public void DeletePartFromCart(int iUserID, int iPartID)
        {
            ExceptionHandling e = new ExceptionHandling();

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                //establish the connection
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    // create command
                    using (SqlCommand command = new SqlCommand("SP_DELETE_PART_FROM_CART", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();

                        command.Parameters.AddWithValue("@parmUserID", SqlDbType.Int).Value = iUserID;
                        command.Parameters.AddWithValue("@parmPartID", SqlDbType.Int).Value = iPartID;

                        command.ExecuteNonQuery();
                    }

                    conn.Close();
                }
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }
        }
Esempio n. 2
0
        public List <Part> SelectPart(Part iPart)
        {
            List <Part> partList = new List <Part>();

            ExceptionHandling e = new ExceptionHandling();

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_SELECT_PART", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();

                        using (SqlDataReader reader = command.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                Part p = new Part();
                                p.PartID          = (int)reader["PartID"];
                                p.DirtBikeIDFK    = (int)reader["DirtBikeIDFK"];
                                p.PartName        = reader["PartName"].ToString();
                                p.Picture         = reader["Picture"].ToString();
                                p.Price           = (decimal)reader["Price"];
                                p.PartDescription = reader["PartDescription"].ToString();
                                p.BrandIDFK       = (int)reader["BrandIDFK"];
                                p.BrandName       = reader["BrandName"].ToString();
                                p.CategoryIDFK    = (int)reader["CategoryIDFK"];

                                partList.Add(p);
                            }
                        }
                        command.ExecuteNonQuery();
                    }
                    conn.Close();
                }
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }
            return(partList);
        }
Esempio n. 3
0
        public List <Part> GetPartsInCart(int iUserID)
        {
            List <Part> listPartsInCart = new List <Part>();

            ExceptionHandling e = new ExceptionHandling();

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_SELECT_USERS_CART", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();

                        command.Parameters.AddWithValue("@parmUserID", SqlDbType.VarChar).Value = iUserID;

                        using (SqlDataReader reader = command.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                Part p = new Part();

                                p.PartID       = (int)reader["PartIDFK"];
                                p.Price        = (decimal)reader["PartPrice"];
                                p.PartName     = reader["PartName"].ToString();
                                p.BrandName    = reader["PartBrand"].ToString();
                                p.Picture      = reader["Picture"].ToString();
                                p.PartQuantity = (int)reader["Quantity"];

                                listPartsInCart.Add(p);
                            }
                        }
                    }
                    conn.Close();
                }
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }
            return(listPartsInCart);
        }
Esempio n. 4
0
        public bool AddPart(Part iPart)
        {
            bool result = false;

            ExceptionHandling e = new ExceptionHandling();

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                //establish the connection
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    // create command
                    using (SqlCommand command = new SqlCommand("SP_INSERT_PART", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();


                        command.Parameters.AddWithValue("@parmDirtBikeIDFK", SqlDbType.Int).Value        = iPart.DirtBikeIDFK;
                        command.Parameters.AddWithValue("@parmPartName", SqlDbType.VarChar).Value        = iPart.PartName;
                        command.Parameters.AddWithValue("@parmPicture", SqlDbType.VarChar).Value         = iPart.Picture;
                        command.Parameters.AddWithValue("@parmPrice", SqlDbType.Decimal).Value           = iPart.Price;
                        command.Parameters.AddWithValue("@parmPartDescription", SqlDbType.VarChar).Value = iPart.PartDescription;
                        command.Parameters.AddWithValue("@parmBrandIDFK", SqlDbType.Int).Value           = iPart.BrandIDFK;
                        command.Parameters.AddWithValue("@parmCategoryIDFK", SqlDbType.Int).Value        = iPart.CategoryIDFK;


                        command.ExecuteNonQuery();
                    }

                    conn.Close();
                }

                result = true;
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }

            return(result);
        }
Esempio n. 5
0
        public List <User> ViewAllUsers(User user)
        {
            List <User> listUsers = new List <User>();

            ExceptionHandling e = new ExceptionHandling();

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_SELECT_USER", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();
                        using (SqlDataReader reader = command.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                User u = new User();
                                u.UserID       = (int)reader["UserID"];
                                u.FirstName    = reader["FirstName"].ToString();
                                u.LastName     = reader["LastName"].ToString();
                                u.UserName     = reader["UserName"].ToString();
                                u.UserPassword = reader["UserPassword"].ToString();
                                //u.Salt = reader["Salt"].ToString();
                                u.Email    = reader["Email"].ToString();
                                u.RoleIDFK = (int)reader["RoleIDFK"];
                                listUsers.Add(u);
                            }
                        }
                    }
                    conn.Close();
                }
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }

            // Find match of user input from list
            return(listUsers.ToList());
        }
Esempio n. 6
0
        public List <Error> ViewAllErrors(Error er)
        {
            List <Error> listErrors = new List <Error>();

            ExceptionHandling e = new ExceptionHandling();

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_SELECT_ERROR", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();

                        using (SqlDataReader reader = command.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                Error exc = new Error();
                                exc.ErrorID    = (int)reader["ErrorID"];
                                exc.ErrorDate  = (DateTime)reader["ErrorDate"];
                                exc.StackTrace = reader["StackTrace"].ToString();
                                exc.Message    = reader["ErrorMessage"].ToString();


                                listErrors.Add(exc);
                            }
                        }
                        command.ExecuteNonQuery();
                    }
                    conn.Close();
                }
            }
            catch (Exception x)
            {
                e.WriteLogger(x);
                e.InsertLoggerToDB(x);
            }
            return(listErrors);
        }
Esempio n. 7
0
        public List <Dirtbike> SelectDirtbike(Dirtbike iDirtbike)
        {
            List <Dirtbike> dirtbikeList = new List <Dirtbike>();

            ExceptionHandling e = new ExceptionHandling();

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_SELECT_DIRTBIKE", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();

                        using (SqlDataReader reader = command.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                Dirtbike db = new Dirtbike();
                                db.DirtBikeID = (int)reader["DirtBikeID"];
                                db.Make       = reader["Make"].ToString();
                                db.MakeYear   = (int)reader["MakeYear"];
                                db.Model      = reader["Model"].ToString();

                                dirtbikeList.Add(db);
                            }
                        }
                        command.ExecuteNonQuery();
                    }
                    conn.Close();
                }
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }
            return(dirtbikeList);
        }
Esempio n. 8
0
        public bool updateRole(int UserID, int RoleIDFK)
        {
            bool result = false;

            ExceptionHandling e = new ExceptionHandling();

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                //establish the connection
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    // create command
                    using (SqlCommand command = new SqlCommand("SP_UPDATE_USER_ROLE", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();


                        command.Parameters.AddWithValue("@parmUserID", SqlDbType.Int).Value   = UserID;
                        command.Parameters.AddWithValue("@parmRoleIDFK", SqlDbType.Int).Value = RoleIDFK;


                        command.ExecuteNonQuery();
                    }

                    conn.Close();
                }

                result = true;
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }

            return(result);
        }
Esempio n. 9
0
        public List <Role> SelectRolesFromTable(Role iRole)
        {
            List <Role> listRoles = new List <Role>();

            ExceptionHandling e = new ExceptionHandling();

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_SELECT_ROLE", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();

                        using (SqlDataReader reader = command.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                Role r = new Role();
                                r.RoleID   = (int)reader["RoleID"];
                                r.RoleName = reader["RoleName"].ToString();

                                listRoles.Add(r);
                            }
                        }
                        command.ExecuteNonQuery();
                    }
                    conn.Close();
                }
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }
            return(listRoles);
        }
Esempio n. 10
0
        public bool DeletePart(int PartId)
        {
            bool result = false;

            ExceptionHandling e = new ExceptionHandling();

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                //establish the connection
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    // create command
                    using (SqlCommand command = new SqlCommand("SP_DELETE_PART", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();

                        command.Parameters.AddWithValue("@parmPartID", SqlDbType.Int).Value = PartId;

                        command.ExecuteNonQuery();
                    }

                    conn.Close();
                }

                result = true;
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }

            return(result);
        }
Esempio n. 11
0
        public void UpdatePart(Part iPart)
        {
            ExceptionHandling e = new ExceptionHandling();

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                // Update Part in Part table
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_UPDATE_PART", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();


                        command.Parameters.AddWithValue("@parmPartID", SqlDbType.Int).Value              = iPart.PartID;
                        command.Parameters.AddWithValue("@parmDirtBikeIDFK", SqlDbType.Int).Value        = iPart.DirtBikeIDFK;
                        command.Parameters.AddWithValue("@parmPartName", SqlDbType.VarChar).Value        = iPart.PartName;
                        command.Parameters.AddWithValue("@parmPicture", SqlDbType.VarChar).Value         = iPart.Picture;
                        command.Parameters.AddWithValue("@parmPrice", SqlDbType.Decimal).Value           = iPart.Price;
                        command.Parameters.AddWithValue("@parmPartDescription", SqlDbType.VarChar).Value = iPart.PartDescription;
                        command.Parameters.AddWithValue("@parmBrandIDFK", SqlDbType.Int).Value           = iPart.BrandIDFK;
                        command.Parameters.AddWithValue("@parmCategoryIDFK", SqlDbType.Int).Value        = iPart.CategoryIDFK;


                        command.ExecuteNonQuery();
                    }

                    conn.Close();
                }

                // Update Part in Cart
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_UPDATE_PART_INFO_IN_CART", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();


                        command.Parameters.AddWithValue("@parmPartID", SqlDbType.Int).Value        = iPart.PartID;
                        command.Parameters.AddWithValue("@parmPartName", SqlDbType.VarChar).Value  = iPart.PartName;
                        command.Parameters.AddWithValue("@parmPicture", SqlDbType.VarChar).Value   = iPart.Picture;
                        command.Parameters.AddWithValue("@parmPartPrice", SqlDbType.Decimal).Value = iPart.Price;


                        command.ExecuteNonQuery();
                    }

                    conn.Close();
                }
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }
        }
Esempio n. 12
0
        public void AddPartToCart(int UserIDFK, int PartIDFK, decimal PartPrice, string PartName, string PartBrand, string Picture)
        {
            ExceptionHandling e = new ExceptionHandling();

            int Quantity = 0;

            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                // Grab User's specific part quantity
                // If its 0 then add part to Cart Table in DB
                // If its not 0 update part quantity: Quantity + 1
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_SELECT_PART_QUANTITY", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();

                        command.Parameters.AddWithValue("@parmUserID", SqlDbType.VarChar).Value = UserIDFK;
                        command.Parameters.AddWithValue("@parmPartID", SqlDbType.VarChar).Value = PartIDFK;

                        using (SqlDataReader reader = command.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                Quantity = (int)reader["Quantity"];
                            }
                        }
                    }
                    conn.Close();
                }

                // If part qauntity came back 0
                if (Quantity == 0)
                {
                    // Add part values to cart table
                    using (SqlConnection conn = new SqlConnection(dbConnection))
                    {
                        using (SqlCommand command = new SqlCommand("SP_INSERT_TO_CART", conn))
                        {
                            command.CommandType    = System.Data.CommandType.StoredProcedure;
                            command.CommandTimeout = 30;
                            conn.Open();


                            command.Parameters.AddWithValue("@parmUserIDFK", SqlDbType.Int).Value      = UserIDFK;
                            command.Parameters.AddWithValue("@parmPartIDFK", SqlDbType.Int).Value      = PartIDFK;
                            command.Parameters.AddWithValue("@parmPartPrice", SqlDbType.Decimal).Value = PartPrice;
                            command.Parameters.AddWithValue("@parmPartName", SqlDbType.VarChar).Value  = PartName;
                            command.Parameters.AddWithValue("@parmPartBrand", SqlDbType.VarChar).Value = PartBrand;
                            command.Parameters.AddWithValue("@parmPicture", SqlDbType.VarChar).Value   = Picture;
                            command.Parameters.AddWithValue("@parmQuantity", SqlDbType.Int).Value      = 1;



                            command.ExecuteNonQuery();
                        }

                        conn.Close();
                    }
                }

                // If part quantiy did not came back 0
                else
                {
                    using (SqlConnection conn = new SqlConnection(dbConnection))
                    {
                        using (SqlCommand command = new SqlCommand("SP_UPDATE_PART_QUANTITY", conn))
                        {
                            command.CommandType    = System.Data.CommandType.StoredProcedure;
                            command.CommandTimeout = 30;
                            conn.Open();


                            command.Parameters.AddWithValue("@parmUserId", SqlDbType.Int).Value   = UserIDFK;
                            command.Parameters.AddWithValue("@parmPartId", SqlDbType.Int).Value   = PartIDFK;
                            command.Parameters.AddWithValue("@parmQuantity", SqlDbType.Int).Value = 1 + Quantity;


                            command.ExecuteNonQuery();
                        }

                        conn.Close();
                    }
                }
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }
        }
Esempio n. 13
0
        public User CreateNewUser(User user)
        {
            ExceptionHandling e = new ExceptionHandling();


            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                // Check to see if user name is already exsist in database
                string        dbUsernames;
                List <string> listOfDbUsernames = new List <string>();
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_SELECT_USERNAMES_FOR_REGISTRATION", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();

                        using (SqlDataReader reader = command.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                dbUsernames = reader["UserName"].ToString();

                                listOfDbUsernames.Add(dbUsernames);
                            }
                        }
                    }
                    conn.Close();
                }

                // If username already exsist
                if (listOfDbUsernames.Contains(user.UserName))
                {
                    user.UserName = "******";
                }

                // If username does not exsist already
                else
                {
                    // Create salt with DateTime now
                    // Add salt to user password
                    // Create StringBuilded (Mutable char string) to append bytes of hashed password to (Did not use String because they are mutable)
                    user.Salt = DateTime.Now.ToString();
                    string        saltAndPassword = user.UserPassword + user.Salt;
                    StringBuilder hashed          = new StringBuilder();


                    // Take salted password then Hash with SHA256
                    using (SHA256 sha256Hash = SHA256.Create())
                    {
                        // ComputeHash - returns byte array
                        byte[] bytes = sha256Hash.ComputeHash(Encoding.UTF8.GetBytes(saltAndPassword));

                        // Convert byte array to a string
                        for (int i = 0; i < bytes.Length; i++)
                        {
                            hashed.Append(bytes[i].ToString("x2"));
                        }
                        hashed.ToString();
                    }



                    using (SqlConnection conn = new SqlConnection(dbConnection))
                    {
                        using (SqlCommand command = new SqlCommand("SP_INSERT_USER", conn))
                        {
                            command.CommandType    = System.Data.CommandType.StoredProcedure;
                            command.CommandTimeout = 30;
                            conn.Open();

                            command.Parameters.AddWithValue("@parmFirstName", SqlDbType.VarChar).Value     = user.FirstName;
                            command.Parameters.AddWithValue("@parmLastName", SqlDbType.VarChar).Value      = user.LastName;
                            command.Parameters.AddWithValue("@parmUserName", SqlDbType.VarChar).Value      = user.UserName;
                            command.Parameters.AddWithValue("@parmUserPassword", SqlDbType.VarChar).Value  = hashed.ToString();
                            command.Parameters.AddWithValue("@parmSalt", SqlDbType.VarChar).Value          = user.Salt;
                            command.Parameters.AddWithValue("@parmEmail", SqlDbType.VarChar).Value         = user.Email;
                            command.Parameters.AddWithValue("@parmRoleIDFK", SqlDbType.Int).Value          = 3;
                            command.Parameters.AddWithValue("@parmSavedDirtBikeIDFK", SqlDbType.Int).Value = DBNull.Value;

                            command.ExecuteNonQuery();
                        }
                        conn.Close();
                    }
                }
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }
            return(user);
        }
Esempio n. 14
0
        public List <User> LoginUser(User user)
        {
            List <User>       listUser = new List <User>();
            ExceptionHandling e        = new ExceptionHandling();


            // Create StringBuilded (Mutable char string) to append bytes of hashed password to
            // (Did not use String because they are not mutable)
            // Create empty salt string to store salt from User table for matched username
            StringBuilder hashed = new StringBuilder();
            string        salt   = "";


            string dbConnection = System.Configuration.ConfigurationManager.ConnectionStrings["dbConnection"].ConnectionString;

            try
            {
                // Get users Salt by entered Username
                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_SELECT_USERS_SALT", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();

                        command.Parameters.AddWithValue("@parmUserName", SqlDbType.VarChar).Value = user.UserName;

                        using (SqlDataReader reader = command.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                User u = new User();

                                u.Salt = reader["Salt"].ToString();

                                salt = u.Salt;
                            }
                        }
                    }
                    conn.Close();
                }



                // Once salt is recieved add it to User Password and hash it
                string saltAndPassword = user.UserPassword + salt;


                // Take salted password then Hash with SHA256
                using (SHA256 sha256Hash = SHA256.Create())
                {
                    // ComputeHash - returns byte array
                    byte[] bytes = sha256Hash.ComputeHash(Encoding.UTF8.GetBytes(saltAndPassword));

                    // Convert byte array to a string
                    for (int i = 0; i < bytes.Length; i++)
                    {
                        hashed.Append(bytes[i].ToString("x2"));// x2 is a string formatter. Prints two hexadecimal digits
                    }
                    hashed.ToString();
                }



                using (SqlConnection conn = new SqlConnection(dbConnection))
                {
                    using (SqlCommand command = new SqlCommand("SP_SELECT_USER", conn))
                    {
                        command.CommandType    = System.Data.CommandType.StoredProcedure;
                        command.CommandTimeout = 30;
                        conn.Open();
                        using (SqlDataReader reader = command.ExecuteReader())
                        {
                            while (reader.Read())
                            {
                                User u = new User();
                                u.UserID       = (int)reader["UserID"];
                                u.FirstName    = reader["FirstName"].ToString();
                                u.LastName     = reader["LastName"].ToString();
                                u.UserName     = reader["UserName"].ToString();
                                u.UserPassword = reader["UserPassword"].ToString();
                                u.Salt         = reader["Salt"].ToString();
                                u.Email        = reader["Email"].ToString();
                                u.RoleIDFK     = (int)reader["RoleIDFK"];
                                if (reader["SavedDirtbikeIDFK"] != DBNull.Value)
                                {
                                    u.SavedDirtbikeIDFK = (int)reader["SavedDirtbikeIDFK"];
                                }
                                else
                                {
                                }

                                listUser.Add(u);
                            }
                        }
                    }
                    conn.Close();
                }
            }
            catch (Exception ex)
            {
                e.WriteLogger(ex);
                e.InsertLoggerToDB(ex);
            }

            // Find match of user input from list
            return(listUser.Where(singleuser => singleuser.UserName == user.UserName &&
                                  singleuser.UserPassword == hashed.ToString()).ToList());
        }