public DataTable getDataTable(UserDangNhap user, string sqlDangNhap) { SqlConnection conn = getConnection(); conn.Open(); SqlCommand cmd = new SqlCommand(sqlDangNhap, conn); cmd.Parameters.AddWithValue("username", user.Username); cmd.Parameters.AddWithValue("pass", user.Password); SqlDataAdapter da = new SqlDataAdapter(cmd); DataTable dt = new DataTable(); da.Fill(dt); conn.Close(); return(dt); }
public string dangNhap(string username, string password) { string quyen = null; string sqlDangNhap = "SELECT * FROM tbuser WHERE Username = @username COLLATE SQL_Latin1_General_CP1_CS_AS AND Pass = @pass COLLATE SQL_Latin1_General_CP1_CS_AS "; UserDangNhap user = new UserDangNhap(); user.Password = password; user.Username = username; DataProvider dp = new DataProvider(); DataTable dt = dp.getDataTable(user, sqlDangNhap); if (dt.Rows.Count > 0) { foreach (DataRow row in dt.Rows) { quyen = row["Quyen"].ToString(); } } return(quyen); }
public Boolean update(UserDangNhap user) { SqlConnection conn = getConnection(); conn.Open(); try { string sqlDangnhap = "UPDATE tbuser Set Pass = @pass Where Username = @username"; SqlCommand cmd = new SqlCommand(sqlDangnhap, conn); cmd.Parameters.AddWithValue("username", user.Username); cmd.Parameters.AddWithValue("pass", user.Password); cmd.ExecuteNonQuery(); } catch (Exception) { return(false); } finally { conn.Close(); } return(true); }