protected void RegisterButton_Click(object sender, EventArgs e) { if (Page.IsValid) { object returnVal; string strName, strAddress, strPhone, strPassword, strEmail; int intShopperID = 0; strName = nameTextBox.Text; strAddress = addressTextbox.Text; strPhone = phoneTextbox.Text; strEmail = emailTextbox.Text; strPassword = pswTextBox.Text.Trim(); DatabaseMgmt dbObj = new DatabaseMgmt(); string strSqlCmd; strSqlCmd = $"select ShopperID from Shopper where Email='{strEmail}'"; if ((returnVal = (object)dbObj.ExecuteScalar(strSqlCmd)) != null) { intShopperID = Convert.ToInt32(returnVal); } else { intShopperID = 0; } if (intShopperID == 0) { strSqlCmd = $"Insert into Shopper(Name, Address,Phone, Email, Passwd) VALUES ('{strName}','{strAddress}'," + $"'{strPhone}','{strEmail}','{strPassword}')"; dbObj.ExecuteNonQuery(strSqlCmd); strSqlCmd = $"select MAX(ShopperID) From Shopper"; if ((returnVal = (object)dbObj.ExecuteScalar(strSqlCmd)) != null) { intShopperID = Convert.ToInt32(returnVal); } else { intShopperID = 0; } Session["ShopperID"] = intShopperID; Session["Name"] = strName; Session["Address"] = strAddress; Session["Phone"] = strPhone; Session["Email"] = strEmail; Session["ProfileRetrived"] = 1; msgLabel.Text = "Registration Successful"; } else { msgLabel.Text = "Please select another email to register"; } } }
protected void Page_Load(object sender, EventArgs e) { DatabaseMgmt objdbMgmt = new DatabaseMgmt(); string strSqlCmd; SqlDataReader objDataReader; if (IsPostBack == false) { if (Request.QueryString["search"] == null) { Session["LastDeptID"] = Request["DeptID"]; strSqlCmd = "SELECT DeptName, DeptDesc FROM Department WHERE DepartmentID=" + Request.QueryString["DeptID"]; objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd); // Close the data reader objDataReader.Close(); strSqlCmd = "SELECT count(p.ProductId) FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE dp.DepartmentID = " + Request.QueryString["DeptID"]; dgDeptProduct.VirtualItemCount = int.Parse(objdbMgmt.ExecuteScalar(strSqlCmd).ToString()); BindData("SELECT p.ProductID, p.ProductTitle, p.ProductImage, p.Price, p.Quantity FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE dp.DepartmentID = " + Request.QueryString["DeptID"]); } else { strSqlCmd = "SELECT count(p.ProductId) FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE p.ProductTitle like '%" + Request.QueryString["search"] + "%'"; dgDeptProduct.VirtualItemCount = int.Parse(objdbMgmt.ExecuteScalar(strSqlCmd).ToString()); BindData("SELECT p.ProductID, p.ProductTitle,p.ProductImage, p.Price, p.Quantity FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID=p.ProductID" + " WHERE p.ProductTitle like '%" + Request.QueryString["search"] + "%'"); } } }
private void displayShopCart() { lblEmptyShopCart.Visible = false; dgShopCart.Visible = true; lblSubTotal.Visible = true; btnUpdateCart.Visible = true; btnCheckOut.Visible = true; // Establish a database connection DatabaseMgmt objdbMgmt = new DatabaseMgmt(); // Get items in the designated shopping cart. string strSqlCmd; SqlDataReader objDataReader; strSqlCmd = "SELECT ShopCartID, ProductID, Name, Price, Quantity, DateAdded, Price * Quantity as Total FROM ShopCartItem WHERE ShopCartID=" + Session["ShopCartId"]; objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd); // Bind the records to the data list control dgShopCart.DataSource = objDataReader; dgShopCart.DataBind(); objDataReader.Close(); // Check for empty shopping cart if (dgShopCart.Rows.Count == 0) { // Call a subroutine to display empty Shopping Cart message displayEmptyShopCart(); } else { // Calculate the subtotal. double dblSubTotal; strSqlCmd = "SELECT SUM(Price * Quantity) as SubTotal FROM ShopCartItem WHERE ShopCartID=" + Session["ShopCartId"]; dblSubTotal = Convert.ToDouble(objdbMgmt.ExecuteScalar(strSqlCmd)); // Display the subtotal. string strSubTotal = string.Format("{0:c}", dblSubTotal, 2); lblSubTotal.Text = "Subtotal (before tax and shipping charge): " + strSubTotal; } objdbMgmt.Close(); }
protected void sellButton_Click(object sender, EventArgs e) { DatabaseMgmt dbObj = new DatabaseMgmt(); SqlDataReader dR; string strProductName = productNameTextBox.Text; string strProductDescription = productDescriptionTextBox.Text; float fltPrice; int intStock; int productType = int.Parse(typeDropdown.SelectedValue); int productId = 0; string strSqlCmd; string strFileName; string strFilePath; string strFolder; strFolder = Server.MapPath("~/Images/Products/"); strFileName = oFile.PostedFile.FileName; strFileName = Path.GetFileName(strFileName); if (strProductName == "") { Response.Write("<script>alert('Product name Needed');</script>"); return; } if (strProductDescription == "") { Response.Write("<script>alert('Description Needed');</script>"); return; } if (priceButton.Text == "") { Response.Write("<script>alert('Price Needed');</script>"); return; } else { fltPrice = float.Parse(priceButton.Text); } if (stockTextbox.Text == "") { Response.Write("<script>alert('Stock needed');</script>"); return; } else { intStock = int.Parse(stockTextbox.Text); } if (oFile.Value != "") { // Create the folder if it does not exist. if (!Directory.Exists(strFolder)) { Directory.CreateDirectory(strFolder); } // Save the uploaded file to the server. strFilePath = strFolder + strFileName; oFile.PostedFile.SaveAs(strFilePath); msgLabel.Text = strFileName + " has been successfully uploaded."; } else { msgLabel.Text = "Click 'Browse' to select the file to upload."; return; } strSqlCmd = $"Insert into Product(productTitle,ProductDesc,ProductImage,Price,Quantity)" + $"Values('{strProductName}','{strProductDescription}','{strFileName}','{fltPrice}','{intStock}')"; dbObj.ExecuteNonQuery(strSqlCmd); string strSel = "Select Max(ProductID) from Product"; productId = int.Parse(dbObj.ExecuteScalar(strSel).ToString()); strSqlCmd = $"Insert into DepartmentProduct(DepartmentId,ProductID) Values({productType},{productId})"; dbObj.ExecuteNonQuery(strSqlCmd); }
protected void Page_Load(object sender, EventArgs e) { // Don't allow non-member to purchase a product if (Session["ShopperID"] == null) { Response.Redirect("Login.aspx"); } int intProductID; string strProductName; double dblProductPrice; int intQuantity; int intShopCartID; int intShopperID; bool flgAddItem; string strSqlCmd; // Read product's details from session variables intProductID = Convert.ToInt32(Session["ProductID"]); dblProductPrice = Convert.ToDouble(Double.Parse((string)Session["ProductPrice"], System.Globalization.NumberStyles.Currency)); intQuantity = Convert.ToInt32(Session["Quantity"]); // Replace any single-quote with two single-quote strProductName = Convert.ToString(Session["ProductName"]); // Connect to the database DatabaseMgmt objdbMgmt = new DatabaseMgmt(); //objdbMgmt.Connect(); // Check whether a shopping cart has been created. if (Session["ShopCartID"] == null) { // Create a new shopping cart //--------------------------- intShopperID = Convert.ToInt32(Session["ShopperID"]); strSqlCmd = "INSERT INTO ShopCart(ShopperID) VALUES(" + intShopperID + ")"; objdbMgmt.ExecuteNonQuery(strSqlCmd); // Get the new Shopping Cart ID strSqlCmd = "SELECT MAX(ShopCartID) AS maxShopCartID " + "FROM ShopCart WHERE ShopperID=" + intShopperID; // Save the Shopping Cart ID in a session variable Session["ShopCartID"] = objdbMgmt.ExecuteScalar(strSqlCmd); // Set AddItem flag to true - to add item to shopping cart. flgAddItem = true; } else { // Shopping cart already created //------------------------------- intShopCartID = Convert.ToInt32(Session["ShopCartID"]); // Retrieve selected product from shopping cart. System.Data.SqlClient.SqlDataReader objDataReader; strSqlCmd = "SELECT Quantity FROM ShopCartItem WHERE ProductID=" + intProductID + " AND ShopCartID=" + intShopCartID; objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd); // Check whether selected item is already in shopping cart. // If yes, update order quantity instead of adding new item. if (objDataReader.HasRows) { // Close the data reader objDataReader.Close(); // update quantity of Shop Cart Item strSqlCmd = "UPDATE ShopCartItem SET Quantity = Quantity + " + intQuantity + " WHERE ProductID =" + intProductID + " AND ShopCartID =" + intShopCartID; objdbMgmt.ExecuteNonQuery(strSqlCmd); // Set AddItem flag to false - do not add item to cart flgAddItem = false; } else { // Close the data reader objDataReader.Close(); // Set AddItem flag to true - to add item to cart flgAddItem = true; } } // If it is a new item, add item into shopping cart. if (flgAddItem) { // Add Shop Cart Item to the database strSqlCmd = "INSERT INTO ShopCartitem (ShopCartID, Quantity, Price, Name, ProductID)" + " VALUES (" + Session["ShopCartId"] + "," + intQuantity + "," + dblProductPrice + ",'" + strProductName + "'," + intProductID + ")"; objdbMgmt.ExecuteNonQuery(strSqlCmd); } objdbMgmt.Close(); // Re-direct to ShopCart page for display of shopping cart Response.Redirect("ShopCart.aspx"); }