public static bool InsertUser(AdminLogin insertAdmin) { try { using (DbConnection conn = provider.CreateConnection()) { conn.ConnectionString = connString; conn.Open(); using (DbCommand cmd = conn.CreateCommand()) { string sqlQuery; sqlQuery = "INSERT INTO Admin_Info" + "(UserName,Password,FullName) " + "VALUES(@userName,@password,@fullName"; if (parmPrefix != "@") { sqlQuery = sqlQuery.Replace("@", parmPrefix); } cmd.CommandText = sqlQuery; cmd.CommandType = CommandType.Text; DbParameter sUserName = provider.CreateParameter(); sUserName.ParameterName = parmPrefix + "userName"; sUserName.Value = insertAdmin.UserName; cmd.Parameters.Add(sUserName); DbParameter sPassword = provider.CreateParameter(); sPassword.ParameterName = parmPrefix + "password"; sPassword.Value = insertAdmin.Password; cmd.Parameters.Add(sPassword); DbParameter sFullName = provider.CreateParameter(); sFullName.ParameterName = parmPrefix + "fullName"; sFullName.Value = insertAdmin.FullName; cmd.Parameters.Add(sFullName); cmd.ExecuteNonQuery(); cmd.Parameters.Clear(); } conn.Close(); } return true; } catch (Exception exp) { return false; } }
public static AdminLogin NewLoging(string UserName, string password) { AdminLogin adminDetail = new AdminLogin(); try { using (DbConnection conn = provider.CreateConnection()) { conn.ConnectionString = connString; using (DbCommand cmd = conn.CreateCommand()) { string sqlQuery = "SELECT IDs,UserName,Password,FullName" + " FROM Admin_Info WHERE UserName = @UserName AND Password=@password"; if (parmPrefix != "@") { sqlQuery = sqlQuery.Replace("@", parmPrefix); } cmd.CommandText = sqlQuery; cmd.CommandType = CommandType.Text; DbParameter dpID = provider.CreateParameter(); dpID.ParameterName = parmPrefix + "UserName"; dpID.Value = UserName; cmd.Parameters.Add(dpID); DbParameter dpass = provider.CreateParameter(); dpass.ParameterName = parmPrefix + "password"; dpass.Value = password; cmd.Parameters.Add(dpass); conn.Open(); using (DbDataReader rdr = cmd.ExecuteReader()) { if (rdr.HasRows) { while (rdr.Read()) { adminDetail = new AdminLogin(); if (!rdr.IsDBNull(0)) { adminDetail.Id = rdr.GetInt32(0); } if (!rdr.IsDBNull(1)) { adminDetail.UserName = rdr.GetString(1); } if (!rdr.IsDBNull(2)) { adminDetail.Password = rdr.GetString(2); } if (!rdr.IsDBNull(3)) { adminDetail.FullName = rdr.GetString(3); } } } else { return null; } } } conn.Close(); } } catch (Exception exp) { return null; } return adminDetail; }