public void suspendUser(user targetUser)
{
SqlConnection conn = null;
SqlCommand cmd = null;
SqlDataReader reader = null;
conn = new SqlConnection(ConfigurationManager.ConnectionStrings["vetoTours"].ToString());
conn.Open();
string query = "UPDATE users SET password= '******', name='" + targetUser.getName() + "', email ='" + targetUser.getEmail() + "', phoneNumber=" + targetUser.getPhoneNumber()
+ ", description ='" + targetUser.getPersonalDescription() + "', status=" + targetUser.getStatus() + " WHERE userID='" + targetUser.getUserID() + "';";
cmd = new SqlCommand(query, conn);
reader = cmd.ExecuteReader();
reader.Close();
query = "UPDATE tours SET status= 'suspended' WHERE userID='" + targetUser.getUserID() + "';";
cmd = new SqlCommand(query, conn);
reader = cmd.ExecuteReader();
conn.Close();
}
public void createUser(user newUser)
{
SqlConnection conn = null;
SqlCommand cmd = null;
SqlDataReader reader = null;
conn = new SqlConnection(ConfigurationManager.ConnectionStrings["vetoTours"].ToString());
conn.Open();
string query = "INSERT INTO users VALUES('" + newUser.getUserID() + "', '" + newUser.getPassword() + "', '" + newUser.getName() + "', '" + newUser.getEmail() + "', '" + newUser.getPhoneNumber() + "', '"
+ newUser.getPersonalDescription() + "', '" + newUser.getStatus() + "')";
cmd = new SqlCommand(query, conn);
reader = cmd.ExecuteReader();
reader.Close();
conn.Close();
}