protected void Page_Load(object sender, EventArgs e)
{
courseID = Request.QueryString["detail"];
if (courseID == null)
{
Response.Redirect("~/index.aspx");
}
MySqlParameter [] p = new MySqlParameter[1];
p[0] = new MySqlParameter("?id", MySqlDbType.Int32);
p[0].Value = int.Parse(courseID);
var ds = MySqlDBUtil.ExecuteQuery("select name, description,line1,line2,zipcode,city,state, image_id, provider_id from service where idservice=?id", p);
name.Text = ds.Tables[0].Rows[0]["name"].ToString();
address.Text = ds.Tables[0].Rows[0]["line1"].ToString() + ds.Tables[0].Rows[0]["line2"].ToString() + ds.Tables[0].Rows[0]["zipcode"].ToString()
+ ds.Tables[0].Rows[0]["city"].ToString() + ds.Tables[0].Rows[0]["state"].ToString();
description.Text = ds.Tables[0].Rows[0]["description"].ToString();
Image1.ImageUrl = "~/imgHandler.ashx?imID=" + ds.Tables[0].Rows[0]["image_id"];
string pid = ds.Tables[0].Rows[0]["provider_id"].ToString();
string provider_sql = "select img_id, description from user where iduser= ?id";
// p[0].Value = int.Parse(pid);
//var ds2 = MySqlDBUtil.ExecuteQuery(provider_sql,p);
//Image_p.ImageUrl = "~/imgHandler.ashx?imID="+ds2.Tables[0].Rows[0]["img_id"].ToString();
// p_description.Text = ds2.Tables[0].Rows[0]["description"].ToString();
}
protected void Button3_Click(object sender, EventArgs e)
{
int imgLen = FileUpload1.PostedFile.ContentLength;
if (imgLen > 500 * 1024)
{
MessageBox.Show(this, "File should be no larger than 500KB");
return;
}
Stream imgStream = FileUpload1.PostedFile.InputStream;
byte[] imgBinaryData = new byte[imgLen];
int n = imgStream.Read(imgBinaryData, 0, imgLen);
MySqlParameter[] p = new MySqlParameter[2];
p[0] = new MySqlParameter("?data", MySqlDbType.Blob, n);
p[0].Value = imgBinaryData;
p[1] = new MySqlParameter("?title", MySqlDbType.VarChar, 4);
p[1].Value = "test";
string sql = "insert into images (image, title) values (?data, ?title)";
int imgid = MySqlDBUtil.ExecuteInsert(sql, p);
string update = "update user set img_id =?imgid where iduser=?id";
p[0] = new MySqlParameter("?imgid", MySqlDbType.Int32);
p[0].Value = imgid;
p[1] = new MySqlParameter("?id", MySqlDbType.Int32);
p[1].Value = int.Parse(Master.id);
MySqlDBUtil.ExecuteNonQuery(update, p);
}
public void ProcessRequest(HttpContext context)
{
string imageid = context.Request.QueryString["imID"];
string sql = "select image from images where idimages= ?imgID";
MySqlParameter[] p = new MySqlParameter[1];
p[0] = new MySqlParameter("?imgID", MySqlDbType.Int32);
p[0].Value = int.Parse(imageid);
Byte[] dr = MySqlDBUtil.ReadBinary(sql, p);
context.Response.BinaryWrite(dr);
context.Response.End();
}
protected void ChangePassword_Click(object sender, EventArgs e)
{
int id = 5;
string new_pass = pwd0.Text;
string sql = "update user set password =?pwd where iduser = ?id;";
MySqlParameter [] p = new MySqlParameter[2];
p[0] = new MySqlParameter("?pwd", MySqlDbType.VarChar, 32);
p[0].Value = MD5.getMd5Hash(new_pass);
p[1] = new MySqlParameter("?id", MySqlDbType.Int32);
p[0].Value = id;
MySqlDBUtil.ExecuteNonQuery(sql, p);
}
protected void Page_Load(object sender, EventArgs e)
{
DataSet ds = MySqlDBUtil.ExecuteQuery("select name from category");
cat.Items.Clear();
for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
{
cat.Items.Add(ds.Tables[0].Rows[i][0].ToString());
}
ds = MySqlDBUtil.ExecuteQuery("select idservice, name, description from service ");
ListView1.DataSource = ds.Tables[0];
ListView1.DataBind();
}
protected void Button1_Click(object sender, System.EventArgs e)
{
string name = userName1.Text.Trim(), pwd = MD5.getMd5Hash(pwd0.Text.Trim()), email = mail.Text.Trim();
string sql = "insert into user (user_name,password,email, create_time, update_time) values (?name,?pwd,?email,now(),now())";
MySqlParameter[] parameters = new MySqlParameter[3];
parameters[0] = new MySqlParameter("?name", MySqlDbType.VarChar, name.Length);
parameters[0].Value = name;
parameters[1] = new MySqlParameter("?pwd", MySqlDbType.VarChar, pwd.Length);
parameters[1].Value = pwd;
parameters[2] = new MySqlParameter("?email", MySqlDbType.VarChar, email.Length);
parameters[2].Value = email;
MySqlDBUtil.ExecuteNonQuery(sql, parameters);
MessageBox.Show(this, "success, we need to redirect to another page.");
}
protected void create_Click(object sender, EventArgs e)
{
int id = 1;
string name = title.Text,
category = cat.Items[cat.SelectedIndex].Text,
min = min_age.Text, max = max_age.Text,
tel = phone.Text, url = Url.Text,
descr = description.Text, l1 = line1.Text, l2 = Line2.Text,
zip = zipcode.Text, c = city.Text, s = state.Text;
string sql = "insert into service (provider_id, name,description,min_age, max_age,phone,url,line1,Line2,zipcode,city,state,create_time, update_time) values " +
"(?id,?name,?descr,?min,?max,?tel,?url,?line1,?line2,?zip,?city,?state, now(), now())";
MySqlParameter [] p = new MySqlParameter[12];
p[0] = new MySqlParameter("?id", MySqlDbType.Int32);
p[0].Value = id;
p[1] = new MySqlParameter("?name", MySqlDbType.VarChar, name.Length);
p[1].Value = name;
p[2] = new MySqlParameter("?descr", MySqlDbType.VarChar, descr.Length);
p[2].Value = descr;
p[3] = new MySqlParameter("?min", MySqlDbType.Int16);
p[3].Value = int.Parse(min);
p[4] = new MySqlParameter("?max", MySqlDbType.Int16);
p[4].Value = int.Parse(max);
p[5] = new MySqlParameter("?tel", MySqlDbType.VarChar, tel.Length);
p[5].Value = tel;
p[6] = new MySqlParameter("?url", MySqlDbType.VarChar, url.Length);
p[6].Value = url;
p[7] = new MySqlParameter("?line1", MySqlDbType.VarChar, l1.Length);
p[7].Value = l1;
p[8] = new MySqlParameter("?line2", MySqlDbType.VarChar, l2.Length);
p[8].Value = l2;
p[9] = new MySqlParameter("?zip", MySqlDbType.VarChar, zip.Length);
p[9].Value = zip;
p[10] = new MySqlParameter("?city", MySqlDbType.VarChar, c.Length);
p[10].Value = c;
p[11] = new MySqlParameter("?state", MySqlDbType.VarChar, s.Length);
p[11].Value = s;
MySqlDBUtil.ExecuteNonQuery(sql, p);
}
protected void signin_Click(object sender, System.EventArgs e)
{
string user = username.Text.Trim();
string pwd = MD5.getMd5Hash(inputPassword.Text.Trim());
MySqlParameter [] param = new MySqlParameter[2];
param[0] = new MySqlParameter("?pwd", MySqlDbType.VarChar, 32);
param[0].Value = pwd;
param[1] = new MySqlParameter("?name", MySqlDbType.VarChar, user.Length);
param[1].Value = user;
string result = MySqlDBUtil.ExecuteScalar("select password = ?pwd from user where user_name = ?name", param);
param = new MySqlParameter[1];
param[0] = new MySqlParameter("?name", MySqlDbType.VarChar, user.Length);
param[0].Value = user;
string id = MySqlDBUtil.ExecuteScalar("select iduser from user where user_name = ?name", param);
if (result == "1")
{
// in the future, the id and pwd can be encrypted with DES, each user has its unique key.
HttpCookie logInfo = new HttpCookie("mentorhip");
logInfo.Expires = DateTime.Now.AddDays(14d);
logInfo["username"] = user;
logInfo["id"] = id;
logInfo["pwd"] = pwd;
logInfo["expire"] = "false";
HttpContext.Current.Response.Cookies.Add(logInfo);
HttpCookie authentication = new HttpCookie("mh_auth");
authentication["id"] = id;
authentication["pwd"] = pwd;
HttpContext.Current.Response.Cookies.Add(authentication);
Response.Redirect("~/index.aspx", true);
}
else
{
MessageBox.Show(this, "Please check username or password");
}
}
protected void Page_Load(object sender, EventArgs e)
{
Image1.ImageUrl = "~/imgHandler.ashx?imID=" + MySqlDBUtil.ExecuteScalar("select img_id from user where iduser = " + Master.id);;
}
