/// <summary>
/// Get user by name from the database
/// </summary>
/// <param name="username"></param>
/// <returns></returns>
public static User GetUserById(int userId)
{
User user = new User();
OracleCommand cmd = new OracleCommand("admin.GetUserByID", App.con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("userID", userId);
OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor);
cmd.Parameters.Add(user_par).Direction = System.Data.ParameterDirection.Output;
var dt = cmd.ExecuteReader();
while (dt.Read())
{
user = new User()
{
ID = Convert.ToInt32(dt["ID"]),
Login = dt["Login"].ToString(),
Password = dt["Password"].ToString(),
//DoctorID = dt["DoctorID"].ToString() == "" ? 0 : int.Parse(dt["DoctorID"].ToString()),
//PatientID = dt["PatientID"].ToString() == "" ? 0 : int.Parse(dt["PatientID"].ToString()),
RoleID = Convert.ToInt32(dt["RoleID"])
};
if (user.RoleID == 2)
{
user.Doctor = DoctorDataAccess.GetDoctorById(Convert.ToInt32(dt["DoctorID"].ToString()));
}
else if (user.RoleID == 3)
{
user.Patient = PatientsDataAccess.GetPatientById(Convert.ToInt32(dt["PatientID"].ToString()));
}
}
return(user);
}
public static void InsertUser(User user)
{
OracleCommand cmd = new OracleCommand("Register", App.con);
cmd.CommandType = CommandType.StoredProcedure;
OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor);
cmd.Parameters.Add("username", user.Login);
cmd.Parameters.Add("userpassword", user.Password);
if (user.Doctor == null)
{
cmd.Parameters.Add("doctor", "");
}
else
{
cmd.Parameters.Add("doctor", (DoctorDataAccess.GetDoctorByName(user.Doctor.Name)).Id);
}
if (user.Patient == null)
{
cmd.Parameters.Add("patient", "");
}
else
{
cmd.Parameters.Add("patient", (PatientsDataAccess.GetPatientByName(user.Patient.Name)).Id);
}
cmd.Parameters.Add("role", user.RoleID);
int res = cmd.ExecuteNonQuery();
}
public static Visit GetVisitByID(int visitid)
{
OracleCommand cmd = new OracleCommand("admin.GetVisitByID", App.con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("did", visitid);
OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor);
cmd.Parameters.Add(user_par).Direction = System.Data.ParameterDirection.Output;
var dt = cmd.ExecuteReader();
if (dt.Read())
{
Visit visit = new Visit();
visit.DateTime = Convert.ToDateTime(dt[3].ToString());
visit.Room = new Room(dt[9].ToString(), null);
visit.ID = Convert.ToInt32(dt[0]);
visit.Symthoms = dt[5].ToString();
visit.Diagnosis = dt[6].ToString();
visit.Prescription = dt[7].ToString();
visit.Notes = dt[8].ToString();
visit.Patient = PatientsDataAccess.GetPatientByName(dt[2].ToString());
visit.Doctor = DoctorDataAccess.GetDoctorByName(dt[1].ToString());
if (dt[10].ToString() != "")
{
visit.file = (byte[])dt[10];
}
return(visit);
}
else
{
return(null);
}
}
public static void DeleteUserByDoctorId(int doctorId)
{
OracleCommand cmd = new OracleCommand("DeleteUserByDoctorId", App.con);
cmd.CommandType = CommandType.StoredProcedure;
//OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor);
cmd.Parameters.Add("did", doctorId);
var dt = cmd.ExecuteReader();
DoctorDataAccess.DeleteDoctorById(doctorId);
}
/// <summary>
/// Validates login details
/// </summary>
/// <param name="username">Username of the user to log in</param>
/// <param name="password">Password of the user to logi in</param>
/// <returns></returns>
public static bool IsValidLoginData(string username, string password)
{
if (App.con.State == ConnectionState.Closed)
{
App.con.Open();
}
User user = null;
OracleCommand cmd = new OracleCommand("admin.Login", App.con);
cmd.CommandType = CommandType.StoredProcedure;
OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor);
cmd.Parameters.Add("username", username);
cmd.Parameters.Add("userpassword", password);
cmd.Parameters.Add(user_par).Direction = System.Data.ParameterDirection.Output;
//int result = Convert.ToInt32(cmd.ExecuteScalar());
var dt = cmd.ExecuteReader();
//MessageBox.Show(dt.Depth.ToString());
while (dt.Read())
{
user = new User()
{
ID = Convert.ToInt32(dt["ID"]),
Login = dt["Login"].ToString(),
Password = dt["Password"].ToString(),
//DoctorID = dt["DoctorID"].ToString() == "" ? 0 : int.Parse(dt["DoctorID"].ToString()),
//PatientID = dt["PatientID"].ToString() == "" ? 0 : int.Parse(dt["PatientID"].ToString()),
RoleID = Convert.ToInt32(dt["RoleID"])
};
if (user.RoleID == 2)
{
user.Doctor = DoctorDataAccess.GetDoctorById(Convert.ToInt32(dt["DoctorID"].ToString()));
}
else if (user.RoleID == 3)
{
user.Patient = PatientsDataAccess.GetPatientById(Convert.ToInt32(dt["PatientID"].ToString()));
}
}
if (user != null)
{
return(true);
}
else
{
return(false);
}
}
