public bool CreateUser(UserModel user) { bool success = false; DataCheck dataCheck = new DataCheck(); if (dataCheck.UserAlreadyExists(user.UserName) == false && dataCheck.UserHasValues(user) && user.Password == user.PasswordConfirm) { string connectionString = ConnectionString.GetConnectionString(); string sqlStatement = "insert into dbo.Zaci(UserName, Password, UserJmeno, UserPrijmeni, UserTrida) VALUES(@username, @password, @userjmeno, @userprijmeni, @usertrida)"; SqlConnection connection = new SqlConnection(connectionString); SqlCommand cmd = new SqlCommand(sqlStatement); cmd.Parameters.Add("@username", System.Data.SqlDbType.VarChar, 40).Value = user.UserName; cmd.Parameters.Add("@password", System.Data.SqlDbType.VarChar, 155).Value = PasswordCoding.EncodeToBase64(user.Password); cmd.Parameters.Add("@userjmeno", System.Data.SqlDbType.VarChar, 20).Value = user.UserJmeno; cmd.Parameters.Add("@userprijmeni", System.Data.SqlDbType.VarChar, 20).Value = user.UserPrijmeni; cmd.Parameters.Add("@usertrida", System.Data.SqlDbType.VarChar, 3).Value = user.UserTrida; cmd.Connection = connection; connection.Open(); cmd.ExecuteNonQuery(); connection.Close(); success = true; } return(success); }
public bool ZmenitHeslo(UserModel user) { bool success = false; try { string connectionString = ConnectionString.GetConnectionString(); string sqlStatement = "UPDATE dbo.Zaci SET Password = @password WHERE Id = @userId"; SqlConnection connection = new SqlConnection(connectionString); SqlCommand cmd = new SqlCommand(sqlStatement); cmd.Parameters.Add("@password", System.Data.SqlDbType.VarChar, 155).Value = PasswordCoding.EncodeToBase64(user.Password); cmd.Parameters.Add("@userId", System.Data.SqlDbType.Int, 40).Value = user.Id; cmd.Connection = connection; connection.Open(); cmd.ExecuteNonQuery(); connection.Close(); success = true; } catch (Exception e) { Console.WriteLine("Chyba ve změně hesla u určitého žáka"); } return(success); }