Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //check if user exists
- string query = string.Format("SELECT COUNT(*) FROM users WHERE name = '{0}'", name);
- command.CommandText = query;
- try
- {
- conn.Open();
- int amountOfUsers = (int)command.ExecuteScalar();
- if(amountOfUsers == 1)
- {
- query = string.Format("SELECT password FROM users WHERE name = '{0}'",name);
- command.CommandText = query;
- string dbPassword = command.ExecuteScalar().ToString();
- if(dbPassword == password)
- {
- query = string.Format("SELECT email, type FROM users WHERE name ='{0}'",name);
- command.CommandText = query;
- SqlDataReader reader = command.ExecuteReader();
- User user = null;
- while (reader.Read())
- {
- string email = reader.GetString(0);
- string type = reader.GetString(1);
- user = new User(name, password, email, type,"true","true","true");
- }
- return user;
- }
- else
- {
- return null;
- }
- }
- else
- {
- return null;
- }
- }
- finally
- {
- conn.Close();
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
