private void Order_finish() { int id_zam = Check_IDzam(); List <string> user_info = Return_user_info(); string sql_z = "INSERT INTO ZNorthwind.dbo.Zamówienia(IDzamówienia,IDklienta,DataZamówienia,DataWysyłki,AdresOdbiorcy,NazwaOdbiorcy,MiastoOdbiorcy,KrajOdbiorcy,KodPocztowyOdbiorcy)" + " VALUES (@id_z,@id_k,@data_zam,@data_wys,@adres,@n_firmy,@miasto,@kraj,@k_pocztowy)"; var command_z = new SqlCommand(sql_z, DBconnection.Connection()); command_z.Parameters.AddWithValue("@id_z", id_zam); command_z.Parameters.AddWithValue("@id_k", Global_variable.IDklienta); command_z.Parameters.AddWithValue("@data_zam", data_zam); command_z.Parameters.AddWithValue("@data_wys", data_zam.AddHours(random.Next(4, 72))); command_z.Parameters.AddWithValue("@n_firmy", user_info.ElementAt(0).ToString()); command_z.Parameters.AddWithValue("@miasto", user_info.ElementAt(1).ToString()); command_z.Parameters.AddWithValue("@adres", user_info.ElementAt(2).ToString()); command_z.Parameters.AddWithValue("@k_pocztowy", user_info.ElementAt(3).ToString()); command_z.Parameters.AddWithValue("@kraj", user_info.ElementAt(4).ToString()); command_z.ExecuteNonQuery(); foreach (DataGridViewRow row in DataGridView_koszyk.Rows) { string sql_pz = "INSERT INTO ZNorthwind.dbo.PozycjeZamówienia(IDzamówienia,IDproduktu,CenaJednostkowa,Ilość,Rabat)" + " VALUES (@id_z,@id_p,@cena,@ilosc,@rabat)"; var command_pz = new SqlCommand(sql_pz, DBconnection.Connection()); command_pz.Parameters.AddWithValue("@id_z", id_zam); command_pz.Parameters.AddWithValue("@id_p", Convert.ToInt32(row.Cells[4].Value)); command_pz.Parameters.AddWithValue("@cena", Convert.ToDouble(row.Cells[3].Value)); command_pz.Parameters.AddWithValue("@ilosc", Convert.ToInt32(row.Cells[2].Value)); command_pz.Parameters.AddWithValue("@rabat", 0); command_pz.ExecuteNonQuery(); } DBconnection.Connection_Close(DBconnection.Connection()); Cleaning_after_order(); }
private int Check_IDzam() { string sql = "SELECT MAX(IDzamówienia) FROM Zamówienia"; var command = new SqlCommand(sql, DBconnection.Connection()); using (var reader = command.ExecuteReader()) { reader.Read(); int id = Convert.ToInt32(reader[0]); return(id + 1); } }
private void Create() { string sql = "INSERT INTO ZNorthwind.dbo.Klienci(IDklienta,NazwaFirmy,Miasto,Adres,KodPocztowy,Kraj,Telefon,Hasło)" + "VALUES (@id,@nazwafirmy,@miasto,@adres,@kodpocztowy,@kraj,@telefon,HASHBYTES('SHA1','@haslo'))"; var command = new SqlCommand(sql, DBconnection.Connection()); command.Parameters.AddWithValue("@nazwafirmy", textBox_Imie.Text + " " + textBox_Nazwisko.Text); command.Parameters.AddWithValue("@id", textBox_Login.Text.ToUpper()); command.Parameters.AddWithValue("@miasto", textBox_Miasto.Text); command.Parameters.AddWithValue("@adres", textBox_Adres.Text); command.Parameters.AddWithValue("@kodpocztowy", textBox_Kod_pocztowy.Text); command.Parameters.AddWithValue("@kraj", textBox_Kraj.Text); command.Parameters.AddWithValue("@telefon", textBox_Telefon.Text); command.Parameters.AddWithValue("@haslo", textBox_Haslo.Text); command.ExecuteNonQuery(); DBconnection.Connection_Close(DBconnection.Connection()); }
private bool Check_login() { string sql; sql = "SELECT COUNT(*) FROM Klienci WHERE IDklienta = @Id"; var command = new SqlCommand(sql, DBconnection.Connection()); command.Parameters.AddWithValue("@Id", textBox_Login.Text); int results = (int)command.ExecuteScalar(); if (results > 0) { return(false); // istnieje uzytkownik } label_login_istnieje.Visible = false; return(true); // nie istnieje }
private List <string> Return_user_info() { string n_firmy, adres, miasto, k_pocztowy, kraj; string sql = "SELECT NazwaFirmy,Miasto,Adres,KodPocztowy,Kraj FROM Klienci WHERE IDklienta = @id"; var command = new SqlCommand(sql, DBconnection.Connection()); command.Parameters.AddWithValue("@id", Global_variable.IDklienta); using (var reader = command.ExecuteReader()) { reader.Read(); n_firmy = reader["NazwaFirmy"].ToString(); miasto = reader["Miasto"].ToString(); adres = reader["Adres"].ToString(); k_pocztowy = reader["KodPocztowy"].ToString(); kraj = reader["Kraj"].ToString(); List <string> user_info = new List <string>() { n_firmy, miasto, adres, k_pocztowy, kraj }; return(user_info); } }
private void Logowanie() { if (login == null || password == null) { DialogResult msg = MessageBox.Show("Musisz podać login i haslo", "Logowanie", MessageBoxButtons.RetryCancel, MessageBoxIcon.Error); if (msg != DialogResult.Retry) { ActiveForm.Close(); } } else { string sql; sql = "SELECT COUNT(*) FROM Klienci WHERE IDklienta = @id AND Hasło = HASHBYTES('SHA1','@haslo')"; var command = new SqlCommand(sql, DBconnection.Connection()); command.Parameters.AddWithValue("@id", login); command.Parameters.AddWithValue("@haslo", password); int results = (int)command.ExecuteScalar(); if (results > 0) { Global_variable.IDklienta = login.ToUpper(); Global_variable.User_status = true; DBconnection.Connection_Close(DBconnection.Connection()); ActiveForm.Close(); } else { DialogResult result = MessageBox.Show("Złe dane logowania", "Logowanie", MessageBoxButtons.RetryCancel, MessageBoxIcon.Error); if (result != DialogResult.Retry) { DBconnection.Connection_Close(DBconnection.Connection()); ActiveForm.Close(); } } } }