public void updateUserInfo(cAnvandare user, string userID)
{
//Create a connection
SqlConnection conn = new SqlConnection(connStr);
//The procedure I want to call
SqlCommand cmd = new SqlCommand("usp_updateUserInfo", conn);
//Command type I want to execute
cmd.CommandType = CommandType.StoredProcedure;
try
{
conn.Open();
cmd.Parameters.AddWithValue("@personID", userID);
cmd.Parameters.AddWithValue("@fornamn", user.FirstName);
cmd.Parameters.AddWithValue("@efternamn", user.LastName);
cmd.Parameters.AddWithValue("@mail", user.Epost);
cmd.Parameters.AddWithValue("@personnr", user.ssn);
cmd.Parameters.AddWithValue("@nyhetsbrev", user.newsletter);
cmd.Parameters.AddWithValue("@tarfaktura", user.faktura);
cmd.ExecuteScalar();
}
catch
{
throw;
}
finally
{
cmd.Dispose();
conn.Close();
conn.Dispose();
}
}
public string LogIn(cAnvandare a)
{
// Create a connection
SqlConnection conn = new SqlConnection(connStr);
// Name of the Procedure I want to call
SqlCommand cmd = new SqlCommand("usp_ADMIN_Login", conn);
// Type of commad I want to execute
cmd.CommandType = CommandType.StoredProcedure;
try
{
// Open the connection to the database
conn.Open();
// Insert the Parameter to the procedure
cmd.Parameters.AddWithValue("@losenord", a.Password);
cmd.Parameters.AddWithValue("@username", a.Epost);
// Execute the procedure and return an Integer
return(cmd.ExecuteScalar().ToString());
}
catch
{
// If error
throw;
}
finally
{
// Close and dispose all connections to the databse
cmd.Dispose();
conn.Close();
conn.Dispose();
}
}
//Hämtar användarens info och skriver ut den
private void GetUserData()
{
BusinessDAL bDAL = new BusinessDAL();
cAnvandare user = new cAnvandare();
user = bDAL.getUserData(Session["userid"].ToString());
tbxFornamn.Text = user.FirstName;
tbxEfternamn.Text = user.LastName;
tbxMail.Text = user.Epost;
tbxSSN.Text = user.ssn;
if (user.faktura == "False")
{
cbxFaktura.Checked = false;
}
else
{
cbxFaktura.Checked = true;
}
if (user.newsletter == "False")
{
cbxNewsLetter.Checked = false;
}
else
{
cbxNewsLetter.Checked = true;
}
}
protected void repMassorer_ItemCommand(object source, RepeaterCommandEventArgs e)
{
lblID.Text = e.CommandArgument.ToString();
panEditMassor.Visible = true;
// populera nyheten
BusinessDAL bDAL = new BusinessDAL();
cAnvandare art = bDAL.getOneMassor(lblID.Text);
tbForNamn.Text = art.FirstName;
tbEfterNamn.Text = art.LastName;
tbBeskrivning.Text = art.ssn;
}
//Hämtar artikeln om massörer
protected void btnUppdatera_Click(object sender, EventArgs e)
{
BusinessDAL bd = new BusinessDAL();
cAnvandare a = new cAnvandare();
a.FirstName = tbForNamn.Text.ToString();
a.LastName = tbEfterNamn.Text.ToString();
a.Password = tbBeskrivning.Text.ToString();
a.UserId = (lblID.Text.ToString());
bd.updateMassorInfo(a);
FillMassorer();
panEditMassor.Visible = false;
}
public cAnvandare getUserData(string userID)
{
cAnvandare user = new cAnvandare();
//Create a connection
SqlConnection conn = new SqlConnection(connStr);
//The procedure I want to call
SqlCommand cmd = new SqlCommand("usp_getUserInfo", conn);
//Command type I want to execute
cmd.CommandType = CommandType.StoredProcedure;
try
{
conn.Open();
cmd.Parameters.AddWithValue("@personid", userID);
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
user.FirstName = reader["fornamn"].ToString();
user.LastName = reader["efternamn"].ToString();
user.ssn = reader["personnr"].ToString();
user.Epost = reader["mail"].ToString();
}
return(user);
}
catch
{
throw;
}
finally
{
cmd.Dispose();
conn.Close();
conn.Dispose();
}
}
protected void btnSaveInfo_Click(object sender, EventArgs e)
{
btnEditinfo.Visible = true;
btnCancelEdit.Visible = false;
btnSaveinfo.Visible = false;
tbxFornamn.Enabled = false;
tbxEfternamn.Enabled = false;
tbxMail.Enabled = false;
tbxSSN.Enabled = false;
cbxFaktura.Enabled = false;
cbxNewsLetter.Enabled = false;
BusinessDAL bDAL = new BusinessDAL();
cAnvandare updatedUser = new cAnvandare();
updatedUser.Epost = tbxMail.Text;
updatedUser.FirstName = tbxFornamn.Text;
updatedUser.LastName = tbxEfternamn.Text;
updatedUser.ssn = tbxSSN.Text;
if (cbxNewsLetter.Checked)
{
updatedUser.newsletter = "1";
}
else
{
updatedUser.newsletter = "0";
}
if (cbxFaktura.Checked)
{
updatedUser.faktura = "1";
}
else
{
updatedUser.faktura = "0";
}
bDAL.updateUserInfo(updatedUser, Session["userid"].ToString());
GetUserData();
}
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
BusinessDAL bd = new BusinessDAL();
cAnvandare a = new cAnvandare();
string sUserId = "";
a.Epost = Login1.UserName.ToString();
a.Password = Login1.Password.ToString();
sUserId = bd.LogIn(a);
if (sUserId.Length > 1)
{
Session.Add("userId", sUserId);
e.Authenticated = true;
Response.Redirect("Nyheter.aspx");
}
else
{
e.Authenticated = false;
Response.Redirect("Default.aspx");
Page.Controls.Add(new LiteralControl("<p>New<br />Line</p>"));
}
}
public int updateMassorInfo(cAnvandare a)
{
//DataTable dt = new DataTable();
cArtikel art = new cArtikel();
//Create a connection
SqlConnection conn = new SqlConnection(connStr);
//The procedure I want to call
SqlCommand cmd = new SqlCommand("usp_ADMIN_edit_anstallda", conn);
//Command type I want to execute
cmd.CommandType = CommandType.StoredProcedure;
try
{
conn.Open();
cmd.Parameters.AddWithValue("@anstalldID", a.UserId);
cmd.Parameters.AddWithValue("@fornamn", a.FirstName);
cmd.Parameters.AddWithValue("@efternamn", a.LastName);
cmd.Parameters.AddWithValue("@beskrivning", a.Password);
return(cmd.ExecuteNonQuery());
}
catch
{
throw;
}
finally
{
cmd.Dispose();
conn.Close();
conn.Dispose();
}
}
public string CreateUser(cAnvandare a)
{
// Create a connection
SqlConnection conn = new SqlConnection(connStr);
// Name of the Procedure I want to call
SqlCommand cmd = new SqlCommand("usp_createUser", conn);
// Type of commad I want to execute
cmd.CommandType = CommandType.StoredProcedure;
try
{
// Open the connection to the database
conn.Open();
// Insert the Parameter to the procedure
cmd.Parameters.AddWithValue("@ForNamn", a.FirstName);
cmd.Parameters.AddWithValue("@EfterNamn", a.LastName);
cmd.Parameters.AddWithValue("@mail", a.Epost);
cmd.Parameters.AddWithValue("@Personnr", a.ssn);
cmd.Parameters.AddWithValue("@losenord", a.Password);
cmd.Parameters.AddWithValue("@Nyhetsbrev", 0);
cmd.Parameters.AddWithValue("@tarFaktura", 0);
// Execute the procedure and return an integer
return(cmd.ExecuteScalar().ToString());
}
catch
{
// If error
throw;
}
finally
{
// Close and dispose all connections to the databse
cmd.Dispose();
conn.Close();
conn.Dispose();
}
}
