public string Login_Shop(string userName, string password)
{
User2 u = null;
string conStr = ConfigurationManager.ConnectionStrings["LIVEDNS"].ConnectionString;
SqlConnection con = new SqlConnection(conStr);
SqlCommand com = new SqlCommand(" SELECT * " +
" FROM Shop_Users " +
$" WHERE UserName = '******' AND Password = '******' ", con);
con.Open();
SqlDataReader reader = com.ExecuteReader();
if (reader.Read())
{
u = new User2()
{
UserID = int.Parse(reader["UserID"].ToString()),
UserName = reader["UserName"].ToString(),
Password = reader["Password"].ToString(),
FullName = reader["FullName"].ToString(),
Email = reader["Email"].ToString(),
Phone = reader["Phone"].ToString(),
};
con.Close();
return(new JavaScriptSerializer().Serialize(u));
}
else
{
return(new JavaScriptSerializer().Serialize(null));
}
}
public string Register_Shop(string userName, string password, string fullName, string email, string phone)
{
SqlCommand com = null;
string userOutput = null;
try
{
User2 u = null;
string conStr = ConfigurationManager.ConnectionStrings["LIVEDNS"].ConnectionString;
SqlConnection con = new SqlConnection(conStr);
com = new SqlCommand($"SELECT * FROM Shop_Users WHERE Email = '{email}'", con);
com.Connection.Open();
SqlDataReader reader = com.ExecuteReader();
if (reader.Read())
{
userOutput = new JavaScriptSerializer().Serialize(null);
return(userOutput);
}
else
{
if (com.Connection.State != ConnectionState.Closed)
{
com.Connection.Close();
}
com = new SqlCommand($"INSERT INTO Shop_Users(UserName,Password,FullName,Email,Phone) VALUES" +
$" ('{userName}','{password}','{fullName}','{email}','{phone}')", con);
com.Connection.Open();
int res = com.ExecuteNonQuery();
if (res == 1)
{
SqlCommand com2 = new SqlCommand("SELECT max(UserID) as maxID FROM Shop_Users", con);
SqlDataReader reader2 = com2.ExecuteReader();
if (reader2.Read())
{
u = new User2()
{
UserID = (int)reader2["maxID"],
UserName = userName,
Password = password,
FullName = fullName,
Email = email,
Phone = phone,
};
}
userOutput = new JavaScriptSerializer().Serialize(u);
return(userOutput);
}
}
}
catch (Exception e)
{
File.AppendAllText(Server.MapPath(@"\") + "logSQL.txt", "\r\n" + e.Message +
"\r\n" + DateTime.Now.ToString() +
"\r\nID =" + "\r\n____________________");
}
finally
{
if (com.Connection.State != System.Data.ConnectionState.Closed)
{
com.Connection.Close();
}
}
return(userOutput);
}
