public static Employee InsertEmployee(string login, string password )
{
Employee employee = new Employee();
employee.Login = login;
employee.PasswordSalt = CreateSalt(5);
employee.PasswordHash = CreatePasswordHash(password, employee.PasswordSalt);
employee.Active = true;
employee.CreationDate = DateTime.Now;
employee.LastActivityDate = DateTime.Now;
employee.LastLoginDate = DateTime.MinValue;
return EmployeeDB.InsertEmployee(employee);
}
public static Employee InsertEmployee(Employee employee)
{
string sqlQuery = "INSERT INTO EMPLOYEE(TerritoryID,AddressID,ManagerID,ContactID,Login,PasswordHash,PasswordSalt,Active,CreationDate,LastLoginDate,LastActivityDate) " +
" VALUES(@TerritoryID,@AddressID,@ManagerID,@ContactID,@Login,@PasswordHash,@PasswordSalt,@Active,@CreationDate,@LastLoginDate,@LastActivityDate);SELECT @@Identity";
Database db = new SqlDatabase(DBHelper.GetConnectionString());
DbCommand dbCommand = db.GetSqlStringCommand(sqlQuery);
db.AddInParameter(dbCommand, "TerritoryID", DbType.Int32, employee.TerritoryID);
db.AddInParameter(dbCommand, "AddressID", DbType.Int32, employee.AddressID);
db.AddInParameter(dbCommand, "ManagerID", DbType.Int32, employee.ManagerID);
db.AddInParameter(dbCommand, "ContactID", DbType.Int32, employee.ContactID);
db.AddInParameter(dbCommand, "Login", DbType.String, employee.Login);
db.AddInParameter(dbCommand, "PasswordHash", DbType.String, employee.PasswordHash);
db.AddInParameter(dbCommand, "PasswordSalt", DbType.String, employee.PasswordSalt);
db.AddInParameter(dbCommand, "Active", DbType.Boolean, true);
db.AddInParameter(dbCommand, "CreationDate", DbType.DateTime, employee.CreationDate);
db.AddInParameter(dbCommand, "LastLoginDate", DbType.DateTime, employee.LastLoginDate);
db.AddInParameter(dbCommand, "LastActivityDate", DbType.DateTime, employee.LastActivityDate);
employee.EmployeeID = Convert.ToInt32(db.ExecuteScalar(dbCommand));
return employee;
}
private static Employee GetEmployeeFromReader(IDataReader dataReader)
{
Employee employee = new Employee();
employee.EmployeeID = DBHelper.GetInt(dataReader, "EmployeeID");
employee.TerritoryID = DBHelper.GetNullableInt(dataReader, "TerritoryID");
employee.AddressID = DBHelper.GetNullableInt(dataReader, "AddressID");
employee.ManagerID = DBHelper.GetNullableInt(dataReader, "ManagerID");
employee.ContactID = DBHelper.GetNullableInt(dataReader, "ContactID");
employee.Login = DBHelper.GetString(dataReader, "Login");
employee.PasswordHash = DBHelper.GetString(dataReader, "PasswordHash");
employee.PasswordSalt = DBHelper.GetString(dataReader, "PasswordSalt");
employee.Active = DBHelper.GetBoolean(dataReader, "Active");
employee.LastActivityDate = DBHelper.GetDateTime(dataReader, "LastActivityDate");
employee.LastLoginDate = DBHelper.GetDateTime(dataReader, "LastLoginDate");
employee.CreationDate = DBHelper.GetDateTime(dataReader, "CreationDate");
return employee;
}
public static void UpdateEmployee(Employee employee)
{
string sqlQuery = "UPDATE EMPLOYEE SET TerritoryID=@TerritoryID, AddressID=@AddressID, ManagerID=@ManagerID, ContactID=@ContactID,Login=@Login,PasswordHash=@PasswordHash,PasswordSalt=@PasswordSalt,Active=@Active, CreationDate=@CreationDate, LastLoginDate=@LastLoginDate, LastActivityDate=@LastActivityDate WHERE EmployeeID=" + employee.EmployeeID;
Database db = new SqlDatabase(DBHelper.GetConnectionString());
DbCommand dbCommand = db.GetSqlStringCommand(sqlQuery);
db.AddInParameter(dbCommand, "TerritoryID", DbType.Int32, employee.TerritoryID);
db.AddInParameter(dbCommand, "AddressID", DbType.Int32, employee.AddressID);
db.AddInParameter(dbCommand, "ManagerID", DbType.Int32, employee.ManagerID);
db.AddInParameter(dbCommand, "ContactID", DbType.Int32, employee.ContactID);
db.AddInParameter(dbCommand, "Login", DbType.String, employee.Login);
db.AddInParameter(dbCommand, "PasswordHash", DbType.String, employee.PasswordHash);
db.AddInParameter(dbCommand, "PasswordSalt", DbType.String, employee.PasswordSalt);
db.AddInParameter(dbCommand, "Active", DbType.Boolean, true);
db.AddInParameter(dbCommand, "CreationDate", DbType.DateTime, employee.CreationDate);
db.AddInParameter(dbCommand, "LastLoginDate", DbType.DateTime, employee.LastLoginDate);
db.AddInParameter(dbCommand, "LastActivityDate", DbType.DateTime, employee.LastActivityDate);
db.ExecuteNonQuery(dbCommand);
}
public static void UpdateEmployee(Employee employee)
{
EmployeeDB.UpdateEmployee(employee);
}