public void CreateAccount(string user, string password, ref AccountInfo accountInfo)
{
Execute(
string.Format("INSERT INTO account (userid, ugradeid, pgradeid, name, password) VALUES ('{0}', 0, 0, 'Bob', '{1}')",
user, password));
GetAccount(user, password, ref accountInfo);
}
public void CreateAccount(string user, string password, ref AccountInfo accountInfo)
{
Execute(
string.Format("INSERT INTO Account (UserID, UGradeID, PGradeID, Name, RegDate) VALUES ('{0}', 0, 0, 'Bob', GetDate())",
user));
var aid = GetIdentity(string.Format("select @@identity"));
Execute(string.Format("INSERT INTO Login(UserId, Password, AID) VALUES ('{0}', '{1}', {2})", user, password,
aid));
GetAccount(user, password, ref accountInfo);
}
public void GetAccount(string szUser, string szPassword, ref AccountInfo accountInfo)
{
if (accountInfo == null)
accountInfo = new AccountInfo();
lock (_sqlConnection)
{
using (var command = new MySqlCommand("SELECT aid,ugradeid,pgradeid from account WHERE userid=@user AND password=@pass", _sqlConnection))
{
command.Parameters.AddWithValue("@user", szUser);
command.Parameters.AddWithValue("@pass", szPassword);
using (var reader = command.ExecuteReader())
{
if (reader == null || !reader.Read())
{
accountInfo.UserId = "INVALID";
accountInfo.Access = UGradeId.Guest;
accountInfo.Premium = 0;
return;
}
accountInfo.AccountId = Convert.ToInt32(reader["AID"]);
accountInfo.Access = (UGradeId)Convert.ToByte(reader["UGradeID"]);
accountInfo.Premium = (PGradeId)Convert.ToByte(reader["PGradeID"]);
accountInfo.UserId = szUser;
}
}
}
}
