/// <summary>
/// Save the feedback details
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnsubmit_Click(object sender, EventArgs e)
{
try
{
string username = "";
string userorganization = "";
string useraddress = "";
string usercountry = "";
string usertelno = "";
string useremail = "";
string usercomments = "";
username = Convert.ToString(txtname.Text);
userorganization = Convert.ToString(txtorg.Text);
useraddress = Convert.ToString(txtaddr.Text);
usercountry = Convert.ToString(country.SelectedItem.Text);
usertelno = Convert.ToString(txttelno.Text);
useremail = Convert.ToString(txtemail.Text);
usercomments = Convert.ToString(txtcomment.Text);
string streg = string.Empty;
//establish sql connection
//open database connection to connect to sql server
connection.Open();
SqlCommand cmd = new SqlCommand("insert into feedbackform (name,organization,address,country,telno,email,comments) VALUES (@name,@organization,@address,@country,@telno,@email,@comments);", connection);
cmd.Parameters.Add(new SqlParameter("@name", SqlDbType.NVarChar, 50));
cmd.Parameters.Add(new SqlParameter("@organization", SqlDbType.NVarChar, 50));
cmd.Parameters.Add(new SqlParameter("@address", SqlDbType.NVarChar, 200));
cmd.Parameters.Add(new SqlParameter("@country", SqlDbType.NVarChar, 150));
cmd.Parameters.Add(new SqlParameter("@telno", SqlDbType.NVarChar, 150));
cmd.Parameters.Add(new SqlParameter("@email", SqlDbType.NVarChar, 50));
cmd.Parameters.Add(new SqlParameter("@comments", SqlDbType.NVarChar, 150));
cmd.Parameters["@name"].Value = username;
cmd.Parameters["@organization"].Value = userorganization;
cmd.Parameters["@address"].Value = useraddress;
cmd.Parameters["@country"].Value = usercountry;
cmd.Parameters["@telno"].Value = usertelno;
cmd.Parameters["@email"].Value = useremail;
cmd.Parameters["@comments"].Value = usercomments;
streg = cmd.ExecuteNonQuery().ToString();
//close database connection to disconnect to sql server
connection.Close();
string strScript = "";
strScript = "alert('Thanking you! For your Valuable Feedback.');";
Page.ClientScript.RegisterStartupScript(this.GetType(), "alertBox", strScript, true);
txtname.Text = "";
txtemail.Text = "";
txtorg.Text = "";
txttelno.Text = "";
txtcomment.Text = "";
country.SelectedIndex = -1;
txtaddr.Text = "";
SendMail(username, userorganization, useraddress, usercountry, usertelno, useremail, usercomments);
}
catch (Exception ex)
{
err.insert_exception(ex, excep_page);
Response.Redirect("ErrorPage.aspx");
}
}
/// <summary>
/// summary description to insert resume details into table
/// </summary>
/// <param name="Name">File Name</param>
/// <param name="FilePath">File path</param>
private void ExecuteInsert(string Name, string FilePath)
{
string sql = "INSERT INTO post_resume (ufname,email,pwd,location,mob,expyrs,expmonths,skills,profileheading,industry,functionalarea,basiceducation,mastereducation,filename,filepath) VALUES "
+ " (@ufname,@email,@pwd,@location,@mob,@expyrs,@expmonths,@skills,@profileheading,@industry,@functionalarea,@basiceducation,@mastereducation,@filename,@filepath)";
try
{
conn.Open();
SqlCommand cmd = new SqlCommand(sql, conn);
SqlParameter[] param = new SqlParameter[15];
param[0] = new SqlParameter("@ufname", SqlDbType.NVarChar, 50);
param[1] = new SqlParameter("@email", SqlDbType.VarChar, 50);
param[2] = new SqlParameter("@pwd", SqlDbType.VarChar, 50);
param[3] = new SqlParameter("@location", SqlDbType.VarChar, 150);
param[4] = new SqlParameter("@mob", SqlDbType.VarChar, 20);
param[5] = new SqlParameter("@expyrs", SqlDbType.VarChar, 50);
param[6] = new SqlParameter("@expmonths", SqlDbType.NVarChar, 50);
param[7] = new SqlParameter("@skills", SqlDbType.VarChar, 50);
param[8] = new SqlParameter("@profileheading", SqlDbType.VarChar, 50);
param[9] = new SqlParameter("@industry", SqlDbType.VarChar, 50);
param[10] = new SqlParameter("@functionalarea", SqlDbType.VarChar, 50);
param[11] = new SqlParameter("@basiceducation", SqlDbType.NVarChar, 50);
param[12] = new SqlParameter("@mastereducation", SqlDbType.VarChar, 50);
param[13] = new SqlParameter("@filename", SqlDbType.VarChar, 100);
param[14] = new SqlParameter("@filepath", SqlDbType.VarChar, 100);
param[0].Value = txtfullname.Text;
param[1].Value = txtemail.Text;
param[2].Value = txtpwd.Text;
param[3].Value = txtlocation.Text;
param[4].Value = txtmob.Text;
param[5].Value = ddlyears.SelectedItem.Text;
param[6].Value = ddlmonths.SelectedItem.Text;
param[7].Value = txtskills.Text;
param[8].Value = txtheadingprofile.Text;
param[9].Value = ddlindustry.SelectedItem.Text;
param[10].Value = ddlfunctionalarea.SelectedItem.Text;
param[11].Value = ddlbasicedu.SelectedItem.Text;
param[12].Value = ddlmasteredu.SelectedItem.Text;
param[13].Value = Name;
param[14].Value = FilePath;
for (int i = 0; i < param.Length; i++)
{
cmd.Parameters.Add(param[i]);
}
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
err.insert_exception(ex, excep_page);
Response.Redirect("ErrorPage.aspx");
}
finally
{
conn.Close();
}
}
