public async Task <long> RegisterAsync([FromForm] PatientsModel model) { try { var ss = model.PICTURE_2; string path = Path.Combine(@"E:\reactProjects\NEWAPP\components\Patients\Admin\assets\img"); string query = "INSERT INTO PATIENTS(NAME,FATHER_NAME,EMAIL,AGE,GENDER,ADDRESS,P_PASSWORD,PICTURE,DOB,CONTACT,BLOOD_GROUP)" + " VALUES('" + model.NAME + "','" + model.FATHER_NAME + "','" + model.EMAIL + "','" + model.AGE + "'," + "'" + model.GENDER + "','" + model.ADDRESS + "','" + model.PASSWORD + "','" + ss.FileName.ToString() + "','" + model.DOB + "','" + model.CONTACT + "','" + model.BLOOD_GROUP + "')"; connection.Open(); MySqlCommand cmd = new MySqlCommand(query, connection); int result = cmd.ExecuteNonQuery(); connection.Close(); if (result != 0) { var fs = new FileStream(Path.Combine(path, ss.FileName), FileMode.Create); await ss.CopyToAsync(fs); return(1); } return(0); } catch (Exception e) { return(0); } }
public PatientsModel Login([FromForm] string data) { //List<PatientsModel> li=new List<PatientsModel>(); var attr = data.Split(','); PatientsModel model = new PatientsModel(); try { string query = "SELECT * FROM PATIENTS WHERE EMAIL='" + attr[0] + "' and P_PASSWORD='******' "; connection.Open(); MySqlCommand cmd = new MySqlCommand(query, connection); MySqlDataReader reader = cmd.ExecuteReader(); if (reader.Read()) { model.ID = reader.GetInt16("ID"); model.NAME = reader.GetString("Name"); model.FATHER_NAME = reader.GetString("FATHER_NAME"); model.EMAIL = reader.GetString("EMAIL"); model.AGE = reader.GetString("AGE"); model.GENDER = reader.GetString("GENDER"); model.ADDRESS = reader.GetString("ADDRESS"); model.PASSWORD = reader.GetString("P_PASSWORD"); model.PICTURE = reader.GetString("PICTURE"); model.DOB = reader.GetString("DOB"); model.CONTACT = reader.GetString("CONTACT"); model.BLOOD_GROUP = reader.GetString("BLOOD_GROUP"); //li.Add(model); } connection.Close(); return(model); } catch (Exception e) { return(model); } }