示例#1
0
        private Customer GetHashPasswordByCustomerId(Customer customer)
        {
            using (SqlConnection connection = new SqlConnection(TravelExpertsConnectDB.GetConnectionString()))
            {
                //SqlCommand AgentHashSalt = new SqlCommand("SELECT Hash, Salt FROM HashSalt WHERE AgentID = @agentId", connection);
                SqlCommand CustomerHashPass = new SqlCommand("SELECT CustPassword FROM Customers WHERE CustomerId = @custId", connection);
                CustomerHashPass.Parameters.AddWithValue("@custId", customer.CustomerID);

                //open the connection

                connection.Open();
                SqlDataReader reader = CustomerHashPass.ExecuteReader();
                try
                {
                    while (reader.Read())
                    {
                        customer.CustPassword = reader["CustPassword"].ToString();
                    }

                    return(customer);
                }
                catch (Exception ex)
                {
                    //Utils.ErrorManager(ex, "Agents", "AgentDB.GetHashPasswordByAgentId()");
                }
                finally
                {
                    // Always call Close when done reading.
                    reader.Close();
                }
            }

            return(customer);
        }
示例#2
0
        public void getallCustomerInfoById(Customer custObj)
        {
            //Define the Insert query
            string query = "SELECT[CustFirstName] ,[CustLastName] ,[CustAddress] ,[CustCity] ,[CustProv],[CustPostal],[CustCountry]" +
                           ",[CustHomePhone] ,[CustBusPhone] ,[CustEmail],[AgentId],[CustLoginName],[CustPassword] FROM [Customers] WHERE [CustomerId] = " + custObj.CustomerID;


            //Define the parameters
            using (SqlConnection connection = new SqlConnection(TravelExpertsConnectDB.GetConnectionString()))
            {
                SqlCommand cmd = new SqlCommand(query, connection);

                try
                {
                    connection.Open();

                    SqlDataReader reader = cmd.ExecuteReader();

                    if (reader.HasRows)
                    {
                        while (reader.Read())
                        {
                            custObj.CustFirstName = reader["CustFirstName"].ToString();
                            custObj.CustLastName  = reader["CustLastName"].ToString();
                            custObj.CustAddress   = reader["CustAddress"].ToString();
                            custObj.CustCity      = reader["CustCity"].ToString();
                            custObj.CustPostal    = reader["CustPostal"].ToString();
                            custObj.CustProv      = reader["CustProv"].ToString();
                            custObj.CustCity      = reader["CustCountry"].ToString();
                            custObj.CustHomePhone = reader["CustHomePhone"].ToString();
                            custObj.CustBusPhone  = reader["CustBusPhone"].ToString();
                            custObj.Email         = reader["CustEmail"].ToString();
                            custObj.CustLoginName = reader["CustLoginName"].ToString();
                            custObj.AgentId       = (reader["AgentId"] == DBNull.Value ? (int?)null : Convert.ToInt32(reader["AgentId"]));
                        }
                    }
                }
                catch (SqlException e)
                {
                    throw e;
                }
                finally
                {
                    connection.Close();
                }
            }
        }
示例#3
0
        public bool isValidUserName(string name)
        {
            int    count       = 0;
            bool   isValidUser = false;
            string Name;

            // define connection
            // SqlConnection connection = TravelExpertsConnectDB.GetConnection();
            using (SqlConnection connection = new SqlConnection(TravelExpertsConnectDB.GetConnectionString()))
            {
                // define the select query command
                string     selectQuery   = "select CustLoginName from customers where CustLoginName=@loginname";
                SqlCommand selectCommand = new SqlCommand(selectQuery, connection);
                selectCommand.Parameters.AddWithValue("@loginname", name);
                try
                {
                    // open the connection
                    connection.Open();

                    // execute the query
                    SqlDataReader reader = selectCommand.ExecuteReader(); // can be multiple records

                    // process the results
                    while (reader.Read()) // while there are customers
                    {
                        Name = reader["CustLoginName"].ToString();
                        count++;
                    }
                    if (count > 0)
                    {
                        isValidUser = true;
                    }
                }
                catch (Exception ex)
                {
                    throw ex; // let the form handle it
                }
            }
            return(isValidUser);
        }
示例#4
0
        private bool CheckCustomerEmail(Customer customer)
        {
            using (SqlConnection connection = new SqlConnection(TravelExpertsConnectDB.GetConnectionString()))
            {
                try
                {
                    //open the connection
                    connection.Open();
                    SqlCommand checkEmail = new SqlCommand("SELECT COUNT(*) FROM Customers WHERE CustLoginName = @custlogin", connection);
                    checkEmail.Parameters.AddWithValue("@custlogin", customer.CustLoginName);
                    int UserExist = (int)checkEmail.ExecuteScalar();
                    if (UserExist > 0)
                    {
                        SqlCommand command = new SqlCommand("SELECT CustomerId FROM Customers WHERE CustLoginName = @custlogin", connection);
                        command.Parameters.AddWithValue("@custlogin", customer.CustLoginName);

                        SqlDataReader reader = command.ExecuteReader();
                        while (reader.Read())
                        {
                            //Set Customer ID
                            customer.CustomerID = Convert.ToInt32(reader["CustomerId"]);
                        }
                        return(true);
                    }
                    else
                    {
                        //Username doesn't exist.
                        return(false);
                    }
                }
                catch (Exception ex)
                {
                    //Utils.WriteErrorLog("Login failed Type: " + ex.GetType() + "  Message: " + ex.Message);
                    // Utils.ErrorManager(ex, "Agents", "AgentDB.CheckAgentEmail()");
                    return(false);
                }
            }
        }
示例#5
0
        /*Function gets data from customerRegistration form, and submit into data base,
         * returns true if submission is successful otherwise will return false*/
        public bool RegisterCustomer(string fName, string lName, string address, string city, string province,
                                     string postalcode, string country, string homephone, string businessphone, string email,
                                     string CustLoginName, string CustPassword, int?agent = null)
        {
            //Initialize all member variables of Customers Class
            bool     custRegistered = false;
            Customer custObj        = new Customer
            {
                CustFirstName = fName,
                CustLastName  = lName,
                CustAddress   = address,
                CustCity      = city,
                CustProv      = province,
                CustPostal    = postalcode,
                CustCountry   = country,
                CustHomePhone = homephone,
                CustBusPhone  = businessphone,
                Email         = email,
                CustLoginName = CustLoginName,
                CustPassword  = Encrypt(CustPassword)
            };

            //Define the Insert query
            string query = "insert into Customers(CustFirstName,CustLastName,CustAddress,CustCity,CustProv" +
                           ",CustPostal,CustCountry,CustHomePhone,CustBusPhone,CustEmail,AgentId,CustLoginName" +
                           ",CustPassword) values(@fName,@lName,@address" +
                           ",@city,@prov,@postal,@country,@hPhone,@bPhone,@email,@agentid,@loginname" +
                           ",@custpassword)";


            //Define the parameters
            using (SqlConnection connection = new SqlConnection(TravelExpertsConnectDB.GetConnectionString()))
            {
                SqlCommand cmd = new SqlCommand(query, connection);

                cmd.Parameters.AddWithValue("@fName", custObj.CustFirstName);
                cmd.Parameters.AddWithValue("@lName", custObj.CustLastName);
                cmd.Parameters.AddWithValue("@address", custObj.CustAddress);
                cmd.Parameters.AddWithValue("@city", custObj.CustCity);
                cmd.Parameters.AddWithValue("@prov", custObj.CustProv);
                cmd.Parameters.AddWithValue("@postal", custObj.CustPostal);
                cmd.Parameters.AddWithValue("@country", custObj.CustCountry);
                cmd.Parameters.AddWithValue("@hPhone", custObj.CustHomePhone);
                cmd.Parameters.AddWithValue("@bPhone", custObj.CustBusPhone);
                cmd.Parameters.AddWithValue("@email", custObj.Email);
                cmd.Parameters.AddWithValue("@agentid", agent == null ? (object)DBNull.Value : Convert.ToInt32(agent));
                cmd.Parameters.AddWithValue("@loginname", custObj.CustLoginName);
                cmd.Parameters.AddWithValue("@custpassword", custObj.CustPassword);


                try
                {
                    connection.Open();
                    cmd.ExecuteNonQuery();
                    custRegistered = true;
                }
                catch (SqlException e)
                {
                    throw e;
                }
                finally
                {
                    connection.Close();
                }
            }
            return(custRegistered);
        }