public bool Validate(Enduser enduser, Userpassword userpassword)
{
try
{
Database.ExecuteSqlRaw("EXEC dbo.validateUser @Email, @Password",
new SqlParameter("@Email", enduser.UserEmail.ToString()),
new SqlParameter("@Password", enduser.ToString()));
return(true);
}
catch (Exception)
{
return(false);
}
}
public void Update(Enduser enduser, Userpassword userpassword, int id)
{
try
{
Database.ExecuteSqlRaw("EXEC dbo.updateUser @FirstName, @LastName, @Email, @Password, @ID ",
new SqlParameter("@FirstName", enduser.UserFName),
new SqlParameter("@LastName", enduser.UserLName),
new SqlParameter("@Email", enduser.UserEmail),
new SqlParameter("@Password", userpassword.PasswordNew),
new SqlParameter("@ID", enduser.UserId));
}
catch (Exception)
{
throw;
}
}
public void Register(Enduser enduser, Userpassword userpassword, out string response)
{
try
{
SqlConnection conn = new SqlConnection("COMP2001_DB");
SqlCommand command = new SqlCommand("returnResponse", conn);
Database.ExecuteSqlRaw("EXEC dbo.registerUser @FirstName, @LastName, @Email, @NewPassword, @ResponseMessage",
new SqlParameter("@FirstName", enduser.UserFName.ToString()),
new SqlParameter("@LastName", enduser.UserLName.ToString()),
new SqlParameter("@Email", enduser.UserEmail.ToString()),
new SqlParameter("@Password", userpassword.PasswordNew.ToString()));
response = (string)command.Parameters["@ResponseMessage"].Value;
}
catch (Exception)
{
response = "SQL Execution failed. User could not be registered.";
}
}