internal void XogGalin(HomeSet homeSet)
{
SqlCommand command = new SqlCommand("INSERT INTO Seveces values(@SName, @PhotoFormat, @Description, @ColorType, @Price)", conn);
//command.Parameters.AddWithValue("@SName", homeSet.Name);
//command.Parameters.AddWithValue("@PhotoFormat", homeSet.PhotoFormat);
//command.Parameters.AddWithValue("@Description", homeSet.Description);
//command.Parameters.AddWithValue("@ColorType", homeSet.ColorType);
//command.Parameters.AddWithValue("@Price", homeSet.Price);
}
public ActionResult MakeOrder(int?Id, HomeSet homeSet, HttpPostedFileBase file)
{
try
{
CreateProcedure(Id, homeSet, file);
return(RedirectToAction("All_Services"));
}
catch
{
return(View());
}
}
public ActionResult MakeOrderForEnteredUser(int?Id, HomeSet homeSet, HttpPostedFileBase file)
{
try
{
GetOrderNo();
SessionParameter sessionParameter = new SessionParameter();
sessionParameter.Name = Session["Id"].ToString();
//CheckUser(sessionParameter);
CreateProcedureForLogined(Id, homeSet, file, sessionParameter);
return(RedirectToAction("All_Services"));
}
catch
{
return(View());
}
}
public ActionResult MakeOrderForEnteredUser(int?Id, HomeSet homeset)
{
if (Id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
if (photoService == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.NotFound));
}
if (Session["name"] == null || Session["Id"] == null)
{
RedirectToAction("Home");
}
return(View());
}
public HomeSet CreateProcedureForLogined(int?id, HomeSet homeSet, HttpPostedFileBase file, SessionParameter sessionParameter)
{
int orderNumber = Convert.ToInt32(homeset.OrderNo);
sessionParameter.Name = (Session["id"]).ToString();
if (orderNumber == 0)
{
using (SqlConnection sqlConnection = new SqlConnection(mainconn))
{
sqlConnection.Open();
string command = "INSERT INTO [dbo].[Orders](UserId,TotalPrice) VALUES(@UserId, ((SELECT Price FROM [dbo].[Seveces] WHERE serviceId = @Id)*@Copies));" +
"INSERT INTO [dbo].[Order_Services](serviceID, orderID, Photo,NumbCopies ) VALUES (@Id,(SELECT OrderId FROM [dbo].[Orders] WHERE UserId = @UserId AND StatusId = 1), @Image, @Copies);";
SqlCommand sqlCommand = new SqlCommand(command, sqlConnection);
sqlCommand.Parameters.AddWithValue("@UserId", int.Parse(sessionParameter.Name));
sqlCommand.Parameters.AddWithValue("@Id", id);
//sqlCommand.Parameters.AddWithValue("@TotalPrice", homeSet.Price);
sqlCommand.Parameters.AddWithValue("@Copies", homeSet.copies);
if (file != null && file.ContentLength > 0)
{
string filename = Path.GetFileName(file.FileName);
string imgpath = Path.Combine(Server.MapPath("~/User-Images/"), filename);
file.SaveAs(imgpath);
}
sqlCommand.Parameters.AddWithValue("@Image", "~/User-Images/" + file.FileName);
sqlCommand.ExecuteNonQuery();
sqlConnection.Close();
}
return(homeset);
}
else
{
using (SqlConnection sqlConnection = new SqlConnection(mainconn))
{
//int orderNumber = Convert.ToInt32(homeset.OrderNo);
sqlConnection.Open();
string command = "INSERT INTO [dbo].[Order_Services](serviceID, orderID, Photo,NumbCopies ) VALUES (@Id,@OrderId, @Image, @Copies);" +
"UPDATE [dbo].[Orders] SET TotalPrice = TotalPrice + ((SELECT Price From [dbo].[Seveces] WHERE serviceId = @Id)*@Copies);";
SqlCommand sqlCommand = new SqlCommand(command, sqlConnection);
sqlCommand.Parameters.AddWithValue("@UserId", int.Parse(sessionParameter.Name));
sqlCommand.Parameters.AddWithValue("@Id", id);
sqlCommand.Parameters.AddWithValue("@OrderId", orderNumber);
sqlCommand.Parameters.AddWithValue("@Copies", homeSet.copies);
if (file != null && file.ContentLength > 0)
{
string filename = Path.GetFileName(file.FileName);
string imgpath = Path.Combine(Server.MapPath("~/User-Images/"), filename);
file.SaveAs(imgpath);
}
sqlCommand.Parameters.AddWithValue("@Image", "~/User-Images/" + file.FileName);
sqlCommand.ExecuteNonQuery();
sqlConnection.Close();
}
return(homeset);
}
}
public HomeSet CreateProcedure(int?id, HomeSet homeSet, HttpPostedFileBase file)
{
Random random = new Random();
string encriptValue = (random.Next(100000, 200000).ToString());
var Enctipt = FormsAuthentication.HashPasswordForStoringInConfigFile(encriptValue, "SHA1");
Enctipt = Enctipt.Substring(0, 12);
homeSet.register.Password = Enctipt;
//int ClientID;
using (SqlConnection sqlConnection = new SqlConnection(mainconn))
{
sqlConnection.Open();
string command = "INSERT INTO [dbo].[Users] ([UserName],[UserSurname],[Phone],[Email],[Password]) VALUES (@UserName,@UserSurname,@Phone,@Email,@Password)";
SqlCommand sqlCommand = new SqlCommand(command, sqlConnection);
sqlCommand.Parameters.AddWithValue("@UserName", homeSet.register.UserName);
sqlCommand.Parameters.AddWithValue("@UserSurname", homeSet.register.UserSurname);
sqlCommand.Parameters.AddWithValue("@Phone", homeSet.register.Phone);
sqlCommand.Parameters.AddWithValue("@Email", homeSet.register.Email);
sqlCommand.Parameters.AddWithValue("@Password", homeSet.register.Password);
sqlCommand.ExecuteNonQuery();
sqlConnection.Close();
}
using (SqlConnection sqlConnection = new SqlConnection(mainconn))
{
sqlConnection.Open();
string sql = "SELECT UserId FROM [dbo].[Users] WHERE Email = @Email";
using (var commant = new SqlCommand(sql, sqlConnection))
{
commant.Parameters.AddWithValue("@Email", homeSet.register.Email);
using (var reader = commant.ExecuteReader())
{
while (reader.Read())
{
homeset.UserId = Convert.ToInt32(reader.GetValue(0));
}
reader.Close();
}
}
sqlConnection.Close();
}
using (SqlConnection sqlConnection = new SqlConnection(mainconn))
{
int UserID = (int)homeset.UserId;
sqlConnection.Open();
string cmd = "INSERT INTO [dbo].[Orders](UserId,TotalPrice) VALUES(@UserId, ((SELECT Price FROM [dbo].[Seveces] WHERE serviceId = @Id)*@Copies));" +
"INSERT INTO [dbo].[Order_Services](serviceID, orderID, Photo,NumbCopies ) VALUES (@Id,(SELECT OrderId FROM [dbo].[Orders] WHERE UserId = @UserId AND StatusId = 1), @Image ,@Copies);";
SqlCommand sqlCommand = new SqlCommand(cmd, sqlConnection);
sqlCommand.Parameters.AddWithValue("@Id", id);
sqlCommand.Parameters.AddWithValue("@Copies", homeSet.copies);
sqlCommand.Parameters.AddWithValue("@UserId", UserID);
if (file != null && file.ContentLength > 0)
{
string filename = Path.GetFileName(file.FileName);
string imgpath = Path.Combine(Server.MapPath("~/User-Images/"), filename);
file.SaveAs(imgpath);
}
sqlCommand.Parameters.AddWithValue("@Image", "~/User-Images/" + file.FileName);
sqlCommand.ExecuteNonQuery();
sqlConnection.Close();
}
return(homeset);
}
