public ProfileModel Login(string login, string password)
{
ProfileModel profile = new ProfileModel();
using (SqlConnection conn = new SqlConnection(_connectionString))
{
conn.Open();
SqlCommand cmd = new SqlCommand("dbo.GetValidateLogin", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@login", login);
cmd.Parameters.AddWithValue("@password", HelperRepository.EncrypteText(password));
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
profile.Id = reader["Id"] != DBNull.Value ? Convert.ToInt32(reader["Id"]) : 0;
profile.Login = reader["Login"] != DBNull.Value ? Convert.ToString(reader["Login"]) : string.Empty;
profile.Name = reader["Name"] != DBNull.Value ? Convert.ToString(reader["Name"]) : string.Empty;
profile.Surname = reader["Surname"] != DBNull.Value ? Convert.ToString(reader["Surname"]) : string.Empty;
profile.Email = reader["Email"] != DBNull.Value ? Convert.ToString(reader["Email"]) : string.Empty;
profile.Phone = reader["Phone"] != DBNull.Value ? Convert.ToString(reader["Phone"]) : string.Empty;
profile.PositionId = reader["PositionId"] != DBNull.Value ? Convert.ToInt32(reader["PositionId"]) : 0;
profile.PositionName = reader["PositionName"] != DBNull.Value ? Convert.ToString(reader["PositionName"]) : string.Empty;
profile.PositionToken = reader["PositionToken"] != DBNull.Value ? Convert.ToString(reader["PositionToken"]) : string.Empty;
}
}
return(profile);
}
public void ChangePassword(int profileId, string password)
{
using (SqlConnection conn = new SqlConnection(_connectionString))
{
conn.Open();
SqlCommand cmd = new SqlCommand("dbo.ChangePassword", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@profileId", profileId);
cmd.Parameters.AddWithValue("@password", HelperRepository.EncrypteText(password));
cmd.ExecuteNonQuery();
}
}
public string AddUser(string login, string password, string phone, string firstName, string lastName, string email, int positionId)
{
using (SqlConnection conn = new SqlConnection(_connectionString))
{
conn.Open();
SqlCommand cmd = new SqlCommand("dbo.AddUser", conn);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@login", login);
cmd.Parameters.AddWithValue("@password", HelperRepository.EncrypteText(password));
cmd.Parameters.AddWithValue("@email", email);
cmd.Parameters.AddWithValue("@phone", phone);
cmd.Parameters.AddWithValue("@firstName", firstName);
cmd.Parameters.AddWithValue("@lastName", lastName);
cmd.Parameters.AddWithValue("@positionId", positionId);
return(Convert.ToString(cmd.ExecuteScalar()));
}
}