protected void GetCourse()
        {
            //connect
            using (DefaultConnection db = new DefaultConnection())
            {
                //Get the selected courseID from the url
                Int32 CourseID = Convert.ToInt32(Request.QueryString["CourseID"]);

                //query the db
                Course objC = (from c in db.Courses
                               where c.CourseID == CourseID
                               select c).FirstOrDefault();

                //populate the form
                txtTitle.Text = objC.Title;
                txtCredits.Text = objC.Credits.ToString();
                ddlDepartment.SelectedValue = objC.DepartmentID.ToString();

                //populate student enrollments grid
                var Enrollments = from en in db.Enrollments
                                  where en.CourseID == CourseID
                                  orderby en.Student.LastName, en.Student.FirstMidName
                                  select en;

                //bind to the grid
                grdEnrollments.DataSource = Enrollments.ToList();
                grdEnrollments.DataBind();

            }
        }
        protected void GetCourses()
        {
            using (DefaultConnection db = new DefaultConnection())
            {
                var Courses = from c in db.Courses
                              select c;

                grdCourses.DataSource = Courses.ToList();
                grdCourses.DataBind();
            }
        }
        protected void GetStudents()
        {
            //connect to EF
            using (DefaultConnection db = new DefaultConnection())
            {

                //query the students table using EF and LINQ
                var Students = from s in db.Students
                               select s;

                //bind the result to the gridview
                grdStudents.DataSource = Students.ToList();
                grdStudents.DataBind();

            }
        }
        protected void GetDepartments()
        {
            using (DefaultConnection db = new DefaultConnection())
            {
                //get departments
                var deps = from d in db.Departments
                           orderby d.Name
                           select d;

                //populate dropdown
                ddlDepartment.DataSource = deps.ToList();
                ddlDepartment.DataBind();

                //add a default option to the dropdown
                ListItem default_item = new ListItem("-Select-", "0");
                ddlDepartment.Items.Insert(0, default_item);
            }
        }
        protected void GetDepartment()
        {
            //look up the selected department and fill the form
            using (DefaultConnection db = new DefaultConnection())
            {
                //store the id from the url in a variable
                Int32 DepartmentID = Convert.ToInt32(Request.QueryString["DepartmentID"]);

                //look up the department
                Department dep = (from d in db.Departments
                                  where d.DepartmentID == DepartmentID
                                  select d).FirstOrDefault();

                //pre-populate the form fields
                txtName.Text = dep.Name;
                txtBudget.Text = dep.Budget.ToString();
            }
        }
        protected void GetDepartments()
        {
            //connect
            using (DefaultConnection db = new DefaultConnection())
            {
                //get the department list
                var Departments = from d in db.Departments
                                  orderby d.Name
                                  select d;

                //bind to the dropdown list
                ddlDepartment.DataSource = Departments.ToList();
                ddlDepartment.DataBind();

                //add a default option to the dropdown after we fill it
                ListItem DefaultItem = new ListItem("-Select-", "0");
                ddlDepartment.Items.Insert(0, DefaultItem);
            }
        }
        protected void GetDepartments()
        {
            //use Entity Framework to connect and get the list of Departments
            using (DefaultConnection db = new DefaultConnection())
            {
                //old query that shows all departments
                //var deps = from d in db.Departments
                //           select d;

                //new query filtered for logged in user only
                Int32 DepartmentID = Convert.ToInt32(Session["DepartmentID"]);

                var deps = from d in db.Departments
                           where d.DepartmentID == DepartmentID
                           select d;

                //bind the deps query result to our grid
                grdDepartments.DataSource = deps.ToList();
                grdDepartments.DataBind();
            }
        }
        protected void btnRegister_Click(object sender, EventArgs e)
        {
            //connect
            using (DefaultConnection db = new DefaultConnection())
            {
                //create a new instructor
                Instructor objI = new Instructor();

                //fill the properties from the form inputs
                objI.FirstName = txtFirstName.Text;
                objI.LastName = txtLastName.Text;
                objI.Username = txtUsername.Text;
                objI.DepartmentID = Convert.ToInt32(ddlDepartment.SelectedValue);

                //salt and hash the plain text password
                String password = txtPassword.Text;
                String salt = CreateSalt(8);
                String pass_and_salt = password + salt;

                // Create a new instance of the hash crypto service provider.
                HashAlgorithm hashAlg = new SHA256CryptoServiceProvider();

                // Convert the data to hash to an array of Bytes.
                byte[] bytValue = System.Text.Encoding.UTF8.GetBytes(pass_and_salt);

                // Compute the Hash. This returns an array of Bytes.
                byte[] bytHash = hashAlg.ComputeHash(bytValue);

                // Optionally, represent the hash value as a base64-encoded string,
                // For example, if you need to display the value or transmit it over a network.
                string base64 = Convert.ToBase64String(bytHash);

                objI.Password = base64;
                objI.Salt = salt;

                //save
                db.Instructors.Add(objI);
                db.SaveChanges();
            }
        }
        protected void btnSave_Click(object sender, EventArgs e)
        {
            //connect
            using (DefaultConnection db = new DefaultConnection())
            {
                //create a new department in memory
                Department dep = new Department();

                Int32 DepartmentID = 0;

                //check for a url
                if (!String.IsNullOrEmpty(Request.QueryString["DepartmentID"]))
                {
                    //get the id from the url
                    DepartmentID = Convert.ToInt32(Request.QueryString["DepartmentID"]);

                    //look up the department
                    dep = (from d in db.Departments
                           where d.DepartmentID == DepartmentID
                           select d).FirstOrDefault();
                }

                //fill the properties of the new department
                dep.Name = txtName.Text;
                dep.Budget = Convert.ToDecimal(txtBudget.Text);

                //add if we have no id in the url
                if (DepartmentID == 0)
                {
                    db.Departments.Add(dep);
                }

                //save the new department
                db.SaveChanges();

                //redirect to the departments list page
                Response.Redirect("departments.aspx");
            }
        }
        protected void btnSave_Click(object sender, EventArgs e)
        {
            //use EF to connect to SQL Server
            using (DefaultConnection db = new DefaultConnection())
            {

                //use the Student model to save the new record
                Student s = new Student();
                Int32 StudentID = 0;

                //check the querystring for an id so we can determine add / update
                if (Request.QueryString["StudentID"] != null)
                {
                    //get the id from the url
                    StudentID = Convert.ToInt32(Request.QueryString["StudentID"]);

                    //get the current student from EF
                    s = (from objS in db.Students
                         where objS.StudentID == StudentID
                         select objS).FirstOrDefault();
                }

                s.LastName = txtLastName.Text;
                s.FirstMidName = txtFirstMidName.Text;
                s.EnrollmentDate = Convert.ToDateTime(txtEnrollmentDate.Text);

                //call add only if we have no student ID
                if (StudentID == 0)
                {
                    db.Students.Add(s);
                }

                //run the update or insert
                db.SaveChanges();

                //redirect to the updated students page
                Response.Redirect("students.aspx");
            }
        }
        protected void grdDepartments_RowDeleting(object sender, GridViewDeleteEventArgs e)
        {
            //identify the DepartmentID to be deleted from the row the user selected
            Int32 DepartmentID = Convert.ToInt32(grdDepartments.DataKeys[e.RowIndex].Values["DepartmentID"]);

            //connect
            using (DefaultConnection db = new DefaultConnection())
            {
                Department dep = (from d in db.Departments
                                  where d.DepartmentID == DepartmentID
                                  select d).FirstOrDefault();

                //delete
                db.Departments.Remove(dep);
                db.SaveChanges();

                //refresh grid
                GetDepartments();

            }


        }
        protected void GetStudent()
        {
            //populate form with existing student record
            Int32 StudentID = Convert.ToInt32(Request.QueryString["StudentID"]);

            //connect to db via EF
            using (DefaultConnection db = new DefaultConnection())
            {
                //populate a student instance with the StudentID from the URL parameter
                Student s = (from objS in db.Students
                             where objS.StudentID == StudentID
                             select objS).FirstOrDefault();

                //map the student properties to the form controls if we found a match
                if (s != null)
                {
                    txtLastName.Text = s.LastName;
                    txtFirstMidName.Text = s.FirstMidName;
                    txtEnrollmentDate.Text = s.EnrollmentDate.ToString("yyyy-MM-dd");
                }
            }

        }
        protected void grdStudents_RowDeleting(object sender, GridViewDeleteEventArgs e)
        {
            //store which row was clicked
            Int32 selectedRow = e.RowIndex;

            //get the selected StudentID using the grid's Data Key collection
            Int32 StudentID = Convert.ToInt32(grdStudents.DataKeys[selectedRow].Values["StudentID"]);

            //use EF to remove the selected student from the db
            using (DefaultConnection db = new DefaultConnection())
            {

                Student s = (from objS in db.Students
                             where objS.StudentID == StudentID
                             select objS).FirstOrDefault();

                //do the delete
                db.Students.Remove(s);
                db.SaveChanges();
            }

            //refresh the grid
            GetStudents();
        }
        protected void btnLogin_Click(object sender, EventArgs e)
        {
            //connect
            using (DefaultConnection db = new DefaultConnection())
            {
                //create instructor object 
                Instructor objI = new Instructor();

                //first get salt value for this username
                String username = txtUsername.Text;

                objI = (from i in db.Instructors
                        where i.Username == username
                        select i).FirstOrDefault();

                //did we find this username?
                if (objI != null)
                {
                    String salt = objI.Salt;

                    //salt and hash the plain text password
                    String password = txtPassword.Text;

                    String pass_and_salt = password + salt;

                    // Create a new instance of the hash crypto service provider.
                    HashAlgorithm hashAlg = new SHA256CryptoServiceProvider();

                    // Convert the data to hash to an array of Bytes.
                    byte[] bytValue = System.Text.Encoding.UTF8.GetBytes(pass_and_salt);

                    // Compute the Hash. This returns an array of Bytes.
                    byte[] bytHash = hashAlg.ComputeHash(bytValue);

                    // Optionally, represent the hash value as a base64-encoded string,
                    // For example, if you need to display the value or transmit it over a network.
                    string base64 = Convert.ToBase64String(bytHash);

                    //check if the password we just salted and hashed matches the password in the db
                    if (objI.Password == base64)
                    {
                        //lblError.Text = "Valid Login";
                        //store the identity in the session object
                        Session["InstructorID"] = objI.InstructorID;
                        Session["InstructorName"] = objI.FirstName + " " + objI.LastName;
                        Session["DepartmentID"] = objI.DepartmentID;

                        //redirect to departments page
                        Response.Redirect("departments.aspx");
                    }
                    else
                    {
                        lblError.Text = "Invalid Login";
                    }
                }
                else
                {
                    lblError.Text = "Invalid Login";
                }
            }
        }
        protected void btnSave_Click(object sender, EventArgs e)
        {
            //connect
            using (DefaultConnection db = new DefaultConnection())
            {
                //create a new course and fill the properties
                Course objC = new Course();

                objC.Title = txtTitle.Text;
                objC.Credits = Convert.ToInt32(txtCredits.Text);
                objC.DepartmentID = Convert.ToInt32(ddlDepartment.SelectedValue);

                //save
                db.Courses.Add(objC);
                db.SaveChanges();

                //redirect
                Response.Redirect("courses.aspx");

            }
        }