protected void registerAccount_OnClick(object sender, EventArgs e)
{
AccountDomain myAccount = new AccountDomain();
myAccount.UserName = registerUserName.Text;
myAccount.Email = registerEmail.Text;
myAccount.Password = registerPassword.Text;
accountDAO.registerAccount(myAccount);
}
public void registerAccount(AccountDomain accountDomain)
{
myConnection = sqlQueryConn.getSqlConnection();
myConnection.Open();
SqlCommand cmd = new SqlCommand("INSERT INTO [account](name, password, email) " +
"values (@name, @password, @email)", myConnection);
cmd.Parameters.Add("@name", SqlDbType.NChar).Value = accountDomain.UserName;
cmd.Parameters.Add("@password", SqlDbType.NChar).Value = accountDomain.Password;
cmd.Parameters.Add("@email", SqlDbType.NChar).Value = accountDomain.Email;
cmd.ExecuteNonQuery();
myConnection.Close();
}
public AccountDomain signIn(string userName, string password)
{
AccountDomain account = new AccountDomain();
string query = "SELECT * FROM [account] WHERE name = '" + userName + "'";
using (myConnection = sqlQueryConn.getSqlConnection())
{
SqlCommand cmd = new SqlCommand(query, myConnection);
myConnection.Open();
SqlDataReader rdr = cmd.ExecuteReader();
while (rdr.Read())
{
account.Email = rdr["email"].ToString();
account.UserName = rdr["name"].ToString();
account.Password = rdr["password"].ToString();
account.AccountNumber = Int32.Parse(rdr["id"].ToString());
}
}
return account;
}
protected void Page_Load(object sender, EventArgs e)
{
accountDomain = (AccountDomain)Cache["accountCache"];
}
