static public bool UpdateUser(RegularUser usr) //update user usr with the id equal to usr.id with its attributes { string conStr = @"Data Source=(localdb)\MSSQLLocalDB;Initial Catalog=DBofBlogApp;Integrated Security=True;Connect Timeout=30;Encrypt=False;TrustServerCertificate=False;ApplicationIntent=ReadWrite;MultiSubnetFailover=False"; SqlConnection con = new SqlConnection(conStr); con.Open(); string query = $"update RegularUsers set username=@u, email=@e, password=@p where Id=@i"; SqlCommand cmd = new SqlCommand(query, con); if (!string.IsNullOrEmpty(usr.picAddress)) { query = $"update RegularUsers set username=@u, email=@e, password=@p, picaddress=@pa where Id=@i"; cmd = new SqlCommand(query, con); SqlParameter p4 = new SqlParameter("pa", usr.picAddress); cmd.Parameters.Add(p4); } SqlParameter p1 = new SqlParameter("u", usr.Username); SqlParameter p2 = new SqlParameter("e", usr.Email); SqlParameter p3 = new SqlParameter("p", usr.anotherPassword); SqlParameter p5 = new SqlParameter("i", usr.Id); cmd.Parameters.Add(p1); cmd.Parameters.Add(p2); cmd.Parameters.Add(p3); cmd.Parameters.Add(p5); int updatedRows = cmd.ExecuteNonQuery(); if (updatedRows >= 1) { con.Close(); return(true); } con.Close(); return(false); }
static public bool AddUser(RegularUser usr) //adds user usr in DB. { string conStr = @"Data Source=(localdb)\MSSQLLocalDB;Initial Catalog=DBofBlogApp;Integrated Security=True;Connect Timeout=30;Encrypt=False;TrustServerCertificate=False;ApplicationIntent=ReadWrite;MultiSubnetFailover=False"; SqlConnection con = new SqlConnection(conStr); con.Open(); string query = $"insert into RegularUsers(username,password,email) values(@u,@p,@e)"; SqlCommand cmd = new SqlCommand(query, con); if (!string.IsNullOrEmpty(usr.picAddress)) { query = $"insert into RegularUsers (username,email,password,picaddress) values(@u,@e,@p,@pa)"; cmd = new SqlCommand(query, con); SqlParameter p4 = new SqlParameter("pa", usr.picAddress); cmd.Parameters.Add(p4); } SqlParameter p1 = new SqlParameter("u", usr.Username); SqlParameter p2 = new SqlParameter("p", usr.Password); SqlParameter p3 = new SqlParameter("e", usr.Email); cmd.Parameters.Add(p1); cmd.Parameters.Add(p2); cmd.Parameters.Add(p3); int insertedRows = cmd.ExecuteNonQuery(); if (insertedRows >= 1) { con.Close(); return(true); } con.Close(); return(false); }