protected void GetShopping()
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString);
try
{
conn.Open();
string selectSql = "SELECT * FROM ShoppingView WHERE UserID={0}";
selectSql = string.Format(selectSql, Session["UserID"].ToString());
SqlDataAdapter da = new SqlDataAdapter(selectSql, conn);
DataSet ds = new DataSet();
da.Fill(ds, "Shopping");
GridView1.DataSource = ds;
GridView1.DataBind();
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false);
}
finally
{
conn.Close();
}
}
protected void Buy_Click(object sender, EventArgs e)
{
SqlConnection Conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString);
try
{
string sql = "select UserName,Cash from Users where UserName='******'";
Conn.Open();
SqlDataAdapter da = new SqlDataAdapter(sql, Conn);
DataSet ds = new DataSet();
da.Fill(ds, "用户表");
DataRowView drv = ds.Tables["用户表"].DefaultView[0];
string Price = Convert.ToString(drv.Row["Cash"]);
if (Convert.ToDouble(Price) < Convert.ToDouble(Sum.Text.Trim()))
{
Response.Write("<script>alert('您的余额不足,请重新充值后再购买!');</script>");
}
else
{
string sql1 = "update Users set Cash='" + (Convert.ToDouble(Price) - Convert.ToDouble(Sum.Text)) + "'where UserName='******'";
SqlCommand Comm = new SqlCommand(sql1, Conn);
Comm.ExecuteNonQuery();
string sql3 = "UPDATE Orders SET IsPaid=1, OrderTime=Getdate() WHERE UserID={0} AND IsPaid=0";
sql3 = string.Format(sql3, Session["UserID"]);
SqlCommand com = new SqlCommand(sql3, Conn);
com.ExecuteNonQuery();
for (int i = 0; i < GridView1.Rows.Count; i++)
{
sql = "UPDATE Classes SET Num = Num + 1 WHERE ClassID={0}";
sql = string.Format(sql, ((HiddenField)GridView1.Rows[i].FindControl("ClassID")).Value);
com = new SqlCommand(sql, Conn);
com.ExecuteNonQuery();
sql = "INSERT INTO MyClasses (ClassID, UserID) VALUES ({0}, {1})";
sql = string.Format(sql, ((HiddenField)GridView1.Rows[i].FindControl("ClassID")).Value, Session["UserID"]);
com = new SqlCommand(sql, Conn);
com.ExecuteNonQuery();
}
sql = "INSERT INTO Orders(UserID) VALUES('{0}')";
sql = string.Format(sql, Session["UserID"]);
com = new SqlCommand(sql, Conn);
com.ExecuteNonQuery();
sql = "SELECT OrderID FROM Orders WHERE IsPaid=0 AND UserID='" + Session["UserID"] + "'";
com = new SqlCommand(sql, Conn);
Session["ShoppingID"] = com.ExecuteScalar().ToString();
GetShopping();
Response.Write("<script>alert('支付成功!');</script>");
}
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false);
}
finally
{
Conn.Close();
}
}
protected void Search_Click(object sender, EventArgs e)
{
if (SearchBook.Text != "")
{
SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;");
try
{
con.Open();
string sql = "select Classes.ClassID as ClassID,ClassName,ClassImg,Price,Classes.TypeID,TypeName,Num " +
"from Classes,ClassType where ClassName like '%{0}%' and Classes.TypeID=ClassType.TypeID";
sql = string.Format(sql, SearchBook.Text);
SqlCommand com = new SqlCommand(sql, con);
SqlDataReader res = com.ExecuteReader();
SearchList.DataSource = res;
SearchList.DataBind();
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false);
}
finally
{
con.Close();
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString);
try
{
conn.Open();
string selectSql = "SELECT * FROM ClassType WHERE TypeID={0}";
selectSql = string.Format(selectSql, Request["TypeID"].ToString());
SqlDataAdapter da = new SqlDataAdapter(selectSql, conn);
DataSet ds = new DataSet();
da.Fill(ds, "ClassType");
DataRowView dr = ds.Tables["ClassType"].DefaultView[0];
TypeName.InnerText = dr["TypeName"].ToString();
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false);
}
finally
{
conn.Close();
}
}
}
protected void Login(object sender, EventArgs e)
{
SqlDataReader UserInfo;
int res;
string Pwd;
SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;");
try
{
con.Open();
string sql = "select ManagerID from Managers " +
"where ManagerName='{0}'";
sql = string.Format(sql, UserName.Text);
SqlCommand com = new SqlCommand(sql, con);
object r = com.ExecuteScalar();
if (r != null)
{
res = (int)r;
sql = "select Pwd,Tel from Managers " +
"where ManagerID='{0}'";
sql = string.Format(sql, res);
com = new SqlCommand(sql, con);
UserInfo = com.ExecuteReader();
UserInfo.Read();
Pwd = UserInfo["Pwd"].ToString();
if (Pwd == PassWord.Text)
{
Session["ManagerName"] = UserName.Text;
Session["ManagerID"] = res;
Session["Pwd"] = UserInfo["Pwd"];
Session["Tel"] = UserInfo["Tel"];
UserInfo.Close();
Response.Redirect("ManagerTools.aspx", false);
}
else
{
errMsg.Style["display"] = "inline-block";
info.Text = "密码错误,请重新输入!";
}
}
else
{
errMsg.Style["display"] = "inline-block";
info.Text = "该用户不存在!";
}
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), true);
}
finally
{
con.Close();
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
preview.ImageUrl = "~/icons/AddImg.jpg";
SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;");
try
{
con.Open();
string sql = "select * from ClassType";
SqlCommand com = new SqlCommand(sql, con);
SqlDataReader reader = com.ExecuteReader();
Type.DataSource = reader;
Type.DataTextField = "TypeName";
Type.DataValueField = "TypeID";
Type.DataBind();
reader.Close();
if (Request["ClassID"] != null)
{
Title = title.InnerText = "修改书籍信息";
sql = "SELECT * FROM Classes WHERE ClassID={0}";
sql = string.Format(sql, Request["ClassID"]);
SqlDataAdapter da = new SqlDataAdapter(sql, con);
DataSet ds = new DataSet();
da.Fill(ds, "Classes");
DataRowView row = ds.Tables["Classes"].DefaultView[0];
ClassID.Value = row["ClassID"].ToString();
ClassName.Text = row["ClassName"].ToString();
Type.SelectedValue = row["TypeID"].ToString();
ClassImg.Value = preview.ImageUrl = row["ClassImg"].ToString();
VideoAddress.Value = row["VideoAddress"].ToString();
Price.Text = row["Price"].ToString();
Author.Text = row["Teacher"].ToString();
Introduction.Text = Server.HtmlDecode(row["Introduction"].ToString());
}
else
{
preview.ImageUrl = "~/icons/AddImg.jpg";
Title = title.InnerText = "添加书籍";
}
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false);
}
finally
{
con.Close();
}
}
}
protected void submit_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;");
try
{
con.Open();
string path = Server.MapPath("~/UserImg");
string fileName = DateTime.Now.Year.ToString() + DateTime.Now.Month.ToString() + DateTime.Now.Day.ToString()
+ DateTime.Now.Hour.ToString() + DateTime.Now.Minute.ToString() + DateTime.Now.Second.ToString()
+ DateTime.Now.Millisecond.ToString();
if (FileUpload.HasFile)
{
if (!Directory.Exists(path))
{
Directory.CreateDirectory(path);
}
string[] temp = FileUpload.FileName.Split('.');
fileName = fileName + "." + temp[temp.Length - 1];
path += "/" + fileName;
FileUpload.SaveAs(path);
}
string sql = "Insert Into Users(UserName,Pwd,Tel,UserImg)" +
"values('{0}',{1},'{2}','{3}')";
sql = string.Format(sql, UserName.Text, PassWord.Text, Tel.Text, "~/UserImg/" + fileName);
SqlCommand com = new SqlCommand(sql, con);
com.ExecuteNonQuery();
Response.Redirect("RegSuccessful.aspx", false);
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), true);
}
finally
{
con.Close();
}
}
protected void Clear_Click(object sender, EventArgs e)
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString);
try
{
conn.Open();
string sql = "DELETE FROM OrderDetails WHERE OrderID={0}";
sql = string.Format(sql, Session["ShoppingID"].ToString());
SqlCommand com = new SqlCommand(sql, conn);
com.ExecuteNonQuery();
GetShopping();
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false);
}
finally
{
conn.Close();
}
}
protected void GridView1_RowDeleting(object sender, GridViewDeleteEventArgs e)
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString);
try
{
conn.Open();
string sql = "DELETE FROM OrderDetails WHERE ClassID={0}";
sql = string.Format(sql, GridView1.DataKeys[e.RowIndex].Value.ToString());
SqlCommand com = new SqlCommand(sql, conn);
com.ExecuteNonQuery();
GetShopping();
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false);
}
finally
{
conn.Close();
}
}
protected void Submit_Click(object sender, EventArgs e)
{
if (Session["UserID"] == null)
{
Response.Write("<script>alert('您还没有登录或登录信息失效,请登陆后再购买!');" +
"top.location.href='login.aspx';</script>");
}
else
{
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString);
try
{
conn.Open();
if (IsShopping.Value.Equals("0"))
{
string sql = "INSERT INTO OrderDetails(OrderID,ClassID) VALUES({0},{1})";
sql = string.Format(sql, Session["ShoppingID"], Request["ClassID"]);
SqlCommand com = new SqlCommand(sql, conn);
com.ExecuteNonQuery();
Response.Write("<script>alert('添加购物车成功!');</script>");
}
else
{
Response.Write("<script>alert('该课程已添加到购物车中!');</script>");
}
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false);
}
finally
{
conn.Close();
}
}
}
protected void Login(object sender, EventArgs e)
{
SqlDataReader UserInfo;
int res;
string rightPwd;
SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;");
try
{
con.Open();
string sql = "select UserID from Users " +
"where UserName='******'";
sql = string.Format(sql, UserName.Text);
SqlCommand com = new SqlCommand(sql, con);
object r = com.ExecuteScalar();
if (r != null)
{
res = (int)r;
sql = "select Pwd,UserImg from Users " +
"where UserID='{0}'";
sql = string.Format(sql, res);
com = new SqlCommand(sql, con);
UserInfo = com.ExecuteReader();
UserInfo.Read();
rightPwd = UserInfo["Pwd"].ToString();
if (rightPwd == PassWord.Text)
{
Session["UserName"] = UserName.Text;
Session["UserID"] = res;
Session["Pic"] = UserInfo["UserImg"];
UserInfo.Close();
sql = "SELECT OrderID FROM Orders WHERE IsPaid=0 AND UserID='" + res + "'";
com = new SqlCommand(sql, con);
object shoppingID = com.ExecuteScalar();
if (shoppingID == null)
{
sql = "INSERT INTO Orders(UserID) VALUES('{0}')";
sql = string.Format(sql, res);
com = new SqlCommand(sql, con);
com.ExecuteNonQuery();
sql = "SELECT OrderID FROM Orders WHERE IsPaid=0 AND UserID='" + res + "'";
com = new SqlCommand(sql, con);
Session["ShoppingID"] = com.ExecuteScalar().ToString();
}
else
{
Session["ShoppingID"] = shoppingID.ToString();
}
Response.Redirect("MainFrame.aspx", false);
}
else
{
errMsg.Style["display"] = "inline-block";
info.Text = "密码错误,请重新输入!";
}
}
else
{
errMsg.Style["display"] = "inline-block";
info.Text = "该用户不存在!";
}
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), true);
}
finally
{
con.Close();
}
}
protected void Submit(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;");
string path = Server.MapPath("~/image");
string path0 = Server.MapPath("~/video");
string fileName = DateTime.Now.Year.ToString() + DateTime.Now.Month.ToString() + DateTime.Now.Day.ToString()
+ DateTime.Now.Hour.ToString() + DateTime.Now.Minute.ToString() + DateTime.Now.Second.ToString()
+ DateTime.Now.Millisecond.ToString();
string fileName1 = DateTime.Now.Year.ToString() + DateTime.Now.Month.ToString() + DateTime.Now.Day.ToString()
+ DateTime.Now.Hour.ToString() + DateTime.Now.Minute.ToString() + DateTime.Now.Second.ToString()
+ DateTime.Now.Millisecond.ToString();
if (FileUpload.HasFile)
{
if (!Directory.Exists(path))
{
Directory.CreateDirectory(path);
}
string[] temp = FileUpload.FileName.Split('.');
fileName = fileName + "." + temp[temp.Length - 1];
path += "/" + fileName;
FileUpload.SaveAs(path);
}
if (FileUpload0.HasFile)
{
if (!Directory.Exists(path0))
{
Directory.CreateDirectory(path0);
}
string[] temp = FileUpload0.FileName.Split('.');
fileName = fileName + "." + temp[temp.Length - 1];
path0 += "/" + fileName;
FileUpload0.SaveAs(path0);
}
try
{
con.Open();
string sql;
if (title.InnerText.Equals("添加书籍"))
{
sql = "insert into Classes(ClassName,ClassImg,Price,TypeID,Introduction,Teacher,VideoAddress,IsOnSale) " +
"values('{0}','{1}','{2}',{3},'{4}','{5}','{6}','{7}')";
sql = string.Format(sql, ClassName.Text, "~/image/" + fileName, Price.Text, Type.SelectedValue, Server.HtmlEncode(Introduction.Text), Author.Text,
"~/video/" + fileName1, Sale.SelectedValue);
SqlCommand com = new SqlCommand(sql, con);
com.ExecuteNonQuery();
}
else
{
sql = "UPDATE Classes SET ClassName='{0}',ClassImg='{1}',Price='{2}',TypeID={3},Introduction='{4}',Teacher='{5}',VideoAddress='{6}' WHERE ClassID={7}";
sql = string.Format(sql, ClassName.Text, FileUpload.HasFile ? "~/image/" + fileName : ClassImg.Value, Price.Text,
Type.SelectedValue, Server.HtmlEncode(Introduction.Text), Author.Text, FileUpload0.HasFile ? "~/video/" + fileName1 : VideoAddress.Value, ClassID.Value);
SqlCommand com = new SqlCommand(sql, con);
com.ExecuteNonQuery();
}
Response.Redirect("~/BookManager.aspx", false);
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false);
}
finally
{
con.Close();
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack && Request["ClassID"] != null)
{
BookID.Value = Request["ClassID"].ToString();
buy.Disabled = false;
watch.Disabled = true;
SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString);
try
{
con.Open();
string sql = "SELECT Classes.*, ClassType.TypeName " +
"FROM Classes, ClassType WHERE Classes.ClassID={0} and Classes.TypeID=ClassType.TypeID";
sql = string.Format(sql, BookID.Value);
SqlCommand com = new SqlCommand(sql, con);
SqlDataReader res = com.ExecuteReader();
res.Read();
TypeID.Value = res["TypeID"].ToString();
BookName.Text = res["ClassName"].ToString();
Title = BookName.Text;
BookType.Text = res["TypeName"].ToString();
preview.ImageUrl = res["ClassImg"].ToString();
Price.Text = res["Price"].ToString();
Sum.Text = res["Num"].ToString();
Introduction.Text = res["Introduction"].ToString();
Author.Text = res["Teacher"].ToString();
res.Close();
if (Session["UserID"] != null)
{
sql = "SELECT * FROM MyClasses WHERE UserID={0} AND ClassID={1}";
sql = string.Format(sql, Session["UserID"], Request["ClassID"]);
com = new SqlCommand(sql, con);
res = com.ExecuteReader();
if (!res.Read())
{
buy.Style["display"] = "initial";
watch.Style["display"] = "none";
watch.Disabled = true;
}
else
{
buy.Style["display"] = "none";
buy.Disabled = true;
watch.Style["display"] = "initial";
}
res.Close();
sql = "SELECT DetailID FROM ShoppingView WHERE UserID={0} AND ClassID={1}";
sql = string.Format(sql, Session["UserID"].ToString(), BookID.Value);
com = new SqlCommand(sql, con);
object n;
if ((n = com.ExecuteScalar()) != null)
{
IsShopping.Value = "1";
}
else
{
IsShopping.Value = "0";
}
}
else
{
buy.Style["display"] = "initial";
watch.Style["display"] = "none";
}
}
catch (Exception ex)
{
Commom commom = new Commom();
commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false);
}
finally
{
con.Close();
}
}
}
