public userAttender Login(string username, string pass) { userAttender usr = new userAttender(); conexion.Open(); string sql = " SELECT [Id],[name],[username],[pass]" + "FROM [challenge].[dbo].[userAttender]" + "Where [username] like '" + username + "' AND[pass] like'" + pass + "'"; SqlCommand command = new SqlCommand(sql, conexion); using (SqlDataReader reader = command.ExecuteReader()) { if (reader.Read()) { usr.Id = Convert.ToInt32(reader["Id"].ToString()); usr.name = reader["name"].ToString(); usr.username = reader["username"].ToString(); } } conexion.Close(); return(usr); }
public userAttender getUserAttenderbyTraza(string traza) { userAttender usr = new userAttender(); conexion.Open(); string sql = " SELECT a.[Id], a.[name] ,[username] ,[pass] " + "FROM[challenge].[dbo].[userAttender] a INNER JOIN[challenge].[dbo].[registro] r" + "On a.Id = r.userattender" + "WHERE r.idtrasa like '´" + traza + "'"; SqlCommand command = new SqlCommand(sql, conexion); using (SqlDataReader reader = command.ExecuteReader()) { if (reader.Read()) { usr.Id = Convert.ToInt32(reader["Id"].ToString()); usr.name = reader["name"].ToString(); usr.username = reader["username"].ToString(); } } conexion.Close(); return(usr); }