public static void Login(string username, string password)
{
SessionBlog.Logout();
if (Authenticate(username, password))
{
MySqlConnection conn = DB.Connection();
conn.Open();
var cmd = conn.CreateCommand() as MySqlCommand;
cmd.CommandText = @"INSERT INTO session_blogs (blog_id) VALUES (@thisBlogId);";
MySqlParameter thisBlogId = new MySqlParameter("@thisBlogId", Blog.FindByUsername(username).GetId());
cmd.Parameters.Add(thisBlogId);
cmd.ExecuteNonQuery();
conn.Close();
if (conn != null)
{
conn.Dispose();
}
}
}
public bool IsLoggedIn()
{
return(_id == SessionBlog.GetId());
}