public bool changePwdMember()
{
string query = "UPDATE [dbo].[member] SET [pass] = @pass WHERE username = @us";
SqlParameter[] paras =
{
new SqlParameter("@us", this.Username),
new SqlParameter("@pass", SqlDbType.VarChar, 255)
{
Value = StringProc.MD5Hash(this.Pass)
},
};
return(DataProvider.executeNonQuery(query, paras));
}
public bool addMember()
{
string sQuery = "INSERT INTO [dbo].[member] ([username] ,[pass] ,[name] ,[phone] ,[role] ,[status] ,[email],[xoa]) VALUES(@us,@pass,@name,@phone,@role,@stt,@email,@xoa)";
SqlParameter[] paras = new SqlParameter[8] {
new SqlParameter("@us", SqlDbType.VarChar, 50)
{
Value = this.Username
},
new SqlParameter("@pass", SqlDbType.VarChar, 50)
{
Value = StringProc.MD5Hash(this.Pass)
},
new SqlParameter("@name", SqlDbType.NVarChar, 50)
{
Value = this.Name
},
new SqlParameter("@phone", SqlDbType.VarChar, 50)
{
Value = this.Phone
},
new SqlParameter("@role", SqlDbType.Int)
{
Value = this.Role
},
new SqlParameter("@stt", SqlDbType.Int)
{
Value = this.Status
},
new SqlParameter("@email", SqlDbType.VarChar, 50)
{
Value = this.Email
},
new SqlParameter("@xoa", SqlDbType.Bit, 1)
{
Value = this.Xoa
},
};
return(DataProvider.executeNonQuery(sQuery, paras));
}