public static void CreateCustomer()
{
SqlConnection con = MarinaDB.GetConnection(Environment.MachineName);
string insertStatement = "INSERT INTO Customer(firstName,lastName,city,phone,email) VALUES (@firstName, @lastName, @city, @phone, @email)";
SqlCommand cmd = new SqlCommand(insertStatement, con);
cmd.Parameters.AddWithValue("@firstName", HttpContext.Current.Session["firstName"].ToString());
cmd.Parameters.AddWithValue("@lastName", HttpContext.Current.Session["lastName"].ToString());
cmd.Parameters.AddWithValue("@city", HttpContext.Current.Session["city"].ToString());
cmd.Parameters.AddWithValue("@phone", HttpContext.Current.Session["phone"].ToString());
cmd.Parameters.AddWithValue("@email", HttpContext.Current.Session["email"].ToString());
try
{
con.Open();
cmd.ExecuteNonQuery();
}
catch (SqlException ex)
{
throw ex;
}
finally
{
con.Close();
}
}
/// <summary>
/// Function to retrieve customer details from the database
/// </summary>
/// <param name="email"> email used for logging in</param>
/// <returns></returns>
public static Customer GetCustomer(string email)
{
SqlConnection con = MarinaDB.GetConnection(Environment.MachineName);
string selectQuery = "SELECT id, firstName, lastName FROM Customer WHERE Email = @email";
Customer cust = null;
using (SqlCommand cmd = new SqlCommand(selectQuery, con)) //initialize sqlcommand
{
cmd.Parameters.AddWithValue("@email", email); //data bind email id
con.Open(); //open connection
using (SqlDataReader reader = cmd.ExecuteReader()) //initialize reader
{
if (reader.Read()) //if there is data to be read
{
cust = new Customer(); //create customer object
cust.CustomerID = (int)reader["ID"]; //get the customer id
cust.FirstName = reader["firstname"].ToString(); //get the first name
cust.LastName = reader["lastname"].ToString(); //get the last name
}
}
}
return(cust);
}
