public DataSet INSERT_UPDATE_StudentTravelPlanAirTicket(mTravelPlanAirTicket _obj) { try { _cn.Open(); SqlCommand _cmd = new SqlCommand("INSERT_UPDATE_StudentTravelPlanAirTicket", _cn); _cmd.Parameters.AddWithValue("@StudentID", _obj.StudentID); _cmd.Parameters.AddWithValue("@ApplicationNo", _obj.ApplicationNo); _cmd.Parameters.AddWithValue("@HaveBookedTicket", _obj.HaveBookedTicket); if (_obj.LandingDate != null) { if (_obj.LandingDate.Equals("")) { _cmd.Parameters.AddWithValue("@LandingDate", DBNull.Value); } else { _cmd.Parameters.AddWithValue("@LandingDate", DateTime.ParseExact(_obj.LandingDate.ToString(), "dd-MM-yyyy", null)); } } else { _cmd.Parameters.AddWithValue("@LandingDate", DBNull.Value); } _cmd.Parameters.AddWithValue("@LandingTime", _obj.LandingTime); _cmd.Parameters.AddWithValue("@OriginCountry", _obj.OriginCountry); _cmd.Parameters.AddWithValue("@OriginAirport", _obj.OriginAirport); _cmd.Parameters.AddWithValue("@OtherOriginAirport", _obj.OtherOriginAirport); _cmd.Parameters.AddWithValue("@DestinationCountry", _obj.DestinationCountry); _cmd.Parameters.AddWithValue("@DestinationAirport", _obj.DestinationAirport); _cmd.Parameters.AddWithValue("@OtherDestinationAirport", _obj.OtherDestinationAirport); _cmd.Parameters.AddWithValue("@ETicket", _obj.ETicket); _cmd.Parameters.AddWithValue("@CreatedIP", _obj.CreatedIP); _cmd.CommandType = CommandType.StoredProcedure; SqlDataAdapter _adp = new SqlDataAdapter(_cmd); DataSet _ds = new DataSet(); _adp.Fill(_ds); _adp.Dispose(); _cmd.Dispose(); return(_ds); } catch (Exception) { throw; } finally { _cn.Close(); } }
public JsonResult SaveAirTicket(mTravelPlanAirTicket _obj) { string path = ""; string folderPath = ""; string Message = string.Empty, Code = string.Empty, Error = string.Empty; try { string filename = ""; string fname = ""; if (Request.Files.Count > 0) { if (Request.Files[0].ContentLength > 0) { HttpFileCollectionBase files = Request.Files; folderPath = "Uploads/studentDocument/TravelPlan/" + Session["studentid"].ToString() + "/"; path = AppDomain.CurrentDomain.BaseDirectory + folderPath; filename = Path.GetFileName(Request.Files[0].FileName); HttpPostedFileBase file = files[0]; filename = Session["ApplicationNo"].ToString() + "_AirTicket_" + DateTime.Now.ToString("yyyyMMddhhmmss") + Path.GetExtension(file.FileName); if (!Directory.Exists(path)) { Directory.CreateDirectory(path); } else { string[] curentfiles = Directory.GetFiles(path); foreach (string curentfile in curentfiles) { if (curentfile.IndexOf(filename) >= 0) { #pragma warning disable SCS0018 // Path traversal: injection possible in {1} argument passed to '{0}' System.IO.File.Delete(path: curentfile); #pragma warning restore SCS0018 // Path traversal: injection possible in {1} argument passed to '{0}' } } } fname = Path.Combine(Server.MapPath("~/" + folderPath), filename); file.SaveAs(fname); if (_obj.HaveBookedTicket == "Yes, I have booked air ticket") { _obj.ETicket = folderPath + filename; } } } _obj.CreatedIP = Session["localIP"].ToString(); _obj.StudentID = Session["StudentID"].ToString(); _obj.ApplicationNo = Session["ApplicationNo"].ToString(); TravelPlanRepository _objRepository = new TravelPlanRepository(); DataSet _ds = _objRepository.INSERT_UPDATE_StudentTravelPlanAirTicket(_obj); if (_ds != null) { if (_ds.Tables[0].Rows.Count > 0) { Message = "Details saved successfully!"; Code = "success"; Session["HasAirTicketDetails"] = "True"; } else { Message = "Error from server side. Kindly refresh the page and try again."; Code = "servererror"; } } else { Message = "Error from server side. Kindly refresh the page and try again."; Code = "servererror"; } } catch (NullReferenceException ex) { Message = "Your session has been expired. Kindly login again."; Code = "sessionexpired"; Error = ex.Message; } catch (Exception ex) { Message = "Error from server side. Kindly refresh the page and try again."; Code = "servererror"; Error = ex.Message; } return(Json(new { m = Message, c = Code, e = Error }, JsonRequestBehavior.AllowGet )); }