protected void submitPropRoom(object sender, EventArgs e) { sc.Open(); SqlCommand insert = new SqlCommand("SELECT PropertyID FROM [Capstone].[dbo].[Property] WHERE HostID = @HostID", sc); insert.Parameters.AddWithValue("@HostID", Convert.ToInt32(Session["hostID"])); insert.Connection = sc; int propertyID = Convert.ToInt32(insert.ExecuteScalar()); insert.ExecuteNonQuery(); sc.Close(); double monthlyPrice = Convert.ToDouble(monthlyPriceTextbox.Text); int sqFoot = Convert.ToInt32(squareFootageTextbox.Text); String avail = DropDownListAvailibility.SelectedValue; String display = displayTextbox.Text; PropertyRoom newRoom = new PropertyRoom(propertyID, monthlyPrice, sqFoot, avail, display); using (SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["RDSConnectionString"].ConnectionString)) { using (SqlCommand command = new SqlCommand()) { command.Connection = connection; command.CommandType = CommandType.Text; command.CommandText = "INSERT INTO [dbo].[PropertyRoom] ([PropertyID],[TenantID],[MonthlyPrice],[SquareFootage],[Availability],[BriefDescription],[LastUpdatedBy],[LastUpdated]) VALUES (@propid,@tenantid,@price,@sqft,@avail,@desc,@lub,@lu)"; command.Parameters.AddWithValue("@propid", newRoom.propertyID); command.Parameters.AddWithValue("@tenantid", newRoom.tenantID); command.Parameters.AddWithValue("@price", newRoom.monthlyPrice); command.Parameters.AddWithValue("@sqft", newRoom.squareFootage); command.Parameters.AddWithValue("@avail", newRoom.availability); command.Parameters.AddWithValue("@desc", newRoom.briefDescription); command.Parameters.AddWithValue("@lub", "Kessler"); command.Parameters.AddWithValue("@lu", DateTime.Now); try { connection.Open(); int recordsAffected = command.ExecuteNonQuery(); } catch (Exception t) { string f = t.ToString(); } finally { connection.Close(); Response.Redirect("CreateAccountSafetyHomeowner.aspx"); } } } }
protected void Page_Load(object sender, EventArgs e) { //session clear to ensure exiting out of tab string strPreviousPage = ""; if (Request.UrlReferrer != null) { strPreviousPage = Request.UrlReferrer.Segments[Request.UrlReferrer.Segments.Length - 1]; } if (strPreviousPage == "") { Session["LoggedIn"] = "false"; Response.Redirect("Login.aspx"); } sc.Open(); int accountID = Convert.ToInt32(Session["accountID"]); //get accountID to see which account (admin, tenant, or host) it is to populate dashboard SqlCommand insert = new SqlCommand("SELECT HostID FROM [dbo].[Login] WHERE AccountID = @AccountID", sc); insert.Parameters.AddWithValue("@AccountID", accountID); insert.Connection = sc; int hostID = Convert.ToInt32(insert.ExecuteScalar()); insert.ExecuteNonQuery(); Session["hostID"] = hostID; SqlCommand filter = new SqlCommand("SELECT FirstName, LastName, PhoneNumber, Email, BackgroundCheckResult, imageV2, HostBio FROM [dbo].[Host] WHERE HostID = @HostID", sc); filter.Parameters.AddWithValue("@HostID", hostID); SqlDataReader rdr = filter.ExecuteReader(); String backgroundCheckResult; while (rdr.Read()) { nameTextbox.Text = HttpUtility.HtmlEncode(rdr["FirstName"].ToString()) + " " + HttpUtility.HtmlEncode(rdr["LastName"].ToString()); emailTextbox.Text = HttpUtility.HtmlEncode(rdr["Email"].ToString()); phoneTextbox.Text = HttpUtility.HtmlEncode(rdr["PhoneNumber"].ToString()); dashboardTitle.Text = HttpUtility.HtmlEncode(rdr["FirstName"].ToString()) + "'s Dashboard"; hostBioTextbox.Text = HttpUtility.HtmlEncode(rdr["HostBio"].ToString()); backgroundCheckResult = HttpUtility.HtmlEncode(rdr["BackgroundCheckResult"].ToString()); if (backgroundCheckResult == "y") { backgroundCheckResultTitle.Text = "Complete"; image7.ImageUrl = "images/icons-07.png"; backgroundCheckResultLbl.Text = "Your Background Check has been completed. Background checks are important to us, we take your safety seriously. To find out more about the background check process, click the button below."; } if (backgroundCheckResult == "r") { backgroundCheckResultTitle.Text = "Denied"; image7.ImageUrl = "images/icons-08.png"; backgroundCheckResultLbl.Text = "Your Background Check has been denied. Background checks are important to us. We take our users safety seriously. To find out more about the background check process, click the button below."; } else { backgroundCheckResultTitle.Text = "Incomplete"; image7.ImageUrl = "images/NC.png"; backgroundCheckResultLbl.Text = "Our people are working hard to get your background check completed. Background checks are important to us, we take your safety seriously. To find out more about the background check process, click the button below."; } byte[] ppImgData = (byte[])rdr["imagev2"]; string ppImage = "data:image;base64," + Convert.ToBase64String(ppImgData, 0, ppImgData.Length); image1.ImageUrl = ppImage; } usernameTextbox.Text = Session["username"].ToString(); int hostIDRefresh = Convert.ToInt32(Session["hostID"]); Message.lstHostMessages.Clear(); //Change badge property info int roomID = Convert.ToInt32(Session["RoomID"]); SqlCommand badge2 = new SqlCommand("SELECT PrivateEntrance, Kitchen, PrivateBathroom, Furnished, ClosetSpace, NonSmoker FROM [dbo].[BadgeProperty] WHERE RoomID =" + roomID, sc); SqlDataReader rdr2 = badge2.ExecuteReader(); while (rdr2.Read()) { privateEntrance = HttpUtility.HtmlEncode(rdr2["privateEntrance"].ToString()); kitchen = HttpUtility.HtmlEncode(rdr2["Kitchen"].ToString()); privateBathroom = HttpUtility.HtmlEncode(rdr2["privateBathroom"].ToString()); furnish = Session["Furnished"].ToString(); storage = Session["Storage"].ToString(); smoker = Session["Smoker"].ToString(); } SqlCommand filterProp = new SqlCommand("SELECT Property.HostID, Property.PropertyID, Property.HouseNumber, PropertyRoom.BriefDescription, " + "PropertyRoom.RoomDescription, Property.Street, Property.Zip, Property.CityCounty, Property.HomeState, Property.MonthlyPrice, PropertyRoom.Image1 as PRimage1, PropertyRoom.Image2 as PRimage2, PropertyRoom.Image3 as PRimage3 FROM PropertyRoom" + " INNER JOIN Property ON PropertyRoom.PropertyID = Property.PropertyID WHERE Property.HostID = @HostID", sc); filterProp.Parameters.AddWithValue("@HostID", hostID); SqlDataReader readr = filterProp.ExecuteReader(); while (readr.Read()) { addressTextbox.Text = HttpUtility.HtmlEncode(readr["HouseNumber"].ToString()) + " " + HttpUtility.HtmlEncode(readr["Street"].ToString()) + " " + HttpUtility.HtmlEncode(readr["CityCounty"].ToString()) + ", " + HttpUtility.HtmlEncode(readr["HomeState"].ToString()) + " " + HttpUtility.HtmlEncode(readr["Zip"].ToString()); } //------------------------------------------------------------------------------------------------------------ //display property rooms PropertyRoom.listPropertyRoom.Clear(); using (SqlConnection connection = new SqlConnection(WebConfigurationManager.ConnectionStrings["RDSConnectionString"].ConnectionString)) { using (SqlCommand command = new SqlCommand()) { hostID = Convert.ToInt32(Session["hostID"]); command.Connection = connection; command.CommandType = CommandType.Text; command.CommandText = "SELECT PropertyRoom.RoomID, PropertyRoom.PropertyID, Host.HostID, PropertyRoom.MonthlyPrice, isnull(PropertyRoom.BriefDescription, 'No Description') as BriefDescription, isnull(PropertyRoom.RoomDescription, 'No Description') as RoomDescription, PropertyRoom.Availability," + "PropertyRoom.SquareFootage, PropertyRoom.Image1, PropertyRoom.Image2, PropertyRoom.Image3 FROM [dbo].[Host] inner join [dbo].[Property]" + "on Property.HostID = Host.HostID left join [dbo].[PropertyRoom] ON PropertyRoom.propertyID = Property.PropertyID WHERE Host.HostID = @HostID"; command.Parameters.AddWithValue("@HostID", hostID); try { connection.Open(); using (SqlDataReader reader = command.ExecuteReader()) { if (reader.HasRows) { while (reader.Read()) { int propertyID = Convert.ToInt32(HttpUtility.HtmlEncode(reader["PropertyID"])); string description = HttpUtility.HtmlEncode((string)reader["BriefDescription"]); int id = Convert.ToInt32(HttpUtility.HtmlEncode(reader["RoomID"])); string price = HttpUtility.HtmlEncode(Math.Round(Convert.ToDouble(reader["MonthlyPrice"])).ToString()); string squareFootage = HttpUtility.HtmlEncode((string)reader["SquareFootage"]); string availability = HttpUtility.HtmlEncode((string)reader["Availability"]); string roomDescription = HttpUtility.HtmlEncode((string)reader["RoomDescription"]); byte[] imgData1; byte[] imgData2; byte[] imgData3; try { imgData1 = (byte[])reader["Image1"]; } catch { imgData1 = (byte[])Session["defaultPicture"]; } try { imgData2 = (byte[])reader["Image2"]; } catch { imgData2 = (byte[])Session["defaultPicture"]; } try { imgData3 = (byte[])reader["Image3"]; } catch { imgData3 = (byte[])Session["defaultPicture"]; } string image1 = "data:image;base64," + Convert.ToBase64String(imgData1, 0, imgData1.Length); string image2 = "data:image;base64," + Convert.ToBase64String(imgData2, 0, imgData2.Length); string image3 = "data:image;base64," + Convert.ToBase64String(imgData3, 0, imgData3.Length); PropertyRoom newRoom = new PropertyRoom(propertyID, price, squareFootage, availability, description, roomDescription, image1, image2, image3); PropertyRoom.listPropertyRoom.Add(newRoom); } } } } catch (SqlException t) { string b = t.ToString(); } finally { connection.Close(); } } } //displays all of host messages string messageSender = Session["username"].ToString(); using (SqlConnection connection = new SqlConnection(WebConfigurationManager.ConnectionStrings["RDSConnectionString"].ConnectionString)) { using (SqlCommand command = new SqlCommand()) { command.Connection = connection; command.CommandType = CommandType.Text; command.CommandText = "select Host.FirstName HostFirst, Host.LastName HostLast, [dbo].[Message].[HostID], " + "[dbo].[Message].[TenantID], [dbo].[Message].[Message], [dbo].[Message].[MessageDate], [dbo].[Message].[LastUpdatedBy], " + "[dbo].[Message].[LastUpdated], [dbo].[Tenant].FirstName TenantFirst, [dbo].[Tenant].LastName TenantLast " + "from [dbo].[Host] left join [dbo].[Message] on [dbo].[Host].HostID = [dbo].[Message].HostID " + "left join [dbo].[Tenant] on [dbo].[Message].TenantID = [dbo].[Tenant].TenantID " + "where Message.HostID = @hostid order by Message.MessageID desc"; command.Parameters.AddWithValue("@hostid", hostIDRefresh); try { connection.Open(); using (SqlDataReader reader = command.ExecuteReader()) { if (reader.HasRows) { while (reader.Read()) { int hostid = Convert.ToInt32(HttpUtility.HtmlEncode(reader["HostID"])); int tenantid = Convert.ToInt32(HttpUtility.HtmlEncode(reader["TenantID"])); string message = HttpUtility.HtmlEncode((string)reader["Message"]); string lub = HttpUtility.HtmlEncode((string)reader["LastUpdatedBy"]); string tenantName = HttpUtility.HtmlEncode((string)reader["TenantFirst"]) + " " + HttpUtility.HtmlEncode((string)reader["TenantLast"]); Message msg = new Message(tenantid, hostid, message, lub); msg.setMessageDate(Convert.ToDateTime(HttpUtility.HtmlEncode(reader["MessageDate"]))); string recieverName = string.Empty; if (messageSender.Equals(lub)) { recieverName = "To: " + HttpUtility.HtmlEncode((string)reader["TenantFirst"]) + " " + HttpUtility.HtmlEncode((string)reader["TenantLast"]) + "\tFrom: Me"; } else { recieverName = "To: Me\tFrom: " + HttpUtility.HtmlEncode((string)reader["TenantFirst"]) + " " + HttpUtility.HtmlEncode((string)reader["TenantLast"]); } msg.setRecieverName(recieverName); msg.setTenantName(tenantName); Message.lstHostMessages.Add(msg); } } else { //lblInvalidSearch.Text = "Search returned no properties"; } } } catch (SqlException t) { string b = t.ToString(); } finally { connection.Close(); } } } //populates dropdown for messages using (SqlConnection connection = new SqlConnection(WebConfigurationManager.ConnectionStrings["RDSConnectionString"].ConnectionString)) { using (SqlCommand command = new SqlCommand()) { command.Connection = connection; command.CommandType = CommandType.Text; command.CommandText = "select distinct [dbo].[Tenant].FirstName, [dbo].[Tenant].LastName, [dbo].[Message].TenantID " + "from [dbo].[Message] left join [dbo].[Tenant] on [dbo].[Message].TenantID = [dbo].[Tenant].TenantID " + "where [dbo].[Message].HostID = @hostid"; command.Parameters.AddWithValue("@hostid", hostIDRefresh); try { connection.Open(); using (SqlDataReader reader = command.ExecuteReader()) { if (reader.HasRows) { while (reader.Read()) { ListItem item = new ListItem(); var val = Convert.ToInt32(HttpUtility.HtmlEncode(reader["TenantID"])); item.Text = HttpUtility.HtmlEncode((string)reader["FirstName"]) + HttpUtility.HtmlEncode((string)reader["Lastname"]); item.Value = val.ToString(); tenantNameDropdown.Items.Add(item); } } else { //lblInvalidSearch.Text = "Search returned no properties"; } } } catch (SqlException t) { string b = t.ToString(); } finally { connection.Close(); } } } lvMessagesHost.DataSource = Message.lstHostMessages; lvMessagesHost.DataBind(); lvPropertyRoom.DataSource = PropertyRoom.listPropertyRoom; lvPropertyRoom.DataBind(); }
protected void submitPropRoom(object sender, EventArgs e) { Session["privateBathroom"] = rbPrivateBr.SelectedValue; Session["privateEntrance"] = rbPrivateEntr.SelectedValue; Session["Storage"] = rbStorage.SelectedValue; Session["Furnished"] = rbFurnished.SelectedValue; Session["Smoker"] = rbSmoke.SelectedValue; Session["Kitchen"] = rbKitchen.SelectedValue; privateBath = Session["privateBathroom"].ToString(); privateEnt = Session["privateEntrance"].ToString(); storage = Session["Storage"].ToString(); furnish = Session["Furnished"].ToString(); smoker = Session["Smoker"].ToString(); kitchen = Session["Kitchen"].ToString(); sc.Open(); //find hostid SqlCommand insert = new SqlCommand("SELECT PropertyID FROM [dbo].[Property] WHERE HostID = @HostID", sc); insert.Parameters.AddWithValue("@HostID", Convert.ToInt32(Session["hostID"])); insert.Connection = sc; int propertyID = Convert.ToInt32(insert.ExecuteScalar()); insert.ExecuteNonQuery(); //find accountid SqlCommand getAccountID = new SqlCommand("SELECT AccountID FROM [dbo].[Login] WHERE HostID = @HostID", sc); getAccountID.Parameters.AddWithValue("@HostID", Convert.ToInt32(Session["hostID"])); getAccountID.Connection = sc; int accountID = Convert.ToInt32(getAccountID.ExecuteScalar()); getAccountID.ExecuteNonQuery(); Session["accountID"] = accountID; sc.Close(); string monthlyPrice = (Convert.ToDouble(monthlyPriceTextbox.Text)).ToString(); String sqFoot = DropDownListSize.SelectedValue; String avail = DropDownListAvailability.SelectedValue; String display = displayTextbox.Text; String roomDescription = bioTextbox.Text; //insert property room into property room description int roomID; Session["RoomID"] = null; string image1 = ""; string image2 = ""; string image3 = ""; PropertyRoom newRoom = new PropertyRoom(propertyID, monthlyPrice, sqFoot, avail, display, roomDescription, image1, image2, image3); System.Data.SqlClient.SqlCommand insertBadgeProperty = new System.Data.SqlClient.SqlCommand(); using (SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["RDSConnectionString"].ConnectionString)) { using (SqlCommand command = new SqlCommand()) { command.Connection = connection; command.CommandType = CommandType.Text; command.CommandText = "INSERT INTO [dbo].[PropertyRoom] ([PropertyID],[TenantID],[MonthlyPrice],[SquareFootage],[Availability],[BriefDescription],[RoomDescription],[LastUpdatedBy],[LastUpdated],[Image1],[Image2],[Image3]) VALUES (@propid,@tenantid,@price,@sqft,@avail,@desc,@roomdescrip,@lub,@lu, @image1, @image2, @image3)"; command.Parameters.AddWithValue("@propid", newRoom.propertyID); command.Parameters.AddWithValue("@tenantid", DBNull.Value); command.Parameters.AddWithValue("@price", monthlyPriceTextbox.Text); command.Parameters.AddWithValue("@sqft", newRoom.squareFootage); command.Parameters.AddWithValue("@avail", newRoom.availability); command.Parameters.AddWithValue("@desc", newRoom.briefDescription); command.Parameters.AddWithValue("@roomdescrip", newRoom.roomDescription); command.Parameters.AddWithValue("@lub", "Kessler"); command.Parameters.AddWithValue("@lu", DateTime.Now); command.Parameters.AddWithValue("@image1", 0); command.Parameters.AddWithValue("@image2", 0); command.Parameters.AddWithValue("@image3", 0); connection.Open(); int recordsAffected = command.ExecuteNonQuery(); connection.Close(); try { connection.Open(); SqlCommand room = new SqlCommand("SELECT MAX(RoomID) FROM [dbo].[PropertyRoom]", connection); room.Connection = connection; roomID = Convert.ToInt32(room.ExecuteScalar()); Session["RoomID"] = roomID; room.ExecuteNonQuery(); BadgeProperty newBadgeProperty = new BadgeProperty(roomID, privateEnt, kitchen, privateBath, furnish, storage, smoker); //insert badge insertBadgeProperty.CommandText = "INSERT INTO [dbo].[BadgeProperty] (RoomID, PrivateEntrance, Kitchen, PrivateBathroom, Furnished, ClosetSpace, NonSmoker) VALUES (@roomID, @privateEnt, @kitchen, @privateBath, @furnish, @storage, @smoker);"; insertBadgeProperty.Parameters.AddWithValue("@roomID", newBadgeProperty.RoomID); insertBadgeProperty.Parameters.AddWithValue("@privateEnt", newBadgeProperty.privateEntrance); insertBadgeProperty.Parameters.AddWithValue("@kitchen", newBadgeProperty.kitchen); insertBadgeProperty.Parameters.AddWithValue("@privateBath", newBadgeProperty.privateBathroom); insertBadgeProperty.Parameters.AddWithValue("@furnish", newBadgeProperty.furnished); insertBadgeProperty.Parameters.AddWithValue("@storage", newBadgeProperty.closetSpace); insertBadgeProperty.Parameters.AddWithValue("@smoker", newBadgeProperty.nonSmoker); insertBadgeProperty.Connection = connection; insertBadgeProperty.ExecuteNonQuery(); } catch (Exception t) { string f = t.ToString(); } finally { connection.Close(); } } } //validates photo and upload photos if (FileUploadControl.HasFile) { HttpPostedFile postedFile = FileUploadControl.PostedFile; string fileName = Path.GetFileName(postedFile.FileName); string fileExtension = Path.GetExtension(fileName); int fileSize = postedFile.ContentLength; if (fileExtension.ToLower() == ".jpg" || fileExtension.ToLower() == ".bmp" || fileExtension.ToLower() == ".gif" || fileExtension.ToLower() == ".png") { sc.Open(); Stream stream = postedFile.InputStream; BinaryReader br = new BinaryReader(stream); byte[] bytes = br.ReadBytes((int)stream.Length); SqlCommand cmd = new SqlCommand("UPDATE [dbo].[PropertyRoom] SET Image1 = @imgdata WHERE RoomID = @RoomID", sc); cmd.Parameters.AddWithValue("@RoomID", Session["RoomID"]); cmd.Parameters.AddWithValue("@imgdata", bytes); cmd.ExecuteNonQuery(); sc.Close(); StatusLabel.Text = "Image Uploaded successfully"; } else { StatusLabel.Text = "Only Images (.jpg, .png, .gif and .bmp) can be uploaded!"; return; } } else { StatusLabel.Text = "Please select an image to upload"; return; } if (FileUpload2.HasFile) { HttpPostedFile postedFile = FileUpload2.PostedFile; string fileName = Path.GetFileName(postedFile.FileName); string fileExtension = Path.GetExtension(fileName); int fileSize = postedFile.ContentLength; if (fileExtension.ToLower() == ".jpg" || fileExtension.ToLower() == ".bmp" || fileExtension.ToLower() == ".gif" || fileExtension.ToLower() == ".png") { sc.Open(); Stream stream = postedFile.InputStream; BinaryReader br = new BinaryReader(stream); byte[] bytes = br.ReadBytes((int)stream.Length); SqlCommand cmd = new SqlCommand("UPDATE [dbo].[PropertyRoom] SET Image2 = @imgdata WHERE RoomID = @RoomID", sc); cmd.Parameters.AddWithValue("@RoomID", Session["RoomID"]); cmd.Parameters.AddWithValue("@imgdata", bytes); cmd.ExecuteNonQuery(); sc.Close(); StatusLabel.Text = "Image Uploaded successfully"; } else { StatusLabel.Text = "Only Images (.jpg, .png, .gif and .bmp) can be uploaded!"; return; } } if (FileUpload3.HasFile) { HttpPostedFile postedFile = FileUpload3.PostedFile; string fileName = Path.GetFileName(postedFile.FileName); string fileExtension = Path.GetExtension(fileName); int fileSize = postedFile.ContentLength; if (fileExtension.ToLower() == ".jpg" || fileExtension.ToLower() == ".bmp" || fileExtension.ToLower() == ".gif" || fileExtension.ToLower() == ".png") { sc.Open(); Stream stream = postedFile.InputStream; BinaryReader br = new BinaryReader(stream); byte[] bytes = br.ReadBytes((int)stream.Length); SqlCommand cmd = new SqlCommand("UPDATE [dbo].[PropertyRoom] SET Image3 = @imgdata WHERE RoomID = @RoomID", sc); cmd.Parameters.AddWithValue("@RoomID", Session["RoomID"]); cmd.Parameters.AddWithValue("@imgdata", bytes); cmd.ExecuteNonQuery(); sc.Close(); StatusLabel.Text = "Image Uploaded successfully"; } else { StatusLabel.Text = "Only Images (.jpg, .png, .gif and .bmp) can be uploaded!"; return; } } Response.Redirect("CreateAccountSafetyHomeowner.aspx"); }