public void insert(UserObject userObj, string connectionString)
        {
            try
            {
                conn = DBUtility.createConnection(connectionString);
                SqlCommand cmdIns = DBUtility.PrepareSPCommand("sp_InsertCompany", insertParameters(userObj), conn);

                cmdIns.ExecuteNonQuery();

                //    cmdIns.Parameters.Clear();
                //    cmdIns.CommandText = "SELECT @@IDENTITY";

                //    // Get the last inserted id.
                //    int insertID = Convert.ToInt32(cmdIns.ExecuteScalar());

                cmdIns.Dispose();
                DBUtility.Close(conn);
                conn.Dispose();

            }
            catch (Exception ex)
            {
                throw new Exception(ex.ToString(), ex);
            }
            finally
            {
                DBUtility.Close(conn);
                conn.Dispose();
            }
        }
        public InvoiceObject getInvoiceInfo(int invoice_Number, string connectionString, UserObject user)
        {
            DataTable results = new DataTable();

            try
            {
                conn = DBUtility.createConnection(connectionString);
                SqlCommand cmdIns = DBUtility.PrepareReadCommand("GetAnInvoice", conn);
                cmdIns.Parameters.Add( new SqlParameter("@Invoice_Number", invoice_Number));

                using (conn)
                using (cmdIns)
                using (SqlDataAdapter dataAdapter = new SqlDataAdapter(cmdIns))
                {
                    dataAdapter.Fill(results);
                }

                var invoice = populateInvoice(results.Rows[0], connectionString, user);

                cmdIns.Dispose();
                DBUtility.Close(conn);
                conn.Dispose();
                return invoice;
            }
            catch (Exception ex)
            {
                throw new Exception(ex.ToString(), ex);
            }
            finally
            {
                DBUtility.Close(conn);
                conn.Dispose();

            }
        }
        public UserObject login(UserObject userObj, string connectionString)
        {
            DataTable results = new DataTable();
            UserObject user = new UserObject();
            try
            {
                conn = DBUtility.createConnection(connectionString);
                SqlCommand cmdIns = DBUtility.PrepareSPCommand("sp_UserLogin", loginParameters(userObj), conn);

                using (conn)
                using (cmdIns)
                using (SqlDataAdapter dataAdapter = new SqlDataAdapter(cmdIns))
                {
                    dataAdapter.Fill(results);
                }

                foreach (DataRow row in results.Rows)
                {
                    user.Account_Name = DBUtility.readDBString(row,"account_name");
                    user.Account_Password = DBUtility.readDBString(row,"account_password");
                    user.First_Name = DBUtility.readDBString(row,"first_name");
                    user.Surname = DBUtility.readDBString(row, "surname");
                    user.Account_Type = DBUtility.readDBString(row, "account_type");
                    user.Disable = Convert.ToInt32(row["Disable"]);
                    user.Email = DBUtility.readDBString(row, "email");

                }
                cmdIns.Dispose();
                DBUtility.Close(conn);
                conn.Dispose();
                return user;
            }
            catch (Exception ex)
            {
                throw new Exception(ex.ToString(), ex);
            }
            finally
            {
                DBUtility.Close(conn);
                conn.Dispose();

            }
        }
        protected void btnLogin_ServerClick(object sender, EventArgs e)
        {
            UserObject userLogin = new UserObject();

            userLogin.Account_Name = username.Value;
            userLogin.Account_Password = password.Value;

            ManageUsers manageUsers = new ManageUsers();

            UserObject userCheckObject = manageUsers.login(userLogin, ConfigurationManager.ConnectionStrings["MVSSqlDev2008ConnectionString"].ConnectionString);

            if (userCheckObject != null && userCheckObject.Account_Name != null)
            {
               Session.Add("CurrentUser", userCheckObject);
               Response.Redirect("~/Default.aspx");
            }
            else
            {
                Response.Write("Invalid User");
            }
        }
        internal List<SqlParameter> insertParameters(UserObject userObj)
        {
            List<SqlParameter> insertParamsArray = new List<SqlParameter>();

            insertParamsArray.Add(new SqlParameter("@account_name", userObj.Account_Name ));
            insertParamsArray.Add(new SqlParameter("@account_password", userObj.Account_Password ));
            insertParamsArray.Add(new SqlParameter("@first_name", userObj.First_Name));
            insertParamsArray.Add(new SqlParameter("@surname", userObj.Surname));
            insertParamsArray.Add(new SqlParameter("@account_type", userObj.Account_Type ));
            insertParamsArray.Add(new SqlParameter("@disable", userObj.Disable));
            insertParamsArray.Add(new SqlParameter("@email", userObj.Email));

            return insertParamsArray;
        }
        internal List<SqlParameter> loginParameters(UserObject userObj)
        {
            List<SqlParameter> loginParamsArray = new List<SqlParameter>();

            loginParamsArray.Add(new SqlParameter("@Username", userObj.Account_Name));
            loginParamsArray.Add(new SqlParameter("@Password", userObj.Account_Password));

            return loginParamsArray;
        }
        private InvoiceObject populateInvoice(DataRow dataRow, string connectionString, UserObject userObject)
        {
            InvoiceObject invoice = new InvoiceObject();

            if (dataRow != null)
            {
                int companyID = DBUtility.readDBInt(dataRow, "Company_ID");
                int customer_code = DBUtility.readDBInt(dataRow, "Customer_Code");
                invoice.CompanyInfo = new ManageCompany().getACompanyObject(connectionString, companyID);
                invoice.Customer = new ManageCustomer().getCustomerObject(connectionString, customer_code);
                invoice.Discount = DBUtility.readDBInt(dataRow, "Discount");
                invoice.DueDate = DBUtility.readDBDate(dataRow, "Due_Date");
                invoice.GrandTotal = DBUtility.readDBDecimal(dataRow, "GrandTotal");
                invoice.InvoiceDate = DBUtility.readDBDate(dataRow, "Invoice_Date");
                invoice.InvoiceNumber = DBUtility.readDBInt(dataRow, "Invoice_Number");
                invoice.InvoiceStatus = (MVS_Enum.CommonEnums.InvoiceStatus)Enum.Parse(typeof(MVS_Enum.CommonEnums.InvoiceStatus), DBUtility.readDBString(dataRow, "Status"));
                invoice.SubTotal = DBUtility.readDBDecimal(dataRow, "SubTotal");
                invoice.User = userObject;
            }

            return invoice;
        }