protected void RegisterButton_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
object returnVal;
string strName, strAddress, strPhone, strPassword, strEmail;
int intShopperID = 0;
strName = nameTextBox.Text;
strAddress = addressTextbox.Text;
strPhone = phoneTextbox.Text;
strEmail = emailTextbox.Text;
strPassword = pswTextBox.Text.Trim();
DatabaseMgmt dbObj = new DatabaseMgmt();
string strSqlCmd;
strSqlCmd = $"select ShopperID from Shopper where Email='{strEmail}'";
if ((returnVal = (object)dbObj.ExecuteScalar(strSqlCmd)) != null)
{
intShopperID = Convert.ToInt32(returnVal);
}
else
{
intShopperID = 0;
}
if (intShopperID == 0)
{
strSqlCmd = $"Insert into Shopper(Name, Address,Phone, Email, Passwd) VALUES ('{strName}','{strAddress}'," +
$"'{strPhone}','{strEmail}','{strPassword}')";
dbObj.ExecuteNonQuery(strSqlCmd);
strSqlCmd = $"select MAX(ShopperID) From Shopper";
if ((returnVal = (object)dbObj.ExecuteScalar(strSqlCmd)) != null)
{
intShopperID = Convert.ToInt32(returnVal);
}
else
{
intShopperID = 0;
}
Session["ShopperID"] = intShopperID;
Session["Name"] = strName;
Session["Address"] = strAddress;
Session["Phone"] = strPhone;
Session["Email"] = strEmail;
Session["ProfileRetrived"] = 1;
msgLabel.Text = "Registration Successful";
}
else
{
msgLabel.Text = "Please select another email to register";
}
}
}
protected void EmailDetailsChanged_Changed(object sender, EventArgs e)
{
MultiView1.SetActiveView(PasswordView);
object returnVal;
string Name;
//Read Database
DatabaseMgmt dbObj = new DatabaseMgmt();
SqlDataReader dR;
dbObj.Connect();
string strSqlCmd;
strSqlCmd = $"select SecurityQn, ShopperID from Shopper where Email='{emailDetailsTextBox.Text}'";
dR = dbObj.ExecuteSelect(strSqlCmd);
if (dR.Read())
{
SecurityQnLabel.Text = dR["SecurityQn"].ToString();
}
else
{
SecurityQnLabel.Text = "No Account found!";
}
}
protected void btnAddCart_Click(object sender, EventArgs e)
{
// Set the Session Variables:
// ProductID, ProductName, ProductPrice and Quantity
//===================================================
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
SqlDataReader dR;
string strSqlCmd = $"select quantity from Product where productId = {int.Parse(Request["ProductId"])}";
dR = objdbMgmt.ExecuteSelect(strSqlCmd);
if (dR.Read())
{
if (int.Parse(txtQty.Text) > int.Parse(dR["quantity"].ToString()))
{
Response.Write("<script>alert('Invalid quantity/Sold out');</script>");
return;
}
}
Session["Quantity"] = txtQty.Text;
Session["ProductName"] = lblProductTitle.Text;
Session["ProductPrice"] = lblProductPrice.Text;
Session["ProductID"] = Request["ProductId"];
// Re-direct to AddItem page to add the
// selected item to the shopping cart
Response.Redirect("AddItem.aspx");
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["ShopperID"] == null)
{
Response.Redirect("Login.aspx");
}
else
{
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
SqlDataReader dR;
objdbMgmt.Connect();
string strSqlCmd;
strSqlCmd = $"select address,email,phone, passwd from Shopper where ShopperID='{Session["ShopperId"]}'";
dR = objdbMgmt.ExecuteSelect(strSqlCmd);
if (displayNameCheckBox.Checked == true)
{
}
NameLabel.Text = (string)Session["Name"];
if (dR.Read())
{
PasswordLabel.Text = dR["Passwd"].ToString().Trim();
AddressLabel.Text = dR["address"].ToString();
EmailLabel.Text = dR["email"].ToString();
PhoneLabel.Text = dR["phone"].ToString();
}
}
}
protected void getAnswer_Changed(object sender, EventArgs e)
{
string Question;
//Read Database
DatabaseMgmt dbObj = new DatabaseMgmt();
SqlDataReader dR;
dbObj.Connect();
string strSqlCmd;
strSqlCmd = $"select Name, ShopperID, SecurityQn, QnAnswer from Shopper where Name='{nameEmailViewTextBox.Text}' and passwd = '{passwordEmailViewTextBox.Text}'";
dR = dbObj.ExecuteSelect(strSqlCmd);
if (dR.Read())
{
MultiView1.SetActiveView(EmailView);
Question = dR["SecurityQn"].ToString();
QuestionEmailLabel.Text = Question;
}
else
{
QuestionEmailLabel.Text = "No Account found";
MultiView1.SetActiveView(EmailView);
}
}
protected void loginButton_Click(object sender, EventArgs e)
{
SqlDataReader dR;
string strPassword;
DatabaseMgmt dbObj = new DatabaseMgmt();
string selStr = $"select passwd, name, ShopperId from SHopper Where email ='{emailTextBox.Text}'";
dR = dbObj.ExecuteSelect(selStr);
if (dR.Read())
{
strPassword = dR["passwd"].ToString();
if (strPassword == pswTextBox.Text)
{
Session["Password"] = strPassword;
Session["Name"] = dR["name"].ToString();
Session["ShopperId"] = dR["ShopperID"].ToString();
Response.Redirect("Home.aspx");
}
else
{
msgLabel.Text = "Email or password incorrect";
}
}
else
{
msgLabel.Text = "Email or password incorrect";
}
dR.Close();
}
protected void RegisterButton_Click(object sender, EventArgs e)
{
int intQty = 0;
double dblBalance = 0, dblTotalValue = 0, dblPrice = 0;
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
DatabaseMgmt objdbMgmtProduct = new DatabaseMgmt();
DatabaseMgmt objdbMgmtUpdate = new DatabaseMgmt();
DatabaseMgmt objdbAccCredit = new DatabaseMgmt();
SqlDataReader dR, dRProduct, dRBalance;
string strSqlCmd = $"Select productId,price,quantity from shopcartitem where shopcartid = '{Session["ShopCartId"]}'";
dR = objdbMgmt.ExecuteSelect(strSqlCmd);
while (dR.Read())
{
intQty = int.Parse(dR["quantity"].ToString());
dblPrice = double.Parse(dR["price"].ToString());
strSqlCmd = $"Select productid,quantity from product where productid = '{dR["productId"]}'";
dRProduct = objdbMgmtProduct.ExecuteSelect(strSqlCmd);
while (dRProduct.Read())
{
dblTotalValue = dblPrice * intQty;
strSqlCmd = $"Select Balance FROM AccountCredit Where AccBalanceID = " + Session["ShopperID"];
dRBalance = objdbAccCredit.ExecuteSelect(strSqlCmd);
if (dRBalance.Read())
{
dblBalance = double.Parse(dRBalance["Balance"].ToString());
}
dRBalance.Close();
dblBalance = dblBalance - dblTotalValue;
if (dblBalance >= 0)
{
strSqlCmd = $"Update AccountCredit Set Balance = {dblBalance} Where AccBalanceID = " + Session["ShopperID"];
objdbAccCredit.ExecuteNonQuery(strSqlCmd);
int intTmp = int.Parse(dRProduct["quantity"].ToString()) - int.Parse(dR["quantity"].ToString());
strSqlCmd = $"update Product set quantity = {intTmp} where productId = '{dRProduct["productid"]}'";
objdbMgmtUpdate.ExecuteNonQuery(strSqlCmd);
msgLabel.Text = "Your order will be delivered soon";
}
else
{
msgLabel.Text = "Insufficient Funds, please top up your account";
}
}
dRProduct.Close();
Session["ShopCartId"] = null;
Response.AddHeader("REFRESH", "3;URL=Home.aspx");
}
}
protected void EmailContinueButton_Click(object sender, EventArgs e)
{
int temp;
string sqlcmd = $"update shopper set Email = '{emailChangeViewTextBox.Text}' where passwd = '{Session["passwd"]}'";
DatabaseMgmt dbObj = new DatabaseMgmt();
temp = dbObj.ExecuteNonQuery(sqlcmd);
MultiView1.SetActiveView(SuccessView);
}
protected void ChangePasswordPushButton_Click(object sender, EventArgs e)
{
int temp;
string sqlcmd = $"update shopper set passwd = '{ConfirmNewPassword.Text}' where Email = '{Session["email"]}'";
DatabaseMgmt dbObj = new DatabaseMgmt();
temp = dbObj.ExecuteNonQuery(sqlcmd);
MultiView1.SetActiveView(SuccessView);
}
protected void Page_Load(object sender, EventArgs e)
{
// Connect to the database
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
objdbMgmt.Connect();
string strSqlCmd;
// System.Data.OleDb.OleDbDataReader objDataReader;
System.Data.SqlClient.SqlDataReader objDataReader;
double curOringalPrice;
// Retrieve the details of product of a given product ID
// from the database
int intProductId;
intProductId = Convert.ToInt32(Request.QueryString["ProductId"]);
strSqlCmd = "SELECT * FROM Product WHERE ProductId=" + intProductId;
objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd);
// Read the only record retrieved
if (objDataReader.Read())
{
// Display the product title
lblProductTitle.Text = (string)objDataReader["ProductTitle"];
// Display the product description
if (objDataReader["ProductDesc"] != DBNull.Value)
{
lblProductDesc.Text = (string)objDataReader["ProductDesc"];
}
// Display the product image
imgProduct.ImageUrl = "images/products/" + (string)objDataReader["ProductImage"];
// Display the product price
// Format to display two decimals
curOringalPrice = Convert.ToDouble(objDataReader["Price"]);
lblProductPrice.Text = "$" + string.Format(Convert.ToString(curOringalPrice), "0.00");
objDataReader.Close();
}
// Retrieve the dynamic attributes of a given product
strSqlCmd = "SELECT an.AttributeName, pa.AttributeVal FROM AttributeName an INNER JOIN ProductAttribute pa ON an.AttributeNameID=pa.AttributeNameID WHERE pa.ProductID=" + intProductId;
objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd);
// Bind the records to the data grid control
dgAttribute.DataSource = objDataReader;
dgAttribute.DataBind();
objDataReader.Close();
objdbMgmt.Close();
}
protected void btnUpdateCart_Click(object sender, EventArgs e)
{
// Connect to the database
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
string strSqlCmd;
// Iterate through all rows within shopping cart list
// (i.e. the dgShopCart data grid)
int i;
for (i = 0; i <= dgShopCart.Rows.Count - 1; i++)
{
// Obtain references to row's controls
TextBox txtQuantity;
txtQuantity = (TextBox)dgShopCart.Rows[i].FindControl("txtQty");
// Get the quantity value from textbox
// and convert to integer
int intQuantity;
intQuantity = Convert.ToInt16(txtQuantity.Text);
if (intQuantity <= 0)
{
Response.Write("<script>alert('Invalid quantity');</script>");
return;
}
// Get the ProductId from the first cell
// and convert to integer
int intProductID;
intProductID = Convert.ToInt16(dgShopCart.Rows[i].Cells[0].Text);
strSqlCmd = $"select quantity from Product where productId = {intProductID}";
SqlDataReader dR = objdbMgmt.ExecuteSelect(strSqlCmd);
if (dR.Read())
{
if (intQuantity > int.Parse(dR["quantity"].ToString()))
{
Response.Write("<script>alert('Invalid quantity');</script>");
return;
}
}
objdbMgmt.Close();
// Update quantity order of shopping cart in database
strSqlCmd = "UPDATE ShopCartItem SET Quantity=" + intQuantity + " WHERE ShopCartID=" + Session["ShopCartID"] + " AND ProductId=" + intProductID;
objdbMgmt.Open();
objdbMgmt.ExecuteNonQuery(strSqlCmd);
}
displayShopCart();
objdbMgmt.Close();
}
protected void Page_Load(object sender, EventArgs e)
{
DatabaseMgmt dbObj = new DatabaseMgmt();
string strSqlCmd;
SqlDataReader sqlDataReader;
strSqlCmd = "Select * From Department";
sqlDataReader = dbObj.ExecuteSelect(strSqlCmd);
dgDept.DataSource = sqlDataReader;
dgDept.DataBind();
dbObj.Close();
}
private void displayShopCart()
{
lblEmptyShopCart.Visible = false;
dgShopCart.Visible = true;
lblSubTotal.Visible = true;
btnUpdateCart.Visible = true;
btnCheckOut.Visible = true;
// Establish a database connection
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
// Get items in the designated shopping cart.
string strSqlCmd;
SqlDataReader objDataReader;
strSqlCmd = "SELECT ShopCartID, ProductID, Name, Price, Quantity, DateAdded, Price * Quantity as Total FROM ShopCartItem WHERE ShopCartID=" + Session["ShopCartId"];
objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd);
// Bind the records to the data list control
dgShopCart.DataSource = objDataReader;
dgShopCart.DataBind();
objDataReader.Close();
// Check for empty shopping cart
if (dgShopCart.Rows.Count == 0)
{
// Call a subroutine to display empty Shopping Cart message
displayEmptyShopCart();
}
else
{
// Calculate the subtotal.
double dblSubTotal;
strSqlCmd = "SELECT SUM(Price * Quantity) as SubTotal FROM ShopCartItem WHERE ShopCartID=" + Session["ShopCartId"];
dblSubTotal = Convert.ToDouble(objdbMgmt.ExecuteScalar(strSqlCmd));
// Display the subtotal.
string strSubTotal = string.Format("{0:c}", dblSubTotal, 2);
lblSubTotal.Text = "Subtotal (before tax and shipping charge): " + strSubTotal;
}
objdbMgmt.Close();
}
protected void Page_Load(object sender, EventArgs e)
{
// Don't allow non-member to purchase a product
if (Session["ShopperID"] == null)
{
Response.Redirect("Login.aspx");
}
int intProductID;
string strProductName;
double dblProductPrice;
int intQuantity;
int intShopCartID;
int intShopperID;
bool flgAddItem;
string strSqlCmd;
// Read product's details from session variables
//intProductID = Convert.ToInt32(Session["ProductID"]);
intProductID = Convert.ToInt32(Request.QueryString["ProductId"]);
dblProductPrice = Convert.ToDouble(Double.Parse((string)Session["ProductPrice"], System.Globalization.NumberStyles.Currency));
intQuantity = Convert.ToInt32(Session["Quantity"]);
// Replace any single-quote with two single-quote
strProductName = Convert.ToString(Session["ProductName"]);
// Connect to the database
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
//objdbMgmt.Connect();
// If it is a new item, add item into shopping cart.
strSqlCmd = $"Delete from ShopCartItem where productId ='{intProductID}'";
objdbMgmt.ExecuteNonQuery(strSqlCmd);
objdbMgmt.Close();
// Re-direct to ShopCart page for display of shopping cart
Response.Redirect("ShopCart.aspx");
}
protected void Page_Load(object sender, EventArgs e)
{
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
SqlDataReader dR;
objdbMgmt.Connect();
string strSqlCmd;
strSqlCmd = $"select address,email,phone from Shopper where ShopperID='{Session["ShopperId"]}'";
dR = objdbMgmt.ExecuteSelect(strSqlCmd);
nameTextBox.Text = (string)Session["Name"];
if (dR.Read())
{
addressTextbox.Text = dR["address"].ToString();
emailTextbox.Text = dR["email"].ToString();
phoneTextbox.Text = dR["phone"].ToString();
}
}
protected void Page_Load(object sender, EventArgs e)
{
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
string strSqlCmd;
SqlDataReader dR;
if (Session["ShopperID"] != null)
{
LogoutButton.Visible = true;
RegisterButton.Visible = false;
loginsButton.Visible = false;
SellButton.Visible = true;
ProfileButton.Visible = true;
Shopping_cartBtn.Visible = true;
CheckoutBtn.Visible = true;
ProfileButton.Text = $"Welcome , {Session["Name"]}";
}
else
{
RegisterButton.Visible = true;
LogoutButton.Visible = false;
loginsButton.Visible = true;
SellButton.Visible = false;
ProfileButton.Visible = false;
Shopping_cartBtn.Visible = false;
CheckoutBtn.Visible = false;
}
if (Session["ShopCartId"] != null)
{
strSqlCmd = $"select quantity from shopcartitem where shopcartid = '{Session["ShopCartId"]}'";
dR = objdbMgmt.ExecuteSelect(strSqlCmd);
while (dR.Read())
{
itemnum = itemnum + int.Parse(dR["quantity"].ToString());
}
Shopping_cartBtn.Text = $"Shop Cart ({itemnum})";
}
}
protected void Page_Load(object sender, EventArgs e)
{
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
string strSqlCmd;
SqlDataReader objDataReader;
if (IsPostBack == false)
{
if (Request.QueryString["search"] == null)
{
Session["LastDeptID"] = Request["DeptID"];
strSqlCmd = "SELECT DeptName, DeptDesc FROM Department WHERE DepartmentID=" + Request.QueryString["DeptID"];
objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd);
// Close the data reader
objDataReader.Close();
strSqlCmd = "SELECT count(p.ProductId) FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE dp.DepartmentID = " +
Request.QueryString["DeptID"];
dgDeptProduct.VirtualItemCount = int.Parse(objdbMgmt.ExecuteScalar(strSqlCmd).ToString());
BindData("SELECT p.ProductID, p.ProductTitle, p.ProductImage, p.Price, p.Quantity FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE dp.DepartmentID = " +
Request.QueryString["DeptID"]);
}
else
{
strSqlCmd = "SELECT count(p.ProductId) FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE p.ProductTitle like '%" +
Request.QueryString["search"] + "%'";
dgDeptProduct.VirtualItemCount = int.Parse(objdbMgmt.ExecuteScalar(strSqlCmd).ToString());
BindData("SELECT p.ProductID, p.ProductTitle,p.ProductImage, p.Price, p.Quantity FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID=p.ProductID" + " WHERE p.ProductTitle like '%" +
Request.QueryString["search"] + "%'");
}
}
}
protected void PasswordFormSubmitButton_Click(object sender, EventArgs e)
{
string Question;
//Read Database
DatabaseMgmt dbObj = new DatabaseMgmt();
SqlDataReader dR;
dbObj.Connect();
string strSqlCmd;
strSqlCmd = $"select Name, ShopperID, SecurityQn, QnAnswer from Shopper where Email='{emailDetailsTextBox.Text}'";
dR = dbObj.ExecuteSelect(strSqlCmd);
if (dR.Read())
{
Question = dR["QnAnswer"].ToString();
if (AnswerTextBox.Text == Question)
{
MultiView1.SetActiveView(PasswordChangeView);
Session["email"] = emailDetailsTextBox.Text;
}
else
{
SecurityQnLabel.Text = "Wrong";
MultiView1.SetActiveView(PasswordView);
}
}
else
{
SecurityQnLabel.Text = "No Account found!";
MultiView1.SetActiveView(PasswordView);
}
}
protected void ContinueButton_Click(object sender, EventArgs e)
{
string Question;
//Read Database
DatabaseMgmt dbObj = new DatabaseMgmt();
SqlDataReader dR;
dbObj.Connect();
string strSqlCmd;
strSqlCmd = $"select SecurityQn, QnAnswer, Email, ShopperID from Shopper where Name='{nameEmailViewTextBox.Text}'";
dR = dbObj.ExecuteSelect(strSqlCmd);
if (dR.Read())
{
Question = dR["QnAnswer"].ToString();
if (answerEmailViewTextBox.Text == Question)
{
MultiView1.SetActiveView(EmailChangeView);
Session["name"] = nameEmailViewTextBox.Text;
Session["passwd"] = passwordEmailViewTextBox.Text;
}
else
{
MultiView1.SetActiveView(EmailView);
QuestionEmailLabel.Text = "Wrong Answer!";
}
}
else
{
MultiView1.SetActiveView(EmailView);
QuestionEmailLabel.Text = "No Account found!";
}
}
protected void Update_Click(object sender, EventArgs e)
{
int temp;
string sqlcmd = $"update shopper set address = '{addressTextbox.Text}', email = '{emailTextbox.Text}', passwd = '{pswTextBox.Text}', phone = '{phoneTextBox.Text}' where shopperid = '{Session["ShopperId"]}'";
DatabaseMgmt dbObj = new DatabaseMgmt();
temp = dbObj.ExecuteNonQuery(sqlcmd);
//Read the Database.
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
SqlDataReader dR;
objdbMgmt.Connect();
string strSqlCmd;
strSqlCmd = $"select address,email,phone, passwd from Shopper where ShopperID='{Session["ShopperId"]}'";
dR = dbObj.ExecuteSelect(strSqlCmd);
NameLabel.Text = (string)Session["Name"];
if (dR.Read())
{
AddressLabel.Text = dR["address"].ToString();
EmailLabel.Text = dR["email"].ToString();
PhoneLabel.Text = dR["phone"].ToString();
}
int other;
string sqlcommands = $"Insert into shopper (DisplayName) VALUES ('{displaynameTextBox.Text}')" + $"Select DisplayName from ShopperID where ShopperID = '{Session["ShopperID"]}'";
if (displayNameCheckBox.Checked == true)
{
DatabaseMgmt db = new DatabaseMgmt();
other = db.ExecuteNonQuery(sqlcommands);
objdbMgmt.Connect();
string strSqlCmds;
strSqlCmds = $"select DisplayName from Shopper where ShopperID='{Session["ShopperId"]}'";
dR = db.ExecuteSelect(strSqlCmds);
if (dR.Read())
{
displayNameLabel.Text = dR["DisplayName"].ToString();
}
}
else
{
displayNameLabel.Text = "Unused";
}
msgLabel.Text = "Updated Information!";
NameLabel.Visible = true;
PasswordLabel.Visible = true;
AddressLabel.Visible = true;
EmailLabel.Visible = true;
PhoneLabel.Visible = true;
nameTextBox.Visible = false;
pswTextBox.Visible = false;
addressTextbox.Visible = false;
emailTextbox.Visible = false;
phoneTextBox.Visible = false;
if (displaynameTextBox.Visible == true)
{
displaynameTextBox.Visible = false;
}
ConfirmButton.Visible = false;
backButton.Visible = false;
EditButton.Visible = true;
}
protected void sellButton_Click(object sender, EventArgs e)
{
DatabaseMgmt dbObj = new DatabaseMgmt();
SqlDataReader dR;
string strProductName = productNameTextBox.Text;
string strProductDescription = productDescriptionTextBox.Text;
float fltPrice;
int intStock;
int productType = int.Parse(typeDropdown.SelectedValue);
int productId = 0;
string strSqlCmd;
string strFileName;
string strFilePath;
string strFolder;
strFolder = Server.MapPath("~/Images/Products/");
strFileName = oFile.PostedFile.FileName;
strFileName = Path.GetFileName(strFileName);
if (strProductName == "")
{
Response.Write("<script>alert('Product name Needed');</script>");
return;
}
if (strProductDescription == "")
{
Response.Write("<script>alert('Description Needed');</script>");
return;
}
if (priceButton.Text == "")
{
Response.Write("<script>alert('Price Needed');</script>");
return;
}
else
{
fltPrice = float.Parse(priceButton.Text);
}
if (stockTextbox.Text == "")
{
Response.Write("<script>alert('Stock needed');</script>");
return;
}
else
{
intStock = int.Parse(stockTextbox.Text);
}
if (oFile.Value != "")
{
// Create the folder if it does not exist.
if (!Directory.Exists(strFolder))
{
Directory.CreateDirectory(strFolder);
}
// Save the uploaded file to the server.
strFilePath = strFolder + strFileName;
oFile.PostedFile.SaveAs(strFilePath);
msgLabel.Text = strFileName + " has been successfully uploaded.";
}
else
{
msgLabel.Text = "Click 'Browse' to select the file to upload.";
return;
}
strSqlCmd = $"Insert into Product(productTitle,ProductDesc,ProductImage,Price,Quantity)" +
$"Values('{strProductName}','{strProductDescription}','{strFileName}','{fltPrice}','{intStock}')";
dbObj.ExecuteNonQuery(strSqlCmd);
string strSel = "Select Max(ProductID) from Product";
productId = int.Parse(dbObj.ExecuteScalar(strSel).ToString());
strSqlCmd = $"Insert into DepartmentProduct(DepartmentId,ProductID) Values({productType},{productId})";
dbObj.ExecuteNonQuery(strSqlCmd);
}
protected void loginButton_Click(object sender, EventArgs e)
{
attemptCounts = attemptCounts + 1;
SqlDataReader dR;
string strPassword;
DatabaseMgmt dbObj = new DatabaseMgmt();
string selStr = $"select passwd, name, ShopperId from SHopper Where email ='{emailTextBox.Text}'";
dR = dbObj.ExecuteSelect(selStr);
if (dR.Read())
{
if (attemptCounts < 3)
{
strPassword = dR["passwd"].ToString();
if (strPassword == pswTextBox.Text)
{
Session["Password"] = strPassword;
Session["Name"] = dR["name"].ToString();
Session["ShopperId"] = dR["ShopperID"].ToString();
Response.Redirect("Home.aspx");
}
else
{
msgLabel.Text = "Email or password incorrect";
}
}
else if (attemptCounts == 3)
{
suggestionHyperLink.Visible = true;
suggestionHyperLink.Text = "Forgot your password?";
if (dR.Read())
{
strPassword = dR["passwd"].ToString();
if (strPassword == pswTextBox.Text)
{
Session["Password"] = strPassword;
Session["Name"] = dR["name"].ToString();
Session["ShopperId"] = dR["ShopperID"].ToString();
Response.Redirect("Home.aspx");
}
else
{
msgLabel.Text = "Email or password incorrect";
}
}
}
else
{
if (attemptCounts == 3)
{
suggestionHyperLink.Visible = true;
suggestionHyperLink.Text = "Forgot your password?";
}
else
{
//timeout
msgLabel.Text = "Reload the Web";
}
}
}
else
{
msgLabel.Text = "Email or password incorrect";
}
dR.Close();
}
protected void Page_Load(object sender, EventArgs e)
{
// Don't allow non-member to purchase a product
if (Session["ShopperID"] == null)
{
Response.Redirect("Login.aspx");
}
int intProductID;
string strProductName;
double dblProductPrice;
int intQuantity;
int intShopCartID;
int intShopperID;
bool flgAddItem;
string strSqlCmd;
// Read product's details from session variables
intProductID = Convert.ToInt32(Session["ProductID"]);
dblProductPrice = Convert.ToDouble(Double.Parse((string)Session["ProductPrice"], System.Globalization.NumberStyles.Currency));
intQuantity = Convert.ToInt32(Session["Quantity"]);
// Replace any single-quote with two single-quote
strProductName = Convert.ToString(Session["ProductName"]);
// Connect to the database
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
//objdbMgmt.Connect();
// Check whether a shopping cart has been created.
if (Session["ShopCartID"] == null)
{
// Create a new shopping cart
//---------------------------
intShopperID = Convert.ToInt32(Session["ShopperID"]);
strSqlCmd = "INSERT INTO ShopCart(ShopperID) VALUES(" + intShopperID + ")";
objdbMgmt.ExecuteNonQuery(strSqlCmd);
// Get the new Shopping Cart ID
strSqlCmd = "SELECT MAX(ShopCartID) AS maxShopCartID " + "FROM ShopCart WHERE ShopperID=" + intShopperID;
// Save the Shopping Cart ID in a session variable
Session["ShopCartID"] = objdbMgmt.ExecuteScalar(strSqlCmd);
// Set AddItem flag to true - to add item to shopping cart.
flgAddItem = true;
}
else
{
// Shopping cart already created
//-------------------------------
intShopCartID = Convert.ToInt32(Session["ShopCartID"]);
// Retrieve selected product from shopping cart.
System.Data.SqlClient.SqlDataReader objDataReader;
strSqlCmd = "SELECT Quantity FROM ShopCartItem WHERE ProductID=" + intProductID + " AND ShopCartID=" + intShopCartID;
objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd);
// Check whether selected item is already in shopping cart.
// If yes, update order quantity instead of adding new item.
if (objDataReader.HasRows)
{
// Close the data reader
objDataReader.Close();
// update quantity of Shop Cart Item
strSqlCmd = "UPDATE ShopCartItem SET Quantity = Quantity + " + intQuantity + " WHERE ProductID =" + intProductID + " AND ShopCartID =" + intShopCartID;
objdbMgmt.ExecuteNonQuery(strSqlCmd);
// Set AddItem flag to false - do not add item to cart
flgAddItem = false;
}
else
{
// Close the data reader
objDataReader.Close();
// Set AddItem flag to true - to add item to cart
flgAddItem = true;
}
}
// If it is a new item, add item into shopping cart.
if (flgAddItem)
{
// Add Shop Cart Item to the database
strSqlCmd = "INSERT INTO ShopCartitem (ShopCartID, Quantity, Price, Name, ProductID)" + " VALUES (" + Session["ShopCartId"] + "," + intQuantity + "," + dblProductPrice + ",'" + strProductName + "'," + intProductID + ")";
objdbMgmt.ExecuteNonQuery(strSqlCmd);
}
objdbMgmt.Close();
// Re-direct to ShopCart page for display of shopping cart
Response.Redirect("ShopCart.aspx");
}
