAddress);
cmd.Parameters.Add(p4);
}
SqlParameter p1 = new SqlParameter("u", usr.Username);
SqlParameter p2 = new SqlParameter("p", usr.Password);
SqlParameter p3 = new SqlParameter("e", usr.Email);
cmd.Parameters.Add(p1);
cmd.Parameters.Add(p2);
cmd.Parameters.Add(p3);
int insertedRows = cmd.ExecuteNonQuery();
if (insertedRows >= 1)
{
con.Close();
return(true);
}
con.Close();
return(false);
}