public static List <ItemModel> GetBookByType(string token, string type, string value) { StringBuilder sql = new StringBuilder(); sql.Append("SELECT * FROM library_item " + "WHERE Category = 'book' " + $"AND {type} "); if (type.Equals("Id")) { sql.Append($" = {value} "); } else { sql.Append($" LIKE '%{value}%' "); } switch (UserProcessor.GetUserType(token)) { case -1: return(null); case 2: sql.Append("AND Access = 'public' "); break; } return(SqlDataAccess.LoadData <ItemModel>(sql.ToString())); }
public static int VerifyDeleteUser(string token, int id) { var userRole = GetUserRole(token); if (userRole != 0) { return(-1); } return(UserProcessor.DeleteUser(id)); }
public static int WriteAuthenticationToken(int userId, string token) { var date = DateTime.Now.AddHours(24); const string sql = @"INSERT INTO authentication_token(UserId, Token, ExpireDateTime) VALUES(@UserId, @Token, @ExpireDateTime);"; var data = new TokenModel { Token = token, UserId = userId, ExpireDateTime = date.ToString("yyyy-MM-dd hh:mm:ss") }; SqlDataAccess.SaveData(sql, data); return(UserProcessor.GetUserRole(token)); }
public static int CreateMember(string userName, string firstName, string lastName, int phone_num) { int id = UserProcessor.get_id(userName); MemberModel data = new MemberModel { FirstName = firstName, LastName = lastName, Phone_Num = phone_num, User_ID = id }; string sql = @"insert into dbo.Member(FirstName, LastName, Phone, User_ID) values (@FirstName, @LastName, @Phone_num, @User_ID);"; return(SqlDataAccess.SaveData <MemberModel>(sql, data)); }
public static IEnumerable <ItemModel> GetAllBooks(string token) { StringBuilder sql = new StringBuilder(); sql.Append("SELECT * FROM library_item " + "WHERE Category = 'book' "); switch (UserProcessor.GetUserType(token)) { case -1: return(null); case 2: sql.Append("AND Access = 'public' "); break; } return(SqlDataAccess.LoadData <ItemModel>(sql.ToString())); }
public static List <ItemModel> GetBookById(string token, int id) { StringBuilder sql = new StringBuilder(); sql.Append("SELECT * FROM library_item " + "WHERE Category = 'book' " + $"AND Id = {id} "); switch (UserProcessor.GetUserType(token)) { case -1: return(null); case 2: sql.Append("AND Access = 'public' "); break; } return(SqlDataAccess.LoadData <ItemModel>(sql.ToString())); }