protected void Repeater1_ItemCommand(object source, RepeaterCommandEventArgs e)
{
if (Session["userE"] != null)
{
if (e.CommandName == "AddToCart")
{
string product_id = e.CommandArgument.ToString();
int quantity = 1;
DataTable dt = dbcon.getDataSQL("select * from carts where user_id = '" + Session["user_id"] + "' and product_id= '" + product_id + "' and status=0;");
if (dt.Rows.Count > 0)
{
int beforeQuantity = (int)dt.Rows[0]["quantity"];
int total = quantity + beforeQuantity;
string query = "UPDATE carts SET quantity = '" + total + "' WHERE id = '" + dt.Rows[0]["id"] + "'";
dbcon.executeSQL(query);
Response.Write("<script>alert('Add Item Successfully');</script>");
}
else
{
string query = "insert into carts(user_id,product_id,quantity,status,dateTime) values('" + Session["user_id"] + "','" + product_id + "','" + quantity + "','" + 0 + "','" + null + "');";
dbcon.executeSQL(query);
Response.Write("<script>alert('Add Item Successfully');</script>");
}
}
}
else
{
Response.Write("<script>alert('Please login');</script>");
}
}
protected void Button1_Click(object sender, EventArgs e)
{
if (fullNameTxt.Text.Equals("") || EmailTxt.Text.Equals("") || Phone.Text.Equals("") || Address.InnerText.Equals("") || PasswordTxt.Text.Equals("") || ConfrimPasswordTxt.Text.Equals(""))
{
Response.Write("<script>alert('Cannot fill in the blanks')</script>");
}
else if (PasswordTxt.Text != ConfrimPasswordTxt.Text)
{
Response.Write("<script>alert('Confrim password not same')</script>");
}
else
{
DataTable dt = dbcon.getDataSQL("select * from users where email='" + EmailTxt.Text + "'");
if (dt.Rows.Count > 0)
{
Response.Write("<script>alert('Email is already taken!')</script>");
}
else
{
try
{
string query = "insert into users(name, email, password, address, phone, dateTime) values ('" + fullNameTxt.Text + "','" + EmailTxt.Text + "','" + PasswordTxt.Text + "','" + Address.InnerText + "','" + Phone.Text + "','" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "');";
dbcon.executeSQL(query);
Session["userE"] = EmailTxt.Text;
Response.Write("<script>alert('Register Successfully.');window.location = 'Home.aspx';</script>");
}
catch (Exception ex)
{
Response.Write(ex.ToString());
}
}
}
}
protected void Button2_Click(object sender, EventArgs e)
{
dbcon = new SQLConnection();
DataTable dt1 = dbcon.getDataSQL("select * from users where email='" + email.Text + "'");
if (name.Text.Equals("") || email.Text.Equals("") || password.Text.Equals("") || phone.Text.Equals("") || address.Text.Equals(""))
{
Response.Write("<script>alert('Cannot fill in the blanks')</script>");
}
else
{
if (Session["user_id"] != null)
{
DataTable dt = dbcon.getDataSQL("select * from users where id = '" + Session["user_id"] + "';");
var user_email = dt.Rows[0]["email"].ToString();
if (email.Text.Equals(user_email) || dt1.Rows.Count == 0)
{
string query = "UPDATE users SET name = '" + name.Text + "', email = '" + email.Text + "', password = '******', phone = '" + phone.Text + "', address = '" + address.Text + "', dateTime = '" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "' WHERE id = '" + Session["user_id"] + "'";
dbcon.executeSQL(query);
Response.Write("<script>alert('Update User Successfully')</script>");
}
else
{
Response.Write("<script>alert('User Email is already taken!')</script>");
email.Text = user_email;
}
}
else if (dt1.Rows.Count > 0)
{
Response.Write("<script>alert('User Email is already taken!')</script>");
email.Text = null;
}
else
{
try
{
string query = "insert into users(name, email, password, address, phone, dateTime) values ('" + name.Text + "','" + email.Text + "','" + password.Text + "','" + address.Text + "','" + phone.Text + "','" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "');";
dbcon.executeSQL(query);
Response.Write("<script>alert('Create User Successfully.');window.location = 'AdminViewUser.aspx';</script>");
}
catch (Exception ex)
{
Response.Write(ex.ToString());
}
}
}
}
protected void Button2_Click(object sender, EventArgs e)
{
var dateTime = Request.QueryString["dateTime"];
DataTable dt = dbcon.getDataSQL("select * from carts where dateTime = '" + dateTime + "' and status=1;");
for (int i = 0; i < dt.Rows.Count; i++)
{
string query = "UPDATE carts SET status = 0 WHERE dateTime = '" + dateTime + "' and status=1;";
dbcon.executeSQL(query);
}
Response.Write("<script>window.location = 'AdminViewOrder.aspx';</script>");
}
protected void Payment_Click(object sender, EventArgs e)
{
DataTable dt = dbcon.getDataSQL("select * from carts where user_id = '" + Session["user_id"] + "'and status=0;");
for (int i = 0; i < dt.Rows.Count; i++)
{
string query = "UPDATE carts SET status = 1, dateTime = '" + DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss") + "' WHERE user_id = '" + Session["user_id"] + "'and status=0;";
dbcon.executeSQL(query);
}
Session["productCount"] = null;
Session["totalPayment"] = null;
DataTable dt1 = dbcon.getDataSQL("select * from users where ID = '" + Session["user_id"] + "';");
Response.Write("<script>alert('Thank you " + dt1.Rows[0]["name"].ToString() + ", Payment Successfully.');window.location = 'Home.aspx';</script>");
}
protected void Button2_Click(object sender, EventArgs e)
{
dbcon = new SQLConnection();
DataTable dt = dbcon.getDataSQL("select * from users where email='" + email.Text + "'");
if (name.Text.Equals("") || email.Text.Equals("") || password.Text.Equals("") || phone.Text.Equals("") || address.Text.Equals(""))
{
Response.Write("<script>alert('Cannot fill in the blanks')</script>");
}
else if (email.Text.Equals(Session["userE"].ToString()) || dt.Rows.Count == 0)
{
string query = "UPDATE users SET name = '" + name.Text + "', email = '" + email.Text + "', password = '******', phone = '" + phone.Text + "', address = '" + address.Text + "', dateTime = '" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "' WHERE email = '" + Session["userE"] + "'";
dbcon.executeSQL(query);
Response.Write("<script>alert('Update Profile Successfully')</script>");
Session["userE"] = email.Text;
}
else
{
Response.Write("<script>alert('User Email is already taken!')</script>");
}
}
protected void Button2_Click(object sender, EventArgs e)
{
string filename = Path.GetFileName(FileUpload1.FileName);
dbcon = new SQLConnection();
if (name.Text.Equals("") || price.Text.Equals(""))
{
Response.Write("<script>alert('Cannot fill in the blanks')</script>");
}
else
{
if (Session["product_id"] != null || FileUpload1.HasFile)
{
if (Session["product_id"] != null)
{
if (FileUpload1.HasFile)
{
try
{
FileUpload1.SaveAs(Server.MapPath("upload/") + filename);
string query = "update products set name = '" + name.Text + "' , price = '" + price.Text + "', image = '" + filename + "' where ID=" + Session["product_id"] + ";";
dbcon.executeSQL(query);
Response.Write("<script>alert('Update Product Successfully.');</script>");
}
catch (Exception ex)
{
Response.Write("<script>alert('" + ex.ToString() + "')</script>");
}
}
else
{
try
{
FileUpload1.SaveAs(Server.MapPath("upload/") + filename);
string query = "update products set name = '" + name.Text + "' , price = '" + price.Text + "' where ID=" + Session["product_id"] + ";";
dbcon.executeSQL(query);
Response.Write("<script>alert('Update Product Successfully.');</script>");
}
catch (Exception ex)
{
Response.Write("<script>alert('" + ex.ToString() + "')</script>");
}
}
}
else
{
try
{
FileUpload1.SaveAs(Server.MapPath("upload/") + filename);
string query = "insert into products(name, image, price) values ('" + name.Text + "','" + filename + "','" + price.Text + "');";
dbcon.executeSQL(query);
Response.Write("<script>alert('Create Product Successfully.');window.location = 'AdminViewProduct.aspx';</script>");
}
catch (Exception ex)
{
Response.Write(ex.ToString());
}
}
}
else
{
Response.Write("<script>alert('You have not uploaded any product image')</script>");
}
}
}