public bool addUser(User user)
{
String sql;
if (user.getId() > 0)
{
sql = "UPDATE users SET username = @username, email = @email, firstname = @firstname, lastname = @surname, password = @password, universityId = @universityId WHERE userId = @userId";
}
else
{
sql = "INSERT INTO users (username, email, firstname, lastname, password,universityId)" +
"VALUES (@username, @email, @firstname, @surname, @password,@universityId)";
}
SqlCommand query = new SqlCommand(sql,con);
SqlParameter parUsername = new SqlParameter("@username", SqlDbType.VarChar, 50);
SqlParameter parEmail = new SqlParameter("@email", SqlDbType.VarChar, 50);
SqlParameter parFirstname = new SqlParameter("@firstname", SqlDbType.VarChar, 50);
SqlParameter parSurname = new SqlParameter("@surname", SqlDbType.VarChar, 50);
SqlParameter parPassword = new SqlParameter("@password", SqlDbType.VarChar, 50);
SqlParameter parUniversity = new SqlParameter("@universityId", SqlDbType.Int);
SqlParameter parUserId = new SqlParameter("@userId", SqlDbType.Int);
parUsername.Value = user.getUsername();
parEmail.Value = user.getEmail();
parFirstname.Value = user.getFirstname();
parSurname.Value = user.getLastname();
parPassword.Value = user.getPassword();
parUniversity.Value = user.getUniversityId();
parUserId.Value = user.getId();
query.Parameters.Add(parUsername);
query.Parameters.Add(parEmail);
query.Parameters.Add(parFirstname);
query.Parameters.Add(parSurname);
query.Parameters.Add(parPassword);
query.Parameters.Add(parUniversity);
query.Parameters.Add(parUserId);
Console.WriteLine(query.CommandText);
try
{
this.openCon();
query.ExecuteScalar();
this.closeCon();
return true;
}
catch (Exception e)
{
Console.WriteLine("Adding user failed");
Console.WriteLine(e.Message);
this.closeCon();
return false;
}
}
