protected bool checkDetails(string email, string password) { SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString); //SqlConnection connection = new SqlConnection(@"Data Source=(LocalDB)\v11.0;AttachDbFilename=C:\Users\werl\Documents\Visual Studio 2013\Projects\WebApplication2\WebApplication2\App_Data\Database.mdf;Integrated Security=True"); SqlDataReader reader; bool valid = false; String[] parseID = email.Split('@'); String sql = "SELECT * FROM Customer WHERE EmailAddress = @email AND Password = @password"; connection.Open(); SqlCommand cmd = new SqlCommand(sql, connection); cmd.Parameters.Add("@email", SqlDbType.VarChar); cmd.Parameters["@email"].Value = email; cmd.Parameters.Add("@password", SqlDbType.VarChar); cmd.Parameters["@password"].Value = password; reader = cmd.ExecuteReader(); if (reader.HasRows) { valid = true; while (reader.Read()) { newCust = Customer.getInstance(Convert.ToInt32(reader["CustomerID"]), reader["Name"].ToString(), reader["Address"].ToString(), Convert.ToInt32(reader["PhoneNumber"]),reader["Notes"].ToString(),reader["EmailAddress"].ToString(),reader["Password"].ToString()); } } connection.Close(); return valid; }
public static string DeleteCustomer(Customer cust) { string connectionString = ConfigurationManager.ConnectionStrings["myConnectionString"].ConnectionString; SqlConnection connection = new SqlConnection(connectionString); String sql = "DELETE FROM [Customer] WHERE [CustomerID] = @CustomerID"; try { connection.Open(); SqlCommand command = new SqlCommand(sql, connection); command.Parameters.Add("@OrderID", SqlDbType.Int); command.Parameters["@OrderID"].Value = cust.CustomerID; command.ExecuteNonQuery(); connection.Close(); return "Complete"; } catch (SqlException sqlEx) { return (sqlEx.Message); } finally { connection.Close(); } }
public static string AddCustomer(Customer cust) { string connectionString = ConfigurationManager.ConnectionStrings["myConnectionString"].ConnectionString; SqlConnection connection = new SqlConnection(connectionString); String sql = "INSERT INTO [Customer] VALUES(@CustomerID, @Name, @Address, @PhoneNumber, @Notes, @Username, @Password)"; try { connection.Open(); SqlCommand command = new SqlCommand(sql, connection); command.Parameters.Add("@CustomerID", SqlDbType.Int).Value = cust.CustomerID; command.Parameters.Add("@Name", SqlDbType.NVarChar).Value = cust.Name; command.Parameters.Add("@Address", SqlDbType.NVarChar).Value = cust.Address; command.Parameters.Add("@PhoneNumber", SqlDbType.NVarChar).Value = cust.PhoneNum; command.Parameters.Add("@Notes", SqlDbType.NVarChar).Value = cust.Notes; command.Parameters.Add("@Username", SqlDbType.NVarChar).Value = cust.Username; command.Parameters.Add("@Password", SqlDbType.NVarChar).Value = cust.Password; command.ExecuteNonQuery(); connection.Close(); return "Complete"; } catch (SqlException sqlEx) { return(sqlEx.Message); } finally { connection.Close(); } }
public static Customer getInstance(int customerID, String name, String address, int phoneNum, String notes, String username,String password) { if (instance == null) { instance = new Customer(customerID, name, address, phoneNum, notes, username, password); } return instance; }
protected void btnOrder_Click(object sender, EventArgs e) { if (IsValid) {//Convert.ToInt32(lstProducts.SelectedValue), Convert.ToInt32(txtPrice.Text), 1) sessionCust = (Customer)Session["CustObj"]; newProduct = new StandardProduct(Convert.ToInt32(lstProducts.SelectedValue), Convert.ToDouble(txtPrice.Text), lstProducts.SelectedItem.Text, 1); ProductDiscount pd = new ProductDiscount(newProduct); if (sessionCust != null) { Response.Write("Calculating Individual Product DIscount - " + pd.applyDiscount() + "/" + newProduct.Price + " Pid = " + newProduct.ProductID + "\n"); newOrder = new Order( sessionCust.CustomerID, newProduct, 1, txtAddress.Text, pd.applyDiscount() * Convert.ToInt32(txtQuantity.Text), DateTime.Now); newOrder.CreateOrder(); Response.Write("Order processed!!\n\n\n\n"); btnOrder.Enabled = false; btnAddOrder.Enabled = true; btnViewOrder.Enabled = true; Response.Write("Calculating Customer Discount - " + newOrder.Amount + "/" + (Convert.ToDouble(txtPrice.Text) * Convert.ToInt32(txtQuantity.Text)) + "\n"); Session["OrderObj"] = newOrder; } else Response.Write("No customer is in session, please log in"); } }
public static string EditCustomer(Customer cust) { string connectionString = ConfigurationManager.ConnectionStrings["myConnectionString"].ConnectionString; SqlConnection connection = new SqlConnection(connectionString); String sql = "UPDATE [Customer] SET CustomerID = @CustomerID, Name = @Name, Address = @Address, " + " PhoneNumber = @PhoneNumber, Notes = @Notes, Username = @Username, Password = @Password"; try { connection.Open(); SqlCommand command = new SqlCommand(sql, connection); command.Parameters.Add("@CustomerID", SqlDbType.Int).Value = cust.CustomerID; command.Parameters.Add("@Name", SqlDbType.NVarChar).Value = cust.Name; command.Parameters.Add("@Address", SqlDbType.NVarChar).Value = cust.Address; command.Parameters.Add("@PhoneNumber", SqlDbType.NVarChar).Value = cust.PhoneNum; command.Parameters.Add("@Notes", SqlDbType.NVarChar).Value = cust.Notes; command.Parameters.Add("@Username", SqlDbType.NVarChar).Value = cust.Username; command.Parameters.Add("@Password", SqlDbType.NVarChar).Value = cust.Password; command.ExecuteNonQuery(); connection.Close(); return "Complete"; } catch (SqlException sqlEx) { return (sqlEx.Message); } finally { connection.Close(); } }
public static string getCustomerID(Customer cust) { int customerID = 0; String sql = "SELECT MAX(CustomerID) as MAX FROM [Customer]"; string connectionString = ConfigurationManager.ConnectionStrings["myConnectionString"].ConnectionString; SqlConnection connection = new SqlConnection(connectionString); SqlCommand command = new SqlCommand(sql, connection); SqlDataReader reader; command = new SqlCommand(sql, connection); try { connection.Open(); reader = command.ExecuteReader(); while (reader.Read()) { customerID = reader.GetInt32(reader.GetOrdinal("MAX")); } customerID++; cust.CustomerID = customerID; reader.Close(); } catch (SqlException sqlEx) { return sqlEx.Message; } finally { connection.Close(); } return "Complete"; }
protected void Page_Load(object sender, EventArgs e) { sessionCust = (Customer)Session["CustOBJ"]; }