public bool login(string pEmail, string pPassword)
{
bool success;
SqlDataReader reader = null;
string sql = "SELECT userID, firstName, lastName, address, city, state, zipcode FROM Users WHERE email='" + pEmail + "' AND password='******'";
SQLfunctions sf = new SQLfunctions();
reader = sf.selectSQL(sql);
success = reader.HasRows;
if (success)
{
UserInfo user = new UserInfo();
while (reader.Read())
{
user.userID = reader.GetInt32(0);
user.firstName = reader["firstName"].ToString();
user.lastName = reader["lastName"].ToString();
user.address = reader["address"].ToString();
user.city = reader["city"].ToString();
user.state = reader["state"].ToString();
user.zipcode = reader["zipcode"].ToString();
}
HttpContext.Current.Session.Add("pl_user", user);
}
return(success);
}
public bool emailExists(string pEmail)
{
SqlDataReader reader = null;
string sql = "SELECT 1 FROM Users WHERE email='" + pEmail + "'";
SQLfunctions sf = new SQLfunctions();
reader = sf.selectSQL(sql);
return(reader.HasRows);
}
public void selectLoan(int loanID)
{
string sql = "SELECT userID, b_email, b_firstName, b_lastName, loanDate, amount, rate, term, loanNumber "
+ "FROM Loan WHERE loanID=" + loanID.ToString();
SQLfunctions sf = new SQLfunctions();
SqlDataReader reader = sf.selectSQL(sql);
while (reader.Read())
{
userID = int.Parse(reader["userID"].ToString());
b_Email = reader["b_email"].ToString();
b_firstName = reader["b_firstName"].ToString();
b_lastName = reader["b_lastName"].ToString();
loanDate = DateTime.Parse(reader["loanDate"].ToString());
amount = double.Parse(reader["amount"].ToString());
rate = double.Parse(reader["rate"].ToString());
term = int.Parse(reader["term"].ToString());
loanNumber = reader["loanNumber"].ToString();
//grade;
//active;
}
}