/// <summary> /// Save the feedback details /// </summary> /// <param name="sender"></param> /// <param name="e"></param> protected void btnsubmit_Click(object sender, EventArgs e) { try { string username = ""; string userorganization = ""; string useraddress = ""; string usercountry = ""; string usertelno = ""; string useremail = ""; string usercomments = ""; username = Convert.ToString(txtname.Text); userorganization = Convert.ToString(txtorg.Text); useraddress = Convert.ToString(txtaddr.Text); usercountry = Convert.ToString(country.SelectedItem.Text); usertelno = Convert.ToString(txttelno.Text); useremail = Convert.ToString(txtemail.Text); usercomments = Convert.ToString(txtcomment.Text); string streg = string.Empty; //establish sql connection //open database connection to connect to sql server connection.Open(); SqlCommand cmd = new SqlCommand("insert into feedbackform (name,organization,address,country,telno,email,comments) VALUES (@name,@organization,@address,@country,@telno,@email,@comments);", connection); cmd.Parameters.Add(new SqlParameter("@name", SqlDbType.NVarChar, 50)); cmd.Parameters.Add(new SqlParameter("@organization", SqlDbType.NVarChar, 50)); cmd.Parameters.Add(new SqlParameter("@address", SqlDbType.NVarChar, 200)); cmd.Parameters.Add(new SqlParameter("@country", SqlDbType.NVarChar, 150)); cmd.Parameters.Add(new SqlParameter("@telno", SqlDbType.NVarChar, 150)); cmd.Parameters.Add(new SqlParameter("@email", SqlDbType.NVarChar, 50)); cmd.Parameters.Add(new SqlParameter("@comments", SqlDbType.NVarChar, 150)); cmd.Parameters["@name"].Value = username; cmd.Parameters["@organization"].Value = userorganization; cmd.Parameters["@address"].Value = useraddress; cmd.Parameters["@country"].Value = usercountry; cmd.Parameters["@telno"].Value = usertelno; cmd.Parameters["@email"].Value = useremail; cmd.Parameters["@comments"].Value = usercomments; streg = cmd.ExecuteNonQuery().ToString(); //close database connection to disconnect to sql server connection.Close(); string strScript = ""; strScript = "alert('Thanking you! For your Valuable Feedback.');"; Page.ClientScript.RegisterStartupScript(this.GetType(), "alertBox", strScript, true); txtname.Text = ""; txtemail.Text = ""; txtorg.Text = ""; txttelno.Text = ""; txtcomment.Text = ""; country.SelectedIndex = -1; txtaddr.Text = ""; SendMail(username, userorganization, useraddress, usercountry, usertelno, useremail, usercomments); } catch (Exception ex) { err.insert_exception(ex, excep_page); Response.Redirect("ErrorPage.aspx"); } }
/// <summary> /// summary description to insert resume details into table /// </summary> /// <param name="Name">File Name</param> /// <param name="FilePath">File path</param> private void ExecuteInsert(string Name, string FilePath) { string sql = "INSERT INTO post_resume (ufname,email,pwd,location,mob,expyrs,expmonths,skills,profileheading,industry,functionalarea,basiceducation,mastereducation,filename,filepath) VALUES " + " (@ufname,@email,@pwd,@location,@mob,@expyrs,@expmonths,@skills,@profileheading,@industry,@functionalarea,@basiceducation,@mastereducation,@filename,@filepath)"; try { conn.Open(); SqlCommand cmd = new SqlCommand(sql, conn); SqlParameter[] param = new SqlParameter[15]; param[0] = new SqlParameter("@ufname", SqlDbType.NVarChar, 50); param[1] = new SqlParameter("@email", SqlDbType.VarChar, 50); param[2] = new SqlParameter("@pwd", SqlDbType.VarChar, 50); param[3] = new SqlParameter("@location", SqlDbType.VarChar, 150); param[4] = new SqlParameter("@mob", SqlDbType.VarChar, 20); param[5] = new SqlParameter("@expyrs", SqlDbType.VarChar, 50); param[6] = new SqlParameter("@expmonths", SqlDbType.NVarChar, 50); param[7] = new SqlParameter("@skills", SqlDbType.VarChar, 50); param[8] = new SqlParameter("@profileheading", SqlDbType.VarChar, 50); param[9] = new SqlParameter("@industry", SqlDbType.VarChar, 50); param[10] = new SqlParameter("@functionalarea", SqlDbType.VarChar, 50); param[11] = new SqlParameter("@basiceducation", SqlDbType.NVarChar, 50); param[12] = new SqlParameter("@mastereducation", SqlDbType.VarChar, 50); param[13] = new SqlParameter("@filename", SqlDbType.VarChar, 100); param[14] = new SqlParameter("@filepath", SqlDbType.VarChar, 100); param[0].Value = txtfullname.Text; param[1].Value = txtemail.Text; param[2].Value = txtpwd.Text; param[3].Value = txtlocation.Text; param[4].Value = txtmob.Text; param[5].Value = ddlyears.SelectedItem.Text; param[6].Value = ddlmonths.SelectedItem.Text; param[7].Value = txtskills.Text; param[8].Value = txtheadingprofile.Text; param[9].Value = ddlindustry.SelectedItem.Text; param[10].Value = ddlfunctionalarea.SelectedItem.Text; param[11].Value = ddlbasicedu.SelectedItem.Text; param[12].Value = ddlmasteredu.SelectedItem.Text; param[13].Value = Name; param[14].Value = FilePath; for (int i = 0; i < param.Length; i++) { cmd.Parameters.Add(param[i]); } cmd.CommandType = CommandType.Text; cmd.ExecuteNonQuery(); } catch (Exception ex) { err.insert_exception(ex, excep_page); Response.Redirect("ErrorPage.aspx"); } finally { conn.Close(); } }