protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
// Retrieve the user's id.
string id = Session["userId"].ToString();
// Create the query
string query = "SELECT * FROM person WHERE id = " + id;
// Open a connection and execute the query.
DBMaster dbm = new DBMaster();
SqlDataReader reader = dbm.GetReader(query);
// Read in the information
reader.Read();
lblFName.Text = reader["firstName"].ToString();
lblLName.Text = reader["lastName"].ToString();
lblUser.Text = reader["userName"].ToString();
lblPassword.Text = reader["password"].ToString();
lblAddress.Text = reader["address"].ToString();
lblEmail.Text = reader["email"].ToString();
lblPhone.Text = reader["phone"].ToString();
dbm.CloseConnection(); // Close the connection
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
// Get login info
string user = txtUser.Text;
string password = txtPassword.Text;
// Create query
string query = string.Format(
"SELECT firstName, id FROM person WHERE userName = '******' AND password = '******'",
user, password);
//System.Diagnostics.Debug.WriteLine("######### query: " + query);
// Open connection and execute query
DBMaster dbm = new DBMaster();
SqlDataReader reader = dbm.GetReader(query);
// If login is successful, reader will have data
if (reader.Read())
{
// Save user's name & id
string fName = reader["firstName"].ToString();
string id = reader["id"].ToString();
// Save session info
Session["fName"] = fName;
Session["userID"] = id;
// Greet user
lblGreet.Text = string.Format("Welcome {0}!", fName);
// Toggle login box and logout button
ShowLogin(false);
}
else
{
// Display error message
lblGreet.Text = "Sorry, the provided information did not match any of our records.";
}
// Close the connection
dbm.CloseConnection();
}
protected void Page_Load(object sender, EventArgs e)
{
// Verify a user is logged in
if (Session["userID"] == null)
{
// Passing status to main page via GET to let it handle
// the no logged in user situation.
Response.Redirect("~/index.aspx?status=nologin");
}
else
{
//System.Diagnostics.Debug.WriteLine("######### id: " + Session["userID"].ToString());
// Retrieve user's name
string user = Session["fName"].ToString();
// Greet user
lblGreet.Text = user + ", here are our current products:";
DBMaster dbm = new DBMaster();
// Create Query
string query =
"SELECT pid, productName, description, price " +
"FROM products WHERE currentAmount > 0 ORDER BY productName ASC";
//System.Diagnostics.Debug.WriteLine("######### query: " + query);
// Open connection and execute Query.
SqlDataReader reader = dbm.GetReader(query);
// Display the found products
while (reader.Read())
{
double price2 = 0.0;
// Get the current record
string pid = reader["pid"].ToString();
string product = reader["productName"].ToString();
string description = reader["description"].ToString();
string price = reader["price"].ToString();
HtmlAnchor link = new HtmlAnchor();
// Create the link control.
link.HRef = "oneclickBuy.aspx?id=" + pid;
// Since I'm selling ice cream, humorously saying lick to buy.
link.InnerText = "Single Lick Buy\x2122";
// Let's see if I can successfully format the price as 00.00
if (double.TryParse(price, out price2))
{
price = string.Format("{0:C}", price2);
}
else
{
// The chances of this executing are slim to none since
// price is in the database as a number.
price = "$" + price;
}
// Create a Table Row and cells
TableRow trRow = new TableRow();
TableCell tcProduct = new TableCell();
TableCell tcDescription = new TableCell();
TableCell tcPrice = new TableCell();
TableCell tcBuy = new TableCell();
// Populate the row cells
tcProduct.Text = product;
tcDescription.Text = description;
tcPrice.Text = price;
tcBuy.Controls.Add(link);
// Add the cells to the Row
trRow.Cells.Add(tcProduct);
trRow.Cells.Add(tcDescription);
trRow.Cells.Add(tcPrice);
trRow.Cells.Add(tcBuy);
// And add the row to the table
tblProducts.Rows.Add(trRow);
}
// Close the connection.
dbm.CloseConnection();
}
}
protected void Page_Load(object sender, EventArgs e)
{
// Verify a user is logged in
if (Session["userID"] == null)
{
// Passing status to main page via GET to let it handle the no
// logged-in user situation.
Response.Redirect("~/index.aspx?status=nologin");
}
else
{
const string BUSINESS = "Ice Cream Internet Parlor";
DBMaster dbm = new DBMaster();
SqlDataReader reader = null;
string query = "";
string product = "";
string price = "";
string address = "";
string email = "";
string id = Session["UserID"].ToString();
// Retrieve user's name from Session
string fName = Session["fName"].ToString();
string lName = "";
// Get id from URL
string pid = Request.QueryString["id"];
string message = "Hi! " + fName;
double price2 = 0.0;
// First, get product name & price
query = "SELECT productName, price FROM products WHERE pid = " + pid;
// Execute the query
reader = dbm.GetReader(query);
if (reader.Read())
{
product = reader["productName"].ToString();
price = reader["price"].ToString();
// Make Price look like a proper price (2 significant digits)
if (double.TryParse(price, out price2))
{
price = string.Format("{0:C}", price2);
}
else
{
// The chances of this executing are slim to none since
// price is in the database as a number.
price = "$" + price;
}
}
dbm.CloseReader(); // Done with the reader, for now.
// Second, decrement the amount
query = "UPDATE products SET currentAmount -= 1 WHERE pid = " + pid;
dbm.ExecuteNonQuery(query);
// Third, get user's address.
query = "SELECT * FROM person WHERE id = " + id;
// Get the needed info from the person table.
reader = dbm.GetReader(query);
if (reader.Read())
{
address = reader["address"].ToString();
email = reader["email"].ToString();
lName = reader["lastName"].ToString();
}
// We have all the pieces we need from the database.
dbm.CloseReader();
dbm.CloseConnection();
// Build up the message; the Greeting line is already added.
message += string.Format(
"<p>Thank you for purchasing <b>{0}</b>. " +
"Your credit card on file will be charged <b>{1}</b><br/>" +
"Your purchase will be shipped to: <b>{2}</b></p>" +
"<p>Thanks for shopping at {3}! " +
"It is a pleasure doing business with you.</p>",
product, price, address, BUSINESS);
divGreet.InnerHtml = message;
/* No point in running the rest of the code if there is no from email and
* password - JK
* // Get sender credentials
* string fromEmail = "";
* string fromPassword = "";
*
* // Combine first and last names into one string
* string toName = string.Format("{0} {1}", fName, lName);
*
* // Create a MailMessage object
* MailAddress from = new MailAddress(fromEmail, BUSINESS);
* MailAddress to = new MailAddress(email, toName);
* MailMessage mail = new MailMessage(from, to);
*
* // Build the email
* mail.Subject = "Your order from " + BUSINESS;
* mail.Body = message;
* // And tell message we're using HTML
* mail.IsBodyHtml = true;
*
* // Set SMTP for gmail
* SmtpClient smtp = new SmtpClient("smtp.gmail.com", 587);
*
* // Provide the credentials
* smtp.Credentials = new NetworkCredential(fromEmail, fromPassword);
* smtp.EnableSsl = true;
*
* // Send the email
* smtp.Send(mail);
*/
}
}
