protected void Button1_Click(object sender, EventArgs e) { string mysql; int i; if (TextBox1.Text.Trim() == "" || TextBox2.Text.Trim() == "") { Response.Write("<script>alert('用户名和密码不能为空!')</script>"); return; } if (TextBox3.Text.ToUpper().Trim() != Label1.Text.Trim()) { Response.Write("<script>alert('你的验证码输入错误," + "请重新输入')</script>"); } else //若验证码输入正确 { if (RadioButton1.Checked) //顾客登录 { mysql = "SELECT 用户名 FROM Customers WHERE 用户名 = '" + TextBox1.Text + "'AND 密码 = '" + TextBox2.Text + "'AND 有效否 = '1'"; i = mydb.Rownum(mysql); if (i > 0) //合法用户 { Session["uname"] = TextBox1.Text.Trim(); Server.Transfer("~/customermenu.aspx"); } else //非法用户 { Response.Write("<script>alert('对不起,你输入的" + "用户名/密码错误或者已无效,请查实!')</script>"); } } else if (RadioButton2.Checked) //操作员登录 { mysql = "SELECT 用户名 FROM Users WHERE 用户名 = '" + TextBox1.Text + "'AND 密码 = '" + TextBox2.Text + "'AND 类型 = '操作员'"; i = mydb.Rownum(mysql); //执行SQL语句并返回行数 if (i > 0) { Session["uname"] = TextBox1.Text.Trim(); Server.Transfer("~/operatormenu.aspx"); } else { Response.Write("<script>alert('对不起,你输入的" + "用户名/密码错误或者已无效,请查实!')</script>"); } } else if (RadioButton3.Checked) //管理员登录 { mysql = "SELECT 用户名 FROM Users WHERE 用户名 = '" + TextBox1.Text + "' AND 密码 = '" + TextBox2.Text + "'AND 类型 = '管理员' AND 有效否='1'"; i = mydb.Rownum(mysql); //执行SQL语句并返回行数 if (i > 0) { //合法管理员用户 Session["uname"] = TextBox1.Text.Trim(); Server.Transfer("~/managermenu.aspx"); } else { Response.Write("<script>alert('对不起,你输入的" + "用户名/密码错误或者已无效,请查实!')</script>"); } } } }
protected void Page_Load(object sender, EventArgs e) { if (!Page.IsPostBack) { int i, j; string sn = ""; mysql = "SELECT * FROM selcourse WHERE sno='" + Session["uno"] + "'"; i = mydb.Rownum(mysql, "selcourse", ref sn); mysql = "SELECT * FROM score WHERE sno='" + Session["uno"] + "'"; j = mydb.Rownum(mysql, "score", ref sn); if (i == 0 && j == 0) //第一次选课:score和selcourse表中都没有该学号的记录 { mysql = "INSERT INTO selcourse(sno,cno,cname,ctime,cplace,tno,tname,sel) SELECT '" + Session["uno"] + "',cno,cname,ctime,cplace,tno,tname,'×' FROM course"; mydb.ExecuteNonQuery(mysql); bind(); } else if (i > 0) //selcourse表中有该学号的记录 { bind(); } else { Response.Redirect("~/dispinfo.aspx?info=" + "你选课已提交,不能再重新选课"); } } }
protected void Button1_Click(object sender, EventArgs e) { string mysql; int i; string uname = ""; if (TextBox3.Text.Trim() != Label1.Text.Trim()) Response.Write("<script>alert('你的验证码输入错误,请重输入!')</script>"); else { if (RadioButton1.Checked) { mysql = "SELECT sname FROM student WHERE sno = '" + TextBox1.Text + "' AND spass = '******'"; i = mydb.Rownum(mysql, "student", ref uname); if (i > 0) { Session["uno"] = TextBox1.Text.Trim(); Session["uname"] = uname; Server.Transfer("~/studentmenu.aspx"); } else Response.Write("<script>alert('对不起,你输入的用户名或者密码错误,请查实!')</script>"); } else if (RadioButton2.Checked) { mysql = "SELECT tname FROM teacher WHERE tno = '" + TextBox1.Text + "' AND tpass = '******'"; i = mydb.Rownum(mysql, "teacher", ref uname); if (i > 0) { Session["uno"] = TextBox1.Text.Trim(); Session["uname"] = uname; Server.Transfer("~/teachermenu.aspx"); } else Response.Write("<script>alert('对不起,你输入的用户名或者密码错误,请查实!')</script>"); } else if (RadioButton3.Checked) { mysql = "SELECT mname FROM manager WHERE mno = '" + TextBox1.Text + "' AND mpass = '******'"; i = mydb.Rownum(mysql, "manager", ref uname); if (i > 0) { Session["uno"] = TextBox1.Text.Trim(); Session["uname"] = uname; Server.Transfer("~/managermenu.aspx"); } else Response.Write("<script>alert('对不起,你输入的用户名或者密码错误,请查实!')</script>"); } else Response.Write("<script>alert('对不起,必须选择用户类型!')</script>"); } }
protected void Button1_Click(object sender, EventArgs e) { if (Page.IsValid) { int i; mysql = "SELECT * FROM Customers WHERE 用户名 = '" + usernameTextBox.Text.Trim() + "'"; i = mydb.Rownum(mysql); if (i > 0) { Response.Write("<script>alert('对不起,你输入的用户名" + "已经注册了!')</script>"); } else { mysql = "INSERT INTO Customers(用户名,密码,姓名,年龄,学历," + "地区,省份,市,县,住址,邮箱,电话,有效否)" + "VALUES('" + usernameTextBox.Text.Trim() + "','" + passTextBox1.Text.Trim() + "','" + xmTextBox.Text.Trim() + "'," + ageTextBox.Text + ",'" + DropDownList1.SelectedValue.ToString().Trim() + "','" + DropDownList2.SelectedValue.ToString().Trim() + "','" + DropDownList3.SelectedValue.ToString().Trim() + "','" + DropDownList4.SelectedValue.ToString().Trim() + "','" + DropDownList5.SelectedValue.ToString().Trim() + "','" + placeTextBox.Text.Trim() + "','" + EmailTextBox.Text.Trim() + "','" + TelTextBox.Text.Trim() + "','1'"; mydb.ExecuteNonQuery(mysql); Response.Redirect("~/dispinofo.aspx?info=你可以退出再以顾客身份" + "登录后购物,或者继续以游客身份游览!"); } } }
protected void Button1_Click(object sender, EventArgs e) { int i; CommDB mydb = new CommDB(); string mysql, sn = ""; mysql = "SELECT * FROM student WHERE sno='" + TextBox1.Text + "'"; i = mydb.Rownum(mysql, "student", ref sn); if (i > 0) { Response.Redirect("~/dispinfo.aspx?info=学号重复,不能添加该学生记录!"); } else { string xb; if (RadioButton1.Checked) { xb = "男"; } else if (RadioButton2.Checked) { xb = "女"; } else { xb = ""; } mysql = "INSERT INTO student(sno,sname,ssex,snation,sclass,spass) VALUES('" + TextBox1.Text + "','" + TextBox2.Text + "','" + xb + "','" + DropDownList1.SelectedValue + "','" + TextBox3.Text + "','" + TextBox1.Text + "')"; mydb.ExecuteNonQuery(mysql);; Response.Redirect("~/dispinfo.aspx?info=学生记录已成功添加!"); } }
protected void Button1_Click(object sender, EventArgs e) { int i; CommDB mydb = new CommDB(); string mysql, sn = ""; mysql = "SELECT * FROM teacher WHERE tno='" + TextBox1.Text + "'"; i = mydb.Rownum(mysql, "teacher", ref sn); if (i > 0) { Response.Redirect("~/dispinfo.aspx?info=编号重复,不能添加该教师记录!"); } else { string xb; if (RadioButton1.Checked) { xb = "男"; } else if (RadioButton2.Checked) { xb = "女"; } else { xb = ""; } mysql = "INSERT INTO teacher(tno,tname,tsex,tdepart,tpass) VALUES('" + TextBox1.Text + "','" + TextBox2.Text + "','" + xb + "','" + TextBox3.Text + "','" + TextBox1.Text + "')"; //刚添加时密码同编号 mydb.ExecuteNonQuery(mysql); Response.Redirect("~/dispinfo.aspx?info=教师记录已成功添加!"); } }
protected void Button1_Click(object sender, EventArgs e) { if (Page.IsValid) { int i; mysql = "SELECT * FROM Customers WHERE 用户名 = '" + usernameTextBox.Text.Trim() + "'"; i = mydb.Rownum(mysql); if (i > 0) { Response.Write("<script>alert('对不起,你输入的用户名" + "已经注册了!')</script>"); } else { string sf = "管理员"; if (RadioButton2.Checked) { sf = "操作员"; } mysql = "INSERT INTO Users (用户名,密码,类型,有效否) " + "VALUES('" + usernameTextBox.Text.Trim() + "','" + passTextBox1.Text.Trim() + "','" + sf + "','1')"; mydb.ExecuteNonQuery(mysql); Response.Redirect("~/dispinfo.aspx?info=欢迎您,管理员!"); } } }
protected void Button1_Click(object sender, EventArgs e) { if (Page.IsValid) { int i; mysql = "SELECT * FROM Products WHERE 商品编号 = '" + bhTextBox.Text + "'"; i = mydb.Rownum(mysql); if (i > 0) { Label1.Text = "商品编号重复,不能添加该商品记录!"; } else { string filestr; if (FileUpload1.HasFile) { filestr = Server.MapPath("/") + "Picture\\" + FileUpload1.FileName; try { FileUpload1.SaveAs(filestr); Label1.Text = "提示:文件成功上传"; } catch (Exception ex) { Label1.Text = "提示:文件上传失败," + ex.Message; } } else { Label1.Text = "提示:没有指定要上传的任何文件"; } mysql = "INSERT INTO Products(商品编号,分类,子类,品牌,型号,单价,库存数量,图片,有效否,星数,评论数) VALUES('" + bhTextBox.Text.Trim() + "','" + DropDownList1.SelectedValue.ToString().Trim() + "','" + DropDownList2.SelectedValue.ToString().Trim() + "','" + DropDownList3.SelectedValue.ToString().Trim() + "','" + xhTextBox.Text.Trim() + "'," + priceTextBox.Text.Trim() + "," + numTextBox.Text.Trim() + ",'" + "~//Pictrue//" + FileUpload1.FileName.Trim() + "','" + "1',0,0)"; mydb.ExecuteNonQuery(mysql); Response.Redirect("~/dispinfo.aspx?info=新型号的商品已添加"); } } else { Label1.Text = "提示:商品信息错误,不能添加"; } }
protected bool inCart(string spno) { int i; mysql = "SELECT * FROM ShoppingCart WHERE 用户名 = '" + Session["uname"] + "'AND 商品编号 = '" + spno + "'"; i = mydb.Rownum(mysql); if (i > 0) { return(true); } else { return(false); } }
protected void Button1_Click(object sender, EventArgs e) { CommDB mydb = new CommDB(); string mysql, sn = ""; int i; mysql = "SELECT * FROM student WHERE sno='" + Session["uno"] + "' AND spass='******'"; i = mydb.Rownum(mysql, "student", ref sn); if (i == 0) { Server.Transfer("~/dispinfo.aspx?info=原密码输入错误!"); } else { mysql = "UPDATE student SET spass='******' WHERE sno='" + Session["uno"] + "'"; mydb.ExecuteNonQuery(mysql); Server.Transfer("~/dispinfo.aspx?info=密码修改成功!"); } }
protected void Button1_Click(object sender, EventArgs e) { int i; CommDB mydb = new CommDB(); string mysql, sn = ""; mysql = "SELECT * FROM manager WHERE mno='" + TextBox1.Text + "'"; i = mydb.Rownum(mysql, "manager", ref sn); if (i > 0) { Response.Redirect("~/dispinfo.aspx?info=管理员编程号重复,不能添加该课程记录!"); } else { mysql = "INSERT INTO manager(mno,mname,mpass) VALUES('" + TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox1.Text + "')"; mydb.ExecuteNonQuery(mysql); Response.Redirect("~/dispinfo.aspx?info=管理员记录已成功添加!"); } }
protected void Button1_Click(object sender, EventArgs e) { int i; CommDB mydb = new CommDB(); string mysql, sn = ""; mysql = "SELECT * FROM course WHERE cno='" + TextBox1.Text + "'"; i = mydb.Rownum(mysql, "course", ref sn); if (i > 0) { Response.Redirect("~/dispinfo.aspx?info=课程号重复,不能添加该课程记录!"); } else { mysql = "INSERT INTO course(cno,cname,ctime,cplace,tno,tname) VALUES('" + TextBox1.Text + "','" + TextBox2.Text + "','" + TextBox3.Text + "','" + TextBox4.Text + "','','')"; mydb.ExecuteNonQuery(mysql);; Response.Redirect("~/dispinfo.aspx?info=课程记录已成功添加!"); } }
protected void Button1_Click(object sender, EventArgs e) { String today = DateTime.Today.Year.ToString() + "/" + DateTime.Today.Month.ToString() + "/" + DateTime.Today.Day.ToString(); id = GridView1.SelectedDataKey.Values["ID"].ToString(); date = Calendar1.SelectedDate.Year.ToString() + "/" + Calendar1.SelectedDate.Month.ToString() + "/" + Calendar1.SelectedDate.Day.ToString(); String mysql = "INSERT INTO [airDB].[dbo].[book]([uid],[fid],[btime],[fdate]) VALUES(" + "'" + Session["uid"] + "','" + id + "','" + today + "','" + date + "')"; if (mycmd.ExecuteNonQuery(mysql)) { String mysql1 = "Select [umoney] FROM [airDB].[dbo].[user_] where uid = " + Session["uid"]; string money = ""; if (mycmd.Rownum(mysql1, "umoney", ref money) > 0) { int price = int.Parse(GridView1.SelectedDataKey.Values["价格"].ToString()); String mysql2 = "UPDATE user_ SET umoney = '" + (decimal.Parse(money) - price) + "' where uid = " + Session["uid"]; if (mycmd.ExecuteNonQuery(mysql2)) { Response.Write("<script>alert('预定成功!');</script>"); } else { Response.Write("<script>alert('预定失败!" + mysql + "');</script>"); } } } else { Response.Write("<script>alert('预定失败!" + mysql + "');</script>"); } }