protected void Button1_Click(object sender, EventArgs e)
{
string mysql;
int i;
if (TextBox1.Text.Trim() == "" || TextBox2.Text.Trim() == "")
{
Response.Write("<script>alert('用户名和密码不能为空!')</script>");
return;
}
if (TextBox3.Text.ToUpper().Trim() != Label1.Text.Trim())
{
Response.Write("<script>alert('你的验证码输入错误," + "请重新输入')</script>");
}
else //若验证码输入正确
{
if (RadioButton1.Checked) //顾客登录
{
mysql = "SELECT 用户名 FROM Customers WHERE 用户名 = '" + TextBox1.Text + "'AND 密码 = '" + TextBox2.Text + "'AND 有效否 = '1'";
i = mydb.Rownum(mysql);
if (i > 0) //合法用户
{
Session["uname"] = TextBox1.Text.Trim();
Server.Transfer("~/customermenu.aspx");
}
else //非法用户
{
Response.Write("<script>alert('对不起,你输入的" + "用户名/密码错误或者已无效,请查实!')</script>");
}
}
else if (RadioButton2.Checked) //操作员登录
{
mysql = "SELECT 用户名 FROM Users WHERE 用户名 = '" + TextBox1.Text + "'AND 密码 = '" + TextBox2.Text + "'AND 类型 = '操作员'";
i = mydb.Rownum(mysql); //执行SQL语句并返回行数
if (i > 0)
{
Session["uname"] = TextBox1.Text.Trim();
Server.Transfer("~/operatormenu.aspx");
}
else
{
Response.Write("<script>alert('对不起,你输入的" + "用户名/密码错误或者已无效,请查实!')</script>");
}
}
else if (RadioButton3.Checked) //管理员登录
{
mysql = "SELECT 用户名 FROM Users WHERE 用户名 = '" + TextBox1.Text + "' AND 密码 = '" + TextBox2.Text + "'AND 类型 = '管理员' AND 有效否='1'";
i = mydb.Rownum(mysql); //执行SQL语句并返回行数
if (i > 0)
{ //合法管理员用户
Session["uname"] = TextBox1.Text.Trim();
Server.Transfer("~/managermenu.aspx");
}
else
{
Response.Write("<script>alert('对不起,你输入的" + "用户名/密码错误或者已无效,请查实!')</script>");
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!Page.IsPostBack)
{
int i, j;
string sn = "";
mysql = "SELECT * FROM selcourse WHERE sno='" + Session["uno"] + "'";
i = mydb.Rownum(mysql, "selcourse", ref sn);
mysql = "SELECT * FROM score WHERE sno='" + Session["uno"] + "'";
j = mydb.Rownum(mysql, "score", ref sn);
if (i == 0 && j == 0) //第一次选课:score和selcourse表中都没有该学号的记录
{
mysql = "INSERT INTO selcourse(sno,cno,cname,ctime,cplace,tno,tname,sel) SELECT '" +
Session["uno"] + "',cno,cname,ctime,cplace,tno,tname,'×' FROM course";
mydb.ExecuteNonQuery(mysql);
bind();
}
else if (i > 0) //selcourse表中有该学号的记录
{
bind();
}
else
{
Response.Redirect("~/dispinfo.aspx?info=" + "你选课已提交,不能再重新选课");
}
}
}
protected void Button1_Click(object sender, EventArgs e)
{
string mysql;
int i;
string uname = "";
if (TextBox3.Text.Trim() != Label1.Text.Trim())
Response.Write("<script>alert('你的验证码输入错误,请重输入!')</script>");
else
{
if (RadioButton1.Checked)
{
mysql = "SELECT sname FROM student WHERE sno = '" + TextBox1.Text + "' AND spass = '******'";
i = mydb.Rownum(mysql, "student", ref uname);
if (i > 0)
{
Session["uno"] = TextBox1.Text.Trim();
Session["uname"] = uname;
Server.Transfer("~/studentmenu.aspx");
}
else
Response.Write("<script>alert('对不起,你输入的用户名或者密码错误,请查实!')</script>");
}
else if (RadioButton2.Checked)
{
mysql = "SELECT tname FROM teacher WHERE tno = '" + TextBox1.Text + "' AND tpass = '******'";
i = mydb.Rownum(mysql, "teacher", ref uname);
if (i > 0)
{
Session["uno"] = TextBox1.Text.Trim();
Session["uname"] = uname;
Server.Transfer("~/teachermenu.aspx");
}
else
Response.Write("<script>alert('对不起,你输入的用户名或者密码错误,请查实!')</script>");
}
else if (RadioButton3.Checked)
{
mysql = "SELECT mname FROM manager WHERE mno = '" + TextBox1.Text + "' AND mpass = '******'";
i = mydb.Rownum(mysql, "manager", ref uname);
if (i > 0)
{
Session["uno"] = TextBox1.Text.Trim();
Session["uname"] = uname;
Server.Transfer("~/managermenu.aspx");
}
else
Response.Write("<script>alert('对不起,你输入的用户名或者密码错误,请查实!')</script>");
}
else
Response.Write("<script>alert('对不起,必须选择用户类型!')</script>");
}
}
protected void Button1_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
int i;
mysql = "SELECT * FROM Customers WHERE 用户名 = '"
+ usernameTextBox.Text.Trim() + "'";
i = mydb.Rownum(mysql);
if (i > 0)
{
Response.Write("<script>alert('对不起,你输入的用户名" + "已经注册了!')</script>");
}
else
{
mysql = "INSERT INTO Customers(用户名,密码,姓名,年龄,学历," + "地区,省份,市,县,住址,邮箱,电话,有效否)"
+ "VALUES('" + usernameTextBox.Text.Trim() + "','"
+ passTextBox1.Text.Trim() + "','"
+ xmTextBox.Text.Trim() + "',"
+ ageTextBox.Text + ",'"
+ DropDownList1.SelectedValue.ToString().Trim() + "','"
+ DropDownList2.SelectedValue.ToString().Trim() + "','"
+ DropDownList3.SelectedValue.ToString().Trim() + "','"
+ DropDownList4.SelectedValue.ToString().Trim() + "','"
+ DropDownList5.SelectedValue.ToString().Trim() + "','"
+ placeTextBox.Text.Trim() + "','"
+ EmailTextBox.Text.Trim() + "','"
+ TelTextBox.Text.Trim() + "','1'";
mydb.ExecuteNonQuery(mysql);
Response.Redirect("~/dispinofo.aspx?info=你可以退出再以顾客身份" + "登录后购物,或者继续以游客身份游览!");
}
}
}
protected void Button1_Click(object sender, EventArgs e)
{
int i;
CommDB mydb = new CommDB();
string mysql, sn = "";
mysql = "SELECT * FROM student WHERE sno='" + TextBox1.Text + "'";
i = mydb.Rownum(mysql, "student", ref sn);
if (i > 0)
{
Response.Redirect("~/dispinfo.aspx?info=学号重复,不能添加该学生记录!");
}
else
{
string xb;
if (RadioButton1.Checked)
{
xb = "男";
}
else if (RadioButton2.Checked)
{
xb = "女";
}
else
{
xb = "";
}
mysql = "INSERT INTO student(sno,sname,ssex,snation,sclass,spass) VALUES('" +
TextBox1.Text + "','" + TextBox2.Text + "','" + xb + "','" +
DropDownList1.SelectedValue + "','" + TextBox3.Text + "','" +
TextBox1.Text + "')";
mydb.ExecuteNonQuery(mysql);;
Response.Redirect("~/dispinfo.aspx?info=学生记录已成功添加!");
}
}
protected void Button1_Click(object sender, EventArgs e)
{
int i;
CommDB mydb = new CommDB();
string mysql, sn = "";
mysql = "SELECT * FROM teacher WHERE tno='" + TextBox1.Text + "'";
i = mydb.Rownum(mysql, "teacher", ref sn);
if (i > 0)
{
Response.Redirect("~/dispinfo.aspx?info=编号重复,不能添加该教师记录!");
}
else
{
string xb;
if (RadioButton1.Checked)
{
xb = "男";
}
else if (RadioButton2.Checked)
{
xb = "女";
}
else
{
xb = "";
}
mysql = "INSERT INTO teacher(tno,tname,tsex,tdepart,tpass) VALUES('" +
TextBox1.Text + "','" + TextBox2.Text + "','" + xb + "','" +
TextBox3.Text + "','" + TextBox1.Text + "')";
//刚添加时密码同编号
mydb.ExecuteNonQuery(mysql);
Response.Redirect("~/dispinfo.aspx?info=教师记录已成功添加!");
}
}
protected void Button1_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
int i;
mysql = "SELECT * FROM Customers WHERE 用户名 = '"
+ usernameTextBox.Text.Trim() + "'";
i = mydb.Rownum(mysql);
if (i > 0)
{
Response.Write("<script>alert('对不起,你输入的用户名" + "已经注册了!')</script>");
}
else
{
string sf = "管理员";
if (RadioButton2.Checked)
{
sf = "操作员";
}
mysql = "INSERT INTO Users (用户名,密码,类型,有效否) "
+ "VALUES('" + usernameTextBox.Text.Trim() + "','"
+ passTextBox1.Text.Trim() + "','"
+ sf + "','1')";
mydb.ExecuteNonQuery(mysql);
Response.Redirect("~/dispinfo.aspx?info=欢迎您,管理员!");
}
}
}
protected void Button1_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
int i;
mysql = "SELECT * FROM Products WHERE 商品编号 = '" + bhTextBox.Text + "'";
i = mydb.Rownum(mysql);
if (i > 0)
{
Label1.Text = "商品编号重复,不能添加该商品记录!";
}
else
{
string filestr;
if (FileUpload1.HasFile)
{
filestr = Server.MapPath("/") + "Picture\\" + FileUpload1.FileName;
try
{
FileUpload1.SaveAs(filestr);
Label1.Text = "提示:文件成功上传";
}
catch (Exception ex)
{
Label1.Text = "提示:文件上传失败," + ex.Message;
}
}
else
{
Label1.Text = "提示:没有指定要上传的任何文件";
}
mysql = "INSERT INTO Products(商品编号,分类,子类,品牌,型号,单价,库存数量,图片,有效否,星数,评论数) VALUES('"
+ bhTextBox.Text.Trim() + "','"
+ DropDownList1.SelectedValue.ToString().Trim() + "','"
+ DropDownList2.SelectedValue.ToString().Trim() + "','"
+ DropDownList3.SelectedValue.ToString().Trim() + "','"
+ xhTextBox.Text.Trim() + "',"
+ priceTextBox.Text.Trim() + ","
+ numTextBox.Text.Trim() + ",'"
+ "~//Pictrue//" + FileUpload1.FileName.Trim() + "','"
+ "1',0,0)";
mydb.ExecuteNonQuery(mysql);
Response.Redirect("~/dispinfo.aspx?info=新型号的商品已添加");
}
}
else
{
Label1.Text = "提示:商品信息错误,不能添加";
}
}
protected bool inCart(string spno)
{
int i;
mysql = "SELECT * FROM ShoppingCart WHERE 用户名 = '"
+ Session["uname"] + "'AND 商品编号 = '" + spno + "'";
i = mydb.Rownum(mysql);
if (i > 0)
{
return(true);
}
else
{
return(false);
}
}
protected void Button1_Click(object sender, EventArgs e)
{
CommDB mydb = new CommDB();
string mysql, sn = "";
int i;
mysql = "SELECT * FROM student WHERE sno='" + Session["uno"] + "' AND spass='******'";
i = mydb.Rownum(mysql, "student", ref sn);
if (i == 0)
{
Server.Transfer("~/dispinfo.aspx?info=原密码输入错误!");
}
else
{
mysql = "UPDATE student SET spass='******' WHERE sno='" + Session["uno"] + "'";
mydb.ExecuteNonQuery(mysql);
Server.Transfer("~/dispinfo.aspx?info=密码修改成功!");
}
}
protected void Button1_Click(object sender, EventArgs e)
{
int i;
CommDB mydb = new CommDB();
string mysql, sn = "";
mysql = "SELECT * FROM manager WHERE mno='" + TextBox1.Text + "'";
i = mydb.Rownum(mysql, "manager", ref sn);
if (i > 0)
{
Response.Redirect("~/dispinfo.aspx?info=管理员编程号重复,不能添加该课程记录!");
}
else
{
mysql = "INSERT INTO manager(mno,mname,mpass) VALUES('" +
TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox1.Text + "')";
mydb.ExecuteNonQuery(mysql);
Response.Redirect("~/dispinfo.aspx?info=管理员记录已成功添加!");
}
}
protected void Button1_Click(object sender, EventArgs e)
{
int i;
CommDB mydb = new CommDB();
string mysql, sn = "";
mysql = "SELECT * FROM course WHERE cno='" + TextBox1.Text + "'";
i = mydb.Rownum(mysql, "course", ref sn);
if (i > 0)
{
Response.Redirect("~/dispinfo.aspx?info=课程号重复,不能添加该课程记录!");
}
else
{
mysql = "INSERT INTO course(cno,cname,ctime,cplace,tno,tname) VALUES('" +
TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox3.Text + "','" +
TextBox4.Text + "','','')";
mydb.ExecuteNonQuery(mysql);;
Response.Redirect("~/dispinfo.aspx?info=课程记录已成功添加!");
}
}
protected void Button1_Click(object sender, EventArgs e)
{
String today = DateTime.Today.Year.ToString() + "/"
+ DateTime.Today.Month.ToString() + "/"
+ DateTime.Today.Day.ToString();
id = GridView1.SelectedDataKey.Values["ID"].ToString();
date = Calendar1.SelectedDate.Year.ToString() + "/"
+ Calendar1.SelectedDate.Month.ToString() + "/"
+ Calendar1.SelectedDate.Day.ToString();
String mysql = "INSERT INTO [airDB].[dbo].[book]([uid],[fid],[btime],[fdate]) VALUES("
+ "'" + Session["uid"]
+ "','" + id
+ "','" + today
+ "','" + date
+ "')";
if (mycmd.ExecuteNonQuery(mysql))
{
String mysql1 = "Select [umoney] FROM [airDB].[dbo].[user_] where uid = " + Session["uid"];
string money = "";
if (mycmd.Rownum(mysql1, "umoney", ref money) > 0)
{
int price = int.Parse(GridView1.SelectedDataKey.Values["价格"].ToString());
String mysql2 = "UPDATE user_ SET umoney = '" + (decimal.Parse(money) - price) + "' where uid = " + Session["uid"];
if (mycmd.ExecuteNonQuery(mysql2))
{
Response.Write("<script>alert('预定成功!');</script>");
}
else
{
Response.Write("<script>alert('预定失败!" + mysql + "');</script>");
}
}
}
else
{
Response.Write("<script>alert('预定失败!" + mysql + "');</script>");
}
}
