internal void XogGalin(HomeSet homeSet) { SqlCommand command = new SqlCommand("INSERT INTO Seveces values(@SName, @PhotoFormat, @Description, @ColorType, @Price)", conn); //command.Parameters.AddWithValue("@SName", homeSet.Name); //command.Parameters.AddWithValue("@PhotoFormat", homeSet.PhotoFormat); //command.Parameters.AddWithValue("@Description", homeSet.Description); //command.Parameters.AddWithValue("@ColorType", homeSet.ColorType); //command.Parameters.AddWithValue("@Price", homeSet.Price); }
public ActionResult MakeOrder(int?Id, HomeSet homeSet, HttpPostedFileBase file) { try { CreateProcedure(Id, homeSet, file); return(RedirectToAction("All_Services")); } catch { return(View()); } }
public ActionResult MakeOrderForEnteredUser(int?Id, HomeSet homeSet, HttpPostedFileBase file) { try { GetOrderNo(); SessionParameter sessionParameter = new SessionParameter(); sessionParameter.Name = Session["Id"].ToString(); //CheckUser(sessionParameter); CreateProcedureForLogined(Id, homeSet, file, sessionParameter); return(RedirectToAction("All_Services")); } catch { return(View()); } }
public ActionResult MakeOrderForEnteredUser(int?Id, HomeSet homeset) { if (Id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } if (photoService == null) { return(new HttpStatusCodeResult(HttpStatusCode.NotFound)); } if (Session["name"] == null || Session["Id"] == null) { RedirectToAction("Home"); } return(View()); }
public HomeSet CreateProcedureForLogined(int?id, HomeSet homeSet, HttpPostedFileBase file, SessionParameter sessionParameter) { int orderNumber = Convert.ToInt32(homeset.OrderNo); sessionParameter.Name = (Session["id"]).ToString(); if (orderNumber == 0) { using (SqlConnection sqlConnection = new SqlConnection(mainconn)) { sqlConnection.Open(); string command = "INSERT INTO [dbo].[Orders](UserId,TotalPrice) VALUES(@UserId, ((SELECT Price FROM [dbo].[Seveces] WHERE serviceId = @Id)*@Copies));" + "INSERT INTO [dbo].[Order_Services](serviceID, orderID, Photo,NumbCopies ) VALUES (@Id,(SELECT OrderId FROM [dbo].[Orders] WHERE UserId = @UserId AND StatusId = 1), @Image, @Copies);"; SqlCommand sqlCommand = new SqlCommand(command, sqlConnection); sqlCommand.Parameters.AddWithValue("@UserId", int.Parse(sessionParameter.Name)); sqlCommand.Parameters.AddWithValue("@Id", id); //sqlCommand.Parameters.AddWithValue("@TotalPrice", homeSet.Price); sqlCommand.Parameters.AddWithValue("@Copies", homeSet.copies); if (file != null && file.ContentLength > 0) { string filename = Path.GetFileName(file.FileName); string imgpath = Path.Combine(Server.MapPath("~/User-Images/"), filename); file.SaveAs(imgpath); } sqlCommand.Parameters.AddWithValue("@Image", "~/User-Images/" + file.FileName); sqlCommand.ExecuteNonQuery(); sqlConnection.Close(); } return(homeset); } else { using (SqlConnection sqlConnection = new SqlConnection(mainconn)) { //int orderNumber = Convert.ToInt32(homeset.OrderNo); sqlConnection.Open(); string command = "INSERT INTO [dbo].[Order_Services](serviceID, orderID, Photo,NumbCopies ) VALUES (@Id,@OrderId, @Image, @Copies);" + "UPDATE [dbo].[Orders] SET TotalPrice = TotalPrice + ((SELECT Price From [dbo].[Seveces] WHERE serviceId = @Id)*@Copies);"; SqlCommand sqlCommand = new SqlCommand(command, sqlConnection); sqlCommand.Parameters.AddWithValue("@UserId", int.Parse(sessionParameter.Name)); sqlCommand.Parameters.AddWithValue("@Id", id); sqlCommand.Parameters.AddWithValue("@OrderId", orderNumber); sqlCommand.Parameters.AddWithValue("@Copies", homeSet.copies); if (file != null && file.ContentLength > 0) { string filename = Path.GetFileName(file.FileName); string imgpath = Path.Combine(Server.MapPath("~/User-Images/"), filename); file.SaveAs(imgpath); } sqlCommand.Parameters.AddWithValue("@Image", "~/User-Images/" + file.FileName); sqlCommand.ExecuteNonQuery(); sqlConnection.Close(); } return(homeset); } }
public HomeSet CreateProcedure(int?id, HomeSet homeSet, HttpPostedFileBase file) { Random random = new Random(); string encriptValue = (random.Next(100000, 200000).ToString()); var Enctipt = FormsAuthentication.HashPasswordForStoringInConfigFile(encriptValue, "SHA1"); Enctipt = Enctipt.Substring(0, 12); homeSet.register.Password = Enctipt; //int ClientID; using (SqlConnection sqlConnection = new SqlConnection(mainconn)) { sqlConnection.Open(); string command = "INSERT INTO [dbo].[Users] ([UserName],[UserSurname],[Phone],[Email],[Password]) VALUES (@UserName,@UserSurname,@Phone,@Email,@Password)"; SqlCommand sqlCommand = new SqlCommand(command, sqlConnection); sqlCommand.Parameters.AddWithValue("@UserName", homeSet.register.UserName); sqlCommand.Parameters.AddWithValue("@UserSurname", homeSet.register.UserSurname); sqlCommand.Parameters.AddWithValue("@Phone", homeSet.register.Phone); sqlCommand.Parameters.AddWithValue("@Email", homeSet.register.Email); sqlCommand.Parameters.AddWithValue("@Password", homeSet.register.Password); sqlCommand.ExecuteNonQuery(); sqlConnection.Close(); } using (SqlConnection sqlConnection = new SqlConnection(mainconn)) { sqlConnection.Open(); string sql = "SELECT UserId FROM [dbo].[Users] WHERE Email = @Email"; using (var commant = new SqlCommand(sql, sqlConnection)) { commant.Parameters.AddWithValue("@Email", homeSet.register.Email); using (var reader = commant.ExecuteReader()) { while (reader.Read()) { homeset.UserId = Convert.ToInt32(reader.GetValue(0)); } reader.Close(); } } sqlConnection.Close(); } using (SqlConnection sqlConnection = new SqlConnection(mainconn)) { int UserID = (int)homeset.UserId; sqlConnection.Open(); string cmd = "INSERT INTO [dbo].[Orders](UserId,TotalPrice) VALUES(@UserId, ((SELECT Price FROM [dbo].[Seveces] WHERE serviceId = @Id)*@Copies));" + "INSERT INTO [dbo].[Order_Services](serviceID, orderID, Photo,NumbCopies ) VALUES (@Id,(SELECT OrderId FROM [dbo].[Orders] WHERE UserId = @UserId AND StatusId = 1), @Image ,@Copies);"; SqlCommand sqlCommand = new SqlCommand(cmd, sqlConnection); sqlCommand.Parameters.AddWithValue("@Id", id); sqlCommand.Parameters.AddWithValue("@Copies", homeSet.copies); sqlCommand.Parameters.AddWithValue("@UserId", UserID); if (file != null && file.ContentLength > 0) { string filename = Path.GetFileName(file.FileName); string imgpath = Path.Combine(Server.MapPath("~/User-Images/"), filename); file.SaveAs(imgpath); } sqlCommand.Parameters.AddWithValue("@Image", "~/User-Images/" + file.FileName); sqlCommand.ExecuteNonQuery(); sqlConnection.Close(); } return(homeset); }