/// <summary> /// Get user by name from the database /// </summary> /// <param name="username"></param> /// <returns></returns> public static User GetUserById(int userId) { User user = new User(); OracleCommand cmd = new OracleCommand("admin.GetUserByID", App.con); cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.Add("userID", userId); OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor); cmd.Parameters.Add(user_par).Direction = System.Data.ParameterDirection.Output; var dt = cmd.ExecuteReader(); while (dt.Read()) { user = new User() { ID = Convert.ToInt32(dt["ID"]), Login = dt["Login"].ToString(), Password = dt["Password"].ToString(), //DoctorID = dt["DoctorID"].ToString() == "" ? 0 : int.Parse(dt["DoctorID"].ToString()), //PatientID = dt["PatientID"].ToString() == "" ? 0 : int.Parse(dt["PatientID"].ToString()), RoleID = Convert.ToInt32(dt["RoleID"]) }; if (user.RoleID == 2) { user.Doctor = DoctorDataAccess.GetDoctorById(Convert.ToInt32(dt["DoctorID"].ToString())); } else if (user.RoleID == 3) { user.Patient = PatientsDataAccess.GetPatientById(Convert.ToInt32(dt["PatientID"].ToString())); } } return(user); }
/// <summary> /// Validates login details /// </summary> /// <param name="username">Username of the user to log in</param> /// <param name="password">Password of the user to logi in</param> /// <returns></returns> public static bool IsValidLoginData(string username, string password) { if (App.con.State == ConnectionState.Closed) { App.con.Open(); } User user = null; OracleCommand cmd = new OracleCommand("admin.Login", App.con); cmd.CommandType = CommandType.StoredProcedure; OracleParameter user_par = new OracleParameter("prc", OracleDbType.RefCursor); cmd.Parameters.Add("username", username); cmd.Parameters.Add("userpassword", password); cmd.Parameters.Add(user_par).Direction = System.Data.ParameterDirection.Output; //int result = Convert.ToInt32(cmd.ExecuteScalar()); var dt = cmd.ExecuteReader(); //MessageBox.Show(dt.Depth.ToString()); while (dt.Read()) { user = new User() { ID = Convert.ToInt32(dt["ID"]), Login = dt["Login"].ToString(), Password = dt["Password"].ToString(), //DoctorID = dt["DoctorID"].ToString() == "" ? 0 : int.Parse(dt["DoctorID"].ToString()), //PatientID = dt["PatientID"].ToString() == "" ? 0 : int.Parse(dt["PatientID"].ToString()), RoleID = Convert.ToInt32(dt["RoleID"]) }; if (user.RoleID == 2) { user.Doctor = DoctorDataAccess.GetDoctorById(Convert.ToInt32(dt["DoctorID"].ToString())); } else if (user.RoleID == 3) { user.Patient = PatientsDataAccess.GetPatientById(Convert.ToInt32(dt["PatientID"].ToString())); } } if (user != null) { return(true); } else { return(false); } }