public static UsuarioModel ValidarUsuario(string login, string senha) { UsuarioModel ret = null; using (var conexao = new SqlConnection()) { conexao.ConnectionString = ConfigurationManager.ConnectionStrings["principal"].ConnectionString; conexao.Open(); using (var comando = new SqlCommand()) { comando.Connection = conexao; comando.CommandText = "select * from usuario where login=@login and senha=@senha"; comando.Parameters.Add("@login", SqlDbType.VarChar).Value = login; comando.Parameters.Add("@senha", SqlDbType.VarChar).Value = CriptoHelpers.HashMD5(senha); var reader = comando.ExecuteReader(); if (reader.Read()) { ret = new UsuarioModel { Id = (int)reader["id"], Login = (string)reader["login"], Senha = (string)reader["senha"], Nome = (string)reader["nome"] }; } } } return(ret); }
public int Salvar() { var ret = 0; var model = RecuperarPeloId(this.Id); using (var conexao = new SqlConnection()) { conexao.ConnectionString = ConfigurationManager.ConnectionStrings["principal"].ConnectionString; conexao.Open(); using (var comando = new SqlCommand()) { comando.Connection = conexao; if (model == null) { comando.CommandText = "insert into usuario (nome, login, senha) values (@nome, @login, @senha); select convert(int, scope_identity())"; comando.Parameters.Add("@nome", SqlDbType.VarChar).Value = this.Nome; comando.Parameters.Add("@login", SqlDbType.VarChar).Value = this.Login; comando.Parameters.Add("@senha", SqlDbType.VarChar).Value = CriptoHelpers.HashMD5(this.Senha); ret = (int)comando.ExecuteScalar(); } else { comando.CommandText = "update usuario set nome=@nome, login=@login" + (!string.IsNullOrEmpty(this.Senha) ? ", senha=@senha" : "") + " where id = @id"; comando.Parameters.Add("@nome", SqlDbType.VarChar).Value = this.Nome; comando.Parameters.Add("@login", SqlDbType.VarChar).Value = this.Login; if (!string.IsNullOrEmpty(this.Senha)) { comando.Parameters.Add("@senha", SqlDbType.VarChar).Value = CriptoHelpers.HashMD5(this.Senha); } comando.Parameters.Add("@id", SqlDbType.Int).Value = this.Id; if (comando.ExecuteNonQuery() > 0) { ret = this.Id; } } } } return(ret); }