public bool AddNewMemberAdmin(MemberDTO dto) { bool checker = false; try { SetUpConnect("Insert Into Member " + "Values(@Username, @Password, @FirstName, @LastName, @Phone, @Email, @BirthDate, @Avatar, @isActive)"); cmd = new SqlCommand(cmdLine, conn); cmd.Parameters.AddWithValue("@Username", dto.Username); cmd.Parameters.AddWithValue("@Password", dto.Password); cmd.Parameters.AddWithValue("@FirstName", dto.FirstName); cmd.Parameters.AddWithValue("@LastName", dto.LastName); cmd.Parameters.AddWithValue("@Phone", dto.PhoneNum); cmd.Parameters.AddWithValue("@Email", dto.Email); cmd.Parameters.AddWithValue("@BirthDate", dto.Birthdate); cmd.Parameters.AddWithValue("@Avatar", dto.ImageLink); cmd.Parameters.AddWithValue("@isActive", dto.IsActive); checker = cmd.ExecuteNonQuery() > 0; if (checker) { SetUpConnect("Insert into Point Values(@username, @point)"); cmd = new SqlCommand(cmdLine, conn); cmd.Parameters.AddWithValue("@username", dto.Username); cmd.Parameters.AddWithValue("@point", 0); checker = cmd.ExecuteNonQuery() > 0; } } finally { CloseConnect(); } return(checker); }
public bool UpdateProfile(MemberDTO dto) { bool checker = false; try { SetUpConnect("Update Member " + "Set firstName = @First, lastName = @Last, phone = @Phone," + " email = @Email, birthDate = @Birth, avatar = @Avatar" + " Where username = @Username"); cmd = new SqlCommand(cmdLine, conn); cmd.Parameters.AddWithValue("@First", dto.FirstName); cmd.Parameters.AddWithValue("@Last", dto.LastName); cmd.Parameters.AddWithValue("@Phone", dto.PhoneNum); cmd.Parameters.AddWithValue("@Email", dto.Email); cmd.Parameters.AddWithValue("@Birth", dto.Birthdate); cmd.Parameters.AddWithValue("@Avatar", dto.ImageLink); cmd.Parameters.AddWithValue("@Username", dto.Username); checker = cmd.ExecuteNonQuery() > 0; } finally { CloseConnect(); } return(checker); }
public List <MemberDTO> SearchMemberByUsername(string username) { List <MemberDTO> listMember = new List <MemberDTO>(); try { SetUpConnect("Select username, firstName, lastName, phone, email, birthDate, isActive " + "From Member " + "Where username Like @Username"); cmd = new SqlCommand(cmdLine, conn); cmd.Parameters.AddWithValue("@Username", "%" + username + "%"); dReader = cmd.ExecuteReader(); if (dReader.HasRows) { listMember = new List <MemberDTO>(); while (dReader.Read()) { MemberDTO dto = new MemberDTO { Username = dReader.GetString(0), FirstName = dReader.GetString(1), LastName = dReader.GetString(2), PhoneNum = dReader.GetString(3), Email = dReader.GetString(4), Birthdate = dReader.GetDateTime(5), IsActive = dReader.GetBoolean(6) }; listMember.Add(dto); } } } catch (Exception) { listMember = null; } finally { conn.Close(); } return(listMember); }
public List <MemberDTO> AdminSearchMemberByUsername(string username) { List <MemberDTO> listMember = new List <MemberDTO>(); SqlConnection conn = new SqlConnection(GetConnection()); if (conn.State == System.Data.ConnectionState.Closed) { conn.Open(); } try { string sql = "Select username, firstName, lastName, phone, email,birthDate, isActive FROM Member WHERE username LIKE @username"; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.AddWithValue("@username", "%" + username + "%"); SqlDataReader reader = cmd.ExecuteReader(); if (reader.HasRows) { listMember = new List <MemberDTO>(); while (reader.Read()) { MemberDTO dto = new MemberDTO { Username = reader.GetString(0), FirstName = reader.GetString(1), LastName = reader.GetString(2), PhoneNum = reader.GetString(3), Email = reader.GetString(4), Birthdate = reader.GetDateTime(5), IsActive = reader.GetBoolean(6) }; listMember.Add(dto); } } } finally { conn.Close(); } return(listMember); }
public MemberDTO SearchMember(string search) { MemberDTO output = null; SqlConnection conn = new SqlConnection(GetConnection()); if (conn != null) { if (conn.State == System.Data.ConnectionState.Closed) { conn.Open(); } try { string sql = "Select username, firstName, lastName, phone, email from Member where (username=@search or email=@search or phone=@search) and isActive=@isActive"; SqlCommand cmd = new SqlCommand(sql, conn); cmd.Parameters.AddWithValue("@search", search); cmd.Parameters.AddWithValue("@isActive", true); SqlDataReader reader = cmd.ExecuteReader(); if (reader.HasRows) { if (reader.Read()) { output = new MemberDTO { Username = reader.GetString(0), FirstName = reader.GetString(1), LastName = reader.GetString(2), PhoneNum = reader.GetString(3), Email = reader.GetString(4), }; } } } finally { conn.Close(); } } return(output); }
public MemberDTO CheckLoginMember(string username, string password) { MemberDTO member = null; try { SetUpConnect("Select firstName, lastName, phone, email, birthDate, avatar " + "From Member " + "Where username = @Username AND password = @Password AND isActive=@isActive"); cmd = new SqlCommand(cmdLine, conn); cmd.Parameters.AddWithValue("@Username", username); cmd.Parameters.AddWithValue("@Password", password); cmd.Parameters.AddWithValue("@isActive", true); dReader = cmd.ExecuteReader(); if (dReader.Read()) { member = new MemberDTO { Username = username, Password = password, FirstName = dReader.GetString(0), LastName = dReader.GetString(1), PhoneNum = dReader.GetString(2), Email = dReader.GetString(3), Birthdate = dReader.GetDateTime(4), ImageLink = dReader.GetString(5), IsActive = true, }; } } finally { CloseConnect(); } return(member); }