public static void addRecord(Customer cust, Receipt receipt, LaneTicket laneTick)
{
string cs = ConfigurationManager.ConnectionStrings["BowlingConnectionString"].ConnectionString;
using (SqlConnection con = new SqlConnection(cs))
{
// @Id -> SQL Params -> Prevent Injection
SqlCommand cmd = new SqlCommand("insert into Bowling values (@cname, @cphone, " +
"@cstreet, @cunit, @ccity, @cprov, @cpcode, @cemail, @hourlyRate, @laneTimeSlot, " +
"@laneHours, @lanePeopleNo, @laneNo, @recDate, @recTotal)", con);
con.Open();
cmd.Parameters.AddWithValue("cname", cust.Name);
cmd.Parameters.AddWithValue("cphone", cust.Phone);
cmd.Parameters.AddWithValue("cstreet", cust.Street);
cmd.Parameters.AddWithValue("cunit", cust.Unit);
cmd.Parameters.AddWithValue("ccity", cust.City);
cmd.Parameters.AddWithValue("cprov", cust.Province);
cmd.Parameters.AddWithValue("cpcode", cust.Pcode);
cmd.Parameters.AddWithValue("cemail", cust.Email);
cmd.Parameters.AddWithValue("hourlyRate", laneTick.HourlyRate);
cmd.Parameters.AddWithValue("laneTimeSlot", receipt.TimeBooked);
cmd.Parameters.AddWithValue("laneHours", receipt.HoursBooked);
cmd.Parameters.AddWithValue("lanePeopleNo", laneTick.Occupants);
cmd.Parameters.AddWithValue("laneNo", laneTick.LaneID);
cmd.Parameters.AddWithValue("recDate", receipt.ReceiptDate);
cmd.Parameters.AddWithValue("recTotal", receipt.Total);
cmd.ExecuteNonQuery();
}
}
protected void Page_Load(object sender, EventArgs e)
{
LaneTicket LaneTicket = (LaneTicket)Session["LaneTick"];
Receipt PendingBooking = (Receipt)Session["PendingBooking"];
double Net = (LaneTicket.HourlyRate * LaneTicket.HoursBooked);
double Tax = (LaneTicket.HourlyRate * LaneTicket.HoursBooked * 0.13);
double Total = (LaneTicket.HourlyRate * LaneTicket.HoursBooked * 1.13);
LblPrice.Text = Net.ToString();
LblTax.Text = Tax.ToString();
LblTotal.Text = Total.ToString();
PendingBooking.NetPrice = Net;
PendingBooking.Tax = Tax;
PendingBooking.Total = Total;
}
protected void Pay_Click(object sender, EventArgs e)
{
Customer Cust = (Customer)Session["Customer"];
Receipt PendingBooking = (Receipt)Session["PendingBooking"];
LaneTicket LaneTick = (LaneTicket)Session["LaneTick"];
String ExpDate = DropDownListExpMon.SelectedValue + "/" + DropDownListExpYear.SelectedValue;
PaymentMake obj = new PaymentMake
{
cardName = txtCardName.Text,
cardNumber = txtCardNum.Text,
date = ExpDate,
secCode = txtSecCode.Text
};
LaneStatusAccessLayer.addPaymentRecord(obj);
LaneStatusAccessLayer.addRecord(Cust, PendingBooking, LaneTick);
Response.Redirect("~/ConfirmForm.aspx");
}