Beispiel #1
0
            public static bool save_Order()
            {
                SqlCommand vSQLcommand1;
                SqlCommand vSQLcommand2;
                int        userID;

                try
                {
                    using (SqlConnection objSQLconn = new SqlConnection(System.Web.Configuration.WebConfigurationManager.ConnectionStrings["shop"].ConnectionString))
                    {
                        objSQLconn.Open();
                        String insertCommand_order     = "INSERT INTO tblOrder (user_id) VALUES (@order_userID); SELECT CAST(scope_identity() AS int)";
                        String insertCommand_order_prd = "INSERT INTO tblOrder_Product (order_id,product_id,product_amount) VALUES (@order_ID, @product_id, @order_product_amount);";

                        vSQLcommand1 = new SqlCommand(insertCommand_order, objSQLconn);

                        Shop.User derUser = HttpContext.Current.Session["User"] as Shop.User;
                        userID = derUser.UserID;
                        vSQLcommand1.Parameters.AddWithValue("@order_userID", userID);

                        Shop.Cart derCart = HttpContext.Current.Session["Cart"] as Shop.Cart;

                        var order_id = (int)vSQLcommand1.ExecuteScalar();
                        //int insertSuccessfull1 = vSQLcommand1.ExecuteNonQuery();
                        int i = 0;
                        foreach (var items in derCart.Items)
                        {
                            vSQLcommand2 = new SqlCommand(insertCommand_order_prd, objSQLconn);
                            vSQLcommand2.Parameters.AddWithValue("@order_ID", order_id);
                            vSQLcommand2.Parameters.AddWithValue("@product_ID", items.ProductID);
                            vSQLcommand2.Parameters.AddWithValue("@order_product_amount", 45);
                            int insertSuccessfull2 = vSQLcommand2.ExecuteNonQuery();
                            if (insertSuccessfull2 > 0)
                            {
                                Debug.Print("Successful Order_Product insert Nr. " + (++i));
                            }
                            else
                            {
                                Debug.Print("insert product fehlgeschlagen nummer " + (++i));
                                return(false);
                            }
                        }
                        if (order_id > 0)
                        {
                            HttpContext.Current.Session["Order"] = new Order(userID, order_id);
                            return(true);
                        }
                        else
                        {
                            Debug.Print("insert order fehlgeschlagen");
                            return(false);
                        }
                    }
                }
                catch (Exception vError)
                {
                    Debug.Print("DB geht nicht - save order fkt" + vError);
                    return(false);
                }
            }
Beispiel #2
0
        public static User loginUser(String email, String passwd)
        {
            SqlCommand    vSQLcommand;
            SqlDataReader vSQLreader;

            try
            {
                using (SqlConnection objSQLconn = new SqlConnection(System.Web.Configuration.WebConfigurationManager.ConnectionStrings["shop"].ConnectionString))
                {
                    objSQLconn.Open();
                    vSQLcommand = new SqlCommand("SELECT * FROM tblUsers WHERE user_email=@email AND user_password =@passwd;", objSQLconn);
                    vSQLcommand.Parameters.AddWithValue("@email", email);
                    vSQLcommand.Parameters.AddWithValue("@passwd", Encrypt.Pwd_Encode(passwd));

                    vSQLreader = vSQLcommand.ExecuteReader();
                    vSQLcommand.Dispose();

                    if (vSQLreader.HasRows)
                    {
                        vSQLreader.Read();
                        User loggedInUser = new Shop.User();
                        loggedInUser.UserID       = (int)vSQLreader["user_id"];
                        loggedInUser.firstname    = (String)vSQLreader["user_firstname"];
                        loggedInUser.lastname     = (String)vSQLreader["user_lastname"];
                        loggedInUser.email        = (String)vSQLreader["user_email"];
                        loggedInUser.phone        = (String)vSQLreader["user_tel"];
                        loggedInUser.bill_street  = (String)vSQLreader["user_bill_street"];
                        loggedInUser.bill_city    = (String)vSQLreader["user_bill_city"];
                        loggedInUser.bill_country = (String)vSQLreader["user_bill_country"];
                        loggedInUser.bill_zipcode = (String)vSQLreader["user_bill_zipcode"];

                        return(loggedInUser);
                    }
                    else
                    {
                        Debug.Print("falsches Login " + email + " " + passwd);
                        return(null);
                    }
                }
            }
            catch (Exception vError)
            {
                Debug.Print("DB geht nicht" + vError);
                return(null);
            }
        }