using System;
using System.Data;
using System.Data.SqlClient;

namespace eshop.BLL


{


	public class UserInfo
	{
		public string userRealName;
		public string zipcode;
		public string email;
		public string sex;
		public string address;
	}
	/// <summary>
	/// User 的摘要說明。
	/// </summary>
	public class User
	{
		public User()
		{
			
		}
		public int SignIn(string userName, string userPwd)
		{
			SqlParameter[] signInPara = {
										   new SqlParameter("@userName", userName),
										   new SqlParameter("@userPwd", userPwd)
									   };
			//返回userId的值，如果不存在記錄，返回為0
			return Convert.ToInt32(DAL.SQLHelper.ExecuteScalar(DAL.SQLHelper.CONN_STRING, 
				CommandType.StoredProcedure, "SignIn", signInPara));
		}

		public int ChangePassword (string oldPassword, string newPassword, int userId)
		{
			object m_DBNull = Convert.DBNull;

			SqlParameter[] para = {
									  new SqlParameter("@userId", userId),
									  new SqlParameter("@oldPassword", oldPassword),
									  new SqlParameter("@newPassword", newPassword),
									  new SqlParameter("@result", SqlDbType.Int, 8, ParameterDirection.Output,
									  true, 0, 0, "", DataRowVersion.Default, m_DBNull)
								  };
			try
			{
				DAL.SQLHelper.ExecuteNonQuery(DAL.SQLHelper.CONN_STRING, CommandType.StoredProcedure, "ChangePassword", para);
			}
			catch
			{
				throw;
			}

			return Convert.ToInt32(para[3].Value);
		}

		public UserInfo GetUserInfo(string userId)
		{
			SqlParameter[] para = {
									  new SqlParameter("@userId", int.Parse(userId))
								  };
			
			SqlDataReader dr = DAL.SQLHelper.ExecuteReader(DAL.SQLHelper.CONN_STRING, CommandType.StoredProcedure, "GetUserInfo", para);

			dr.Read();

			UserInfo userInfo = new UserInfo();
			userInfo.userRealName = dr["UserRealName"].ToString();
			userInfo.zipcode = dr["zipcode"].ToString();
			userInfo.address = dr["address"].ToString();
			userInfo.email = dr["email"].ToString();
			userInfo.sex = dr["sex"].ToString();

			return userInfo;
		}
			
		public int ChangeProfile(string userId, string userRealName, string address, 
			string zipCode, string email ,string sex)
		{

			SqlParameter[] para = {
									  new SqlParameter("@userId", int.Parse(userId)),
									  new SqlParameter("@userRealName", userRealName),
									  new SqlParameter("@address", address),
									  new SqlParameter("@zipcode", zipCode),
									  new SqlParameter("@email", email),
									  new SqlParameter("@sex", sex)
								  };

			return DAL.SQLHelper.ExecuteNonQuery(DAL.SQLHelper.CONN_STRING, CommandType.StoredProcedure, 
				"EditAcount", para);
		}

		public int AddNewUser(string userName, string password, string question, string answer)
		{
			object m_DBNull = Convert.DBNull;

			SqlParameter[] para = {
									  new SqlParameter("@userName", userName),
									  new SqlParameter("@Password", password),
									  new SqlParameter("@question", question),
									  new SqlParameter("@answer", answer),
									  new SqlParameter("@result", SqlDbType.Int, 8, ParameterDirection.Output,
									  true, 0, 0, "", DataRowVersion.Default, m_DBNull)
								  };

			try
			{
				DAL.SQLHelper.ExecuteNonQuery(DAL.SQLHelper.CONN_STRING, CommandType.StoredProcedure,
					"AddNewUser", para);
			}
			catch
			{
				throw;
			}

			return Convert.ToInt32(para[4].Value);
		}


		public int GetBackPassword(string userName, string question, string answer, string email)
		{
			object m_DBNull = Convert.DBNull;
			//獲得新的隨機密碼
			string newPassword = MakePassword(6);
			//定義存儲過程參數 
			SqlParameter[] para = {
									  new SqlParameter("@userName", userName),
									  new SqlParameter("@question", question),
									  new SqlParameter("@answer", answer),
									  new SqlParameter("@newPassword", newPassword),
									  new SqlParameter("@result", SqlDbType.Int, 8, ParameterDirection.Output,
									  true, 0, 0, "", DataRowVersion.Default, m_DBNull)
								  };
			
			//執行存儲過程
			try
			{
				DAL.SQLHelper.ExecuteNonQuery(DAL.SQLHelper.CONN_STRING, CommandType.StoredProcedure,
					"GetBackPwd", para);
			}
			catch
			{
				throw new Exception("郵件無法發送！");
			}
			//獲得輸出參數的值
			int result = Convert.ToInt32(para[4].Value);
			//如果密碼保護資料填寫正確
			if (result == 1)
			{
				//從Web.config獲取發信人地址、郵件標題、郵件用戶名和密碼以及SmtpServer
				string sender = System.Configuration.ConfigurationSettings.AppSettings["mainSender"];
				string title = System.Configuration.ConfigurationSettings.AppSettings["mailTitle"];
				string mailUser =  System.Configuration.ConfigurationSettings.AppSettings["mailUser"];
				string mailPwd = System.Configuration.ConfigurationSettings.AppSettings["mailPwd"];
				string smtpServer = System.Configuration.ConfigurationSettings.AppSettings["mailSmtpServer"];
				//發信
				try
				{
					Mail.CDOsendmail(sender, email, title, "您在eshop的密碼已找回,新密碼為"+newPassword 
						, mailUser, mailPwd, smtpServer);
				}
				catch(Exception ex)
				{
					throw new Exception(ex.Message);
				}
			}

			return result;
		}


		//隨機生成密碼
		private static string MakePassword(int pwdLength)
		{
			//聲明要返回的字符串
			string tmpstr = "";
			//密碼中包含的字符數組
			string pwdchars="abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
			//數組索引隨機數
			int iRandNum;
			//隨機數生成器
			Random rnd = new Random();
			for(int i=0;i<pwdLength;i++)
			{
				//Random類的Next方法生成一個指定范圍的隨機數
				iRandNum = rnd.Next(pwdchars.Length);
				//tmpstr隨機添加一個字符
				tmpstr += pwdchars[iRandNum];
			}
			return tmpstr;
		}
		
			
	}
}