public void CreateAccount(string user, string password, ref AccountInfo accountInfo) { Execute( string.Format("INSERT INTO account (userid, ugradeid, pgradeid, name, password) VALUES ('{0}', 0, 0, 'Bob', '{1}')", user, password)); GetAccount(user, password, ref accountInfo); }
public void CreateAccount(string user, string password, ref AccountInfo accountInfo) { Execute( string.Format("INSERT INTO Account (UserID, UGradeID, PGradeID, Name, RegDate) VALUES ('{0}', 0, 0, 'Bob', GetDate())", user)); var aid = GetIdentity(string.Format("select @@identity")); Execute(string.Format("INSERT INTO Login(UserId, Password, AID) VALUES ('{0}', '{1}', {2})", user, password, aid)); GetAccount(user, password, ref accountInfo); }
public void GetAccount(string szUser, string szPassword, ref AccountInfo accountInfo) { if (accountInfo == null) accountInfo = new AccountInfo(); lock (_sqlConnection) { using (var command = new MySqlCommand("SELECT aid,ugradeid,pgradeid from account WHERE userid=@user AND password=@pass", _sqlConnection)) { command.Parameters.AddWithValue("@user", szUser); command.Parameters.AddWithValue("@pass", szPassword); using (var reader = command.ExecuteReader()) { if (reader == null || !reader.Read()) { accountInfo.UserId = "INVALID"; accountInfo.Access = UGradeId.Guest; accountInfo.Premium = 0; return; } accountInfo.AccountId = Convert.ToInt32(reader["AID"]); accountInfo.Access = (UGradeId)Convert.ToByte(reader["UGradeID"]); accountInfo.Premium = (PGradeId)Convert.ToByte(reader["PGradeID"]); accountInfo.UserId = szUser; } } } }