public Oseba VrniOsebo(string id)
{
Oseba oseba = new Oseba();
using (SqlConnection con = new SqlConnection(cs))
{
con.Open();
string sql = "SELECT * FROM Persons WHERE PersonID=@param1";
SqlCommand cmd = new SqlCommand(sql, con);
cmd.Parameters.Add(new SqlParameter("param1", id));
using (SqlDataReader reader = cmd.ExecuteReader(System.Data.CommandBehavior.SingleRow))
{
if (reader.Read())
{
oseba.Id = Convert.ToInt32(reader[0]);
oseba.LastName = reader.GetString(1);
oseba.FirstName = reader.GetString(2);
oseba.Address = reader.GetString(3);
oseba.City = reader.GetString(4);
}
}
con.Close();
return(oseba);
}
}
public void PosodobiOsebo(Oseba oseba, string id)
{
if (!AuthenticateUser())
{
throw new FaultException("Napačno uporabniško ime ali geslo.");
}
using (SqlConnection con = new SqlConnection(cs))
{
con.Open();
string sql =
"UPDATE Persons set FirstName=@1, LastName=@2, Address=@3, City=@4 WHERE PersonID=@0";
SqlCommand cmd = new SqlCommand(sql, con);
cmd.Parameters.Add(new SqlParameter("0", id));
cmd.Parameters.Add(new SqlParameter("1", oseba.LastName));
cmd.Parameters.Add(new SqlParameter("2", oseba.FirstName));
cmd.Parameters.Add(new SqlParameter("3", oseba.Address));
cmd.Parameters.Add(new SqlParameter("4", oseba.City));
cmd.ExecuteNonQuery();
con.Close();
}
}
public void DodajOsebo(Oseba oseba)
{
if (!AuthenticateUser())
{
throw new FaultException("Napačno uporabniško ime ali geslo.");
}
using (SqlConnection con = new SqlConnection(cs))
{
con.Open();
string sql =
"INSERT INTO Persons (PersonID, FirstName, LastName, Address, City) VALUES (@0, @1, @2, @3, @4)";
SqlCommand cmd = new SqlCommand(sql, con);
cmd.Parameters.Add(new SqlParameter("0", oseba.Id));
cmd.Parameters.Add(new SqlParameter("1", oseba.LastName));
cmd.Parameters.Add(new SqlParameter("2", oseba.FirstName));
cmd.Parameters.Add(new SqlParameter("3", oseba.Address));
cmd.Parameters.Add(new SqlParameter("4", oseba.City));
cmd.ExecuteNonQuery();
con.Close();
}
}