public bool insertStudent(int Id, string fname, string lname, DateTime bdate, string gender, string phone, string address, MemoryStream picture) { SqlCommand command = new SqlCommand("INSERT INTO std (id, fname, lname, bdate, gender, phone, address, picture)" + " VALUES (@id, @fn, @ln, @bdt, @gdr, @phn, @adrs, @pic)", mydb.getConnection); command.Parameters.Add("@id", SqlDbType.Int).Value = Id; command.Parameters.Add("@fn", SqlDbType.VarChar).Value = fname; command.Parameters.Add("@ln", SqlDbType.VarChar).Value = lname; command.Parameters.Add("@bdt", SqlDbType.DateTime).Value = bdate; command.Parameters.Add("@gdr", SqlDbType.VarChar).Value = gender; command.Parameters.Add("@phn", SqlDbType.VarChar).Value = phone; command.Parameters.Add("@adrs", SqlDbType.VarChar).Value = address; command.Parameters.Add("@pic", SqlDbType.Image).Value = picture.ToArray(); mydb.openConnection(); try { if ((command.ExecuteNonQuery() == 1)) { mydb.closeConnection(); return(true); } else { mydb.closeConnection(); return(false); } } catch { return(false); } }
private void buttonRegister_Click(object sender, EventArgs e) { bool usernameCheck = false, passwordCheck = false; bool passwordTyped = false, passwordConfirmed = false; username = textBoxUsername.Text; password = textBoxPassword.Text; passwordConfirm = textBoxConfirmPassword.Text; if (username == "") { labelErrorUsername.Visible = true; labelErrorUsername.Text = ("Please enter valid username"); usernameCheck = false; } else { if (student.existUsername(username)) { labelErrorUsername.Text = ("Existed Username"); usernameCheck = false; } else { usernameCheck = true; labelErrorUsername.Text = string.Empty; } } if (password == "") { labelErrorPassword.Text = ("Please Enter Password"); passwordCheck = false; passwordTyped = false; } else { labelErrorPassword.Text = string.Empty; passwordTyped = true; } if (passwordConfirm == "") { labelErrorPasswordConfirm.Visible = true; labelErrorPasswordConfirm.Text = ("Please Confirm Your Password"); passwordCheck = false; passwordConfirmed = false; } else { labelErrorPasswordConfirm.Text = string.Empty; passwordConfirmed = true; } if (password == passwordConfirm && password.Length != 0 && passwordConfirm.Length != 0) { passwordCheck = true; } else { if (passwordTyped && passwordConfirmed) { labelErrorPasswordConfirm.Visible = true; labelErrorPasswordConfirm.Text = ("Passwords are not the same"); passwordCheck = false; } } if (passwordCheck == true && usernameCheck == true) { labelErrorPassword.Text = string.Empty; SqlCommand command = new SqlCommand("INSERT INTO login (id, username, password)" + " VALUES ((SELECT MAX(id) FROM login) + 1, @username, @password)", myDB.getConnection); command.Parameters.Add("@username", SqlDbType.VarChar).Value = username; command.Parameters.Add("@password", SqlDbType.VarChar).Value = password; myDB.openConnection(); try { if ((command.ExecuteNonQuery() == 1)) { myDB.closeConnection(); } else { myDB.closeConnection(); } } catch { } this.Close(); } }