public void Deactivate(string Username)
{
sql.Execute("update user set "
+ Person.cAktiviert + " = 'False'"
+ " where "
+ Person.cNickname + " = '" + SQLAccess.EscapeStr(Username) + "';");
}
public Person GetUser(string user, string password)
{
DataTable tbl = sql.Query("select * from user where "
+ Person.cNickname + "= '"
+ SQLAccess.EscapeStr(user)
+ "' and " + Person.cKennwort + " = '"
+ SQLAccess.EscapeStr(password) + "';");
if (tbl.Rows.Count == 0)
{
return(null);
}
return(new Person(tbl.Rows[0]));
}
public void AddUser(Person person)
{
try {
sql.Execute("insert into user values ('"
+ person.UID.ToString() + "', '"
+ SQLAccess.EscapeStr(person.Name) + "', '"
+ SQLAccess.EscapeStr(person.Vorname) + "', '"
+ SQLAccess.EscapeStr(person.Telefon) + "', '"
+ SQLAccess.EscapeStr(person.Email) + "', '"
+ SQLAccess.EscapeStr(person.Nickname) + "', '"
+ SQLAccess.EscapeStr(person.Kennwort) + "', '"
+ (person.Admin ? "True" : "False") + "', '"
+ (person.Aktiviert ? "True" : "False") + "');");
} catch (Exception e) {
throw e;
}
}
public void Update(Person person)
{
sql.Execute("update user set "
+ Person.cName + " = '" + SQLAccess.EscapeStr(person.Name) + "'"
+ ", "
+ Person.cVorname + " = '" + SQLAccess.EscapeStr(person.Vorname) + "'"
+ ", "
+ Person.cTelefon + " = '" + SQLAccess.EscapeStr(person.Telefon) + "'"
+ ", "
+ Person.cEmail + " = '" + SQLAccess.EscapeStr(person.Email) + "'"
+ ", "
+ Person.cNickname + " = '" + SQLAccess.EscapeStr(person.Nickname) + "'"
+ ", "
+ Person.cKennwort + " = '" + SQLAccess.EscapeStr(person.Kennwort) + "'"
+ ", "
+ Person.cAdmin + " = '" + (person.Admin ? "True" : "False") + "'"
+ ", "
+ Person.cAktiviert + " = '" + (person.Aktiviert ? "True" : "False") + "'"
+ "where " + Person.cUID + " = " + person.UID.ToString() + ";");
}
