protected void Upload(object sender, EventArgs e)
{
if (Session["username"] != null)
{
string name = Session["username"].ToString();
string desc = Despription.Text;
string Catagory = ddl_c.Text;
string Pname = PName.Text;
string price = Price.Text;
DateTime time = DateTime.Now;
int min = int.Parse(Min.Text);
int hour = int.Parse(Hour.Text);
while (min > 60)
{
min -= 60;
hour++;
}
if (FileUpload1.HasFile || !(desc.Equals("")) || !(name.Equals("")) || !(price.Equals("")))
{
SqlAC.udi("INSERT INTO PhotosID (F) VALUES (0)");
ak = SqlAC.CheckData("SELECT * FROM PhotosID WHERE F='0'");
string extension = Path.GetExtension(FileUpload1.PostedFile.FileName);
string fileName = ak.Tables[0].Rows[0]["ID"].ToString();
FileUpload1.PostedFile.SaveAs(Server.MapPath("~/APhotos/") + fileName + extension);
SqlAC.udi("UPDATE PhotosID SET PhotosID.F='1'");
SqlAC.udi("INSERT INTO PendingAuctions (PName,SUser,Price,[Min],[Hour],ImgUrl,Catagory,Description) VALUES ('" + Pname + "','" + name + "','" + price + "','" + min.ToString() + "','" + hour.ToString() + "','" + fileName + extension + "','" + Catagory + "','" + desc + "')");
Response.Redirect(Request.Url.AbsoluteUri);
}
}
else
{
Response.Redirect("Home.aspx");
}
}
protected void Btn_Offer_Click(object sender, EventArgs e)
{
string id = Request.QueryString["id"];
if (Offer.Text == null)
{
Offer.Text = "0";
}
long offer = int.Parse(Offer.Text); //input
int Coffer = int.Parse(ak.Tables[0].Rows[0]["Price"].ToString()); //current offer
string user;
user = Session["login"].ToString();
if (Session["login"] == null)
{
Offer.Enabled = false;
}
if (offer > Coffer)
{
int v = ak.Tables[0].Rows.Count;
SqlAC.udi("UPDATE Auctions SET Auctions.price='" + offer + "', Buser='******' WHERE Auctions.ID=" + id);
SqlAC.udi("INSERT INTO History VALUES('1','" + id + "','" + Session["username"].ToString() + "','" + offer.ToString() + "')");
Response.Redirect("ProductPage.aspx?id=" + id);
}
}
private void UpdateDB(DataRow r)
{
string Insert = "INSERT INTO CompletedAuctions VALUES ('" + r["ID"] + "','" + r["PName"] + "','" + r["SUser"] + "','" + r["Buser"] + "','" + r["price"] + "','" + r["ImgUrl"] + "','" + r["Catagory"] + "','" + r["Description"] + "')";
string Delete = "DELETE FROM Auctions WHERE ID=" + r["ID"];
SqlAC.udi(Insert);
SqlAC.udi(Delete);
}
protected void Btn_SignUp_Click(object sender, EventArgs e)
{
if (ask())
{
LBL_output.Text = "User info updated";
SqlAC.udi("UPDATE Users SET Users.Password='******', Users.Email='" + TB_Email.Text + "', Users.FName='" + TB_FN.Text + "', Users.LName='" + TB_LN.Text + "', Users.City='" + TB_City.Text + "', Users.Phone='" + TB_PN.Text + "' WHERE Users.Username='******'");
}
}
protected void Btn_SignUp_Click(object sender, EventArgs e)
{
try {
if (ask())
{
SqlAC.udi("INSERT INTO Users VALUES('" + TB_User.Text + "','" + TB_password.Text + "','" + TB_Email.Text + "','" + TB_FN.Text + "','" + TB_LN.Text + "','" + TB_City.Text + "','" + TB_PN.Text + "','0')");
Response.Redirect("Home.aspx");
}
}
catch (Exception) {
LBL_output.Text = "username taken";
}
}
protected void Submit_Click(object sender, EventArgs e)
{
int price = int.Parse(ak["Price"].ToString());
switch (CM)
{
case 1: //balance
int AmountLeft = GetBalance() - price;
if (AmountLeft < 0)
{
string seller = ak["SUser"].ToString();
string buyer = ak["BUser"].ToString();
SqlAC.udi("UPDATE Users SET Balance=Balance+" + price + " WHERE Username='******'");
SqlAC.udi("UPDATE Users SET Balance=" + AmountLeft + " WHERE Username='******'");
SqlAC.udi("DELETE FROM CompletedAuctions WHERE ID='" + ID + "'");
Output.Text = "Transaction completed";
Submit.Enabled = false;
}
else
{
Output.Text = "not enough funds";
}
break;
case 2: //CreditCard
Check.Enabled = false;
Service.WebService s = new Service.WebService();
int result = s.Purchase(CCNum.Text, CVV.Text, ExpDate.Text, Person_ID.Text, price.ToString());
if (result == 1)
{
Output.Text = " Transaction completed";
Submit.Enabled = false;
SqlAC.udi("DELETE FROM CompletedAuctions WHERE ID='" + ID + "'");
}
else if (result == 0)
{
Output.Text = "Check your input";
}
else
{
Output.Text = "You can't use that credit card";
}
break;
}
}
protected void Activate_Click(object sender, EventArgs e)
{
DateTime date = DateTime.Now;
int H = int.Parse(Hours.Text);
int M = int.Parse(mins.Text);
TimeSpan time = new TimeSpan(0, H, M);
DateTime combined = date.Add(time);
string t = title.Text;
string Userr = User.Text;
string P = Price.Text;
string ey = combined.Year.ToString();
string em = combined.Month.ToString();
string ed = combined.Day.ToString();
string eh = combined.Hour.ToString();
string emin = combined.Minute.ToString();
string url = ak.Tables[0].Rows[0]["ImgUrl"].ToString();
string catagory = ak.Tables[0].Rows[0]["Catagory"].ToString();
SqlAC.udi("INSERT INTO Auctions (PName,SUser,Price,EY,EM,ED,EH,EMin,Open,ImgUrl,Catagory,Description) VALUES ('" + t + "','" + Userr + "','" + P + "','" + ey + "','" + em + "','" + ed + "','" + eh + "','" + emin + ",'1'," + url + "','" + catagory + "','" + desc + "'");
SqlAC.udi("DELETE FROM PendingAuctions WHERE id=" + id);
}
private void Delete(int i)
{
SqlAC.udi("UPDATE Auctions SET Auctions.Open='0' WHERE ID=" + ak.Tables[0].Rows[i]["ID"].ToString() + "");
}
protected void Unnamed_Click(object sender, EventArgs e)
{
s = DDL.Text;
SqlAC.udi("UPDATE Complaints SET Response='" + Res.Text + "',Checked='1' WHERE Title='" + s + "'");
Response.Redirect("Compllaints.aspx");
}