public static void UpdatePwd(int loginid, string pwdhash) {

1. public static void UpdatePwd(int loginid, string pwdhash)
2. {
3. // Connect to database
4. SqlConnection connection = DALConnection.GetConnectionByName("Writer");
5. connection.Open();
6.  
7. // Maak SQL string
8. string sqlString = ("UPDATE Login SET PwdHash = @pass WHERE LoginId = @id");
9.  
10. // Command
11. SqlCommand command = new SqlCommand(sqlString, connection);
12.  
13. // Parameters
14. SqlParameter LoginIdParameter = new SqlParameter("@id", SqlDbType.Int);
15. SqlParameter PwdHashParameter = new SqlParameter("@pass", SqlDbType.NChar,32);
16.  
17. // Command parameter
18. command.Parameters.Add(LoginIdParameter);
19. command.Parameters.Add(PwdHashParameter);
20.  
21. // voeg waarde toe aan parameter
22. PwdHashParameter.Value = pwdhash;
23. LoginIdParameter.Value = loginid;
24.  
25. // prepare
26. command.Prepare();
27.  
28. // Voer gevulde query uit
29. command.ExecuteNonQuery();
30.  
31. // Connectie sluiten
32. connection.Close();
33. }
34.  
35. public static int GetLoginId(int persoonid, string pwdhash)
36. {
37. SqlConnection connection = DALConnection.GetConnectionByName("Reader");
38. connection.Open();
39.  
40. // select string
41. string sqlString = ("SELECT LoginId FROM Login WHERE PersoonId = '" + persoonid + "' AND PwdHash = '" + pwdhash + "'");
42.  
43. // Command
44. SqlCommand command = new SqlCommand(sqlString, connection);
45.  
46. // Prepare
47. command.Prepare();
48.  
49. // Returnwaarde
50. return (int)command.ExecuteScalar();
51. }