public List<Usuario> buscar(String nome)
{
Connection con = new Connection();
con.openConnection();
SqlCommand command = new SqlCommand();
SqlDataReader reader;
string sql = "SELECT * FROM Usuarios where Nome LIKE '%" + nome+"%'";
command.CommandText = sql;
command.CommandType = CommandType.Text;
command.Connection = con.getConnection();
reader = command.ExecuteReader();
List<Usuario> listaUsuarios = new List<Usuario>();
while (reader.Read())
{
Usuario usuario = new Usuario();
usuario.id_user = Int32.Parse(string.Format("{0}", reader[0]));
usuario.nome = string.Format("{0}", reader[1]);
usuario.login = string.Format("{0}", reader[2]);
usuario.tipo_permissao = Int32.Parse(string.Format("{0}", reader[4]));
listaUsuarios.Add(usuario);
}
con.closeConnection();
return listaUsuarios;
}
public Boolean editar(Usuario usuario)
{
Connection con = new Connection();
con.openConnection();
SqlCommand command = new SqlCommand();
String sql = "UPDATE Usuarios set Nome='"+usuario.nome+"', Login ='******', Senha='"+usuario.senha+"', NivelPrivilegio="+usuario.tipo_permissao+" where Id_user = "+usuario.id_user;
command.CommandText = sql;
command.CommandType = CommandType.Text;
command.Connection = con.getConnection();
command.ExecuteNonQuery();
con.closeConnection();
return true;
}
public Boolean deletar(Usuario usuario)
{
Connection con = new Connection();
con.openConnection();
SqlCommand command = new SqlCommand();
SqlDataReader reader;
string sql = "DELETE Usuarios WHERE Id_user = " + usuario.id_user;
command.CommandText = sql;
command.CommandType = CommandType.Text;
command.Connection = con.getConnection();
reader = command.ExecuteReader();
con.closeConnection();
return true;
}
public int getPermissao(Usuario usuario)
{
Connection con = new Connection();
con.openConnection();
SqlCommand command = new SqlCommand();
SqlDataReader reader;
string sql = "SELECT * FROM Usuarios where Login ='******' and Senha='" + usuario.senha + "' ";
command.CommandText = sql;
command.CommandType = CommandType.Text;
command.Connection = con.getConnection();
reader = command.ExecuteReader();
while (reader.Read())
{
int retorno = Int32.Parse(string.Format("{0}", reader[4]));
return retorno;
}
con.closeConnection();
return 2;
}
public Usuario getUsuariobyId(Usuario usuario)
{
Connection con = new Connection();
con.openConnection();
SqlCommand command = new SqlCommand();
SqlDataReader reader;
string sql = "SELECT * FROM Usuarios where Id_user ="******"{0}", reader[0]));
returnUsuario.nome = string.Format("{0}", reader[1]);
returnUsuario.login = string.Format("{0}", reader[2]);
returnUsuario.senha = string.Format("{0}", reader[3]);
returnUsuario.tipo_permissao = Int32.Parse(string.Format("{0}", reader[4]));
}
con.closeConnection();
return returnUsuario;
}
public Boolean login(Usuario usuario)
{
Connection con = new Connection();
con.openConnection();
SqlCommand command = new SqlCommand();
SqlDataReader reader;
string sql = "SELECT * FROM Usuarios where Login ='******' and Senha='" + usuario.senha + "' ";
command.CommandText = sql;
command.CommandType = CommandType.Text;
command.Connection = con.getConnection();
reader = command.ExecuteReader();
while (reader.Read())
{
return true;
}
con.closeConnection();
return false;
}
public Boolean inserir(Usuario usuario)
{
Connection con = new Connection();
con.openConnection();
SqlCommand command = new SqlCommand();
string sql = "INSERT INTO Usuarios (Nome,Login,Senha,NivelPrivilegio) VALUES('" + usuario.nome + "','" + usuario.login + "','" + usuario.senha + "'," + usuario.tipo_permissao+ ")";
command.CommandText = sql;
command.CommandType = CommandType.Text;
command.Connection = con.getConnection();
command.ExecuteNonQuery();
con.closeConnection();
return true;
}