public bool activateUser(UserActivation userActivation)
{
UserActivationAccess userActivationAccess = new UserActivationAccess();
bool status = userActivationAccess.setActivated(userActivation);
return(status);
}
public bool addUser(User user)
{
bool status = false;
try
{
DBConnection.conn.Open();
string salt = PasswordGenerator.generateSalt();
string hashPassword = PasswordGenerator.generateHash(user.Password + salt);
string query = "INSERT INTO dbo.tblUser (FirstName,LastName,Email,PhoneNumber,Password,Address,IsAdmin, Active, Salt) "
+ " VALUES (@FirstName,@LastName,@Email,@PhoneNumber,@Password,@Address,@IsAdmin, @Active, @Salt) ";
SqlCommand cmd = new SqlCommand(query, DBConnection.conn);
cmd.Parameters.AddWithValue("@FirstName", user.FirstName);
cmd.Parameters.AddWithValue("@LastName", user.LastName);
cmd.Parameters.AddWithValue("@Email", user.Email);
cmd.Parameters.AddWithValue("@PhoneNumber", user.Phone);
cmd.Parameters.AddWithValue("@Password", hashPassword);
cmd.Parameters.AddWithValue("@Address", user.Address);
cmd.Parameters.AddWithValue("@IsAdmin", user.IsAdmin?1:0);
cmd.Parameters.AddWithValue("@Active", user.IsActive ? 1 : 0);
cmd.Parameters.AddWithValue("@Salt", salt);
int result = cmd.ExecuteNonQuery();
if (result > 0)
{
UserActivation userActivation = new UserActivation();
userActivation.Email = user.Email;
UserActivationAccess userActivationAccess = new UserActivationAccess();
status = userActivationAccess.addUserActivation(userActivation);
}
}
catch (SqlException e)
{
ExceptionUtility.LogException(e, "Error Page");
}
finally
{
if (DBConnection.conn != null)
{
DBConnection.conn.Close();
}
}
return(status);
}
