//Methods
public bool Add()
{
string strQuery = String.Format("INSERT INTO [Users]([Name],[Phone],[Email],[Username],[Password],[UserType],[Status],[Logs],[DateAdded]) " +
"VALUES('{0}', '{1}', '{2}', '{3}', '{4}', '{5}', 0, 0, '{6}')", _name, _phone, _email, _username, AppHandler.Sha1(_password), _usertype, _date_added);
try
{
return(db.ExecuteQuery(strQuery));
}
catch (Exception ex)
{
ExecutionError = ex.Message;
}
return(false);
}
public bool DoLogin()
{
bool loggedIn = false;
try
{
DataTable userTable = db.ReadTable("Users", String.Format("SELECT Name FROM Users WHERE Username='******' AND Password='******'", _username, AppHandler.Sha1(_password)));
loggedIn = userTable.Rows.Count > 0;
}
catch (Exception ex)
{
ExecutionError = ex.Message;
}
return(loggedIn);
}
public User(string user, string pswd)
{
_username = user;
_password = pswd;
db.DBError = "";
ExecutionError = "";
DataTable userTable = db.ReadTable("Users", String.Format("SELECT DISTINCT * FROM Users WHERE Username='******' AND Password='******'", _username, AppHandler.Sha1(_password)));
if (userTable.Rows.Count > 0)
{
_id = AppHandler.ToInt(userTable.Rows[0]["UserID"]);
_name = AppHandler.IgnoreDBNullString(userTable.Rows[0]["Name"]);
_phone = AppHandler.IgnoreDBNullString(userTable.Rows[0]["Phone"]);
_email = AppHandler.IgnoreDBNullString(userTable.Rows[0]["Email"]);
_username = AppHandler.IgnoreDBNullString(userTable.Rows[0]["Username"]);
_usertype = AppHandler.IgnoreDBNullString(userTable.Rows[0]["UserType"]);
_status = (short)AppHandler.ToInt(userTable.Rows[0]["Status"]);
_logs = AppHandler.ToInt(userTable.Rows[0]["Logs"]);
_date_added = AppHandler.ToDateTime(userTable.Rows[0]["DateAdded"].ToString());
_firm_id = AppHandler.ToInt(userTable.Rows[0]["FirmID"]);
_role_id = AppHandler.ToInt(userTable.Rows[0]["RoleID"]);
_exists = true;
}
else if (db.DBError.Length > 0)
{
ExecutionError = db.DBError;
}
}
public bool ChangePassword(string pswd)
{
return(db.ExecuteQuery("UPDATE Users SET Password='******' WHERE Username='******'"));
}