using System;
using System.Collections.Generic;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using VueWebApi.Tools;

namespace VueWebApi.DLL.DAL
{
    public class LoginDAL
    {
        public static DataTable dt;    //定义全局变量dt
        public static bool res;       //定义全局变量dt
        public static ToMessage mes = new ToMessage(); //定义全局返回信息对象
        public static string strProcName = ""; //定义全局sql变量
        public static List<SqlParameter> listStr = new List<SqlParameter>(); //定义全局参数集合
        public static SqlParameter[] parameters; //定义全局SqlParameter参数数组

        #region [登录查询]
        public static DataTable LoginSearch(string username,string password,string torg_code)
        {
          
            //执行sql
            strProcName = "select *  from [dbo].[TUser] where username=@username and password=@password";
            //创建参数
            listStr.Add(new SqlParameter("@username", username));
            listStr.Add(new SqlParameter("@password", password));
            listStr.Add(new SqlParameter("@torg_code", torg_code));
            parameters = listStr.ToArray();
            listStr.Clear();
            DataTable dt = DBHelper.GetTable(strProcName, parameters);
            return dt;
        }
        #endregion

        #region[修改密码]
        public static ToMessage UpdateUserPassword(string username, string password, string newpassword, string torg_code)
        {
         
            //执行sql，判断当前用户登录账号是否正确
            strProcName = "select *  from [dbo].[TUser] where username=@username and password=@password";
            //创建参数
            listStr.Add(new SqlParameter("@username", username));
            listStr.Add(new SqlParameter("@password", password));
            listStr.Add(new SqlParameter("@torg_code", torg_code));
            parameters = listStr.ToArray();
            listStr.Clear();
            dt = DBHelper.GetTable(strProcName, parameters);
            if (dt.Rows.Count <= 0)
            {
                mes.code = "300";
                mes.Message = "输入的密码不正确,请重新输入！";
            }
            else 
            {
                //执行sql，判断当前用户登录账号是否正确
                strProcName = "update [dbo].[TUser] set password=@newpassword where username=@username and password=@password";
                //创建参数
                listStr.Add(new SqlParameter("@username", username));
                listStr.Add(new SqlParameter("@password", password));
                listStr.Add(new SqlParameter("@newpassword", newpassword));
                listStr.Add(new SqlParameter("@torg_code", torg_code));
                parameters = listStr.ToArray();
                listStr.Clear();
                res = DBHelper.ExecuteSql(strProcName, parameters);
                if (res)
                {
                    mes.code = "200";
                    mes.Message = "修改密码成功！";
                }
                else 
                {
                    mes.code = "300";
                    mes.Message = "修改密码失败！";
                }               
            }
            return mes;
        }
        #endregion



    }
}