public member GetMember(int id)
{
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand("Select fio, role, email, phone from member where member.id = @id", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter("@id", SqlDbType.Int, 6));
cmd.Parameters["@id"].Value = id;
member member = new member();
try
{
con.Open();
SqlDataReader reader = cmd.ExecuteReader();
member.Fio = (string)reader["fio"];
member.Role = (int)reader["role"];
member.Email = (string)reader["email"];
member.Phone = (string)reader["phone"];
reader.Close();
return member;
}
catch
{
throw new ApplicationException("Ошибка данныx. Вывод сотрудника");
}
finally
{
con.Close();
}
}
/* public member ValidateUser(string login, string passwd)
{
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand("ValidateUser", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter("@login", SqlDbType.NVarChar, 30));
cmd.Parameters["@login"].Value = login;
cmd.Parameters.Add(new SqlParameter("@passwd", SqlDbType.NVarChar, 20));
cmd.Parameters["@passwd"].Value = passwd;
try
{
con.Open();
SqlDataReader reader = cmd.ExecuteReader();
member emp = new member(
(int)reader["memberID"],
(string)reader["fio"],
(string)reader["login"],
(string)reader["passwd"],
(string)reader["email"],
(string)reader["phone"],
(int)reader["dolgn"]);
reader.Close();
return emp;
}
catch
{
throw new ApplicationException("Ошибка данныx Проверка пользователя");
}
finally
{
con.Close();
}
}*/
public int InsertMember(member emp1)
{
SqlConnection con = new SqlConnection(connectionString);
SqlCommand cmd = new SqlCommand("Insert into member(fio,role,email,phone) values (@fio,@role,@email,@phone) SET @id = @@IDENTITY ", con);
cmd.CommandType = CommandType.Text;
cmd.Parameters.Add(new SqlParameter("@fio", SqlDbType.NVarChar, 150));
cmd.Parameters["@fio"].Value = emp1.Fio;
cmd.Parameters.Add(new SqlParameter("@role", SqlDbType.Int, 6));
cmd.Parameters["@role"].Value = emp1.Role;
cmd.Parameters.Add(new SqlParameter("@email", SqlDbType.NVarChar, 50));
cmd.Parameters["@email"].Value = emp1.Email;
cmd.Parameters.Add(new SqlParameter("@phone", SqlDbType.NVarChar, 20));
cmd.Parameters["@phone"].Value = emp1.Phone;
cmd.Parameters.Add(new SqlParameter("@memberID", SqlDbType.Int, 6));
cmd.Parameters["@memberID"].Direction = ParameterDirection.Output;
try
{
con.Open();
cmd.ExecuteNonQuery();
return (int)cmd.Parameters["@memberID"].Value;
}
catch
{
throw new ApplicationException("Ошибка данныx. Добавление сотрудника");
}
finally
{
con.Close();
}
}