protected void submitButton_Click(object sender, EventArgs e)
{
int userType = DropDownList1.SelectedIndex;
if (userType != 0) // if user type is selected
{
String first = Text1.Value,
last = Text2.Value,
email = Text3.Value,
username = Text4.Value,
password = Text5.Value;
SqlConnection con = new SqlConnection(Global.getConnectionString());
SqlCommand cmd = new SqlCommand("INSERT INTO pms_user ( username, password, first_name, last_name, email_address, type_id ) VALUES "
+ "(@username, @password, @first, @last, @email, @type);", con);
cmd.Parameters.Add("@username", SqlDbType.VarChar).Value = username;
cmd.Parameters.Add("@password", SqlDbType.VarChar).Value = password;
cmd.Parameters.Add("@first", SqlDbType.VarChar).Value = first;
cmd.Parameters.Add("@last", SqlDbType.VarChar).Value = last;
cmd.Parameters.Add("@email", SqlDbType.VarChar).Value = email;
cmd.Parameters.Add("@type", SqlDbType.Int).Value = userType;
if (Global.isDebug)
{
Response.Write("first: " + first + "last: " + last + "email: " + email + "username: "******"password: "******"<br/>");
}
try {
con.Open();
if (Global.isDebug)
{
Response.Write(cmd.CommandText);
}
cmd.ExecuteNonQuery();
Global.logEventUser(Convert.ToInt32(Session["UserID"]), "Created user " + "\"" + username + "\" as a(n) " + DropDownList1.SelectedValue + "!", 0);
outputLabel.Visible = true;
}
catch (Exception ex)
{
throw (ex);
}
finally
{
cmd.Dispose();
con.Dispose();
con.Close();
}
}
}
protected void submitButton_Click(object sender, EventArgs e)
{
string first = firstName.Value.ToString();
string last = lastName.Value.ToString();
string em = email.Value.ToString();
string whours = hours.Value.ToString();
string explevel = exp.SelectedValue.ToString();
string ind = industry.SelectedValue.ToString();
string rol = role.SelectedValue.ToString();
string stat = status.SelectedValue.ToString();
SqlConnection con = new SqlConnection(Global.getConnectionString());
SqlCommand cmd = new SqlCommand("INSERT INTO pms_resource (first_name, last_name, email_address, industry_id, role_id, status_id, work_hours, experience_level) VALUES (@first, @last, @email, @ind, @role, @status, @hours, @exp);", con);
cmd.Parameters.Add("@first", SqlDbType.VarChar).Value = first;
cmd.Parameters.Add("@last", SqlDbType.VarChar).Value = last;
cmd.Parameters.Add("@email", SqlDbType.VarChar).Value = em;
cmd.Parameters.Add("@ind", SqlDbType.Int).Value = ind;
cmd.Parameters.Add("@role", SqlDbType.Int).Value = rol;
cmd.Parameters.Add("@status", SqlDbType.Int).Value = stat;
cmd.Parameters.Add("@hours", SqlDbType.Int).Value = whours;
cmd.Parameters.Add("@exp", SqlDbType.Int).Value = explevel;
try
{
con.Open();
cmd.ExecuteNonQuery();
Global.logEventUser(Convert.ToInt32(Session["UserID"]), "Added Resource " + "\"" + first + " " + last + "\"!", 0);
}
catch (Exception ex)
{
throw (ex);
}
finally
{
cmd.Dispose();
con.Dispose();
con.Close();
}
outputLabel.Visible = true;
}
protected void GridView1_RowUpdating1(object sender, GridViewUpdateEventArgs e)
{
int id = Convert.ToInt32(e.Keys[0]);
GridViewRow row = GridView1.Rows[e.RowIndex];
string uUsername = ((TextBox)(row.Cells[0].Controls[0])).Text;
string uPass = ((TextBox)(row.Cells[1].Controls[0])).Text;
string uFirstName = ((TextBox)(row.Cells[2].Controls[0])).Text;
string uLastName = ((TextBox)(row.Cells[3].Controls[0])).Text;
string uEmail = ((TextBox)(row.Cells[4].Controls[0])).Text;
string uType = ((TextBox)(row.Cells[5].Controls[0])).Text;
if (uPass == "" || uUsername == "" || uFirstName == "" || uLastName == "" || uEmail == "" || uType == "")
{
LoadGrid("[Last_Name]", "ASC");
GridView1.EditIndex = -1;
BindData();
}
else
{
SqlConnection con = new SqlConnection(Global.getConnectionString());
SqlCommand cmd = new SqlCommand("UPDATE pms_user SET username=@username,password=@password, first_name=@firstname, last_name=@lastname, email_address=@email, type_id=@type WHERE id=@id;", con);
cmd.Parameters.Add("@username", SqlDbType.VarChar).Value = uUsername;
cmd.Parameters.Add("@password", SqlDbType.VarChar).Value = uPass;
cmd.Parameters.Add("@firstname", SqlDbType.VarChar).Value = uFirstName;
cmd.Parameters.Add("@lastname", SqlDbType.VarChar).Value = uLastName;
cmd.Parameters.Add("@email", SqlDbType.VarChar).Value = uEmail;
int tID = -1;
if (uType.Equals("administrator"))
{
tID = Global.AdminUserType;
cmd.Parameters.Add("@type", SqlDbType.VarChar).Value = tID;
}
else if (uType.Equals("manager"))
{
tID = Global.ManagerUserType;
cmd.Parameters.Add("@type", SqlDbType.VarChar).Value = tID;
}
else
{
LoadGrid("[Last_Name]", "ASC");
GridView1.EditIndex = -1;
BindData();
}
if (tID != -1)
{
cmd.Parameters.Add("@id", SqlDbType.VarChar).Value = id;
try
{
con.Open();
cmd.ExecuteNonQuery();
Global.logEventUser(Convert.ToInt32(Session["UserID"]), "Updated customer with ID=" + "\"" + id + "\"!", 0);
}
catch (Exception ex)
{
throw (ex);
}
finally
{
cmd.Dispose();
con.Dispose();
con.Close();
LoadGrid("[Last_Name]", "ASC");
GridView1.EditIndex = -1;
BindData();
}
}
}
}