public void CheckLogin()
{
Status = sql.Scalar(@"SELECT COUNT (*)
FROM Users
WHERE login = '******' AND passw = '" + sql.AddSlashes(Passw) +
"' AND status > 0");
}
public void Add()
{
if ((Email ?? "").IndexOf('@') == -1)
{
Error = "Incorrect Email";
return;
}
long insertedId = sql.Insert(@"INSERT INTO Stories (title, story, email, post_date)
VALUES (N'" + sql.AddSlashes(Title) +
"', N'" + sql.AddSlashes(Story) +
"', '" + sql.AddSlashes(Email) +
"', GETDATE()); SELECT SCOPE_IDENTITY()");
if (insertedId == -1)
{
Error = "Could not insert record to database";
return;
}
Id = insertedId.ToString();
}
