public bool Edit(NguoiDung u, int ID)
{
try {
//string sql = ("select * from NguoiDung where ID = @ID");
//DataSet ds = SqlDatabase.ExecuteQueryWithDataSet(sql, CommandType.Text,id);
string Sql = "update NguoiDung set Ten = @Ten, MatKhau=@pass, TenDangNhap = @TenDangNhap, Email = @Email, Quyen = @Quyen, DiaChi = @DiaChi, SoDienThoai = @SoDienThoai, Status = @Status where ID=@ID";
SqlParameter id = new SqlParameter("@ID", ID);
SqlParameter ten = new SqlParameter("@Ten", u.Ten);
SqlParameter tdn = new SqlParameter("@TenDangNhap", u.TenDangNhap);
SqlParameter pass= new SqlParameter("@Ten", u.MatKhau);
SqlParameter email = new SqlParameter("@Email", u.Email);
SqlParameter quyen = new SqlParameter("@Quyen", u.Quyen);
SqlParameter diachi = new SqlParameter("@DiaChi", u.DiaChi);
SqlParameter sdt = new SqlParameter("@SoDienThoai", u.SoDienThoai);
SqlParameter status = new SqlParameter("@Status", u.Status);
SqlDatabase.ExecuteNonQuery(Sql, CommandType.Text, ten, tdn,pass, email, quyen, diachi, sdt, status,id);
//DataSet ds1 = SqlDatabase.ExecuteQueryWithDataSet(Sql, CommandType.Text);
//if(ds1 != null)
//{
return true;
//}
}
catch
{
return false;
}
}
public bool Create(NguoiDung u)
{
string sql = ("select * from NguoiDung");
DataSet ds1 = SqlDatabase.ExecuteQueryWithDataSet(sql, CommandType.Text);
if(ds1.Tables[0].Rows.Count >0)
{
string ID = ds1.Tables[0].Rows[0]["ID"].ToString();
u.ID = int.Parse(ID) + 1;
}
else
{
u.ID = 1;
}
string Sql = "intsert into NguoiDung values(@ID,@Ten,@TenDangNhap,@MatKhau,@Email,@Quyen,@DiaChi,@SoDienThoai,@Status)";
SqlParameter id = new SqlParameter("@ID", u.ID);
SqlParameter ten = new SqlParameter("@Ten", u.Ten);
SqlParameter tdn = new SqlParameter("@TenDangNhap", u.TenDangNhap);
SqlParameter mk = new SqlParameter("@MatKhau", u.MatKhau);
SqlParameter email = new SqlParameter("@Email", u.Email);
SqlParameter quyen = new SqlParameter("@Quyen", u.Quyen);
SqlParameter diachi = new SqlParameter("@DiaChi", u.DiaChi);
SqlParameter sdt = new SqlParameter("@SoDienThoai", u.SoDienThoai);
SqlParameter status = new SqlParameter("@Status", u.Status);
SqlDatabase.ExecuteNonQuery(Sql, CommandType.Text, id, ten, tdn, mk, email, quyen, diachi, sdt, status);
DataSet ds = SqlDatabase.ExecuteQueryWithDataSet(Sql, CommandType.Text);
if(ds != null)
{
return true;
}
return false;
}
public NguoiDung Authentication(string Username, string Password)
{
string Sql = ("select Ten,ID,Quyen from NguoiDung where TenDangNhap = @tdn and MatKhau = @mk ");
SqlParameter tdn = new SqlParameter("@tdn", Username);
SqlParameter mk = new SqlParameter("@mk", Password);
SqlDataReader ds = SqlDatabase.ExecuteQueryWithDataReader(Sql, CommandType.Text,tdn,mk);
if (ds.HasRows)
{
while (ds.Read())
{
NguoiDung u = new NguoiDung()
{
ID = int.Parse(ds[1].ToString()),
Ten = ds[0].ToString(),
Quyen = int.Parse(ds[2].ToString())
};
return u;
}
}
return null;
}
public NguoiDung Searchuser(string Username)
{
string Sql = ("select * from NguoiDung where TenDangNhap = @Username");
SqlParameter tdn = new SqlParameter("@Username", Username);
SqlDataReader rd = SqlDatabase.ExecuteQueryWithDataReader(Sql, CommandType.Text, tdn);
if (rd.HasRows)
{
while (rd.Read())
{
NguoiDung u = new NguoiDung()
{
ID = int.Parse(rd[0].ToString()),
Ten = rd[1].ToString(),
TenDangNhap = rd[2].ToString(),
Email = rd[4].ToString(),
Quyen = int.Parse(rd[5].ToString()),
DiaChi = (rd[6].ToString()),
SoDienThoai = (rd[7].ToString()),
Status = int.Parse(rd[8].ToString()),
};
return u;
}
}
return null;
}
public NguoiDung Searchid(int ID)
{
string sql = ("select * from NguoiDung where ID = @ID");
SqlParameter id = new SqlParameter("@ID", ID);
SqlDataReader ds = SqlDatabase.ExecuteQueryWithDataReader(sql, CommandType.Text,id);
if(ds.HasRows)
{
while(ds.Read())
{
NguoiDung u = new NguoiDung()
{
ID = int.Parse(ds[0].ToString()),
Ten = ds[1].ToString(),
TenDangNhap = ds[2].ToString(),
Email = ds[4].ToString(),
Quyen = int.Parse(ds[5].ToString()),
DiaChi = (ds[6].ToString()),
SoDienThoai = (ds[7].ToString()),
Status = int.Parse(ds[8].ToString()),
};
return u;
}
}
return null;
}
public List<NguoiDung> listuser()
{
List<NguoiDung> list = new List<NguoiDung>();
string Sql = ("select * from NguoiDung");
SqlDataReader rd = SqlDatabase.ExecuteQueryWithDataReader(Sql, CommandType.Text);
if (rd.HasRows)
{
while (rd.Read())
{
NguoiDung u = new NguoiDung()
{
ID = int.Parse(rd[0].ToString()),
Ten = rd[1].ToString(),
TenDangNhap = rd[2].ToString(),
Email = rd[4].ToString(),
Quyen = int.Parse(rd[5].ToString()),
DiaChi = (rd[6].ToString()),
SoDienThoai = (rd[7].ToString()),
Status = int.Parse(rd[8].ToString()),
};
list.Add(u);
}
}
return list;
}
