Ejemplo n.º 1
0
 private void CData()//分类列表绑定
 {
     DBConn myDB = new DBConn();
     string sql = "select * from Category";
     CRepeater.DataSource = myDB.getDataReader( sql );
     CRepeater.DataBind();
     myDB.Close();
 }
Ejemplo n.º 2
0
 private void getHotDataList()//热卖二手书
 {
     DBConn myDB = new DBConn();
     string sql = "select top 10 * from Products where PHot=1 order by PID desc";
     HDataList.DataSource = myDB.getDataReader( sql );
     HDataList.DataBind();
     myDB.Close();  
 }
Ejemplo n.º 3
0
 private void getNewDataList()//最新上架
 {
     DBConn myDB = new DBConn();
     string sql = "select top 6 * from Products order by PID desc";
     NDataList.DataSource = myDB.getDataReader( sql );
     NDataList.DataBind();
     myDB.Close();  
 }
Ejemplo n.º 4
0
        protected void Page_Load(object sender, System.EventArgs e)
        {
            if (!IsPostBack)
            {

                if (Request.QueryString["id"] != null && Request.QueryString["id"].ToString() != String.Empty)
                {
                    if (Session["User"] != null)
                    {
                        txtName.Enabled = false;
                        txtName.Text = (string)Session["User"];
                        DBConn db1 = new DBConn();
                     TextBox1.Text = db1.LookUp("select 真实姓名 from tblUser  where UserName='******'", "真实姓名")  ;
             
                    }
                    else
                    {

                        Response.Write("<script>alert('未登陆禁止订购');window.close();</script>");
                        Response.End();
                        return;
                    }
                    string strID = Request.QueryString["id"].ToString();
                    strID = CleanString.htmlInputText(strID);
                    ViewState["ID"] = strID;

                    PData();
                    string DBPath = ConfigurationSettings.AppSettings["DataBasePath"];
                    string connStr = (DBPath);

                    SqlConnection con = new SqlConnection(connStr);
                    con.Open();
                    string sql = "select * from tblMode";
                    SqlDataAdapter sda1 = new SqlDataAdapter(sql, con);

                    DataSet ds1 = new DataSet();
                    sda1.Fill(ds1, "tblMode");

                    foreach (DataRow row in ds1.Tables[0].Rows)
                    {
                        this.dplBm.Items.Add(row["名称"].ToString());
                    }


                }
                else
                {
                    Response.Write("<script>");
                    Response.Write("alert('没有这个二手书!!!');");
                    Response.Write("</script>");
                    Response.Redirect("index.aspx");
                    return;
                }
                double dblNum = Int32.Parse(DropDownList1.SelectedValue) * double.Parse(lblPNPrice.Text);
                lblCount.Text = dblNum.ToString("f2");
            }

        }
Ejemplo n.º 5
0
        public string strBuy = "";//打印在线购买 或 没有存货


        protected void Page_Load(object sender, System.EventArgs e)
        {
            if (!IsPostBack)
            {
                if (Request.QueryString["id"] != null)
                {
                    string strID = Request.QueryString["id"].ToString();
                    strID = CleanString.htmlInputText(strID);

                    DBConn myDB = new DBConn();
                    string sql = "select * from products where PID=" + strID;
                    SqlDataReader dr;
                    try
                    {
                        dr = myDB.getDataReader(sql);
                    }
                    catch
                    {
                        Response.Write("<script>");
                        Response.Write("alert('没有这个二手书!!!');");
                        Response.Write("</script>");
                        Response.Redirect("index.aspx");
                        return;
                    }

                    if (dr.Read())
                    {
                        ViewState["CID"] = dr["CID"].ToString();
                    }
                    else
                    {
                        Response.Write("<script>");
                        Response.Write("alert('没有这个二手书!!!');");
                        Response.Write("</script>");
                        dr.Close();
                        myDB.Close();
                        Response.Redirect("index.aspx");
                        return;
                    }
                    dr.Close();
                    myDB.Close();

                    ViewState["ID"] = strID;


                }

                CData();
                HData();//分类对应的热销二手书列表绑定
                DHData();

                leaveWord();

                setSelectClass();//绑定 类别选框
            }
            PData();

        }
Ejemplo n.º 6
0
        protected void Page_Load(object sender, System.EventArgs e)
        {


            if (!IsPostBack)
            {
                if (Request.QueryString["did"] != null)
                {
                    string Pid = Request.QueryString["did"].ToString();

                    string sql = "delete from  [tblBasket] where id=" + Pid;

                    DBConn myDB = new DBConn();

                    myDB.ExecuteNonQuery(sql);
                    myDB.Close();
                }

                if (Session["User"] != null)
                {
                    txtName.Enabled = false;
                    txtName.Text = (string)Session["User"];
                    DBConn db1 = new DBConn();
                    TextBox1.Text = db1.LookUp("select 真实姓名 from tblUser  where UserName='******'", "真实姓名");
                    lblTotalPric.Text = db1.LookUp("select sum(ismoney) as '1' from viwBasket  where tblUser='******'", "1");
                }
                else
                {

                    Response.Write("<script>alert('未登陆禁止订购');window.close();</script>");
                    Response.End();
                    return;
                }

                getData();

                string DBPath = ConfigurationSettings.AppSettings["DataBasePath"];
                string connStr = (DBPath);
                SqlConnection con = new SqlConnection(connStr);
       
                con.Open();
               string  sql1 = "select * from tblMode";
                SqlDataAdapter sda1 = new SqlDataAdapter(sql1, con);

                DataSet ds1 = new DataSet();
                sda1.Fill(ds1, "tblMode");

                foreach (DataRow row in ds1.Tables[0].Rows)
                {
                    this.dplBm.Items.Add(row["名称"].ToString());
                }

            }
        }
Ejemplo n.º 7
0
 private void setSelectClass()//绑定 类别选框
 {
     DBConn myDB = new DBConn();
     string mySql = "select CID,CName from Category order by CID desc";
     ddlClass.DataSource  = myDB.getDataReader( mySql );
     ddlClass.DataTextField = "CName";
     ddlClass.DataValueField = "CID";
     ddlClass.DataBind();
     myDB.Close();
     
     ddlClass.Items.Insert(0,new ListItem("所有分类","-1"));
 }
Ejemplo n.º 8
0
        private void getOrderData( string strOID, string strName, string strEmail )//获取订单信息
        {
            DBConn myDB = new DBConn();
            string sql="select * from [Order] where OID='" + strOID + "' and TName='" + strName + "' and Email='" + strEmail + "'";
            SqlDataReader dr  = myDB.getDataReader( sql );
            if( dr.Read() )
            {
                lblOrderID.Text = dr["OID"].ToString();

               if(dr["PID"].ToString()=="0")   lblDetailP.Text = "<a href='P_OderInfo.aspx?id=" + dr["OID"].ToString() + "' target='_blank'>查看批量购买的产品详情</a>";
                lblTName.Text = dr["TName"].ToString();
                lblEmail.Text = dr["Email"].ToString();
                lblPhone.Text = dr["Phone"].ToString();
                lblPID.Text = dr["PID"].ToString();
                lblPName.Text = dr["PName"].ToString();
                lblPPrice.Text = double.Parse( dr["PPrice"].ToString() ).ToString("C");
                lblPNum.Text = dr["PNum"].ToString();
                lblTotalPrice.Text = double.Parse( dr["TotalPrice"].ToString() ).ToString("C");
                lblPubdate.Text = dr["Pubdate"].ToString();
                lblOState.Text = dr["OState"].ToString();

                string strOState = lblOState.Text;
                switch( strOState )
                {
                    case "0":
                        strOState = "未处理";
                        break;
                    case "1":
                        strOState = "完成";
                        break;
                    case "2":
                        strOState = "等待";
                        break;
                    default:
                        strOState = "其他";
                        break;
                }                                   
                lblOState.Text = strOState; 

                tableSelect.Visible = false;
                tableInfo.Visible = true;

            }
            else
            {
                Response.Write("<script>");
                Response.Write("alert('找不到相应的订单资料!!!');");
                Response.Write("</script>");
            }
            dr.Close();
            myDB.Close();
        }
Ejemplo n.º 9
0
 private void getAnnounce()//获取公告信息
 {
     string mySql="select * from append where id='3'";
     
     DBConn myDB = new DBConn();
     SqlDataReader mydr  = myDB.getDataReader( mySql );
     if( mydr.Read() )
     {
         lblAnnounce.Text = CleanString.htmlOutputText( mydr["text"].ToString() );
     }
     mydr.Close();
     myDB.Close();        
 }
Ejemplo n.º 10
0
        private void PData()//二手书列表绑定
        {
            if( ViewState["CID"] == null )
            {
                MySqlPager SqlPager = new MySqlPager();
				SqlPager.setAttribute( SqlPager1, "PDataList", "select * from Products order by PID desc", "PID desc", 12);
                
                lblDaohang.Text = "所有二手书";
            }
            else
            {
                string strCID = ViewState["CID"].ToString();
                DBConn myDB = new DBConn();
                string sql="select * from Products where CID=" + strCID + " order by PID desc";
                try
                {
                    MySqlPager SqlPager = new MySqlPager();
					SqlPager.setAttribute( SqlPager1, "PDataList", sql, "PID desc", 12);
                }
                catch
                {
                    Response.Write("<script>");
                    Response.Write("alert('没有记录!!!');");
                    Response.Write("</script>");
                    myDB.Close();
                    Response.Redirect("index.aspx");
                    return;
                }
                myDB.Close();

                DBConn DB = new DBConn();
                string mySql = "select * from Category where CID=" + strCID;
                SqlDataReader dr = DB.getDataReader( mySql );
                if( dr.Read() )
                {
                    lblDaohang.Text = dr["CName"].ToString();
                }
                else
                {
                    Response.Write("<script>");
                    Response.Write("alert('没有这个类别!!!');");
                    Response.Write("</script>");
                    dr.Close();
                    DB.Close();
                    Response.Redirect("index.aspx");
                    return;
                }
                dr.Close();
                DB.Close();
            }
        }
Ejemplo n.º 11
0
        protected void Page_Load(object sender, System.EventArgs e)
        {


            if (!IsPostBack)
            {
                if (Request.QueryString["did"] != null)
                {
                    string Pid = Request.QueryString["did"].ToString();

                    string sql = "delete from  [tblLeaveWord] where id=" + Pid;

                    DBConn myDB = new DBConn();

                    myDB.ExecuteNonQuery(sql);
                    myDB.Close();
                }

                getData();
            }
        }
Ejemplo n.º 12
0
        private bool isAdmin(string strAdmin, string strPassword)
        {
            bool bTemp = false;

            DBConn myDB = new DBConn();
            string mySql = "select * from tblUser where UserName='******' and Psw='" + strPassword + "'";
            SqlDataReader mydr = myDB.getDataReader(mySql);
            if (mydr.Read())
            {
                bTemp = true;
            }
            else
            {
                bTemp = false;
            }

            mydr.Close();
            myDB.Close();

            return bTemp;
        }
Ejemplo n.º 13
0
        protected void Button1_Click(object sender, EventArgs e)
        {


            if (Session["User"] != null)
            {
                string Pid = Request.QueryString["id"].ToString();
                string tblUser = (String)Session["User"];
                string sql = "insert into [tblLeaveWord](UserName,Pid,isNote) values ( '" + tblUser + "', '" + Pid + "', '" + TextBox1.Text + "')";

                DBConn myDB = new DBConn();
                myDB.ExecuteNonQuery(sql);               
                myDB.Close();
                Response.Redirect("productDisplay.aspx?id=" + Request.QueryString["id"].ToString());
               
            }
            else
            {
                Response.Write("<script>alert('未登陆无法评论~');</script>");
            }
           

        }
Ejemplo n.º 14
0
        protected void Button1_Click(object sender, EventArgs e)
        {
            if (Session["User"] != null)
            {
                string Pid = Request.QueryString["id"].ToString();


  
                //检查库存

                string strNum = DropDownList1.SelectedValue;

                DBConn myDB = new DBConn();
                string mySql = "select PStock from Products where PID=" + Pid;
                SqlDataReader mydr = myDB.getDataReader(mySql);
                if (mydr.Read())
                {
                    int iPStock = Int32.Parse(mydr["PStock"].ToString());
                    if (iPStock < int.Parse(strNum))
                    {
                        Response.Write("<script>");
                        Response.Write("alert('库存不足!!!现在库存还有[ " + iPStock.ToString() + " ]');");
                        Response.Write("</script>");
                        return;
                    }

                }
                else
                {
                    Response.Write("<script>");
                    Response.Write("alert('没有这个二手书!!!');");
                    Response.Write("</script>");
                    mydr.Close();
                    myDB.Close();
                    Response.Redirect("index.aspx");
                    return;
                }
                mydr.Close();
                myDB.Close();

                

                string tblUser = (String)Session["User"];
                string sql = "insert into [tblBasket](tblUser,Pid,isN,isMoney) values ( '" + tblUser + "', '" + Pid + "', '" + strNum + "', " + lblCount.Text +")";

                DBConn myDB1 = new DBConn();

                myDB1.ExecuteNonQuery(sql);
                myDB1.Close();

                Response.Write("<script>alert('加入购物车成功 ~');</script>");
            }
            else
            {
                Response.Write("<script>alert('未登陆无法收藏~');</script>");
            }
                  
        }
Ejemplo n.º 15
0
        protected void btnOK_Click(object sender, System.EventArgs e)
        {
            string strID = ViewState["ID"].ToString();
            string strName = txtName.Text.Trim();
            string strEmail = txtEmail.Text.Trim();
            string strPhone = txtPhone.Text.Trim();
            string strNum = ddlNum.SelectedValue;

            if (strName == String.Empty || strEmail == String.Empty || strPhone == String.Empty)
            {
                Response.Write("<script>");
                Response.Write("alert('请把必填项添上!!!');");
                Response.Write("</script>");
                return;
            }
         //   if (Session["CheckCode"] == null)
           // {
           //     Response.Redirect("index.aspx");
            //    return;
           // }
            if (Session["CheckCode"].ToString() != txtCheck.Text.Trim())
            {
                Response.Write("<script>");
                Response.Write("alert('输入的验证码有误!请重新输入!')");
                Response.Write("</script>");
                return;
            }

            //检查库存
            DBConn myDB = new DBConn();
            string mySql = "select PStock from Products where PID=" + strID;
            SqlDataReader mydr = myDB.getDataReader(mySql);
            if (mydr.Read())
            {
                int iPStock = Int32.Parse(mydr["PStock"].ToString());
                if (iPStock < int.Parse(strNum))
                {
                    Response.Write("<script>");
                    Response.Write("alert('库存不足!!!现在库存还有[ " + iPStock.ToString() + " ]');");
                    Response.Write("</script>");
                    return;
                }

            }
            else
            {
                Response.Write("<script>");
                Response.Write("alert('没有这个二手书!!!');");
                Response.Write("</script>");
                mydr.Close();
                myDB.Close();
                Response.Redirect("index.aspx");
                return;
            }
            mydr.Close();
            myDB.Close();

            Order myOrder = new Order();
            
            myOrder.PID = strID;
            myOrder.PName = lblPName.Text;
            myOrder.PNum = strNum.ToString();
            myOrder.PPrice = lblPNPrice.Text;
            myOrder.TotalPrice = lblTotalPric.Text;
            myOrder.TName = CleanString.htmlInputText(strName);
            myOrder.Email = strEmail;
            myOrder.Phone = CleanString.htmlInputText(strPhone);
            if (ViewState["PCPrice"] != null)
            {
                myOrder.PCPrice = ViewState["PCPrice"].ToString();
            }


            Session["myOrder"] = myOrder;

            if (Session["SubmitCheck"] != null)
            {
                DateTime myDTime = (DateTime)Session["SubmitCheck"];
                if (myDTime.AddMilliseconds(30000) > DateTime.Now)
                {
                    Response.Write("<script>");
                    TimeSpan myTime = DateTime.Now - (DateTime)Session["SubmitCheck"];
                    Response.Write("alert('不能频繁提交,请在" + (30 - myTime.Seconds) + "秒后继续!!!');");
                    Response.Write("</script>");
                    return;
                }
            }
            Session["SubmitCheck"] = DateTime.Now;

            Response.Redirect("orderinfo.aspx?key=" + Server.UrlEncode("makeOrder.aspx?id=" + ViewState["ID"].ToString()));

        }
Ejemplo n.º 16
0
        protected void btnOK_Click(object sender, System.EventArgs e)
        {
            string strUName = txtUserName.Text.Trim();
            string strUPhone = txtUserPhone.Text.Trim();
            string strUEmail = txtEmail.Text.Trim();
            string strMTitle = txtTitle.Text.Trim();
            string strMContent = txtContent.Text.Trim();

            if( strUEmail == String.Empty || strMTitle == String.Empty || strMContent == String.Empty )
            {
                Response.Write("<script>");
                Response.Write("alert('请把必填项添上!!!');");
                Response.Write("</script>");
                return;
            }
            if( strMContent.Length > 300 )
            {
                Response.Write("<script>");
                Response.Write("alert('内容太长了..(300字以内)!!!');");
                Response.Write("</script>");
                return;
            }
            
            //防止恶意刷信息
            if( Session["messageCheck"] != null )
            {
                DateTime myDTime = (DateTime)Session["messageCheck"];
                if( myDTime.AddMilliseconds(30000) > DateTime.Now )
                {
                    Response.Write("<script>");
                    TimeSpan myTime = DateTime.Now - (DateTime)Session["messageCheck"];
                    Response.Write("alert('不能频繁提交,请在" + (30-myTime.Seconds) + "秒后继续!!!');");
                    Response.Write("</script>");
                    return;
                } 
            }

            //过滤输入字符串
            strUName    = CleanString.htmlInputText( strUName );
            strUPhone   = CleanString.htmlInputText( strUPhone );
            strUEmail   = CleanString.htmlInputText( strUEmail );
            strMTitle   = CleanString.htmlInputText( strMTitle );
            strMContent = CleanString.htmlInputText( strMContent );

            string mySql = "insert into [message](UName,UPhone,UEmail,MTitle,MContent,Pubdate) values('" +
                           strUName + "','" + strUPhone + "','" + strUEmail + "','" + strMTitle
                            + "','" + strMContent + "','" + DateTime.Now + "')";
            DBConn myDB = new DBConn();
            myDB.ExecuteNonQuery( mySql );
            myDB.Close();

            Session["messageCheck"] = DateTime.Now; //防止恶意刷信息 记录提交时间
            
            Response.Write("<script>");
            Response.Write ("alert('成功提交!')");
            Response.Write ("</script>");
            txtUserName.Text = "";
            txtUserPhone.Text = "";
            txtEmail.Text = "";
            txtTitle.Text = "";
            txtContent.Text = "";

        }
Ejemplo n.º 17
0
 private void getTJDataList()//精品推荐
 {
     DBConn myDB = new DBConn();
     string sql = "select top 10 * from Products where PCommend=1 order by PID desc";
     JRepeater.DataSource = myDB.getDataReader( sql );
     JRepeater.DataBind();
     myDB.Close();  
 }
Ejemplo n.º 18
0
        private void PData()//显示相应二手书信息
        {
            string strID = ViewState["ID"].ToString();

            DBConn myDB = new DBConn();
            string sql = "select * from Products where PID=" + strID;
            SqlDataReader dr = myDB.getDataReader(sql);
            if (dr.Read())
            {
                strPID = dr["PID"].ToString();
                lblPName.Text = dr["PName"].ToString();
                strPName = lblPName.Text;
                lblPFPrice.Text = double.Parse(dr["PFPrice"].ToString()).ToString("f2");
                lblPNPrice.Text = double.Parse(dr["PNPrice"].ToString()).ToString("f2");
                strPBewrite = dr["PBewrite"].ToString();
                strPUseMode = dr["PUseMode"].ToString();
                strPValidity = dr["PValidity"].ToString();
                string strPStock = dr["PStock"].ToString();
                if (Int32.Parse(strPStock) > 0)
                {
                    strBuy = "<img src='images/car.gif'> [ <A target=_blank href='makeOrder.aspx?id=" + strPID + "'>在线购买</A> ]";
                }
                else
                {
                    strBuy = "[ 没有存货 ]";
                }
            }
            dr.Close();
            myDB.Close();
        }
Ejemplo n.º 19
0
        private void DHData()//导航条设置
        {
            string strCID = ViewState["CID"].ToString();

            if (ViewState["CID"] == null || ViewState["CID"].ToString() == String.Empty)
            {
                lblDaohang.Text = "所有二手书";
            }
            else
            {
                DBConn myDB = new DBConn();
                string sql = "select * from Category where CID=" + strCID;
                SqlDataReader dr = myDB.getDataReader(sql);
                if (dr.Read())
                {
                    lblDaohang.Text = dr["CName"].ToString();
                }
                dr.Close();
                myDB.Close();
            }
         
        }
Ejemplo n.º 20
0
        protected void btnOK_Click(object sender, System.EventArgs e)
        {
            string strUName    = txtUserName.Text.Trim();
            string strUPhone   = txtUserPhone.Text.Trim();
            string strUEmail   = txtEmail.Text.Trim();
            string strMTitle   = txtTitle.Text.Trim();
            string strMContent = txtContent.Text.Trim();

            if (strUEmail == String.Empty || strMTitle == String.Empty || strMContent == String.Empty)
            {
                Response.Write("<script>");
                Response.Write("alert('请把必填项添上!!!');");
                Response.Write("</script>");
                return;
            }
            if (strMContent.Length > 300)
            {
                Response.Write("<script>");
                Response.Write("alert('内容太长了..(300字以内)!!!');");
                Response.Write("</script>");
                return;
            }

            //防止恶意刷信息
            if (Session["messageCheck"] != null)
            {
                DateTime myDTime = (DateTime)Session["messageCheck"];
                if (myDTime.AddMilliseconds(30000) > DateTime.Now)
                {
                    Response.Write("<script>");
                    TimeSpan myTime = DateTime.Now - (DateTime)Session["messageCheck"];
                    Response.Write("alert('不能频繁提交,请在" + (30 - myTime.Seconds) + "秒后继续!!!');");
                    Response.Write("</script>");
                    return;
                }
            }

            //过滤输入字符串
            strUName    = CleanString.htmlInputText(strUName);
            strUPhone   = CleanString.htmlInputText(strUPhone);
            strUEmail   = CleanString.htmlInputText(strUEmail);
            strMTitle   = CleanString.htmlInputText(strMTitle);
            strMContent = CleanString.htmlInputText(strMContent);

            string mySql = "insert into [message](UName,UPhone,UEmail,MTitle,MContent,Pubdate) values('" +
                           strUName + "','" + strUPhone + "','" + strUEmail + "','" + strMTitle
                           + "','" + strMContent + "','" + DateTime.Now + "')";
            DBConn myDB = new DBConn();

            myDB.ExecuteNonQuery(mySql);
            myDB.Close();

            Session["messageCheck"] = DateTime.Now; //防止恶意刷信息 记录提交时间

            Response.Write("<script>");
            Response.Write("alert('成功提交!')");
            Response.Write("</script>");
            txtUserName.Text  = "";
            txtUserPhone.Text = "";
            txtEmail.Text     = "";
            txtTitle.Text     = "";
            txtContent.Text   = "";
        }
Ejemplo n.º 21
0
        protected void Page_Load(object sender, System.EventArgs e)
        {
            if (!IsPostBack)
            {
                if (Session["myOrder"] == null)
                {
                    Response.Redirect("index.aspx");
                    return;
                }

                //返回操作
                if (Request.QueryString["key"] == null || Request.QueryString["key"].ToString() == String.Empty)
                {
                    Response.Redirect("index.aspx");
                    return;
                }
                string strBack = Request.QueryString["key"].ToString();
                strBack = Server.UrlDecode(strBack);
                lblBack.Text = "<a href='index.aspx'>返回</a>";

                Order myOrder = (Order)Session["myOrder"];
                string strOID = myOrder.OID;
                string strPID = myOrder.PID;
                string strPName = myOrder.PName;
                string strPNum = myOrder.PNum;
                string strPPrice = myOrder.PPrice;
                string strTotalPrice = myOrder.TotalPrice;
                string strTName = myOrder.TName;
                string strEmail = myOrder.Email;
                string strPhone = myOrder.Phone;
                string strPCPrice = myOrder.PCPrice;//成本


                strOID = getNewOrderID(); //订单号
                string sql = "";
                DBConn myDB = new DBConn();

              
                    if (strPID == "0")
                    {
                        //没有ID 为批量购物的订单
                        //清空购物车,添加批量记录
                        strPName = "批量购买产品,请查看详情";
                        strPNum = "0";
                        strPPrice = "0";

                        sql = "select * from [viwBasket] where tblUser='******'order by ID desc";

                        DataSet ds1 = myDB.getDataSet(sql);


                        foreach (DataRow row in ds1.Tables[0].Rows)
                        {
                            string sql1 = "";
                            string tblUser, Pid, isN, isMoney, OrderNo;
                            tblUser = row["tblUser"].ToString();
                            isN = row["isN"].ToString();
                            isMoney = row["isMoney"].ToString();
                            OrderNo = strOID;
                            Pid = row["Pid"].ToString();

                            sql1 = "Insert into tblP_Order(tblUser,Pid,isN,isMoney,OrderNo) values ( '" +
                                tblUser + "', '" + Pid + "', '" + isN + "', " + isMoney + ", '" + OrderNo + "')";
                            myDB.ExecuteNonQuery(sql1);


                        }

                        sql = "delete from [tblBasket] where tblUser='******'";
                       myDB.ExecuteNonQuery(sql);//删除购物车
                        

                        sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" +
                         strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" +
                         DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "',0)";
                    

                    }
                    else
                    {
                        sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" +
                              strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" +
                              DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "'," + strPCPrice + ")";


                    }

                    myDB.ExecuteNonQuery(sql);
                  

                    myOrder.OID = strOID;
                    Session["myOrder"] = myOrder;

                    if (strPID == "0") lblDetailP.Text = "<a href='P_OderInfo.aspx?id=" + strOID + "' target='_blank'>查看批量购买的产品详情</a>";

                lblOrderID.Text = strOID;
                lblPName.Text = strPName;
                lblPNum.Text = strPNum;
                lblPPrice.Text = strPPrice;
                lblTotalPrice.Text = strTotalPrice;
                lblTName.Text = strTName;
                lblEmail.Text = strEmail;
                lblPhone.Text = strPhone;
                Label1.Text = myDB.LookUp("select * from tbluser where UserName='******'", "真实姓名");

                      myDB.Close();
            }
        }
Ejemplo n.º 22
0
        private void leaveWord()//评论
        {
            DBConn myDB = new DBConn();
            string sql = "select * from tblLeaveWord where PID=" + Request.QueryString["id"];
            strLeaveWord = "";
            DataSet ds1 = myDB.getDataSet(sql);
            foreach (DataRow row in ds1.Tables[0].Rows)
            {
                strLeaveWord += "<br>用户id:" + row["UserName"].ToString() + "-----------";
                strLeaveWord += row["isDate"].ToString() + "<br>" ;

                strLeaveWord += row["isNote"].ToString() + "<br>" + "<br>";
            }
            myDB.Close();

        }
Ejemplo n.º 23
0
        protected void Page_Load(object sender, System.EventArgs e)
        {
            if (!IsPostBack)
            {
                if (Session["myOrder"] == null)
                {
                    Response.Redirect("index.aspx");
                    return;
                }

                //返回操作
                if (Request.QueryString["key"] == null || Request.QueryString["key"].ToString() == String.Empty)
                {
                    Response.Redirect("index.aspx");
                    return;
                }
                string strBack = Request.QueryString["key"].ToString();
                strBack      = Server.UrlDecode(strBack);
                lblBack.Text = "<a href='index.aspx'>返回</a>";

                Order  myOrder       = (Order)Session["myOrder"];
                string strOID        = myOrder.OID;
                string strPID        = myOrder.PID;
                string strPName      = myOrder.PName;
                string strPNum       = myOrder.PNum;
                string strPPrice     = myOrder.PPrice;
                string strTotalPrice = myOrder.TotalPrice;
                string strTName      = myOrder.TName;
                string strEmail      = myOrder.Email;
                string strPhone      = myOrder.Phone;
                string strPCPrice    = myOrder.PCPrice;//成本


                strOID = getNewOrderID(); //订单号
                string sql  = "";
                DBConn myDB = new DBConn();


                if (strPID == "0")
                {
                    //没有ID 为批量购物的订单
                    //清空购物车,添加批量记录
                    strPName  = "批量购买产品,请查看详情";
                    strPNum   = "0";
                    strPPrice = "0";

                    sql = "select * from [viwBasket] where tblUser='******'order by ID desc";

                    DataSet ds1 = myDB.getDataSet(sql);


                    foreach (DataRow row in ds1.Tables[0].Rows)
                    {
                        string sql1 = "";
                        string tblUser, Pid, isN, isMoney, OrderNo;
                        tblUser = row["tblUser"].ToString();
                        isN     = row["isN"].ToString();
                        isMoney = row["isMoney"].ToString();
                        OrderNo = strOID;
                        Pid     = row["Pid"].ToString();

                        sql1 = "Insert into tblP_Order(tblUser,Pid,isN,isMoney,OrderNo) values ( '" +
                               tblUser + "', '" + Pid + "', '" + isN + "', " + isMoney + ", '" + OrderNo + "')";
                        myDB.ExecuteNonQuery(sql1);

                        myDB.ExecuteNonQuery("Update Products Set PStock = PStock - " + isN + ",PSellNum = PSellNum + " + isN + " WHERE PID = " + Pid);
                    }

                    sql = "delete from [tblBasket] where tblUser='******'";
                    myDB.ExecuteNonQuery(sql);//删除购物车


                    sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" +
                          strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" +
                          DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "',0)";
                }
                else
                {
                    sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" +
                          strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" +
                          DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "'," + strPCPrice + ")";

                    myDB.ExecuteNonQuery("Update Products Set PStock = PStock - " + strPNum + ",PSellNum = PSellNum + " + strPNum + " WHERE PID = " + strPID);
                }


                myDB.ExecuteNonQuery(sql);


                myOrder.OID        = strOID;
                Session["myOrder"] = myOrder;

                if (strPID == "0")
                {
                    lblDetailP.Text = "<a href='P_OderInfo.aspx?id=" + strOID + "' target='_blank'>查看批量购买的产品详情</a>";
                }

                lblOrderID.Text    = strOID;
                lblPName.Text      = strPName;
                lblPNum.Text       = strPNum;
                lblPPrice.Text     = strPPrice;
                lblTotalPrice.Text = strTotalPrice;
                lblTName.Text      = strTName;
                lblEmail.Text      = strEmail;
                lblPhone.Text      = strPhone;
                Label1.Text        = myDB.LookUp("select * from tbluser where UserName='******'", "真实姓名");

                myDB.Close();
            }
        }
Ejemplo n.º 24
0
        protected void btnOK_Click(object sender, System.EventArgs e)
        {
            string strID    = ViewState["ID"].ToString();
            string strName  = txtName.Text.Trim();
            string strEmail = txtEmail.Text.Trim();
            string strPhone = txtPhone.Text.Trim();
            string strNum   = ddlNum.SelectedValue;

            if (strName == String.Empty || strEmail == String.Empty || strPhone == String.Empty)
            {
                Response.Write("<script>");
                Response.Write("alert('请把必填项添上!!!');");
                Response.Write("</script>");
                return;
            }
            //   if (Session["CheckCode"] == null)
            // {
            //     Response.Redirect("index.aspx");
            //    return;
            // }
            if (Session["CheckCode"].ToString() != txtCheck.Text.Trim())
            {
                Response.Write("<script>");
                Response.Write("alert('输入的验证码有误!请重新输入!')");
                Response.Write("</script>");
                return;
            }

            //检查库存
            DBConn        myDB  = new DBConn();
            string        mySql = "select PStock from Products where PID=" + strID;
            SqlDataReader mydr  = myDB.getDataReader(mySql);

            if (mydr.Read())
            {
                int iPStock = Int32.Parse(mydr["PStock"].ToString());
                if (iPStock < int.Parse(strNum))
                {
                    Response.Write("<script>");
                    Response.Write("alert('库存不足!!!现在库存还有[ " + iPStock.ToString() + " ]');");
                    Response.Write("</script>");
                    return;
                }
            }
            else
            {
                Response.Write("<script>");
                Response.Write("alert('没有这个二手书!!!');");
                Response.Write("</script>");
                mydr.Close();
                myDB.Close();
                Response.Redirect("index.aspx");
                return;
            }
            mydr.Close();
            myDB.Close();

            Order myOrder = new Order();

            myOrder.PID        = strID;
            myOrder.PName      = lblPName.Text;
            myOrder.PNum       = strNum.ToString();
            myOrder.PPrice     = lblPNPrice.Text;
            myOrder.TotalPrice = lblTotalPric.Text;
            myOrder.TName      = CleanString.htmlInputText(strName);
            myOrder.Email      = strEmail;
            myOrder.Phone      = CleanString.htmlInputText(strPhone);
            if (ViewState["PCPrice"] != null)
            {
                myOrder.PCPrice = ViewState["PCPrice"].ToString();
            }


            Session["myOrder"] = myOrder;

            if (Session["SubmitCheck"] != null)
            {
                DateTime myDTime = (DateTime)Session["SubmitCheck"];
                if (myDTime.AddMilliseconds(30000) > DateTime.Now)
                {
                    Response.Write("<script>");
                    TimeSpan myTime = DateTime.Now - (DateTime)Session["SubmitCheck"];
                    Response.Write("alert('不能频繁提交,请在" + (30 - myTime.Seconds) + "秒后继续!!!');");
                    Response.Write("</script>");
                    return;
                }
            }
            Session["SubmitCheck"] = DateTime.Now;

            Response.Redirect("orderinfo.aspx?key=" + Server.UrlEncode("makeOrder.aspx?id=" + ViewState["ID"].ToString()));
        }
Ejemplo n.º 25
0
        private void PData()//显示相应二手书信息
        {
            string strID = ViewState["ID"].ToString();

            DBConn myDB = new DBConn();
            string sql = "select * from Products where PID=" + strID;
            SqlDataReader dr;
            try
            {
                dr = myDB.getDataReader(sql);
            }
            catch
            {
                Response.Write("<script>");
                Response.Write("alert('没有这个二手书!!!');");
                Response.Write("</script>");
                Response.Redirect("index.aspx");
                return;
            }
            if (dr.Read())
            {
                string strPID = "";
                strPID = dr["PID"].ToString();

                myImg.Src = "showPP.aspx?id=" + strPID;
                lblPName.Text = dr["PName"].ToString();
                lblPFPrice.Text = double.Parse(dr["PFPrice"].ToString()).ToString("f2");
                lblPNPrice.Text = double.Parse(dr["PNPrice"].ToString()).ToString("f2");
                lblTotalPric.Text = lblPNPrice.Text;

                ViewState["PCPrice"] = dr["PCPrice"].ToString();

                string strPStock = dr["PStock"].ToString();
                if (Int32.Parse(strPStock) > 0)
                {
                    lblIsStock.Text = "[仓库有货]";
                }
                else
                {
                    lblIsStock.Text = "[没有存货]";
                    btnOK.Enabled = false;
                }
            }
            else
            {
                Response.Write("<script>");
                Response.Write("alert('没有这个二手书!!!');");
                Response.Write("</script>");
                dr.Close();
                myDB.Close();
                Response.Redirect("index.aspx");
                return;
            }
            dr.Close();
            myDB.Close();
        }
Ejemplo n.º 26
0
        protected void Button1_Click(object sender, EventArgs e)
        {
         if (Session["User"] != null)
            {
                string Pid = Request.QueryString["id"].ToString();
                string tblUser = (String)Session["User"];
                DBConn myDB = new DBConn();

                if (myDB.LookUp("select id from tblFav  where tblUser='******' and Pid=" + Pid, "id") != "")
                 
              {    Response.Write("<script>alert('您已经收藏该产品了 ~');</script>");
              myDB.Close();

                  return;
              }
                string sql = "insert into [tblFav](tblUser,Pid) values ( '" + tblUser + "', '" + Pid + "')";

             
                myDB.ExecuteNonQuery(sql);
                myDB.Close();

                Response.Write("<script>alert('收藏成功 ~');</script>");
            }
            else
            {
                Response.Write("<script>alert('未登陆无法收藏~');</script>");
            }




        }
Ejemplo n.º 27
0
        private void HData()//分类对应的热销二手书列表绑定
        {
            if( ViewState["CID"] == null )
            {
                DBConn myDB = new DBConn();
				string sql = "SELECT TOP 5 * FROM Products WHERE PSellNum>0 ORDER BY PSellNum DESC,PID";
                HotRepeater.DataSource = myDB.getDataReader( sql );
                HotRepeater.DataBind();
                myDB.Close();
            }
            else
            {
                string strCID = ViewState["CID"].ToString();

                DBConn myDB = new DBConn();
                string sql = "SELECT top 5 * From Products Where PSellNum>0 and CID=" + strCID + " order by PSellNum desc,PID";
                HotRepeater.DataSource = myDB.getDataReader( sql );
                HotRepeater.DataBind();
                myDB.Close();
            }
            
        }
Ejemplo n.º 28
0
        private string getNewOrderID()//获取新的流水帐号
        {
            string strOrderID = "";

            DateTime myTime = System.DateTime.Now;
            strOrderID = myTime.Year.ToString();
            strOrderID += myTime.Month.ToString("00");
            strOrderID += myTime.Day.ToString("00");
            strOrderID += myTime.Hour.ToString("00");
            strOrderID += myTime.Minute.ToString("00");
            strOrderID += myTime.Second.ToString("00");
            strOrderID += myTime.Millisecond.ToString("000");//毫秒

            DBConn myDB = new DBConn();
            string sql = "select OID from [Order] order by OID desc";
            SqlDataReader dr = myDB.getDataReader(sql);
            if (dr.Read())
            {
                string strTemp = dr["OID"].ToString();
                int iTemp = Int32.Parse(strTemp.Substring(strTemp.Length - 2, 2)) + 1;
                strOrderID += (iTemp % 100).ToString("00");
            }
            else
            {
                strOrderID += "00";
            }
            dr.Close();
            myDB.Close();

            return strOrderID;
        }