public Account GetAccountByLogin(string username, bool checkExisting)
{
string queryString =
"SELECT [dbo].accounts.accountid, login, password, mail, city, country, [dbo].accounts.name, [dbo].Roles.Name, [dbo].accounts.photo, [dbo].accounts.mimetype " +
"FROM [dbo].accounts, [dbo].UsersRoles, [dbo].Roles " +
"WHERE (login = @login) AND ([dbo].accounts.accountid = [dbo].UsersRoles.AccountId) AND ([dbo].UsersRoles.RoleId = [dbo].Roles.RoleId);";
using (SqlConnection connection = new SqlConnection(_connectionString))
{
var command = new SqlCommand(queryString, connection);
command.Parameters.AddWithValue("login", username);
connection.Open();
var reader = command.ExecuteReader();
if (reader == null)
{
return null;
}
while (reader.Read())
{
if (!checkExisting)
{
return new Account()
{
Id = (Guid)reader[0],
Login = (string)reader[1],
Password = (string)reader[2],
Email = (string)reader[3],
City = (string)reader[4],
Country = (string)reader[5],
Name = (string)reader[6],
Role = ((string)reader[7]).Split(','),
Avatar = (byte[])reader[8],
MimeType = (string)reader[9]
};
}
else
{
return new Account()
{
Id = (Guid)reader[0],
Password = (string)reader[2],
Role = ((string)reader[7]).Split(',')
};
}
}
return null;
}
}