public string ShadowPassword(int action, _ShadowPassword shadowPassword) { SqlConnection con = new SqlConnection(connectionString); try { con.Open(); SqlCommand cmd = new SqlCommand(); cmd.Connection = con; int isActive = 1; if (!shadowPassword.isActive) { isActive = 0; } if (action == 0) { cmd.CommandText = "INSERT INTO tblShadowPassword(username, password, type, isActive, date_created) " + " VALUES ('" + shadowPassword.username + "','" + shadowPassword.password + "'," + shadowPassword.type + "," + isActive + ",'" + shadowPassword.date_created + "')"; } else { cmd.CommandText = "UPDATE tblShadowPassword SET username = '******', password ='******', type = " + shadowPassword.type + ", isActive =" + isActive; } cmd.ExecuteNonQuery(); } catch (Exception ex) { return(ex.ToString()); } finally { con.Close(); } return("1"); }
public List <_ShadowPassword> getShadowPassword(int?status) { List <_ShadowPassword> passwords = new List <_ShadowPassword>(); SqlConnection con = new SqlConnection(connectionString); con.Open(); SqlCommand cmd = new SqlCommand(); cmd.Connection = con; cmd.CommandText = "SELECT * FROM tblShadowPassword WHERE isActive = " + status.ToString(); SqlDataReader dr = cmd.ExecuteReader(); while (dr.Read()) { _ShadowPassword shadowPassword = new _ShadowPassword(); shadowPassword.isActive = Convert.ToBoolean(status); shadowPassword.username = Convert.ToString(dr["username"]); shadowPassword.password = Convert.ToString(dr["password"]); shadowPassword.type = Convert.ToInt32(dr["type"]); passwords.Add(shadowPassword); } con.Close(); return(passwords); }