public bool changePwdMember() { string query = "UPDATE [dbo].[member] SET [pass] = @pass WHERE username = @us"; SqlParameter[] paras = { new SqlParameter("@us", this.Username), new SqlParameter("@pass", SqlDbType.VarChar, 255) { Value = StringProc.MD5Hash(this.Pass) }, }; return(DataProvider.executeNonQuery(query, paras)); }
public bool addMember() { string sQuery = "INSERT INTO [dbo].[member] ([username] ,[pass] ,[name] ,[phone] ,[role] ,[status] ,[email],[xoa]) VALUES(@us,@pass,@name,@phone,@role,@stt,@email,@xoa)"; SqlParameter[] paras = new SqlParameter[8] { new SqlParameter("@us", SqlDbType.VarChar, 50) { Value = this.Username }, new SqlParameter("@pass", SqlDbType.VarChar, 50) { Value = StringProc.MD5Hash(this.Pass) }, new SqlParameter("@name", SqlDbType.NVarChar, 50) { Value = this.Name }, new SqlParameter("@phone", SqlDbType.VarChar, 50) { Value = this.Phone }, new SqlParameter("@role", SqlDbType.Int) { Value = this.Role }, new SqlParameter("@stt", SqlDbType.Int) { Value = this.Status }, new SqlParameter("@email", SqlDbType.VarChar, 50) { Value = this.Email }, new SqlParameter("@xoa", SqlDbType.Bit, 1) { Value = this.Xoa }, }; return(DataProvider.executeNonQuery(sQuery, paras)); }