Exemple #1
0
    protected void Submit_Click(object sender, EventArgs e)
    {
        int price = int.Parse(ak["Price"].ToString());

        switch (CM)
        {
        case 1:    //balance
            int AmountLeft = GetBalance() - price;
            if (AmountLeft < 0)
            {
                string seller = ak["SUser"].ToString();
                string buyer  = ak["BUser"].ToString();
                SqlAC.udi("UPDATE Users SET Balance=Balance+" + price + " WHERE Username='******'");
                SqlAC.udi("UPDATE Users SET Balance=" + AmountLeft + " WHERE Username='******'");
                SqlAC.udi("DELETE FROM CompletedAuctions WHERE ID='" + ID + "'");
                Output.Text    = "Transaction completed";
                Submit.Enabled = false;
            }
            else
            {
                Output.Text = "not enough funds";
            }

            break;

        case 2:    //CreditCard
            Check.Enabled = false;
            Service.WebService s = new Service.WebService();
            int result           = s.Purchase(CCNum.Text, CVV.Text, ExpDate.Text, Person_ID.Text, price.ToString());
            if (result == 1)
            {
                Output.Text    = " Transaction completed";
                Submit.Enabled = false;
                SqlAC.udi("DELETE FROM CompletedAuctions WHERE ID='" + ID + "'");
            }
            else if (result == 0)
            {
                Output.Text = "Check your input";
            }
            else
            {
                Output.Text = "You can't use that credit card";
            }

            break;
        }
    }
Exemple #2
0
    protected void btn_payment_Click(object sender, EventArgs e)
    {
        Service.WebService s       = new Service.WebService();
        string             request = s.Purchase(txt_ccnumber.Text, txt_cvv.Text, txt_exdate.Text, l2.Text.Split('$')[1], txt_id.Text);

        if (request.Length == 0)
        {
            DataSet ds = sql_db.chkData("SELECT * FROM Cart WHERE Username='******'");
            sql_db.udi("DELETE FROM Cart WHERE Username='******'");
            for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
            {
                sql_db.udi("INSERT INTO Orders (Car,Quantity,TotalPrice,Username) VALUES('" + ds.Tables[0].Rows[i]["Car"].ToString() + "','" + ds.Tables[0].Rows[i]["Quantity"].ToString() + "','" + ds.Tables[0].Rows[i]["TotalPrice"].ToString() + "','" + ds.Tables[0].Rows[i]["Username"].ToString() + "')");
            }
            //SendEmail("smtp.gmail.com", "Receipt", "Your Order Has Successfully Executed.", "*****@*****.**");
            Response.Redirect("Cart.aspx?sent=true");
        }
        else
        {
            lbl_output.Text = request;
        }
    }