public bool insertStudent(int Id, string fname, string lname, DateTime bdate, string gender, string phone, string address, MemoryStream picture)
{
SqlCommand command = new SqlCommand("INSERT INTO std (id, fname, lname, bdate, gender, phone, address, picture)"
+ " VALUES (@id, @fn, @ln, @bdt, @gdr, @phn, @adrs, @pic)", mydb.getConnection);
command.Parameters.Add("@id", SqlDbType.Int).Value = Id;
command.Parameters.Add("@fn", SqlDbType.VarChar).Value = fname;
command.Parameters.Add("@ln", SqlDbType.VarChar).Value = lname;
command.Parameters.Add("@bdt", SqlDbType.DateTime).Value = bdate;
command.Parameters.Add("@gdr", SqlDbType.VarChar).Value = gender;
command.Parameters.Add("@phn", SqlDbType.VarChar).Value = phone;
command.Parameters.Add("@adrs", SqlDbType.VarChar).Value = address;
command.Parameters.Add("@pic", SqlDbType.Image).Value = picture.ToArray();
mydb.openConnection();
try
{
if ((command.ExecuteNonQuery() == 1))
{
mydb.closeConnection();
return(true);
}
else
{
mydb.closeConnection();
return(false);
}
}
catch
{
return(false);
}
}
private void buttonRegister_Click(object sender, EventArgs e)
{
bool usernameCheck = false, passwordCheck = false;
bool passwordTyped = false, passwordConfirmed = false;
username = textBoxUsername.Text;
password = textBoxPassword.Text;
passwordConfirm = textBoxConfirmPassword.Text;
if (username == "")
{
labelErrorUsername.Visible = true;
labelErrorUsername.Text = ("Please enter valid username");
usernameCheck = false;
}
else
{
if (student.existUsername(username))
{
labelErrorUsername.Text = ("Existed Username");
usernameCheck = false;
}
else
{
usernameCheck = true;
labelErrorUsername.Text = string.Empty;
}
}
if (password == "")
{
labelErrorPassword.Text = ("Please Enter Password");
passwordCheck = false;
passwordTyped = false;
}
else
{
labelErrorPassword.Text = string.Empty;
passwordTyped = true;
}
if (passwordConfirm == "")
{
labelErrorPasswordConfirm.Visible = true;
labelErrorPasswordConfirm.Text = ("Please Confirm Your Password");
passwordCheck = false;
passwordConfirmed = false;
}
else
{
labelErrorPasswordConfirm.Text = string.Empty;
passwordConfirmed = true;
}
if (password == passwordConfirm && password.Length != 0 && passwordConfirm.Length != 0)
{
passwordCheck = true;
}
else
{
if (passwordTyped && passwordConfirmed)
{
labelErrorPasswordConfirm.Visible = true;
labelErrorPasswordConfirm.Text = ("Passwords are not the same");
passwordCheck = false;
}
}
if (passwordCheck == true && usernameCheck == true)
{
labelErrorPassword.Text = string.Empty;
SqlCommand command = new SqlCommand("INSERT INTO login (id, username, password)"
+ " VALUES ((SELECT MAX(id) FROM login) + 1, @username, @password)", myDB.getConnection);
command.Parameters.Add("@username", SqlDbType.VarChar).Value = username;
command.Parameters.Add("@password", SqlDbType.VarChar).Value = password;
myDB.openConnection();
try
{
if ((command.ExecuteNonQuery() == 1))
{
myDB.closeConnection();
}
else
{
myDB.closeConnection();
}
}
catch
{
}
this.Close();
}
}
