protected void depositButton_Click(object sender, EventArgs e)
{
//add in money to db
dblValue = double.Parse(valueTextBox.Text);
intShopperID = int.Parse(Session["ShopperID"].ToString());
strSqlCmd = $"Select AccBalanceID,Balance FROM AccountCredit Where AccBalanceID = " + Session["ShopperID"];
objDataReader = dbObj.ExecuteSelect(strSqlCmd);
if (objDataReader.Read())
{
intAccBalanceID = int.Parse(objDataReader["AccBalanceID"].ToString());
dblBalance = double.Parse(objDataReader["Balance"].ToString());
}
objDataReader.Close();
dblBalance = dblBalance + dblValue;
if (intShopperID == intAccBalanceID)
{
strSqlCmd = $"Update AccountCredit Set Balance = {dblBalance} Where AccBalanceID = {intShopperID}";
dbObj.ExecuteNonQuery(strSqlCmd);
msgLabel4.Text = "Deposit Successfully";
//loads balance
strSqlCmd = $"Select Balance FROM AccountCredit Where AccBalanceID = " + Session["ShopperID"];
objDataReader = dbObj.ExecuteSelect(strSqlCmd);
if (objDataReader.Read())
{
dblBalance = Convert.ToDouble(objDataReader["Balance"]);
}
objDataReader.Close();
balanceTextBox.Text = "$" + string.Format(Convert.ToString(dblBalance), "0.00");
}
else
{
strSqlCmd = $"Insert into AccountCredit(Balance, AccBalanceID) VALUES({dblBalance}, {intShopperID})";
dbObj.ExecuteNonQuery(strSqlCmd);
msgLabel4.Text = "Deposit Successfully";
//loads balance
strSqlCmd = $"Select Balance FROM AccountCredit Where AccBalanceID = " + Session["ShopperID"];
objDataReader = dbObj.ExecuteSelect(strSqlCmd);
if (objDataReader.Read())
{
dblBalance = Convert.ToDouble(objDataReader["Balance"]);
}
objDataReader.Close();
balanceTextBox.Text = "$" + string.Format(Convert.ToString(dblBalance), "0.00");
}
}
protected void RegisterButton_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
object returnVal;
string strName, strAddress, strPhone, strPassword, strEmail;
int intShopperID = 0;
strName = nameTextBox.Text;
strAddress = addressTextbox.Text;
strPhone = phoneTextbox.Text;
strEmail = emailTextbox.Text;
strPassword = pswTextBox.Text.Trim();
DatabaseMgmt dbObj = new DatabaseMgmt();
string strSqlCmd;
strSqlCmd = $"select ShopperID from Shopper where Email='{strEmail}'";
if ((returnVal = (object)dbObj.ExecuteScalar(strSqlCmd)) != null)
{
intShopperID = Convert.ToInt32(returnVal);
}
else
{
intShopperID = 0;
}
if (intShopperID == 0)
{
strSqlCmd = $"Insert into Shopper(Name, Address,Phone, Email, Passwd) VALUES ('{strName}','{strAddress}'," +
$"'{strPhone}','{strEmail}','{strPassword}')";
dbObj.ExecuteNonQuery(strSqlCmd);
strSqlCmd = $"select MAX(ShopperID) From Shopper";
if ((returnVal = (object)dbObj.ExecuteScalar(strSqlCmd)) != null)
{
intShopperID = Convert.ToInt32(returnVal);
}
else
{
intShopperID = 0;
}
Session["ShopperID"] = intShopperID;
Session["Name"] = strName;
Session["Address"] = strAddress;
Session["Phone"] = strPhone;
Session["Email"] = strEmail;
Session["ProfileRetrived"] = 1;
msgLabel.Text = "Registration Successful";
}
else
{
msgLabel.Text = "Please select another email to register";
}
}
}
protected void RegisterButton_Click(object sender, EventArgs e)
{
int intQty = 0;
double dblBalance = 0, dblTotalValue = 0, dblPrice = 0;
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
DatabaseMgmt objdbMgmtProduct = new DatabaseMgmt();
DatabaseMgmt objdbMgmtUpdate = new DatabaseMgmt();
DatabaseMgmt objdbAccCredit = new DatabaseMgmt();
SqlDataReader dR, dRProduct, dRBalance;
string strSqlCmd = $"Select productId,price,quantity from shopcartitem where shopcartid = '{Session["ShopCartId"]}'";
dR = objdbMgmt.ExecuteSelect(strSqlCmd);
while (dR.Read())
{
intQty = int.Parse(dR["quantity"].ToString());
dblPrice = double.Parse(dR["price"].ToString());
strSqlCmd = $"Select productid,quantity from product where productid = '{dR["productId"]}'";
dRProduct = objdbMgmtProduct.ExecuteSelect(strSqlCmd);
while (dRProduct.Read())
{
dblTotalValue = dblPrice * intQty;
strSqlCmd = $"Select Balance FROM AccountCredit Where AccBalanceID = " + Session["ShopperID"];
dRBalance = objdbAccCredit.ExecuteSelect(strSqlCmd);
if (dRBalance.Read())
{
dblBalance = double.Parse(dRBalance["Balance"].ToString());
}
dRBalance.Close();
dblBalance = dblBalance - dblTotalValue;
if (dblBalance >= 0)
{
strSqlCmd = $"Update AccountCredit Set Balance = {dblBalance} Where AccBalanceID = " + Session["ShopperID"];
objdbAccCredit.ExecuteNonQuery(strSqlCmd);
int intTmp = int.Parse(dRProduct["quantity"].ToString()) - int.Parse(dR["quantity"].ToString());
strSqlCmd = $"update Product set quantity = {intTmp} where productId = '{dRProduct["productid"]}'";
objdbMgmtUpdate.ExecuteNonQuery(strSqlCmd);
msgLabel.Text = "Your order will be delivered soon";
}
else
{
msgLabel.Text = "Insufficient Funds, please top up your account";
}
}
dRProduct.Close();
Session["ShopCartId"] = null;
Response.AddHeader("REFRESH", "3;URL=Home.aspx");
}
}
protected void EmailContinueButton_Click(object sender, EventArgs e)
{
int temp;
string sqlcmd = $"update shopper set Email = '{emailChangeViewTextBox.Text}' where passwd = '{Session["passwd"]}'";
DatabaseMgmt dbObj = new DatabaseMgmt();
temp = dbObj.ExecuteNonQuery(sqlcmd);
MultiView1.SetActiveView(SuccessView);
}
protected void ChangePasswordPushButton_Click(object sender, EventArgs e)
{
int temp;
string sqlcmd = $"update shopper set passwd = '{ConfirmNewPassword.Text}' where Email = '{Session["email"]}'";
DatabaseMgmt dbObj = new DatabaseMgmt();
temp = dbObj.ExecuteNonQuery(sqlcmd);
MultiView1.SetActiveView(SuccessView);
}
protected void btnUpdateCart_Click(object sender, EventArgs e)
{
// Connect to the database
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
string strSqlCmd;
// Iterate through all rows within shopping cart list
// (i.e. the dgShopCart data grid)
int i;
for (i = 0; i <= dgShopCart.Rows.Count - 1; i++)
{
// Obtain references to row's controls
TextBox txtQuantity;
txtQuantity = (TextBox)dgShopCart.Rows[i].FindControl("txtQty");
// Get the quantity value from textbox
// and convert to integer
int intQuantity;
intQuantity = Convert.ToInt16(txtQuantity.Text);
if (intQuantity <= 0)
{
Response.Write("<script>alert('Invalid quantity');</script>");
return;
}
// Get the ProductId from the first cell
// and convert to integer
int intProductID;
intProductID = Convert.ToInt16(dgShopCart.Rows[i].Cells[0].Text);
strSqlCmd = $"select quantity from Product where productId = {intProductID}";
SqlDataReader dR = objdbMgmt.ExecuteSelect(strSqlCmd);
if (dR.Read())
{
if (intQuantity > int.Parse(dR["quantity"].ToString()))
{
Response.Write("<script>alert('Invalid quantity');</script>");
return;
}
}
objdbMgmt.Close();
// Update quantity order of shopping cart in database
strSqlCmd = "UPDATE ShopCartItem SET Quantity=" + intQuantity + " WHERE ShopCartID=" + Session["ShopCartID"] + " AND ProductId=" + intProductID;
objdbMgmt.Open();
objdbMgmt.ExecuteNonQuery(strSqlCmd);
}
displayShopCart();
objdbMgmt.Close();
}
protected void cardSaveButton_Click(object sender, EventArgs e)
{
strCardName = nameTextBox2.Text;
strCardNumber = cardTextBox.Text;
strExpiryDate = expiryDateTextbox.Text;
strCVC = cvcTextbox.Text;
//getting sessioin ID
strSqlCmd = $"Select ShopperID FROM Shopper Where ShopperID = " + Session["ShopperID"];
objDataReader = dbObj.ExecuteSelect(strSqlCmd);
if (objDataReader.Read())
{
intShopperID = int.Parse(objDataReader["ShopperID"].ToString());
}
objDataReader.Close();
//checking if card is already saved
strSqlCmd = $"Select ManualID FROM CreditCard Where ManualID = " + Session["ShopperID"];
objDataReader = dbObj.ExecuteSelect(strSqlCmd);
if (objDataReader.Read())
{
intManualID = int.Parse(objDataReader["ManualID"].ToString());
}
objDataReader.Close();
if (intShopperID != intManualID)
{
strSqlCmd = $"Insert into CreditCard(NameOnCard, CardNumber, ExpiryDate, CVC, ManualId) VALUES ('{strCardName}','{strCardNumber}'," +
$"'{strExpiryDate}','{strCVC}', {intShopperID})";
dbObj.ExecuteNonQuery(strSqlCmd);
msgLabel3.Text = "Card Successfully Saved";
}
else
{
msgLabel3.Text = "Card Previously Saved";
}
}
protected void Page_Load(object sender, EventArgs e)
{
// Don't allow non-member to purchase a product
if (Session["ShopperID"] == null)
{
Response.Redirect("Login.aspx");
}
int intProductID;
string strProductName;
double dblProductPrice;
int intQuantity;
int intShopCartID;
int intShopperID;
bool flgAddItem;
string strSqlCmd;
// Read product's details from session variables
//intProductID = Convert.ToInt32(Session["ProductID"]);
intProductID = Convert.ToInt32(Request.QueryString["ProductId"]);
dblProductPrice = Convert.ToDouble(Double.Parse((string)Session["ProductPrice"], System.Globalization.NumberStyles.Currency));
intQuantity = Convert.ToInt32(Session["Quantity"]);
// Replace any single-quote with two single-quote
strProductName = Convert.ToString(Session["ProductName"]);
// Connect to the database
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
//objdbMgmt.Connect();
// If it is a new item, add item into shopping cart.
strSqlCmd = $"Delete from ShopCartItem where productId ='{intProductID}'";
objdbMgmt.ExecuteNonQuery(strSqlCmd);
objdbMgmt.Close();
// Re-direct to ShopCart page for display of shopping cart
Response.Redirect("ShopCart.aspx");
}
protected void Update_Click(object sender, EventArgs e)
{
int temp;
string sqlcmd = $"update shopper set address = '{addressTextbox.Text}', email = '{emailTextbox.Text}', passwd = '{pswTextBox.Text}', phone = '{phoneTextBox.Text}' where shopperid = '{Session["ShopperId"]}'";
DatabaseMgmt dbObj = new DatabaseMgmt();
temp = dbObj.ExecuteNonQuery(sqlcmd);
//Read the Database.
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
SqlDataReader dR;
objdbMgmt.Connect();
string strSqlCmd;
strSqlCmd = $"select address,email,phone, passwd from Shopper where ShopperID='{Session["ShopperId"]}'";
dR = dbObj.ExecuteSelect(strSqlCmd);
NameLabel.Text = (string)Session["Name"];
if (dR.Read())
{
AddressLabel.Text = dR["address"].ToString();
EmailLabel.Text = dR["email"].ToString();
PhoneLabel.Text = dR["phone"].ToString();
}
int other;
string sqlcommands = $"Insert into shopper (DisplayName) VALUES ('{displaynameTextBox.Text}')" + $"Select DisplayName from ShopperID where ShopperID = '{Session["ShopperID"]}'";
if (displayNameCheckBox.Checked == true)
{
DatabaseMgmt db = new DatabaseMgmt();
other = db.ExecuteNonQuery(sqlcommands);
objdbMgmt.Connect();
string strSqlCmds;
strSqlCmds = $"select DisplayName from Shopper where ShopperID='{Session["ShopperId"]}'";
dR = db.ExecuteSelect(strSqlCmds);
if (dR.Read())
{
displayNameLabel.Text = dR["DisplayName"].ToString();
}
}
else
{
displayNameLabel.Text = "Unused";
}
msgLabel.Text = "Updated Information!";
NameLabel.Visible = true;
PasswordLabel.Visible = true;
AddressLabel.Visible = true;
EmailLabel.Visible = true;
PhoneLabel.Visible = true;
nameTextBox.Visible = false;
pswTextBox.Visible = false;
addressTextbox.Visible = false;
emailTextbox.Visible = false;
phoneTextBox.Visible = false;
if (displaynameTextBox.Visible == true)
{
displaynameTextBox.Visible = false;
}
ConfirmButton.Visible = false;
backButton.Visible = false;
EditButton.Visible = true;
}
protected void sellButton_Click(object sender, EventArgs e)
{
DatabaseMgmt dbObj = new DatabaseMgmt();
SqlDataReader dR;
string strProductName = productNameTextBox.Text;
string strProductDescription = productDescriptionTextBox.Text;
float fltPrice;
int intStock;
int productType = int.Parse(typeDropdown.SelectedValue);
int productId = 0;
string strSqlCmd;
string strFileName;
string strFilePath;
string strFolder;
strFolder = Server.MapPath("~/Images/Products/");
strFileName = oFile.PostedFile.FileName;
strFileName = Path.GetFileName(strFileName);
if (strProductName == "")
{
Response.Write("<script>alert('Product name Needed');</script>");
return;
}
if (strProductDescription == "")
{
Response.Write("<script>alert('Description Needed');</script>");
return;
}
if (priceButton.Text == "")
{
Response.Write("<script>alert('Price Needed');</script>");
return;
}
else
{
fltPrice = float.Parse(priceButton.Text);
}
if (stockTextbox.Text == "")
{
Response.Write("<script>alert('Stock needed');</script>");
return;
}
else
{
intStock = int.Parse(stockTextbox.Text);
}
if (oFile.Value != "")
{
// Create the folder if it does not exist.
if (!Directory.Exists(strFolder))
{
Directory.CreateDirectory(strFolder);
}
// Save the uploaded file to the server.
strFilePath = strFolder + strFileName;
oFile.PostedFile.SaveAs(strFilePath);
msgLabel.Text = strFileName + " has been successfully uploaded.";
}
else
{
msgLabel.Text = "Click 'Browse' to select the file to upload.";
return;
}
strSqlCmd = $"Insert into Product(productTitle,ProductDesc,ProductImage,Price,Quantity)" +
$"Values('{strProductName}','{strProductDescription}','{strFileName}','{fltPrice}','{intStock}')";
dbObj.ExecuteNonQuery(strSqlCmd);
string strSel = "Select Max(ProductID) from Product";
productId = int.Parse(dbObj.ExecuteScalar(strSel).ToString());
strSqlCmd = $"Insert into DepartmentProduct(DepartmentId,ProductID) Values({productType},{productId})";
dbObj.ExecuteNonQuery(strSqlCmd);
}
protected void Page_Load(object sender, EventArgs e)
{
// Don't allow non-member to purchase a product
if (Session["ShopperID"] == null)
{
Response.Redirect("Login.aspx");
}
int intProductID;
string strProductName;
double dblProductPrice;
int intQuantity;
int intShopCartID;
int intShopperID;
bool flgAddItem;
string strSqlCmd;
// Read product's details from session variables
intProductID = Convert.ToInt32(Session["ProductID"]);
dblProductPrice = Convert.ToDouble(Double.Parse((string)Session["ProductPrice"], System.Globalization.NumberStyles.Currency));
intQuantity = Convert.ToInt32(Session["Quantity"]);
// Replace any single-quote with two single-quote
strProductName = Convert.ToString(Session["ProductName"]);
// Connect to the database
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
//objdbMgmt.Connect();
// Check whether a shopping cart has been created.
if (Session["ShopCartID"] == null)
{
// Create a new shopping cart
//---------------------------
intShopperID = Convert.ToInt32(Session["ShopperID"]);
strSqlCmd = "INSERT INTO ShopCart(ShopperID) VALUES(" + intShopperID + ")";
objdbMgmt.ExecuteNonQuery(strSqlCmd);
// Get the new Shopping Cart ID
strSqlCmd = "SELECT MAX(ShopCartID) AS maxShopCartID " + "FROM ShopCart WHERE ShopperID=" + intShopperID;
// Save the Shopping Cart ID in a session variable
Session["ShopCartID"] = objdbMgmt.ExecuteScalar(strSqlCmd);
// Set AddItem flag to true - to add item to shopping cart.
flgAddItem = true;
}
else
{
// Shopping cart already created
//-------------------------------
intShopCartID = Convert.ToInt32(Session["ShopCartID"]);
// Retrieve selected product from shopping cart.
System.Data.SqlClient.SqlDataReader objDataReader;
strSqlCmd = "SELECT Quantity FROM ShopCartItem WHERE ProductID=" + intProductID + " AND ShopCartID=" + intShopCartID;
objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd);
// Check whether selected item is already in shopping cart.
// If yes, update order quantity instead of adding new item.
if (objDataReader.HasRows)
{
// Close the data reader
objDataReader.Close();
// update quantity of Shop Cart Item
strSqlCmd = "UPDATE ShopCartItem SET Quantity = Quantity + " + intQuantity + " WHERE ProductID =" + intProductID + " AND ShopCartID =" + intShopCartID;
objdbMgmt.ExecuteNonQuery(strSqlCmd);
// Set AddItem flag to false - do not add item to cart
flgAddItem = false;
}
else
{
// Close the data reader
objDataReader.Close();
// Set AddItem flag to true - to add item to cart
flgAddItem = true;
}
}
// If it is a new item, add item into shopping cart.
if (flgAddItem)
{
// Add Shop Cart Item to the database
strSqlCmd = "INSERT INTO ShopCartitem (ShopCartID, Quantity, Price, Name, ProductID)" + " VALUES (" + Session["ShopCartId"] + "," + intQuantity + "," + dblProductPrice + ",'" + strProductName + "'," + intProductID + ")";
objdbMgmt.ExecuteNonQuery(strSqlCmd);
}
objdbMgmt.Close();
// Re-direct to ShopCart page for display of shopping cart
Response.Redirect("ShopCart.aspx");
}