/// <summary> /// Get user by name from the database /// </summary> /// <param name="username"></param> /// <returns></returns> public static User GetUserById(int userId) { User user = new User(); OracleCommand cmd = new OracleCommand("admin.GetUserByID", App.con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("userID", userId); OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor); cmd.Parameters.Add(user_par).Direction = System.Data.ParameterDirection.Output; var dt = cmd.ExecuteReader(); while (dt.Read()) { user = new User() { ID = Convert.ToInt32(dt["ID"]), Login = dt["Login"].ToString(), Password = dt["Password"].ToString(), //DoctorID = dt["DoctorID"].ToString() == "" ? 0 : int.Parse(dt["DoctorID"].ToString()), //PatientID = dt["PatientID"].ToString() == "" ? 0 : int.Parse(dt["PatientID"].ToString()), RoleID = Convert.ToInt32(dt["RoleID"]) }; if (user.RoleID == 2) { user.Doctor = DoctorDataAccess.GetDoctorById(Convert.ToInt32(dt["DoctorID"].ToString())); } else if (user.RoleID == 3) { user.Patient = PatientsDataAccess.GetPatientById(Convert.ToInt32(dt["PatientID"].ToString())); } } return(user); }
public static void InsertUser(User user) { OracleCommand cmd = new OracleCommand("Register", App.con); cmd.CommandType = CommandType.StoredProcedure; OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor); cmd.Parameters.Add("username", user.Login); cmd.Parameters.Add("userpassword", user.Password); if (user.Doctor == null) { cmd.Parameters.Add("doctor", ""); } else { cmd.Parameters.Add("doctor", (DoctorDataAccess.GetDoctorByName(user.Doctor.Name)).Id); } if (user.Patient == null) { cmd.Parameters.Add("patient", ""); } else { cmd.Parameters.Add("patient", (PatientsDataAccess.GetPatientByName(user.Patient.Name)).Id); } cmd.Parameters.Add("role", user.RoleID); int res = cmd.ExecuteNonQuery(); }
public static Visit GetVisitByID(int visitid) { OracleCommand cmd = new OracleCommand("admin.GetVisitByID", App.con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("did", visitid); OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor); cmd.Parameters.Add(user_par).Direction = System.Data.ParameterDirection.Output; var dt = cmd.ExecuteReader(); if (dt.Read()) { Visit visit = new Visit(); visit.DateTime = Convert.ToDateTime(dt[3].ToString()); visit.Room = new Room(dt[9].ToString(), null); visit.ID = Convert.ToInt32(dt[0]); visit.Symthoms = dt[5].ToString(); visit.Diagnosis = dt[6].ToString(); visit.Prescription = dt[7].ToString(); visit.Notes = dt[8].ToString(); visit.Patient = PatientsDataAccess.GetPatientByName(dt[2].ToString()); visit.Doctor = DoctorDataAccess.GetDoctorByName(dt[1].ToString()); if (dt[10].ToString() != "") { visit.file = (byte[])dt[10]; } return(visit); } else { return(null); } }
public static void DeleteUserByPatientId(int patientId) { OracleCommand cmd = new OracleCommand("DeleteUserByPatientId", App.con); cmd.CommandType = CommandType.StoredProcedure; OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor); cmd.Parameters.Add("pid", patientId); var dt = cmd.ExecuteReader(); PatientsDataAccess.DeletePatientById(patientId); }
/// <summary> /// Validates login details /// </summary> /// <param name="username">Username of the user to log in</param> /// <param name="password">Password of the user to logi in</param> /// <returns></returns> public static bool IsValidLoginData(string username, string password) { if (App.con.State == ConnectionState.Closed) { App.con.Open(); } User user = null; OracleCommand cmd = new OracleCommand("admin.Login", App.con); cmd.CommandType = CommandType.StoredProcedure; OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor); cmd.Parameters.Add("username", username); cmd.Parameters.Add("userpassword", password); cmd.Parameters.Add(user_par).Direction = System.Data.ParameterDirection.Output; //int result = Convert.ToInt32(cmd.ExecuteScalar()); var dt = cmd.ExecuteReader(); //MessageBox.Show(dt.Depth.ToString()); while (dt.Read()) { user = new User() { ID = Convert.ToInt32(dt["ID"]), Login = dt["Login"].ToString(), Password = dt["Password"].ToString(), //DoctorID = dt["DoctorID"].ToString() == "" ? 0 : int.Parse(dt["DoctorID"].ToString()), //PatientID = dt["PatientID"].ToString() == "" ? 0 : int.Parse(dt["PatientID"].ToString()), RoleID = Convert.ToInt32(dt["RoleID"]) }; if (user.RoleID == 2) { user.Doctor = DoctorDataAccess.GetDoctorById(Convert.ToInt32(dt["DoctorID"].ToString())); } else if (user.RoleID == 3) { user.Patient = PatientsDataAccess.GetPatientById(Convert.ToInt32(dt["PatientID"].ToString())); } } if (user != null) { return(true); } else { return(false); } }