public bool CreateAccount(Account account)
{
string queryString =
"INSERT INTO accounts (accountid, login, name, mail, password, createdtime, country, city, photo, mimetype) " +
"VALUES (@accountid, @login, @name, @mail, @password, @createdtime, @country, @city, @photo, @mimetype); " +
"INSERT INTO UsersRoles (id, RoleId, accountid) " +
"VALUES(@id, @RoleId, @accountid)";
using (SqlConnection connection = new SqlConnection(_connectionString))
{
var command = new SqlCommand(queryString, connection);
command.Parameters.AddWithValue("accountid", account.Id);
command.Parameters.AddWithValue("login", account.Login);
command.Parameters.AddWithValue("name", account.Login);
command.Parameters.AddWithValue("mail", account.Email);
command.Parameters.AddWithValue("password", account.Password);
command.Parameters.AddWithValue("createdtime", account.CreatedTime);
command.Parameters.AddWithValue("id", Guid.NewGuid());
command.Parameters.AddWithValue("RoleId", 1);
command.Parameters.AddWithValue("country", account.Country);
command.Parameters.AddWithValue("city", account.City);
command.Parameters.AddWithValue("photo", account.Avatar);
command.Parameters.AddWithValue("mimetype", account.MimeType);
try
{
connection.Open();
command.ExecuteNonQuery();
}
catch (Exception)
{
throw;
}
}
return true;
}