Exemplo n.º 1
0
        public void suspendUser(user targetUser)
        {
            SqlConnection conn   = null;
            SqlCommand    cmd    = null;
            SqlDataReader reader = null;

            conn = new SqlConnection(ConfigurationManager.ConnectionStrings["vetoTours"].ToString());

            conn.Open();

            string query = "UPDATE users SET password= '******', name='" + targetUser.getName() + "', email ='" + targetUser.getEmail() + "', phoneNumber=" + targetUser.getPhoneNumber()
                           + ", description ='" + targetUser.getPersonalDescription() + "', status=" + targetUser.getStatus() + " WHERE userID='" + targetUser.getUserID() + "';";

            cmd    = new SqlCommand(query, conn);
            reader = cmd.ExecuteReader();
            reader.Close();

            query  = "UPDATE tours SET status= 'suspended' WHERE userID='" + targetUser.getUserID() + "';";
            cmd    = new SqlCommand(query, conn);
            reader = cmd.ExecuteReader();
            conn.Close();
        }
Exemplo n.º 2
0
        public void createUser(user newUser)
        {
            SqlConnection conn   = null;
            SqlCommand    cmd    = null;
            SqlDataReader reader = null;

            conn = new SqlConnection(ConfigurationManager.ConnectionStrings["vetoTours"].ToString());

            conn.Open();

            string query = "INSERT INTO users VALUES('" + newUser.getUserID() + "', '" + newUser.getPassword() + "', '" + newUser.getName() + "', '" + newUser.getEmail() + "', '" + newUser.getPhoneNumber() + "', '"
                           + newUser.getPersonalDescription() + "', '" + newUser.getStatus() + "')";

            cmd    = new SqlCommand(query, conn);
            reader = cmd.ExecuteReader();
            reader.Close();
            conn.Close();
        }