Skip to content

Instantly share code, notes, and snippets.

@lgrangeia

lgrangeia/DataFactory.cs

Created November 15, 2017 14:44
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save lgrangeia/ff62362e7ebcec769b8d427eb4eb3cab to your computer and use it in GitHub Desktop.
Save lgrangeia/ff62362e7ebcec769b8d427eb4eb3cab to your computer and use it in GitHub Desktop.
Download ZIP
hacmebank solve 1
Raw
DataFactory.cs
public static int ValidateUserPassword(string loginID,string password)
{
// NEW code:
Global.createSqlServerConnection();
Global.globalSqlServerConnection.Open();
SqlCommand sqlcmd = new SqlCommand(null, Global.globalSqlServerConnection);
sqlcmd.CommandText = "select user_id from fsb_users where login_id=@loginid and password=@password";
SqlParameter sql_login = new SqlParameter("@loginid", System.Data.SqlDbType.NVarChar, 100);
SqlParameter sql_password = new SqlParameter("@password", System.Data.SqlDbType.NVarChar, 100);
sql_login.Value = loginID;
sql_password.Value = password;
sqlcmd.Parameters.Add(sql_login);
sqlcmd.Parameters.Add(sql_password);
SqlDataReader result = sqlcmd.ExecuteReader();
Object queryObject = null;
if (result.Read())
{
object firstFieldFromFirstRow = (object)result[0];
queryObject = result[0];
}
Global.globalSqlServerConnection.Close();
// OLD code:
// string sqlQuery = "select user_id from fsb_users where login_id = '" + loginID+ "' and password = '" + password + "'";
// object queryResult = SqlServerEngine.returnObjectFromSQLQuery_containing_FirstFieldFromFirstRow(sqlQuery);
if (null != queryObject)
{
return (int)(decimal)queryObject;
}
else
{
return 0;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment