public UserBO SearchUser(int uID) { UserBO u = new UserBO(); u.UserID = uID; string searchString = "SELECT * FROM User where id = " + u.UserID; using (conn = new SqlConnection(connectionString)) { conn.Open(); SqlCommand command = new SqlCommand(searchString, conn); SqlDataReader reader = command.ExecuteReader(); if (reader.HasRows) { while (reader.Read()) { u.Username = reader.GetString(reader.GetOrdinal("Username")); u.Password = reader.GetString(reader.GetOrdinal("Password")); u.Email = reader.GetString(reader.GetOrdinal("Email")); u.FirstName = reader.GetString(reader.GetOrdinal("FirstName")); u.LastName = reader.GetString(reader.GetOrdinal("LastName")); u.JoinDate = reader.GetDateTime(reader.GetOrdinal("JoinDate")); } } conn.Close(); } return u; }
public void InsertEvent(UserBO u) { string insertString = @"INSERT INTO User( Username,Password, Email,FirstName, LastName,JoinDate) values( @username,@password,@email, @firstName,@lastName,@joinDate )"; using (conn = new SqlConnection(connectionString)) { conn.Open(); SqlCommand command = new SqlCommand(insertString, conn); command.Parameters.Add("@username", u.Username); command.Parameters.Add("@password", u.Password); command.Parameters.Add("@email", u.Email); command.Parameters.Add("@firstName", u.FirstName); command.Parameters.Add("@lastName", u.LastName); command.Parameters.Add("@joinDate", u.JoinDate); command.CommandType = CommandType.Text; command.ExecuteNonQuery(); conn.Close(); } }
public void DeleteEvent(UserBO u) { string deleteString = "DELETE FROM User WHERE id = '" + u.UserID + "'"; using (conn = new SqlConnection(connectionString)) { conn.Open(); SqlCommand command = new SqlCommand(deleteString, conn); command.ExecuteNonQuery(); conn.Close(); } }
public LogIn() { InitializeComponent(); user = new UserBO(); textBox2.PasswordChar ='*' ; }
public void UpdateEvent(UserBO u) { string updateString = @"UPDATE User SET Username=@username, Password=@password, Email=@email; FirstName=@firstName, LastName=@lastName, JoinDate=@joinDate WHERE id = '" + u.UserID + "'"; using (conn = new SqlConnection(connectionString)) { conn.Open(); SqlCommand command = new SqlCommand(updateString, conn); command.Parameters.Add("@username", u.Username); command.Parameters.Add("@password", u.Password); command.Parameters.Add("@email", u.Email); command.Parameters.Add("@firstName", u.FirstName); command.Parameters.Add("@lastName", u.LastName); command.Parameters.Add("@joinDate", u.JoinDate); command.ExecuteNonQuery(); conn.Close(); } }