Exemple #1
0
        private void InsertToDB(string item, int price)
        {
            string    cmdStr = string.Format($"INSERT INTO Cart(OrderName, UserName, Price) VALUES (N'{item}', N'{Session["UserName"]}', {price})");
            DBAccesor dB     = ServiceLocator.Instance.GetService <DBAccesor>();

            dB.runSqlCommand(cmdStr);
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            userStr = (string)Session["UserName"];
            if (userStr == null)
            {
                Response.Redirect("Register.aspx");
            }
            if ((string)Session["Admin"] == "y")
            {
                Response.Redirect("AdminUserDetails.aspx");
            }

            else
            {
                string    cmdString = string.Format("SELECT * FROM UserDetails WHERE ([UserName] = N'{0}')", Session["UserName"]);
                DBAccesor dB        = ServiceLocator.Instance.GetService <DBAccesor>();
                DataTable dataTable = dB.runSelectCmd(cmdString);

                for (int i = 0; i < dataTable.Rows.Count; i++)
                {
                    fullName         += dataTable.Rows[i]["FirstName"].ToString() + " " + dataTable.Rows[i]["LastName"].ToString();
                    userDetailsTable += "<table style='border:none'>"
                                        + "<tr><td>סיסמה: "
                                        + dataTable.Rows[i]["Password"] + "</td></tr>" + "<tr><td>מייל: "
                                        + dataTable.Rows[i]["Mail"] + "</td></tr>" + "<tr><td>טלפון: "
                                        + dataTable.Rows[i]["Phone"] + "</td></tr>" + "<tr><td>כתובת: "
                                        + dataTable.Rows[i]["Adress"] + "</td></tr>" + "<tr><td>מין: "
                                        + dataTable.Rows[i]["Gender"] + "</td></tr>" + "<tr><td>תאריך לידה: "
                                        + dataTable.Rows[i]["DateOfBirth"] + "</td></tr>";
                }

                userDetailsTable += "</table>";
            }
        }
        /**
         * Validates user details against DB
         * returns true if user details exist.
         */
        private bool IsExist(string username, string password)
        {
            string    cmdStr     = string.Format("SELECT * FROM UserDetails WHERE [UserName]=N'{0}' and Password=N'{1}'", username, password);
            DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();

            return(dbAccessor.isExist(cmdStr));
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            string user = (string)Session["UserName"];

            if (Request.Form["menu"] != null)

            {
                DBAccesor dB = ServiceLocator.Instance.GetService <DBAccesor>();
                if (user != null)
                {
                    string cmdStr = string.Format("SELECT * FROM TetrisHighScore WHERE [UserName]=N'{0}'", user);
                    int    score  = int.Parse(Request.Form["scoreDB"]);
                    if (dB.isExist(cmdStr))
                    {
                        var table     = dB.runSelectCmd(cmdStr);
                        int highScore = (int)table.Rows[0]["Score"];
                        if (score > highScore)
                        {
                            table.Rows[0]["Score"] = score;
                            dB.updateTable(cmdStr, table);
                        }
                    }
                    else
                    {
                        string cmdStr1 = string.Format($"INSERT INTO TetrisHighScore(UserName, Score) VALUES (N'{user}',{score})");
                        dB.runSqlCommand(cmdStr1);
                    }
                }
                Response.Redirect("tetrisGameOver.aspx");
            }
        }
        private bool isExist(string user, int id)
        {
            string cmdString = string.Format($"SELECT * FROM  Cart WHERE UserName = N'{user}' and OrderId = {id} ");

            DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();

            return(dbAccessor.isExist(cmdString));
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            DBAccesor dB = ServiceLocator.Instance.GetService <DBAccesor>();

            string cmdStr = string.Format("Select * From TetrisHighScore ORDER BY Score DESC ");
            var    table  = dB.runSelectCmd(cmdStr);

            for (int i = 0; i < table.Rows.Count; i++)
            {
                if (i < 10)
                {
                    highScores += "<tr><td>" + table.Rows[i]["UserName"] + "</td>" + "<td>"
                                  + table.Rows[i]["Score"] + "</td></tr>";
                }
            }
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            if (Session["UserName"] == null)
            {
                Session["ErrorText"] = "לאורח אין גישה לעמוד זה - כדי להזמין עליך להירשם ";
                Response.Redirect("ErrorPage.aspx");
            }

            if (Request.Form["submit"] != null)
            {
                id = int.Parse(Request.Form["delId"]);
                if (isExist((string)Session["UserName"], int.Parse(Request.Form["delId"])) == false)
                {
                    Session["ErrorText"] = "הזמנה זו לא שלך הכנס את המספר המתאים בבקשה";
                    Response.Redirect("ErrorPage.aspx");
                }
            }

            DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();
            string    cmdString1 = string.Format("SELECT * FROM Cart WHERE ([UserName] = N'{0}')", Session["UserName"]);

            DataTable dataTable = dbAccessor.runSelectCmd(cmdString1);

            for (int i = 0; i < dataTable.Rows.Count; i++)
            {
                cartTable +=
                    "<tr><td> פריט: " + dataTable.Rows[i]["OrderName"] + "</td>"
                    + "<td> מספר פריט: " + dataTable.Rows[i]["OrderId"] + " </td > "
                    + "<td> מחיר: " + dataTable.Rows[i]["Price"] + "$" + " </td ></tr>";

                totalAmount += (int)dataTable.Rows[i]["Price"];
            }

            cartTable += "</table>";

            if (Request.Form["submit"] != null)
            {
                string delCmd = string.Format($"delete from Cart where OrderId = {id}");
                dbAccessor.runSqlCommand(delCmd);

                Response.Redirect("Cart.aspx");
            }
            Session["TotalPrice"] = totalAmount;

            //   }
        }
Exemple #8
0
        /**
         * Logic behind the page check if account exists
         * Creates record for new users
         * Redirect for Login or error pages.
         */
        protected void Page_Load(object sender, EventArgs e)
        {
            if (Request.Form["submit"] != null)
            {
                string Fname   = getNCleanRequestParamByName("fname");
                string Lname   = getNCleanRequestParamByName("lname");
                string DOB     = getNCleanRequestParamByName("bd");
                string user    = getNCleanRequestParamByName("un");
                string pass    = getNCleanRequestParamByName("pass");
                string address = getNCleanRequestParamByName("address");
                string mail    = getNCleanRequestParamByName("mail");
                string phone   = getNCleanRequestParamByName("phone");
                string gender  = "Rather not say";
                if (Request.Form["gender"] != null)
                {
                    gender = Request.Form["gender"].ToString();
                }

                Session["UserName"] = user;
                if (mail != "" && user != "")
                {
                    if (isExistsMail(mail))
                    {
                        Session["ErrorText"] = mail + " כבר קיים";
                        Response.Redirect("ErrorPage.aspx");
                        Response.End();
                    }

                    if (isExistsUserName(user))
                    {
                        Session["ErrorText"] = user + " כבר קיים";
                        Response.Redirect("ErrorPage.aspx");
                        Response.End();
                    }


                    string cmdStr = string.Format("INSERT INTO UserDetails(FirstName, LastName, UserName , Password , Mail ,  Phone, Adress, Gender, DateOfBirth) VALUES (N'{0}', N'{1}', N'{2}', N'{3}', N'{4}', N'{5}',  N'{6}',N'{7}',N'{8}')", Fname, Lname, user, pass, mail, phone, address, gender, DOB);

                    DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();
                    if (dbAccessor.runSqlCommand(cmdStr) == 1)
                    {
                        Response.Redirect("Login.aspx");
                    }
                }
            }
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            if ((string)Session["UserName"] == null)
            {
                Session["ErrorText"] = "לאורח אין גישה לעמוד זה ";
                Response.Redirect("ErrorPage.aspx");
            }
            string btn = Request.Form["DelUsr"];

            if (btn != null)
            {
                string    cmdString  = string.Format("DELETE From Cart Where OrderId in (select c.OrderId from Cart c, UserDetails ud  where c.UserName = ud.UserName and ud.UserName =  N'{0}') Delete FROM UserDetails Where (UserName = N'{0}')", Session["UserName"]);
                DBAccesor adbAccesor = ServiceLocator.Instance.GetService <DBAccesor>();
                adbAccesor.runSqlCommand(cmdString);
                Response.Redirect("Login.aspx");
            }
        }
Exemple #10
0
        /**
         * Run query against DB
         * return true if result exist otherwise false.
         */
        private bool checkDB(string query)
        {
            DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();

            return(dbAccessor.isExist(query));
        }
Exemple #11
0
        protected void Page_Load(object sender, EventArgs e)
        {
            string cmdString = "SELECT  FirstName, LastName, UserName, Password, Mail, Phone  FROM UserDetails";

            bool @continue = true;

            if (Request.Form["sub"] != null)
            {
                string field1      = Request.Form["where1"].ToString();
                string field2      = Request.Form["where2"].ToString();
                string field1Value = Request.Form["txt1"].ToString();
                string field2Value = Request.Form["txt2"].ToString();


                if (field1Value != "" && field2Value != "")
                {
                    if (field1 != field2)
                    {
                        filterWhere  = " WHERE (" + field1 + " = N'" + field1Value + "')";
                        filterWhere += " AND (" + field2 + " = N'" + field2Value + "')";
                    }
                    else
                    {
                        userTable += "<tr><td td colspan= '6' style='color:red ; font-weight:bold; text-align:center'>על שני החתכים להיות שונים</td></tr>";
                        @continue  = false;
                    }
                }

                else if (field1Value != "" && field2Value == "")
                {
                    filterWhere = " WHERE (" + field1 + " = N'" + field1Value + "')";
                }
                else if (field1Value == "" && field2Value != "")
                {
                    filterWhere = " WHERE (" + field2 + " = N'" + field2Value + "')";
                }
                if (filterWhere != "")
                {
                    cmdString += filterWhere;
                }
            }

            if (@continue)
            {
                DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();
                DataTable dataTable  = dbAccessor.runSelectCmd(cmdString);
                if (dataTable.Rows.Count == 0)
                {
                    userTable += "<tr><td colspan= '6' style='color:red ; font-weight:bold; text-align:center'>אין התאמות</td></tr>";
                }
                for (int i = 0; i < dataTable.Rows.Count; i++)
                {
                    userTable += "<tr><td>" + dataTable.Rows[i]["FirstName"] + "</td>" + "<td>"
                                 + dataTable.Rows[i]["LastName"] + "</td>" + "<td>" + dataTable.Rows[i]["UserName"]
                                 + "</td>" + "<td>" + dataTable.Rows[i]["password"] + "</td>" + "<td>"
                                 + dataTable.Rows[i]["Mail"] + "</td>" + "<td>" + dataTable.Rows[i]["Phone"]
                                 + "</td><td>" + "<input type=\"checkbox\" name =\"chk" + i + "\" id =\"chk" + i + "\""
                                 + "/> " + "</td><td>" + $"<input onClick='checkUpdate({i})' type=\"checkbox\" name =\"" + i + "\" id =\"" + i + "\"" + "/> " + "</td> </tr>";
                }
            }
        }
Exemple #12
0
        protected void Page_Load(object sender, EventArgs e)
        {
            if (Session["UserName"] == null)
            {
                Session["ErrorText"] = "לאורח אין גישה לעמוד זה ";
                Response.Redirect("ErrorPage.aspx");
            }
            else
            {
                if ((string)Session["Admin"] == "y" && Session["UpdateByAdmin"] != null)
                {
                    user = Session["UpdateByAdmin"].ToString();

                    string    cmdStr    = string.Format("SELECT  * FROM  UserDetails WHERE (UserName = N'{0}')", user);
                    DBAccesor dbAccesor = ServiceLocator.Instance.GetService <DBAccesor>();
                    DataTable dataTable = dbAccesor.runSelectCmd(cmdStr);


                    password  = dataTable.Rows[0]["Password"].ToString();
                    mail      = dataTable.Rows[0]["Mail"].ToString();
                    phone     = dataTable.Rows[0]["Phone"].ToString();
                    address   = dataTable.Rows[0]["Adress"].ToString();
                    birthDate = dataTable.Rows[0]["DateOfBirth"].ToString();
                    lName     = dataTable.Rows[0]["LastName"].ToString();
                    fName     = dataTable.Rows[0]["FirstName"].ToString();


                    if (Request.Form["updateBtn"] != null)
                    {
                        password  = Request.Form["pass"].ToString();
                        mail      = Request.Form["mail"].ToString();
                        phone     = Request.Form["phone"].ToString();
                        address   = Request.Form["address"].ToString();
                        birthDate = Request.Form["bd"].ToString();
                        lName     = Request.Form["lname"].ToString();
                        fName     = Request.Form["fname"].ToString();

                        string gender = "Rather not say";
                        if (Request.Form["gender"] != null)
                        {
                            gender = Request.Form["gender"].ToString();
                        }
                        if (phone == "")
                        {
                            phone = "No Data";
                        }
                        if (address == "")
                        {
                            address = "No Data";
                        }



                        dataTable.Rows[0]["FirstName"]   = fName;
                        dataTable.Rows[0]["LastName"]    = lName;
                        dataTable.Rows[0]["Password"]    = password;
                        dataTable.Rows[0]["Mail"]        = mail;
                        dataTable.Rows[0]["Phone"]       = phone;
                        dataTable.Rows[0]["Adress"]      = address;
                        dataTable.Rows[0]["Gender"]      = gender;
                        dataTable.Rows[0]["DateOfBirth"] = birthDate;

                        dbAccesor.updateTable(cmdStr, dataTable);
                        Session["UpdateByAdmin"] = null;
                        Response.Redirect("UsersIframeSrc.aspx");
                    }
                }
                else
                {
                    Response.Redirect("UsersIframeSrc.aspx");
                }
            }
        }