protected void Page_Load(object sender, EventArgs e)
{
if (Session["Email"] != null)
{
string email = Session["Email"].ToString();
string query = "select * from user_table where email = '" + email + "'";
SqlConnection conn = ClassDefault.getConnection();
conn.Open();
SqlCommand cm = new SqlCommand(query, conn);
sdr = cm.ExecuteReader();
while (sdr.Read())
{
first_name = sdr["first_name"].ToString();
last_name = sdr["last_name"].ToString();
Email = sdr["email"].ToString();
contact = sdr["contact"].ToString();
}
if (Request.QueryString["personalinfo"] != null)
{
string first_name = Request.Form["first_name"];
string last_name = Request.Form["last_name"];
string Email = Request.Form["email"];
string contact = Request.Form["contact"];
string query2 = "update user_table set first_name = '" + first_name + "', last_name = '" + last_name + "', email = '" + Email + "', contact = '" + contact + "' where email = '" + Email + "'";
ClassDefault.executeQuery(query2);
Response.Redirect("UserDetailsPage.aspx");
}
if (Request.QueryString["password"] != null)
{
string currentpass = Request.Form["currentpass"];
string newpass = Request.Form["newpass"];
string confirmpass = Request.Form["confirmpass"];
if (newpass == confirmpass)
{
string query3 = "update user_table set password = '******' where email = '" + Email + "'";
ClassDefault.executeQuery(query3);
Response.Redirect("UserDetailsPage.aspx");
}
else
{
Response.Write("<script>alert('Password Mismatch')</script>");
}
}
}
else
{
Response.Redirect("LoginPage.aspx");
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["Email"] != null && Session["Usertype"].ToString() == "admin")
{
string query = "select u.first_name, u.last_name, u.email, s.result, s.date, s.survey_type, s.score from survey_result s inner join user_table u on s.user_id=u.id";
SqlConnection conn = ClassDefault.getConnection();
conn.Open();
SqlCommand cm = new SqlCommand(query, conn);
sdr = cm.ExecuteReader();
}
else
{
Response.Redirect("LoginPage.aspx");
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["Email"] != null && Session["Usertype"].ToString() == "admin")
{
string query = "select * from feedback_table";
SqlConnection conn = ClassDefault.getConnection();
conn.Open();
SqlCommand cm = new SqlCommand(query, conn);
sdr = cm.ExecuteReader();
}
else
{
Response.Redirect("LoginPage.aspx");
}
}