コード例 #1
0
        //Insert adam into database
        public int Insert(Adam adam)
        {
            //no of rows affected by insertion
            int        count = 0;
            SqlCommand cmd;
            string     password;

            Connection();
            cmd             = new SqlCommand("uspInsertAdam", conn);
            cmd.CommandType = CommandType.StoredProcedure;
            cmd.Parameters.AddWithValue("@username", adam.Username);
            cmd.Parameters.AddWithValue("@email", adam.Email);
            cmd.Parameters.AddWithValue("@userid", adam.UserId);
            cmd.Parameters.AddWithValue("@regDate", adam.RegDate);
            cmd.Parameters.AddWithValue("@userType", adam.UserType);
            password = Crypto.HashPassword(adam.Password);
            message  = password;
            cmd.Parameters.AddWithValue("@pass", password);
            try
            {
                conn.Open();
                count = cmd.ExecuteNonQuery();
            }
            catch (SqlException ex)
            {
                message = ex.Message;
            }
            finally
            {
                conn.Close();
            }
            return(count);
        }
コード例 #2
0
        public string CheckLogin(Adam user)
        {
            string        username = null;
            SqlCommand    cmd;
            SqlDataReader reader;
            string        password;

            Connection();
            cmd             = new SqlCommand("uspCheckLogin", conn);
            cmd.CommandType = CommandType.StoredProcedure;

            cmd.Parameters.AddWithValue("@UserId", user.UserId);
            try
            {
                conn.Open();
                reader = cmd.ExecuteReader();
                while (reader.Read())
                {
                    password = reader["Password"].ToString();
                    if (Crypto.VerifyHashedPassword(password, user.Password))
                    {
                        username = reader["Username"].ToString();
                    }
                }
            }
            catch (SqlException ex)
            {
                message = ex.Message;
            }
            catch (FormatException ex)
            {
                message = ex.Message;
            }
            finally
            {
                conn.Close();
            }
            return(username);
        }