public void Deactivate(string Username) { sql.Execute("update user set " + Person.cAktiviert + " = 'False'" + " where " + Person.cNickname + " = '" + SQLAccess.EscapeStr(Username) + "';"); }
public Person GetUser(string user, string password) { DataTable tbl = sql.Query("select * from user where " + Person.cNickname + "= '" + SQLAccess.EscapeStr(user) + "' and " + Person.cKennwort + " = '" + SQLAccess.EscapeStr(password) + "';"); if (tbl.Rows.Count == 0) { return(null); } return(new Person(tbl.Rows[0])); }
public void AddUser(Person person) { try { sql.Execute("insert into user values ('" + person.UID.ToString() + "', '" + SQLAccess.EscapeStr(person.Name) + "', '" + SQLAccess.EscapeStr(person.Vorname) + "', '" + SQLAccess.EscapeStr(person.Telefon) + "', '" + SQLAccess.EscapeStr(person.Email) + "', '" + SQLAccess.EscapeStr(person.Nickname) + "', '" + SQLAccess.EscapeStr(person.Kennwort) + "', '" + (person.Admin ? "True" : "False") + "', '" + (person.Aktiviert ? "True" : "False") + "');"); } catch (Exception e) { throw e; } }
public void Update(Person person) { sql.Execute("update user set " + Person.cName + " = '" + SQLAccess.EscapeStr(person.Name) + "'" + ", " + Person.cVorname + " = '" + SQLAccess.EscapeStr(person.Vorname) + "'" + ", " + Person.cTelefon + " = '" + SQLAccess.EscapeStr(person.Telefon) + "'" + ", " + Person.cEmail + " = '" + SQLAccess.EscapeStr(person.Email) + "'" + ", " + Person.cNickname + " = '" + SQLAccess.EscapeStr(person.Nickname) + "'" + ", " + Person.cKennwort + " = '" + SQLAccess.EscapeStr(person.Kennwort) + "'" + ", " + Person.cAdmin + " = '" + (person.Admin ? "True" : "False") + "'" + ", " + Person.cAktiviert + " = '" + (person.Aktiviert ? "True" : "False") + "'" + "where " + Person.cUID + " = " + person.UID.ToString() + ";"); }