public bool Edit(NguoiDung u, int ID)
        {
            try {
                //string sql = ("select * from NguoiDung where ID = @ID");

            //DataSet ds = SqlDatabase.ExecuteQueryWithDataSet(sql, CommandType.Text,id);
            string Sql = "update NguoiDung set Ten = @Ten, [email protected], TenDangNhap = @TenDangNhap, Email = @Email, Quyen = @Quyen, DiaChi = @DiaChi, SoDienThoai = @SoDienThoai, Status = @Status where [email protected]";
            SqlParameter id = new SqlParameter("@ID", ID);
            SqlParameter ten = new SqlParameter("@Ten", u.Ten);
            SqlParameter tdn = new SqlParameter("@TenDangNhap", u.TenDangNhap);
            SqlParameter pass= new SqlParameter("@Ten", u.MatKhau);
            SqlParameter email = new SqlParameter("@Email", u.Email);
            SqlParameter quyen = new SqlParameter("@Quyen", u.Quyen);
            SqlParameter diachi = new SqlParameter("@DiaChi", u.DiaChi);
            SqlParameter sdt = new SqlParameter("@SoDienThoai", u.SoDienThoai);
            SqlParameter status = new SqlParameter("@Status", u.Status);
            SqlDatabase.ExecuteNonQuery(Sql, CommandType.Text, ten, tdn,pass, email, quyen, diachi, sdt, status,id);
            //DataSet ds1 = SqlDatabase.ExecuteQueryWithDataSet(Sql, CommandType.Text);
            //if(ds1 != null)
            //{
                return true;
            //}
            }
            catch
            {
                return false;
            }
        }
 public bool Create(NguoiDung u)
 {
     string sql = ("select * from NguoiDung");
     DataSet ds1 = SqlDatabase.ExecuteQueryWithDataSet(sql, CommandType.Text);
     if(ds1.Tables[0].Rows.Count >0)
     {
         string ID = ds1.Tables[0].Rows[0]["ID"].ToString();
         u.ID = int.Parse(ID) + 1;
     }
     else
     {
         u.ID = 1;
     }
     string Sql = "intsert into NguoiDung values(@ID,@Ten,@TenDangNhap,@MatKhau,@Email,@Quyen,@DiaChi,@SoDienThoai,@Status)";
     SqlParameter id = new SqlParameter("@ID", u.ID);
     SqlParameter ten = new SqlParameter("@Ten", u.Ten);
     SqlParameter tdn = new SqlParameter("@TenDangNhap", u.TenDangNhap);
     SqlParameter mk = new SqlParameter("@MatKhau", u.MatKhau);
     SqlParameter email = new SqlParameter("@Email", u.Email);
     SqlParameter quyen = new SqlParameter("@Quyen", u.Quyen);
     SqlParameter diachi = new SqlParameter("@DiaChi", u.DiaChi);
     SqlParameter sdt = new SqlParameter("@SoDienThoai", u.SoDienThoai);
     SqlParameter status = new SqlParameter("@Status", u.Status);
     SqlDatabase.ExecuteNonQuery(Sql, CommandType.Text, id, ten, tdn, mk, email, quyen, diachi, sdt, status);
     DataSet ds = SqlDatabase.ExecuteQueryWithDataSet(Sql, CommandType.Text);
     if(ds != null)
     {
         return true;
     }
     return false;
 }
 public NguoiDung Authentication(string Username, string Password)
 {
     string Sql = ("select Ten,ID,Quyen from NguoiDung where TenDangNhap = @tdn and MatKhau = @mk ");
     SqlParameter tdn = new SqlParameter("@tdn", Username);
     SqlParameter mk = new SqlParameter("@mk", Password);
     SqlDataReader ds = SqlDatabase.ExecuteQueryWithDataReader(Sql, CommandType.Text,tdn,mk);
     if (ds.HasRows)
     {
         while (ds.Read())
         {
             NguoiDung u = new NguoiDung()
             {
                 ID = int.Parse(ds[1].ToString()),
                 Ten = ds[0].ToString(),
                 Quyen = int.Parse(ds[2].ToString())
             };
             return u;
         }
     }
     return null;
 }
        public NguoiDung Searchuser(string Username)
        {
            string Sql = ("select * from NguoiDung where TenDangNhap = @Username");
            SqlParameter tdn = new SqlParameter("@Username", Username);
            SqlDataReader rd = SqlDatabase.ExecuteQueryWithDataReader(Sql, CommandType.Text, tdn);
            if (rd.HasRows)
            {
                while (rd.Read())
                {
                    NguoiDung u = new NguoiDung()
                    {
                        ID = int.Parse(rd[0].ToString()),
                        Ten = rd[1].ToString(),
                        TenDangNhap = rd[2].ToString(),
                        Email = rd[4].ToString(),
                        Quyen = int.Parse(rd[5].ToString()),
                        DiaChi = (rd[6].ToString()),
                        SoDienThoai = (rd[7].ToString()),
                        Status = int.Parse(rd[8].ToString()),
                    };

                    return u;
                }
            }
            return null;
        }
 public NguoiDung Searchid(int ID)
 {
     string sql = ("select * from NguoiDung where ID = @ID");
     SqlParameter id = new SqlParameter("@ID", ID);
     SqlDataReader ds = SqlDatabase.ExecuteQueryWithDataReader(sql, CommandType.Text,id);
     if(ds.HasRows)
     {
         while(ds.Read())
         {
             NguoiDung u = new NguoiDung()
             {
                  ID = int.Parse(ds[0].ToString()),
                 Ten = ds[1].ToString(),
                 TenDangNhap = ds[2].ToString(),
                 Email = ds[4].ToString(),
                 Quyen = int.Parse(ds[5].ToString()),
                 DiaChi = (ds[6].ToString()),
                 SoDienThoai = (ds[7].ToString()),
                 Status = int.Parse(ds[8].ToString()),
             };
             return u;
         }
     }
     return null;
 }
 public List<NguoiDung> listuser()
 {
     List<NguoiDung> list = new List<NguoiDung>();
     string Sql = ("select * from NguoiDung");
     SqlDataReader rd = SqlDatabase.ExecuteQueryWithDataReader(Sql, CommandType.Text);
     if (rd.HasRows)
     {
         while (rd.Read())
         {
             NguoiDung u = new NguoiDung()
             {
                 ID = int.Parse(rd[0].ToString()),
                 Ten = rd[1].ToString(),
                 TenDangNhap = rd[2].ToString(),
                 Email = rd[4].ToString(),
                 Quyen = int.Parse(rd[5].ToString()),
                 DiaChi = (rd[6].ToString()),
                 SoDienThoai = (rd[7].ToString()),
                 Status = int.Parse(rd[8].ToString()),
             };
             list.Add(u);
         }
     }
     return list;
 }