//add employ info to database public void InsertEmployeeData() { SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString); conn.Open(); string qryStr = "insert into [Employee] (Username,Name,Password,Position,StoreID)values (@username,@name,@password,'Waiter',@storeId) "; ////@@IDENTITY returns the last identity value generated for any table in the current session SqlCommand cmd = new SqlCommand(qryStr, conn); cmd.Parameters.AddWithValue("@username", this.UserName); cmd.Parameters.AddWithValue("@name", this.Name); cmd.Parameters.AddWithValue("@storeId", StoreId); cmd.Parameters.AddWithValue("@password", EncrytPassword.encryptString(Password)); cmd.ExecuteNonQuery(); conn.Close(); }//close InsertCustomerDate() method
}//close checkUserExit() method //check password is correct public bool checkPassword() { SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString); conn.Open(); string quary = "select * from Employee where Username=@username"; SqlCommand comd = new SqlCommand(quary, conn); comd.Parameters.AddWithValue("@username", UserName); SqlDataReader dr = comd.ExecuteReader(); dr.Read(); if (dr.HasRows) { if (dr["Password"].ToString().Equals(EncrytPassword.encryptString(Password))) { dr.Close(); conn.Close(); return(true); } } return(false); }