Ejemplo n.º 1
0
        public bool CheckUserData(string account, string password)
        {
            try
            {
                string       sql = "SELECT 1 FROM user WHERE account = @account AND password = @password;";
                MySqlCommand cmd = db.MySqlCommand(sql);
                cmd.Parameters.Add("@account", MySqlDbType.VarChar).Value  = account;
                cmd.Parameters.Add("@password", MySqlDbType.VarChar).Value = password;

                db.Connect();

                using (MySqlDataReader reader = cmd.ExecuteReader())
                {
                    if (reader.Read())
                    {
                        return(true);
                    }
                }
                return(false);
            }
            catch (Exception ex)
            {
                string error = ex.ToString();
                return(false);
            }
            finally
            {
                db.Disconnect();
            }
        }
Ejemplo n.º 2
0
        public ActionResult OrderList()
        {
            List <Item> list = new List <Item>();

            using (MyDataBase db = new MyDataBase())
            {
                string sql = String.Format(@" select order_list.id,item,price,product.cost,account,status from order_list, product where order_list.account = '{0}' and order_list.item = product.name", Session["account"]);

                MySqlCommand cmd = db.MySqlCommand(sql);

                db.Connect();

                using (MySqlDataReader dr = cmd.ExecuteReader())
                {
                    while (dr.Read())
                    {
                        Item item = new Item();
                        item.id     = dr["id"].ToString();
                        item.name   = dr["item"].ToString();
                        item.price  = Convert.ToInt16(dr["price"]);
                        item.cost   = Convert.ToInt16(dr["cost"]);
                        item.status = dr["status"].ToString();
                        list.Add(item);
                    }
                }
            }

            ViewBag.List = list;
            return(View());
        }
Ejemplo n.º 3
0
        public ActionResult Product(string id)
        {
            if (id == null)
            {
                return(Redirect("OrderList"));
            }

            Item item = new Item();

            using (MyDataBase db = new MyDataBase())
            {
                string sql = @" SELECT * FROM order_list WHERE id = " + id;

                MySqlCommand cmd = db.MySqlCommand(sql);

                db.Connect();

                using (MySqlDataReader dr = cmd.ExecuteReader())
                {
                    while (dr.Read())
                    {
                        item.id     = dr["id"].ToString();
                        item.name   = dr["item"].ToString();
                        item.price  = Convert.ToInt16(dr["price"]);
                        item.cost   = Convert.ToInt16(dr["cost"]);
                        item.status = dr["status"].ToString();
                    }
                }
            }

            ViewBag.Item = item;
            return(View());
        }
Ejemplo n.º 4
0
        public bool CheckUserData(string account, string password)
        {
            /*
             * try
             * {
             *  string sql = "SELECT 1 FROM user WHERE account = @account AND password = @password;";
             *  MySqlCommand cmd = db.MySqlCommand(sql);
             *  cmd.Parameters.Add("@account", MySqlDbType.VarChar).Value = account;
             *  cmd.Parameters.Add("@password", MySqlDbType.VarChar).Value = password;
             *
             *  db.Connect();
             *
             *  using (MySqlDataReader reader = cmd.ExecuteReader())
             *  {
             *      if (reader.Read())
             *          return true;
             *  }
             *  return false;
             * }
             * catch (Exception ex)
             * {
             *  string error = ex.ToString();
             *  return false;
             * }
             * finally
             * {
             *  db.Disconnect();
             * }
             * */
            string sql = "SELECT 1 FROM user WHERE account = @account AND password = @password;";

            using (MyDataBase db = new MyDataBase())
            {
                MySqlCommand cmd = db.MySqlCommand(sql);
                cmd.Parameters.Add("@account", MySqlDbType.VarChar).Value  = account;
                cmd.Parameters.Add("@password", MySqlDbType.VarChar).Value = password;

                db.Connect();

                using (MySqlDataReader dr = cmd.ExecuteReader())
                {
                    if (dr.Read())
                    {
                        return(true);
                    }
                }
                return(false);
            }
        }
Ejemplo n.º 5
0
        public ContentResult Shipping(String checklist)
        {
            if (checklist == "")
            {
                return(Content("Success"));
            }
            string[] select = System.Text.RegularExpressions.Regex.Split(checklist, ",");

            using (MyDataBase db = new MyDataBase())
            {
                string       sql = "";
                MySqlCommand cmd = null;
                db.Connect();
                try
                {
                    db.trans = db.conn.BeginTransaction();
                    for (int i = 0; i < select.Length; i++)
                    {
                        sql = String.Format(@" INSERT shippingorder (orderid, status) VALUES({0}, 'New')", select[i]);
                        cmd = db.MySqlCommand(sql);
                        cmd.ExecuteNonQuery();
                    }
                    sql = @" UPDATE order_list SET status = 'To be shipped' WHERE id IN (" + String.Join(",", select) + ");";
                    cmd = db.MySqlCommand(sql);
                    cmd.ExecuteNonQuery();
                    db.trans.Commit();
                }
                catch (MySqlException ex)
                {
                    db.Rollback();
                    return(Content("Fail"));
                }
            }

            return(Content("Success"));
        }