protected void Page_Load(object sender, EventArgs e) { courseID = Request.QueryString["detail"]; if (courseID == null) { Response.Redirect("~/index.aspx"); } MySqlParameter [] p = new MySqlParameter[1]; p[0] = new MySqlParameter("?id", MySqlDbType.Int32); p[0].Value = int.Parse(courseID); var ds = MySqlDBUtil.ExecuteQuery("select name, description,line1,line2,zipcode,city,state, image_id, provider_id from service where idservice=?id", p); name.Text = ds.Tables[0].Rows[0]["name"].ToString(); address.Text = ds.Tables[0].Rows[0]["line1"].ToString() + ds.Tables[0].Rows[0]["line2"].ToString() + ds.Tables[0].Rows[0]["zipcode"].ToString() + ds.Tables[0].Rows[0]["city"].ToString() + ds.Tables[0].Rows[0]["state"].ToString(); description.Text = ds.Tables[0].Rows[0]["description"].ToString(); Image1.ImageUrl = "~/imgHandler.ashx?imID=" + ds.Tables[0].Rows[0]["image_id"]; string pid = ds.Tables[0].Rows[0]["provider_id"].ToString(); string provider_sql = "select img_id, description from user where iduser= ?id"; // p[0].Value = int.Parse(pid); //var ds2 = MySqlDBUtil.ExecuteQuery(provider_sql,p); //Image_p.ImageUrl = "~/imgHandler.ashx?imID="+ds2.Tables[0].Rows[0]["img_id"].ToString(); // p_description.Text = ds2.Tables[0].Rows[0]["description"].ToString(); }
protected void Button3_Click(object sender, EventArgs e) { int imgLen = FileUpload1.PostedFile.ContentLength; if (imgLen > 500 * 1024) { MessageBox.Show(this, "File should be no larger than 500KB"); return; } Stream imgStream = FileUpload1.PostedFile.InputStream; byte[] imgBinaryData = new byte[imgLen]; int n = imgStream.Read(imgBinaryData, 0, imgLen); MySqlParameter[] p = new MySqlParameter[2]; p[0] = new MySqlParameter("?data", MySqlDbType.Blob, n); p[0].Value = imgBinaryData; p[1] = new MySqlParameter("?title", MySqlDbType.VarChar, 4); p[1].Value = "test"; string sql = "insert into images (image, title) values (?data, ?title)"; int imgid = MySqlDBUtil.ExecuteInsert(sql, p); string update = "update user set img_id =?imgid where iduser=?id"; p[0] = new MySqlParameter("?imgid", MySqlDbType.Int32); p[0].Value = imgid; p[1] = new MySqlParameter("?id", MySqlDbType.Int32); p[1].Value = int.Parse(Master.id); MySqlDBUtil.ExecuteNonQuery(update, p); }
public void ProcessRequest(HttpContext context) { string imageid = context.Request.QueryString["imID"]; string sql = "select image from images where idimages= ?imgID"; MySqlParameter[] p = new MySqlParameter[1]; p[0] = new MySqlParameter("?imgID", MySqlDbType.Int32); p[0].Value = int.Parse(imageid); Byte[] dr = MySqlDBUtil.ReadBinary(sql, p); context.Response.BinaryWrite(dr); context.Response.End(); }
protected void ChangePassword_Click(object sender, EventArgs e) { int id = 5; string new_pass = pwd0.Text; string sql = "update user set password =?pwd where iduser = ?id;"; MySqlParameter [] p = new MySqlParameter[2]; p[0] = new MySqlParameter("?pwd", MySqlDbType.VarChar, 32); p[0].Value = MD5.getMd5Hash(new_pass); p[1] = new MySqlParameter("?id", MySqlDbType.Int32); p[0].Value = id; MySqlDBUtil.ExecuteNonQuery(sql, p); }
protected void Page_Load(object sender, EventArgs e) { DataSet ds = MySqlDBUtil.ExecuteQuery("select name from category"); cat.Items.Clear(); for (int i = 0; i < ds.Tables[0].Rows.Count; i++) { cat.Items.Add(ds.Tables[0].Rows[i][0].ToString()); } ds = MySqlDBUtil.ExecuteQuery("select idservice, name, description from service "); ListView1.DataSource = ds.Tables[0]; ListView1.DataBind(); }
protected void Button1_Click(object sender, System.EventArgs e) { string name = userName1.Text.Trim(), pwd = MD5.getMd5Hash(pwd0.Text.Trim()), email = mail.Text.Trim(); string sql = "insert into user (user_name,password,email, create_time, update_time) values (?name,?pwd,?email,now(),now())"; MySqlParameter[] parameters = new MySqlParameter[3]; parameters[0] = new MySqlParameter("?name", MySqlDbType.VarChar, name.Length); parameters[0].Value = name; parameters[1] = new MySqlParameter("?pwd", MySqlDbType.VarChar, pwd.Length); parameters[1].Value = pwd; parameters[2] = new MySqlParameter("?email", MySqlDbType.VarChar, email.Length); parameters[2].Value = email; MySqlDBUtil.ExecuteNonQuery(sql, parameters); MessageBox.Show(this, "success, we need to redirect to another page."); }
protected void create_Click(object sender, EventArgs e) { int id = 1; string name = title.Text, category = cat.Items[cat.SelectedIndex].Text, min = min_age.Text, max = max_age.Text, tel = phone.Text, url = Url.Text, descr = description.Text, l1 = line1.Text, l2 = Line2.Text, zip = zipcode.Text, c = city.Text, s = state.Text; string sql = "insert into service (provider_id, name,description,min_age, max_age,phone,url,line1,Line2,zipcode,city,state,create_time, update_time) values " + "(?id,?name,?descr,?min,?max,?tel,?url,?line1,?line2,?zip,?city,?state, now(), now())"; MySqlParameter [] p = new MySqlParameter[12]; p[0] = new MySqlParameter("?id", MySqlDbType.Int32); p[0].Value = id; p[1] = new MySqlParameter("?name", MySqlDbType.VarChar, name.Length); p[1].Value = name; p[2] = new MySqlParameter("?descr", MySqlDbType.VarChar, descr.Length); p[2].Value = descr; p[3] = new MySqlParameter("?min", MySqlDbType.Int16); p[3].Value = int.Parse(min); p[4] = new MySqlParameter("?max", MySqlDbType.Int16); p[4].Value = int.Parse(max); p[5] = new MySqlParameter("?tel", MySqlDbType.VarChar, tel.Length); p[5].Value = tel; p[6] = new MySqlParameter("?url", MySqlDbType.VarChar, url.Length); p[6].Value = url; p[7] = new MySqlParameter("?line1", MySqlDbType.VarChar, l1.Length); p[7].Value = l1; p[8] = new MySqlParameter("?line2", MySqlDbType.VarChar, l2.Length); p[8].Value = l2; p[9] = new MySqlParameter("?zip", MySqlDbType.VarChar, zip.Length); p[9].Value = zip; p[10] = new MySqlParameter("?city", MySqlDbType.VarChar, c.Length); p[10].Value = c; p[11] = new MySqlParameter("?state", MySqlDbType.VarChar, s.Length); p[11].Value = s; MySqlDBUtil.ExecuteNonQuery(sql, p); }
protected void signin_Click(object sender, System.EventArgs e) { string user = username.Text.Trim(); string pwd = MD5.getMd5Hash(inputPassword.Text.Trim()); MySqlParameter [] param = new MySqlParameter[2]; param[0] = new MySqlParameter("?pwd", MySqlDbType.VarChar, 32); param[0].Value = pwd; param[1] = new MySqlParameter("?name", MySqlDbType.VarChar, user.Length); param[1].Value = user; string result = MySqlDBUtil.ExecuteScalar("select password = ?pwd from user where user_name = ?name", param); param = new MySqlParameter[1]; param[0] = new MySqlParameter("?name", MySqlDbType.VarChar, user.Length); param[0].Value = user; string id = MySqlDBUtil.ExecuteScalar("select iduser from user where user_name = ?name", param); if (result == "1") { // in the future, the id and pwd can be encrypted with DES, each user has its unique key. HttpCookie logInfo = new HttpCookie("mentorhip"); logInfo.Expires = DateTime.Now.AddDays(14d); logInfo["username"] = user; logInfo["id"] = id; logInfo["pwd"] = pwd; logInfo["expire"] = "false"; HttpContext.Current.Response.Cookies.Add(logInfo); HttpCookie authentication = new HttpCookie("mh_auth"); authentication["id"] = id; authentication["pwd"] = pwd; HttpContext.Current.Response.Cookies.Add(authentication); Response.Redirect("~/index.aspx", true); } else { MessageBox.Show(this, "Please check username or password"); } }
protected void Page_Load(object sender, EventArgs e) { Image1.ImageUrl = "~/imgHandler.ashx?imID=" + MySqlDBUtil.ExecuteScalar("select img_id from user where iduser = " + Master.id);; }