/* Add Methods */ public String addCustomer(Customer add, String password) { // TODO: change to bool string checkIfExsites = "Select * FROM users WHERE person_id = '" + add.getIdNumber() + "' ;"; MySqlCommand cmdCheck = new MySqlCommand(checkIfExsites, this.connection); MySqlDataReader dataReader = cmdCheck.ExecuteReader(); int count = 0; while (dataReader.Read()) { count++; } dataReader.Close(); if (count > 0) { return "ID allready in use"; } string query = "INSERT INTO cilent (F_Name, L_Name, ClientIDNum, phone_number, Address, DateJoind, Md_LastDate, eMail, program, person_id, password, Premission) VALUES('" + add.getNameFirst() + "', '" + add.getNameLast() + "' , '" + add.getIdNumber() + "', '" + add.getPhoneNumber() + "','" + add.getHomeAddress() + "','" + add.getDateJoined() + "','" + add.getMedicalClearanceExpiration() + "','" + add.getEmailAddress() + "', '1','" + add.getIdNumber() + "', md5('" + password + "'), 0);"; MySqlCommand cmd = new MySqlCommand(query, this.connection); try { cmd.ExecuteNonQuery(); } catch (MySqlException ex) { if (ex.Message.Contains("Duplicate")) { if (ex.Message.Contains("PhoneNumber")) { return "Phone Number"; } else if (ex.Message.Contains("eMail")) { return "Email"; } } else System.Windows.Forms.MessageBox.Show("Unknow error"); } long customerDbId = cmd.LastInsertedId; string query2 = "INSERT INTO users (person_id, password, type) VALUES('" + add.getIdNumber() + "', md5('" + password + "'), 'customer');"; MySqlCommand cmd2 = new MySqlCommand(query2, this.connection); cmd2.ExecuteNonQuery(); string query3 = "INSERT INTO client_program (program_id, client_id) VALUES('1', '" + customerDbId + "');"; MySqlCommand cmd3 = new MySqlCommand(query3, this.connection); cmd3.ExecuteNonQuery(); return "OK"; }