private void CData()//分类列表绑定
{
DBConn myDB = new DBConn();
string sql = "select * from Category";
CRepeater.DataSource = myDB.getDataReader( sql );
CRepeater.DataBind();
myDB.Close();
}
private void getHotDataList()//热卖二手书
{
DBConn myDB = new DBConn();
string sql = "select top 10 * from Products where PHot=1 order by PID desc";
HDataList.DataSource = myDB.getDataReader( sql );
HDataList.DataBind();
myDB.Close();
}
private void getNewDataList()//最新上架
{
DBConn myDB = new DBConn();
string sql = "select top 6 * from Products order by PID desc";
NDataList.DataSource = myDB.getDataReader( sql );
NDataList.DataBind();
myDB.Close();
}
protected void Page_Load(object sender, System.EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["id"] != null && Request.QueryString["id"].ToString() != String.Empty)
{
if (Session["User"] != null)
{
txtName.Enabled = false;
txtName.Text = (string)Session["User"];
DBConn db1 = new DBConn();
TextBox1.Text = db1.LookUp("select 真实姓名 from tblUser where UserName='******'", "真实姓名") ;
}
else
{
Response.Write("<script>alert('未登陆禁止订购');window.close();</script>");
Response.End();
return;
}
string strID = Request.QueryString["id"].ToString();
strID = CleanString.htmlInputText(strID);
ViewState["ID"] = strID;
PData();
string DBPath = ConfigurationSettings.AppSettings["DataBasePath"];
string connStr = (DBPath);
SqlConnection con = new SqlConnection(connStr);
con.Open();
string sql = "select * from tblMode";
SqlDataAdapter sda1 = new SqlDataAdapter(sql, con);
DataSet ds1 = new DataSet();
sda1.Fill(ds1, "tblMode");
foreach (DataRow row in ds1.Tables[0].Rows)
{
this.dplBm.Items.Add(row["名称"].ToString());
}
}
else
{
Response.Write("<script>");
Response.Write("alert('没有这个二手书!!!');");
Response.Write("</script>");
Response.Redirect("index.aspx");
return;
}
double dblNum = Int32.Parse(DropDownList1.SelectedValue) * double.Parse(lblPNPrice.Text);
lblCount.Text = dblNum.ToString("f2");
}
}
public string strBuy = "";//打印在线购买 或 没有存货
protected void Page_Load(object sender, System.EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["id"] != null)
{
string strID = Request.QueryString["id"].ToString();
strID = CleanString.htmlInputText(strID);
DBConn myDB = new DBConn();
string sql = "select * from products where PID=" + strID;
SqlDataReader dr;
try
{
dr = myDB.getDataReader(sql);
}
catch
{
Response.Write("<script>");
Response.Write("alert('没有这个二手书!!!');");
Response.Write("</script>");
Response.Redirect("index.aspx");
return;
}
if (dr.Read())
{
ViewState["CID"] = dr["CID"].ToString();
}
else
{
Response.Write("<script>");
Response.Write("alert('没有这个二手书!!!');");
Response.Write("</script>");
dr.Close();
myDB.Close();
Response.Redirect("index.aspx");
return;
}
dr.Close();
myDB.Close();
ViewState["ID"] = strID;
}
CData();
HData();//分类对应的热销二手书列表绑定
DHData();
leaveWord();
setSelectClass();//绑定 类别选框
}
PData();
}
protected void Page_Load(object sender, System.EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["did"] != null)
{
string Pid = Request.QueryString["did"].ToString();
string sql = "delete from [tblBasket] where id=" + Pid;
DBConn myDB = new DBConn();
myDB.ExecuteNonQuery(sql);
myDB.Close();
}
if (Session["User"] != null)
{
txtName.Enabled = false;
txtName.Text = (string)Session["User"];
DBConn db1 = new DBConn();
TextBox1.Text = db1.LookUp("select 真实姓名 from tblUser where UserName='******'", "真实姓名");
lblTotalPric.Text = db1.LookUp("select sum(ismoney) as '1' from viwBasket where tblUser='******'", "1");
}
else
{
Response.Write("<script>alert('未登陆禁止订购');window.close();</script>");
Response.End();
return;
}
getData();
string DBPath = ConfigurationSettings.AppSettings["DataBasePath"];
string connStr = (DBPath);
SqlConnection con = new SqlConnection(connStr);
con.Open();
string sql1 = "select * from tblMode";
SqlDataAdapter sda1 = new SqlDataAdapter(sql1, con);
DataSet ds1 = new DataSet();
sda1.Fill(ds1, "tblMode");
foreach (DataRow row in ds1.Tables[0].Rows)
{
this.dplBm.Items.Add(row["名称"].ToString());
}
}
}
private void setSelectClass()//绑定 类别选框
{
DBConn myDB = new DBConn();
string mySql = "select CID,CName from Category order by CID desc";
ddlClass.DataSource = myDB.getDataReader( mySql );
ddlClass.DataTextField = "CName";
ddlClass.DataValueField = "CID";
ddlClass.DataBind();
myDB.Close();
ddlClass.Items.Insert(0,new ListItem("所有分类","-1"));
}
private void getOrderData( string strOID, string strName, string strEmail )//获取订单信息
{
DBConn myDB = new DBConn();
string sql="select * from [Order] where OID='" + strOID + "' and TName='" + strName + "' and Email='" + strEmail + "'";
SqlDataReader dr = myDB.getDataReader( sql );
if( dr.Read() )
{
lblOrderID.Text = dr["OID"].ToString();
if(dr["PID"].ToString()=="0") lblDetailP.Text = "<a href='P_OderInfo.aspx?id=" + dr["OID"].ToString() + "' target='_blank'>查看批量购买的产品详情</a>";
lblTName.Text = dr["TName"].ToString();
lblEmail.Text = dr["Email"].ToString();
lblPhone.Text = dr["Phone"].ToString();
lblPID.Text = dr["PID"].ToString();
lblPName.Text = dr["PName"].ToString();
lblPPrice.Text = double.Parse( dr["PPrice"].ToString() ).ToString("C");
lblPNum.Text = dr["PNum"].ToString();
lblTotalPrice.Text = double.Parse( dr["TotalPrice"].ToString() ).ToString("C");
lblPubdate.Text = dr["Pubdate"].ToString();
lblOState.Text = dr["OState"].ToString();
string strOState = lblOState.Text;
switch( strOState )
{
case "0":
strOState = "未处理";
break;
case "1":
strOState = "完成";
break;
case "2":
strOState = "等待";
break;
default:
strOState = "其他";
break;
}
lblOState.Text = strOState;
tableSelect.Visible = false;
tableInfo.Visible = true;
}
else
{
Response.Write("<script>");
Response.Write("alert('找不到相应的订单资料!!!');");
Response.Write("</script>");
}
dr.Close();
myDB.Close();
}
private void getAnnounce()//获取公告信息
{
string mySql="select * from append where id='3'";
DBConn myDB = new DBConn();
SqlDataReader mydr = myDB.getDataReader( mySql );
if( mydr.Read() )
{
lblAnnounce.Text = CleanString.htmlOutputText( mydr["text"].ToString() );
}
mydr.Close();
myDB.Close();
}
private void PData()//二手书列表绑定
{
if( ViewState["CID"] == null )
{
MySqlPager SqlPager = new MySqlPager();
SqlPager.setAttribute( SqlPager1, "PDataList", "select * from Products order by PID desc", "PID desc", 12);
lblDaohang.Text = "所有二手书";
}
else
{
string strCID = ViewState["CID"].ToString();
DBConn myDB = new DBConn();
string sql="select * from Products where CID=" + strCID + " order by PID desc";
try
{
MySqlPager SqlPager = new MySqlPager();
SqlPager.setAttribute( SqlPager1, "PDataList", sql, "PID desc", 12);
}
catch
{
Response.Write("<script>");
Response.Write("alert('没有记录!!!');");
Response.Write("</script>");
myDB.Close();
Response.Redirect("index.aspx");
return;
}
myDB.Close();
DBConn DB = new DBConn();
string mySql = "select * from Category where CID=" + strCID;
SqlDataReader dr = DB.getDataReader( mySql );
if( dr.Read() )
{
lblDaohang.Text = dr["CName"].ToString();
}
else
{
Response.Write("<script>");
Response.Write("alert('没有这个类别!!!');");
Response.Write("</script>");
dr.Close();
DB.Close();
Response.Redirect("index.aspx");
return;
}
dr.Close();
DB.Close();
}
}
protected void Page_Load(object sender, System.EventArgs e)
{
if (!IsPostBack)
{
if (Request.QueryString["did"] != null)
{
string Pid = Request.QueryString["did"].ToString();
string sql = "delete from [tblLeaveWord] where id=" + Pid;
DBConn myDB = new DBConn();
myDB.ExecuteNonQuery(sql);
myDB.Close();
}
getData();
}
}
private bool isAdmin(string strAdmin, string strPassword)
{
bool bTemp = false;
DBConn myDB = new DBConn();
string mySql = "select * from tblUser where UserName='******' and Psw='" + strPassword + "'";
SqlDataReader mydr = myDB.getDataReader(mySql);
if (mydr.Read())
{
bTemp = true;
}
else
{
bTemp = false;
}
mydr.Close();
myDB.Close();
return bTemp;
}
protected void Button1_Click(object sender, EventArgs e)
{
if (Session["User"] != null)
{
string Pid = Request.QueryString["id"].ToString();
string tblUser = (String)Session["User"];
string sql = "insert into [tblLeaveWord](UserName,Pid,isNote) values ( '" + tblUser + "', '" + Pid + "', '" + TextBox1.Text + "')";
DBConn myDB = new DBConn();
myDB.ExecuteNonQuery(sql);
myDB.Close();
Response.Redirect("productDisplay.aspx?id=" + Request.QueryString["id"].ToString());
}
else
{
Response.Write("<script>alert('未登陆无法评论~');</script>");
}
}
protected void Button1_Click(object sender, EventArgs e)
{
if (Session["User"] != null)
{
string Pid = Request.QueryString["id"].ToString();
//检查库存
string strNum = DropDownList1.SelectedValue;
DBConn myDB = new DBConn();
string mySql = "select PStock from Products where PID=" + Pid;
SqlDataReader mydr = myDB.getDataReader(mySql);
if (mydr.Read())
{
int iPStock = Int32.Parse(mydr["PStock"].ToString());
if (iPStock < int.Parse(strNum))
{
Response.Write("<script>");
Response.Write("alert('库存不足!!!现在库存还有[ " + iPStock.ToString() + " ]');");
Response.Write("</script>");
return;
}
}
else
{
Response.Write("<script>");
Response.Write("alert('没有这个二手书!!!');");
Response.Write("</script>");
mydr.Close();
myDB.Close();
Response.Redirect("index.aspx");
return;
}
mydr.Close();
myDB.Close();
string tblUser = (String)Session["User"];
string sql = "insert into [tblBasket](tblUser,Pid,isN,isMoney) values ( '" + tblUser + "', '" + Pid + "', '" + strNum + "', " + lblCount.Text +")";
DBConn myDB1 = new DBConn();
myDB1.ExecuteNonQuery(sql);
myDB1.Close();
Response.Write("<script>alert('加入购物车成功 ~');</script>");
}
else
{
Response.Write("<script>alert('未登陆无法收藏~');</script>");
}
}
protected void btnOK_Click(object sender, System.EventArgs e)
{
string strID = ViewState["ID"].ToString();
string strName = txtName.Text.Trim();
string strEmail = txtEmail.Text.Trim();
string strPhone = txtPhone.Text.Trim();
string strNum = ddlNum.SelectedValue;
if (strName == String.Empty || strEmail == String.Empty || strPhone == String.Empty)
{
Response.Write("<script>");
Response.Write("alert('请把必填项添上!!!');");
Response.Write("</script>");
return;
}
// if (Session["CheckCode"] == null)
// {
// Response.Redirect("index.aspx");
// return;
// }
if (Session["CheckCode"].ToString() != txtCheck.Text.Trim())
{
Response.Write("<script>");
Response.Write("alert('输入的验证码有误!请重新输入!')");
Response.Write("</script>");
return;
}
//检查库存
DBConn myDB = new DBConn();
string mySql = "select PStock from Products where PID=" + strID;
SqlDataReader mydr = myDB.getDataReader(mySql);
if (mydr.Read())
{
int iPStock = Int32.Parse(mydr["PStock"].ToString());
if (iPStock < int.Parse(strNum))
{
Response.Write("<script>");
Response.Write("alert('库存不足!!!现在库存还有[ " + iPStock.ToString() + " ]');");
Response.Write("</script>");
return;
}
}
else
{
Response.Write("<script>");
Response.Write("alert('没有这个二手书!!!');");
Response.Write("</script>");
mydr.Close();
myDB.Close();
Response.Redirect("index.aspx");
return;
}
mydr.Close();
myDB.Close();
Order myOrder = new Order();
myOrder.PID = strID;
myOrder.PName = lblPName.Text;
myOrder.PNum = strNum.ToString();
myOrder.PPrice = lblPNPrice.Text;
myOrder.TotalPrice = lblTotalPric.Text;
myOrder.TName = CleanString.htmlInputText(strName);
myOrder.Email = strEmail;
myOrder.Phone = CleanString.htmlInputText(strPhone);
if (ViewState["PCPrice"] != null)
{
myOrder.PCPrice = ViewState["PCPrice"].ToString();
}
Session["myOrder"] = myOrder;
if (Session["SubmitCheck"] != null)
{
DateTime myDTime = (DateTime)Session["SubmitCheck"];
if (myDTime.AddMilliseconds(30000) > DateTime.Now)
{
Response.Write("<script>");
TimeSpan myTime = DateTime.Now - (DateTime)Session["SubmitCheck"];
Response.Write("alert('不能频繁提交,请在" + (30 - myTime.Seconds) + "秒后继续!!!');");
Response.Write("</script>");
return;
}
}
Session["SubmitCheck"] = DateTime.Now;
Response.Redirect("orderinfo.aspx?key=" + Server.UrlEncode("makeOrder.aspx?id=" + ViewState["ID"].ToString()));
}
protected void btnOK_Click(object sender, System.EventArgs e)
{
string strUName = txtUserName.Text.Trim();
string strUPhone = txtUserPhone.Text.Trim();
string strUEmail = txtEmail.Text.Trim();
string strMTitle = txtTitle.Text.Trim();
string strMContent = txtContent.Text.Trim();
if( strUEmail == String.Empty || strMTitle == String.Empty || strMContent == String.Empty )
{
Response.Write("<script>");
Response.Write("alert('请把必填项添上!!!');");
Response.Write("</script>");
return;
}
if( strMContent.Length > 300 )
{
Response.Write("<script>");
Response.Write("alert('内容太长了..(300字以内)!!!');");
Response.Write("</script>");
return;
}
//防止恶意刷信息
if( Session["messageCheck"] != null )
{
DateTime myDTime = (DateTime)Session["messageCheck"];
if( myDTime.AddMilliseconds(30000) > DateTime.Now )
{
Response.Write("<script>");
TimeSpan myTime = DateTime.Now - (DateTime)Session["messageCheck"];
Response.Write("alert('不能频繁提交,请在" + (30-myTime.Seconds) + "秒后继续!!!');");
Response.Write("</script>");
return;
}
}
//过滤输入字符串
strUName = CleanString.htmlInputText( strUName );
strUPhone = CleanString.htmlInputText( strUPhone );
strUEmail = CleanString.htmlInputText( strUEmail );
strMTitle = CleanString.htmlInputText( strMTitle );
strMContent = CleanString.htmlInputText( strMContent );
string mySql = "insert into [message](UName,UPhone,UEmail,MTitle,MContent,Pubdate) values('" +
strUName + "','" + strUPhone + "','" + strUEmail + "','" + strMTitle
+ "','" + strMContent + "','" + DateTime.Now + "')";
DBConn myDB = new DBConn();
myDB.ExecuteNonQuery( mySql );
myDB.Close();
Session["messageCheck"] = DateTime.Now; //防止恶意刷信息 记录提交时间
Response.Write("<script>");
Response.Write ("alert('成功提交!')");
Response.Write ("</script>");
txtUserName.Text = "";
txtUserPhone.Text = "";
txtEmail.Text = "";
txtTitle.Text = "";
txtContent.Text = "";
}
private void getTJDataList()//精品推荐
{
DBConn myDB = new DBConn();
string sql = "select top 10 * from Products where PCommend=1 order by PID desc";
JRepeater.DataSource = myDB.getDataReader( sql );
JRepeater.DataBind();
myDB.Close();
}
private void PData()//显示相应二手书信息
{
string strID = ViewState["ID"].ToString();
DBConn myDB = new DBConn();
string sql = "select * from Products where PID=" + strID;
SqlDataReader dr = myDB.getDataReader(sql);
if (dr.Read())
{
strPID = dr["PID"].ToString();
lblPName.Text = dr["PName"].ToString();
strPName = lblPName.Text;
lblPFPrice.Text = double.Parse(dr["PFPrice"].ToString()).ToString("f2");
lblPNPrice.Text = double.Parse(dr["PNPrice"].ToString()).ToString("f2");
strPBewrite = dr["PBewrite"].ToString();
strPUseMode = dr["PUseMode"].ToString();
strPValidity = dr["PValidity"].ToString();
string strPStock = dr["PStock"].ToString();
if (Int32.Parse(strPStock) > 0)
{
strBuy = "<img src='images/car.gif'> [ <A target=_blank href='makeOrder.aspx?id=" + strPID + "'>在线购买</A> ]";
}
else
{
strBuy = "[ 没有存货 ]";
}
}
dr.Close();
myDB.Close();
}
private void DHData()//导航条设置
{
string strCID = ViewState["CID"].ToString();
if (ViewState["CID"] == null || ViewState["CID"].ToString() == String.Empty)
{
lblDaohang.Text = "所有二手书";
}
else
{
DBConn myDB = new DBConn();
string sql = "select * from Category where CID=" + strCID;
SqlDataReader dr = myDB.getDataReader(sql);
if (dr.Read())
{
lblDaohang.Text = dr["CName"].ToString();
}
dr.Close();
myDB.Close();
}
}
protected void btnOK_Click(object sender, System.EventArgs e)
{
string strUName = txtUserName.Text.Trim();
string strUPhone = txtUserPhone.Text.Trim();
string strUEmail = txtEmail.Text.Trim();
string strMTitle = txtTitle.Text.Trim();
string strMContent = txtContent.Text.Trim();
if (strUEmail == String.Empty || strMTitle == String.Empty || strMContent == String.Empty)
{
Response.Write("<script>");
Response.Write("alert('请把必填项添上!!!');");
Response.Write("</script>");
return;
}
if (strMContent.Length > 300)
{
Response.Write("<script>");
Response.Write("alert('内容太长了..(300字以内)!!!');");
Response.Write("</script>");
return;
}
//防止恶意刷信息
if (Session["messageCheck"] != null)
{
DateTime myDTime = (DateTime)Session["messageCheck"];
if (myDTime.AddMilliseconds(30000) > DateTime.Now)
{
Response.Write("<script>");
TimeSpan myTime = DateTime.Now - (DateTime)Session["messageCheck"];
Response.Write("alert('不能频繁提交,请在" + (30 - myTime.Seconds) + "秒后继续!!!');");
Response.Write("</script>");
return;
}
}
//过滤输入字符串
strUName = CleanString.htmlInputText(strUName);
strUPhone = CleanString.htmlInputText(strUPhone);
strUEmail = CleanString.htmlInputText(strUEmail);
strMTitle = CleanString.htmlInputText(strMTitle);
strMContent = CleanString.htmlInputText(strMContent);
string mySql = "insert into [message](UName,UPhone,UEmail,MTitle,MContent,Pubdate) values('" +
strUName + "','" + strUPhone + "','" + strUEmail + "','" + strMTitle
+ "','" + strMContent + "','" + DateTime.Now + "')";
DBConn myDB = new DBConn();
myDB.ExecuteNonQuery(mySql);
myDB.Close();
Session["messageCheck"] = DateTime.Now; //防止恶意刷信息 记录提交时间
Response.Write("<script>");
Response.Write("alert('成功提交!')");
Response.Write("</script>");
txtUserName.Text = "";
txtUserPhone.Text = "";
txtEmail.Text = "";
txtTitle.Text = "";
txtContent.Text = "";
}
protected void Page_Load(object sender, System.EventArgs e)
{
if (!IsPostBack)
{
if (Session["myOrder"] == null)
{
Response.Redirect("index.aspx");
return;
}
//返回操作
if (Request.QueryString["key"] == null || Request.QueryString["key"].ToString() == String.Empty)
{
Response.Redirect("index.aspx");
return;
}
string strBack = Request.QueryString["key"].ToString();
strBack = Server.UrlDecode(strBack);
lblBack.Text = "<a href='index.aspx'>返回</a>";
Order myOrder = (Order)Session["myOrder"];
string strOID = myOrder.OID;
string strPID = myOrder.PID;
string strPName = myOrder.PName;
string strPNum = myOrder.PNum;
string strPPrice = myOrder.PPrice;
string strTotalPrice = myOrder.TotalPrice;
string strTName = myOrder.TName;
string strEmail = myOrder.Email;
string strPhone = myOrder.Phone;
string strPCPrice = myOrder.PCPrice;//成本
strOID = getNewOrderID(); //订单号
string sql = "";
DBConn myDB = new DBConn();
if (strPID == "0")
{
//没有ID 为批量购物的订单
//清空购物车,添加批量记录
strPName = "批量购买产品,请查看详情";
strPNum = "0";
strPPrice = "0";
sql = "select * from [viwBasket] where tblUser='******'order by ID desc";
DataSet ds1 = myDB.getDataSet(sql);
foreach (DataRow row in ds1.Tables[0].Rows)
{
string sql1 = "";
string tblUser, Pid, isN, isMoney, OrderNo;
tblUser = row["tblUser"].ToString();
isN = row["isN"].ToString();
isMoney = row["isMoney"].ToString();
OrderNo = strOID;
Pid = row["Pid"].ToString();
sql1 = "Insert into tblP_Order(tblUser,Pid,isN,isMoney,OrderNo) values ( '" +
tblUser + "', '" + Pid + "', '" + isN + "', " + isMoney + ", '" + OrderNo + "')";
myDB.ExecuteNonQuery(sql1);
}
sql = "delete from [tblBasket] where tblUser='******'";
myDB.ExecuteNonQuery(sql);//删除购物车
sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" +
strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" +
DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "',0)";
}
else
{
sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" +
strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" +
DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "'," + strPCPrice + ")";
}
myDB.ExecuteNonQuery(sql);
myOrder.OID = strOID;
Session["myOrder"] = myOrder;
if (strPID == "0") lblDetailP.Text = "<a href='P_OderInfo.aspx?id=" + strOID + "' target='_blank'>查看批量购买的产品详情</a>";
lblOrderID.Text = strOID;
lblPName.Text = strPName;
lblPNum.Text = strPNum;
lblPPrice.Text = strPPrice;
lblTotalPrice.Text = strTotalPrice;
lblTName.Text = strTName;
lblEmail.Text = strEmail;
lblPhone.Text = strPhone;
Label1.Text = myDB.LookUp("select * from tbluser where UserName='******'", "真实姓名");
myDB.Close();
}
}
private void leaveWord()//评论
{
DBConn myDB = new DBConn();
string sql = "select * from tblLeaveWord where PID=" + Request.QueryString["id"];
strLeaveWord = "";
DataSet ds1 = myDB.getDataSet(sql);
foreach (DataRow row in ds1.Tables[0].Rows)
{
strLeaveWord += "<br>用户id:" + row["UserName"].ToString() + "-----------";
strLeaveWord += row["isDate"].ToString() + "<br>" ;
strLeaveWord += row["isNote"].ToString() + "<br>" + "<br>";
}
myDB.Close();
}
protected void Page_Load(object sender, System.EventArgs e)
{
if (!IsPostBack)
{
if (Session["myOrder"] == null)
{
Response.Redirect("index.aspx");
return;
}
//返回操作
if (Request.QueryString["key"] == null || Request.QueryString["key"].ToString() == String.Empty)
{
Response.Redirect("index.aspx");
return;
}
string strBack = Request.QueryString["key"].ToString();
strBack = Server.UrlDecode(strBack);
lblBack.Text = "<a href='index.aspx'>返回</a>";
Order myOrder = (Order)Session["myOrder"];
string strOID = myOrder.OID;
string strPID = myOrder.PID;
string strPName = myOrder.PName;
string strPNum = myOrder.PNum;
string strPPrice = myOrder.PPrice;
string strTotalPrice = myOrder.TotalPrice;
string strTName = myOrder.TName;
string strEmail = myOrder.Email;
string strPhone = myOrder.Phone;
string strPCPrice = myOrder.PCPrice;//成本
strOID = getNewOrderID(); //订单号
string sql = "";
DBConn myDB = new DBConn();
if (strPID == "0")
{
//没有ID 为批量购物的订单
//清空购物车,添加批量记录
strPName = "批量购买产品,请查看详情";
strPNum = "0";
strPPrice = "0";
sql = "select * from [viwBasket] where tblUser='******'order by ID desc";
DataSet ds1 = myDB.getDataSet(sql);
foreach (DataRow row in ds1.Tables[0].Rows)
{
string sql1 = "";
string tblUser, Pid, isN, isMoney, OrderNo;
tblUser = row["tblUser"].ToString();
isN = row["isN"].ToString();
isMoney = row["isMoney"].ToString();
OrderNo = strOID;
Pid = row["Pid"].ToString();
sql1 = "Insert into tblP_Order(tblUser,Pid,isN,isMoney,OrderNo) values ( '" +
tblUser + "', '" + Pid + "', '" + isN + "', " + isMoney + ", '" + OrderNo + "')";
myDB.ExecuteNonQuery(sql1);
myDB.ExecuteNonQuery("Update Products Set PStock = PStock - " + isN + ",PSellNum = PSellNum + " + isN + " WHERE PID = " + Pid);
}
sql = "delete from [tblBasket] where tblUser='******'";
myDB.ExecuteNonQuery(sql);//删除购物车
sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" +
strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" +
DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "',0)";
}
else
{
sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" +
strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" +
DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "'," + strPCPrice + ")";
myDB.ExecuteNonQuery("Update Products Set PStock = PStock - " + strPNum + ",PSellNum = PSellNum + " + strPNum + " WHERE PID = " + strPID);
}
myDB.ExecuteNonQuery(sql);
myOrder.OID = strOID;
Session["myOrder"] = myOrder;
if (strPID == "0")
{
lblDetailP.Text = "<a href='P_OderInfo.aspx?id=" + strOID + "' target='_blank'>查看批量购买的产品详情</a>";
}
lblOrderID.Text = strOID;
lblPName.Text = strPName;
lblPNum.Text = strPNum;
lblPPrice.Text = strPPrice;
lblTotalPrice.Text = strTotalPrice;
lblTName.Text = strTName;
lblEmail.Text = strEmail;
lblPhone.Text = strPhone;
Label1.Text = myDB.LookUp("select * from tbluser where UserName='******'", "真实姓名");
myDB.Close();
}
}
protected void btnOK_Click(object sender, System.EventArgs e)
{
string strID = ViewState["ID"].ToString();
string strName = txtName.Text.Trim();
string strEmail = txtEmail.Text.Trim();
string strPhone = txtPhone.Text.Trim();
string strNum = ddlNum.SelectedValue;
if (strName == String.Empty || strEmail == String.Empty || strPhone == String.Empty)
{
Response.Write("<script>");
Response.Write("alert('请把必填项添上!!!');");
Response.Write("</script>");
return;
}
// if (Session["CheckCode"] == null)
// {
// Response.Redirect("index.aspx");
// return;
// }
if (Session["CheckCode"].ToString() != txtCheck.Text.Trim())
{
Response.Write("<script>");
Response.Write("alert('输入的验证码有误!请重新输入!')");
Response.Write("</script>");
return;
}
//检查库存
DBConn myDB = new DBConn();
string mySql = "select PStock from Products where PID=" + strID;
SqlDataReader mydr = myDB.getDataReader(mySql);
if (mydr.Read())
{
int iPStock = Int32.Parse(mydr["PStock"].ToString());
if (iPStock < int.Parse(strNum))
{
Response.Write("<script>");
Response.Write("alert('库存不足!!!现在库存还有[ " + iPStock.ToString() + " ]');");
Response.Write("</script>");
return;
}
}
else
{
Response.Write("<script>");
Response.Write("alert('没有这个二手书!!!');");
Response.Write("</script>");
mydr.Close();
myDB.Close();
Response.Redirect("index.aspx");
return;
}
mydr.Close();
myDB.Close();
Order myOrder = new Order();
myOrder.PID = strID;
myOrder.PName = lblPName.Text;
myOrder.PNum = strNum.ToString();
myOrder.PPrice = lblPNPrice.Text;
myOrder.TotalPrice = lblTotalPric.Text;
myOrder.TName = CleanString.htmlInputText(strName);
myOrder.Email = strEmail;
myOrder.Phone = CleanString.htmlInputText(strPhone);
if (ViewState["PCPrice"] != null)
{
myOrder.PCPrice = ViewState["PCPrice"].ToString();
}
Session["myOrder"] = myOrder;
if (Session["SubmitCheck"] != null)
{
DateTime myDTime = (DateTime)Session["SubmitCheck"];
if (myDTime.AddMilliseconds(30000) > DateTime.Now)
{
Response.Write("<script>");
TimeSpan myTime = DateTime.Now - (DateTime)Session["SubmitCheck"];
Response.Write("alert('不能频繁提交,请在" + (30 - myTime.Seconds) + "秒后继续!!!');");
Response.Write("</script>");
return;
}
}
Session["SubmitCheck"] = DateTime.Now;
Response.Redirect("orderinfo.aspx?key=" + Server.UrlEncode("makeOrder.aspx?id=" + ViewState["ID"].ToString()));
}
private void PData()//显示相应二手书信息
{
string strID = ViewState["ID"].ToString();
DBConn myDB = new DBConn();
string sql = "select * from Products where PID=" + strID;
SqlDataReader dr;
try
{
dr = myDB.getDataReader(sql);
}
catch
{
Response.Write("<script>");
Response.Write("alert('没有这个二手书!!!');");
Response.Write("</script>");
Response.Redirect("index.aspx");
return;
}
if (dr.Read())
{
string strPID = "";
strPID = dr["PID"].ToString();
myImg.Src = "showPP.aspx?id=" + strPID;
lblPName.Text = dr["PName"].ToString();
lblPFPrice.Text = double.Parse(dr["PFPrice"].ToString()).ToString("f2");
lblPNPrice.Text = double.Parse(dr["PNPrice"].ToString()).ToString("f2");
lblTotalPric.Text = lblPNPrice.Text;
ViewState["PCPrice"] = dr["PCPrice"].ToString();
string strPStock = dr["PStock"].ToString();
if (Int32.Parse(strPStock) > 0)
{
lblIsStock.Text = "[仓库有货]";
}
else
{
lblIsStock.Text = "[没有存货]";
btnOK.Enabled = false;
}
}
else
{
Response.Write("<script>");
Response.Write("alert('没有这个二手书!!!');");
Response.Write("</script>");
dr.Close();
myDB.Close();
Response.Redirect("index.aspx");
return;
}
dr.Close();
myDB.Close();
}
protected void Button1_Click(object sender, EventArgs e)
{
if (Session["User"] != null)
{
string Pid = Request.QueryString["id"].ToString();
string tblUser = (String)Session["User"];
DBConn myDB = new DBConn();
if (myDB.LookUp("select id from tblFav where tblUser='******' and Pid=" + Pid, "id") != "")
{ Response.Write("<script>alert('您已经收藏该产品了 ~');</script>");
myDB.Close();
return;
}
string sql = "insert into [tblFav](tblUser,Pid) values ( '" + tblUser + "', '" + Pid + "')";
myDB.ExecuteNonQuery(sql);
myDB.Close();
Response.Write("<script>alert('收藏成功 ~');</script>");
}
else
{
Response.Write("<script>alert('未登陆无法收藏~');</script>");
}
}
private void HData()//分类对应的热销二手书列表绑定
{
if( ViewState["CID"] == null )
{
DBConn myDB = new DBConn();
string sql = "SELECT TOP 5 * FROM Products WHERE PSellNum>0 ORDER BY PSellNum DESC,PID";
HotRepeater.DataSource = myDB.getDataReader( sql );
HotRepeater.DataBind();
myDB.Close();
}
else
{
string strCID = ViewState["CID"].ToString();
DBConn myDB = new DBConn();
string sql = "SELECT top 5 * From Products Where PSellNum>0 and CID=" + strCID + " order by PSellNum desc,PID";
HotRepeater.DataSource = myDB.getDataReader( sql );
HotRepeater.DataBind();
myDB.Close();
}
}
private string getNewOrderID()//获取新的流水帐号
{
string strOrderID = "";
DateTime myTime = System.DateTime.Now;
strOrderID = myTime.Year.ToString();
strOrderID += myTime.Month.ToString("00");
strOrderID += myTime.Day.ToString("00");
strOrderID += myTime.Hour.ToString("00");
strOrderID += myTime.Minute.ToString("00");
strOrderID += myTime.Second.ToString("00");
strOrderID += myTime.Millisecond.ToString("000");//毫秒
DBConn myDB = new DBConn();
string sql = "select OID from [Order] order by OID desc";
SqlDataReader dr = myDB.getDataReader(sql);
if (dr.Read())
{
string strTemp = dr["OID"].ToString();
int iTemp = Int32.Parse(strTemp.Substring(strTemp.Length - 2, 2)) + 1;
strOrderID += (iTemp % 100).ToString("00");
}
else
{
strOrderID += "00";
}
dr.Close();
myDB.Close();
return strOrderID;
}
