using System;using System.Collections.Generic;using System.Configuration;u

1. using System;
2. using System.Collections.Generic;
3. using System.Configuration;
4. using System.Data.SqlClient;
5. using System.Linq;
6. using System.Web;
7.  
8. namespace Forum.AppCode
9. {
10. public class UserMapper
11. {
12. private static String connectionString = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
13.  
14. public static User Find(String username, String password)
15. {
16.  
17. using (SqlConnection connection = new SqlConnection(connectionString))
18. {
19. connection.Open();
20.  
21. String sql = "select * from USERS where Username=@username and Password=@password";
22. SqlCommand command = new SqlCommand(sql, connection);
23.  
24. // adaug in hash(?)
25. command.Parameters.Add(new SqlParameter("@username", TypeCode.String));
26. command.Parameters.Add(new SqlParameter("@password", TypeCode.String));
27.  
28. // setez valoarea parametrilor
29. command.Parameters["@username"].Value = username;
30. command.Parameters["@password"].Value = password;
31.  
32. using (SqlDataReader reader = command.ExecuteReader())
33. {
34. reader.Read();
35. if (!reader.HasRows)
36. return null;
37.  
38. int id = Convert.ToInt32(reader["Id"]);
39. String firstName = reader["First_name"].ToString();
40. String lastName = reader["Last_name"].ToString();
41. int idRole = Convert.ToInt32(reader["Id_role"]);
42. String email = reader["Email"].ToString();
43. String name = reader["Username"].ToString();
44.  
45. return new User(id, firstName, lastName, null, idRole, email, name);
46. }
47.  
48. }
49. }
50.  
51. public static Boolean Insert(User user)
52. {
53. using (SqlConnection connection = new SqlConnection(connectionString))
54. {
55. connection.Open();
56. String sql = "select * from USERS where Username=@username";
57. SqlCommand command = new SqlCommand(sql, connection);
58.  
59. // adaug in hash(?)
60. command.Parameters.Add(new SqlParameter("@username", TypeCode.String));
61.  
62. // setez valoarea parametrilor
63. command.Parameters["@username"].Value = user.Username;
64.  
65. using (SqlDataReader reader = command.ExecuteReader())
66. {
67. reader.Read();
68. if (reader.HasRows)
69. return false; // username exists in database
70. }
71.  
72. sql = "insert into USERS values(@firstName, @lastName, @password, @idRole, @email, @username)";
73. command = new SqlCommand(sql, connection);
74.  
75. command.Parameters.Add(new SqlParameter("@firstName", TypeCode.String));
76. command.Parameters.Add(new SqlParameter("@lastName", TypeCode.String));
77. command.Parameters.Add(new SqlParameter("@password", TypeCode.String));
78. command.Parameters.Add(new SqlParameter("@idRole", TypeCode.Int32));
79. command.Parameters.Add(new SqlParameter("@email", TypeCode.String));
80. command.Parameters.Add(new SqlParameter("@username", TypeCode.String));
81.  
82. command.Parameters["@firstName"].Value = user.FirstName;
83. command.Parameters["@lastName"].Value = user.LastName;
84. command.Parameters["@password"].Value = user.Password;
85. command.Parameters["@idRole"].Value = 1; // aici ar trebui cumva sa fac o cerere pentru tabelul de roluri si sa imi dea id pentru rol = log in :(
86. command.Parameters["@email"].Value = user.Email;
87. command.Parameters["@username"].Value = user.Username;
88.  
89. if (command.ExecuteNonQuery() > 0)
90. return true;
91. else
92. return false;
93.  
94. }
95. }
96.  
97. public static Boolean Delete(User user)
98. {
99. using (SqlConnection connection = new SqlConnection(connectionString))
100. {
101. connection.Open();
102. String sql = "delete from USERS where Id=@id";
103. SqlCommand command = new SqlCommand(sql, connection);
104.  
105. // adaug in hash(?)
106. command.Parameters.Add(new SqlParameter("@id", TypeCode.Int32));
107.  
108. // setez valoarea parametrilor
109. command.Parameters["@id"].Value = user.Id;
110.  
111. if (command.ExecuteNonQuery() > 0)
112. return true;
113. else
114. return false;
115. }
116. }
117.  
118. public static Boolean UpdateRole(User user, int newRole)
119. {
120. using (SqlConnection connection = new SqlConnection(connectionString))
121. {
122. connection.Open();
123. String sql = "select * from USERS where Id=@id";
124. SqlCommand command = new SqlCommand(sql, connection);
125.  
126. // adaug in hash(?)
127. command.Parameters.Add(new SqlParameter("@id", TypeCode.Int32));
128.  
129. // setez valoarea parametrilor
130. command.Parameters["@id"].Value = user.Id;
131.  
132. using (SqlDataReader reader = command.ExecuteReader())
133. {
134. reader.Read();
135. if (reader.HasRows)
136. return false; // username exists in database
137. }
138.  
139. sql = "update USERS set Id_role = @role where Id = @id";
140. command = new SqlCommand(sql, connection);
141.  
142. command.Parameters.Add(new SqlParameter("@id", TypeCode.Int32));
143.  
144. command.Parameters["@firstName"].Value = user.FirstName;
145. command.Parameters["@lastName"].Value = user.LastName;
146. command.Parameters["@password"].Value = user.Password;
147. command.Parameters["@idRole"].Value = 1; // aici ar trebui cumva sa fac o cerere pentru tabelul de roluri si sa imi dea id pentru rol = log in :(
148. command.Parameters["@email"].Value = user.Email;
149. command.Parameters["@username"].Value = user.Username;
150.  
151. if (command.ExecuteNonQuery() > 0)
152. return true;
153. else
154. return false;
155.  
156. }
157. }
158. }
159. }