protected void RegisterButton_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
object returnVal;
string strName, strAddress, strPhone, strPassword, strEmail;
int intShopperID = 0;
strName = nameTextBox.Text;
strAddress = addressTextbox.Text;
strPhone = phoneTextbox.Text;
strEmail = emailTextbox.Text;
strPassword = pswTextBox.Text.Trim();
DatabaseMgmt dbObj = new DatabaseMgmt();
string strSqlCmd;
strSqlCmd = $"select ShopperID from Shopper where Email='{strEmail}'";
if ((returnVal = (object)dbObj.ExecuteScalar(strSqlCmd)) != null)
{
intShopperID = Convert.ToInt32(returnVal);
}
else
{
intShopperID = 0;
}
if (intShopperID == 0)
{
strSqlCmd = $"Insert into Shopper(Name, Address,Phone, Email, Passwd) VALUES ('{strName}','{strAddress}'," +
$"'{strPhone}','{strEmail}','{strPassword}')";
dbObj.ExecuteNonQuery(strSqlCmd);
strSqlCmd = $"select MAX(ShopperID) From Shopper";
if ((returnVal = (object)dbObj.ExecuteScalar(strSqlCmd)) != null)
{
intShopperID = Convert.ToInt32(returnVal);
}
else
{
intShopperID = 0;
}
Session["ShopperID"] = intShopperID;
Session["Name"] = strName;
Session["Address"] = strAddress;
Session["Phone"] = strPhone;
Session["Email"] = strEmail;
Session["ProfileRetrived"] = 1;
msgLabel.Text = "Registration Successful";
}
else
{
msgLabel.Text = "Please select another email to register";
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
string strSqlCmd;
SqlDataReader objDataReader;
if (IsPostBack == false)
{
if (Request.QueryString["search"] == null)
{
Session["LastDeptID"] = Request["DeptID"];
strSqlCmd = "SELECT DeptName, DeptDesc FROM Department WHERE DepartmentID=" + Request.QueryString["DeptID"];
objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd);
// Close the data reader
objDataReader.Close();
strSqlCmd = "SELECT count(p.ProductId) FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE dp.DepartmentID = " +
Request.QueryString["DeptID"];
dgDeptProduct.VirtualItemCount = int.Parse(objdbMgmt.ExecuteScalar(strSqlCmd).ToString());
BindData("SELECT p.ProductID, p.ProductTitle, p.ProductImage, p.Price, p.Quantity FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE dp.DepartmentID = " +
Request.QueryString["DeptID"]);
}
else
{
strSqlCmd = "SELECT count(p.ProductId) FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE p.ProductTitle like '%" +
Request.QueryString["search"] + "%'";
dgDeptProduct.VirtualItemCount = int.Parse(objdbMgmt.ExecuteScalar(strSqlCmd).ToString());
BindData("SELECT p.ProductID, p.ProductTitle,p.ProductImage, p.Price, p.Quantity FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID=p.ProductID" + " WHERE p.ProductTitle like '%" +
Request.QueryString["search"] + "%'");
}
}
}
private void displayShopCart()
{
lblEmptyShopCart.Visible = false;
dgShopCart.Visible = true;
lblSubTotal.Visible = true;
btnUpdateCart.Visible = true;
btnCheckOut.Visible = true;
// Establish a database connection
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
// Get items in the designated shopping cart.
string strSqlCmd;
SqlDataReader objDataReader;
strSqlCmd = "SELECT ShopCartID, ProductID, Name, Price, Quantity, DateAdded, Price * Quantity as Total FROM ShopCartItem WHERE ShopCartID=" + Session["ShopCartId"];
objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd);
// Bind the records to the data list control
dgShopCart.DataSource = objDataReader;
dgShopCart.DataBind();
objDataReader.Close();
// Check for empty shopping cart
if (dgShopCart.Rows.Count == 0)
{
// Call a subroutine to display empty Shopping Cart message
displayEmptyShopCart();
}
else
{
// Calculate the subtotal.
double dblSubTotal;
strSqlCmd = "SELECT SUM(Price * Quantity) as SubTotal FROM ShopCartItem WHERE ShopCartID=" + Session["ShopCartId"];
dblSubTotal = Convert.ToDouble(objdbMgmt.ExecuteScalar(strSqlCmd));
// Display the subtotal.
string strSubTotal = string.Format("{0:c}", dblSubTotal, 2);
lblSubTotal.Text = "Subtotal (before tax and shipping charge): " + strSubTotal;
}
objdbMgmt.Close();
}
protected void sellButton_Click(object sender, EventArgs e)
{
DatabaseMgmt dbObj = new DatabaseMgmt();
SqlDataReader dR;
string strProductName = productNameTextBox.Text;
string strProductDescription = productDescriptionTextBox.Text;
float fltPrice;
int intStock;
int productType = int.Parse(typeDropdown.SelectedValue);
int productId = 0;
string strSqlCmd;
string strFileName;
string strFilePath;
string strFolder;
strFolder = Server.MapPath("~/Images/Products/");
strFileName = oFile.PostedFile.FileName;
strFileName = Path.GetFileName(strFileName);
if (strProductName == "")
{
Response.Write("<script>alert('Product name Needed');</script>");
return;
}
if (strProductDescription == "")
{
Response.Write("<script>alert('Description Needed');</script>");
return;
}
if (priceButton.Text == "")
{
Response.Write("<script>alert('Price Needed');</script>");
return;
}
else
{
fltPrice = float.Parse(priceButton.Text);
}
if (stockTextbox.Text == "")
{
Response.Write("<script>alert('Stock needed');</script>");
return;
}
else
{
intStock = int.Parse(stockTextbox.Text);
}
if (oFile.Value != "")
{
// Create the folder if it does not exist.
if (!Directory.Exists(strFolder))
{
Directory.CreateDirectory(strFolder);
}
// Save the uploaded file to the server.
strFilePath = strFolder + strFileName;
oFile.PostedFile.SaveAs(strFilePath);
msgLabel.Text = strFileName + " has been successfully uploaded.";
}
else
{
msgLabel.Text = "Click 'Browse' to select the file to upload.";
return;
}
strSqlCmd = $"Insert into Product(productTitle,ProductDesc,ProductImage,Price,Quantity)" +
$"Values('{strProductName}','{strProductDescription}','{strFileName}','{fltPrice}','{intStock}')";
dbObj.ExecuteNonQuery(strSqlCmd);
string strSel = "Select Max(ProductID) from Product";
productId = int.Parse(dbObj.ExecuteScalar(strSel).ToString());
strSqlCmd = $"Insert into DepartmentProduct(DepartmentId,ProductID) Values({productType},{productId})";
dbObj.ExecuteNonQuery(strSqlCmd);
}
protected void Page_Load(object sender, EventArgs e)
{
// Don't allow non-member to purchase a product
if (Session["ShopperID"] == null)
{
Response.Redirect("Login.aspx");
}
int intProductID;
string strProductName;
double dblProductPrice;
int intQuantity;
int intShopCartID;
int intShopperID;
bool flgAddItem;
string strSqlCmd;
// Read product's details from session variables
intProductID = Convert.ToInt32(Session["ProductID"]);
dblProductPrice = Convert.ToDouble(Double.Parse((string)Session["ProductPrice"], System.Globalization.NumberStyles.Currency));
intQuantity = Convert.ToInt32(Session["Quantity"]);
// Replace any single-quote with two single-quote
strProductName = Convert.ToString(Session["ProductName"]);
// Connect to the database
DatabaseMgmt objdbMgmt = new DatabaseMgmt();
//objdbMgmt.Connect();
// Check whether a shopping cart has been created.
if (Session["ShopCartID"] == null)
{
// Create a new shopping cart
//---------------------------
intShopperID = Convert.ToInt32(Session["ShopperID"]);
strSqlCmd = "INSERT INTO ShopCart(ShopperID) VALUES(" + intShopperID + ")";
objdbMgmt.ExecuteNonQuery(strSqlCmd);
// Get the new Shopping Cart ID
strSqlCmd = "SELECT MAX(ShopCartID) AS maxShopCartID " + "FROM ShopCart WHERE ShopperID=" + intShopperID;
// Save the Shopping Cart ID in a session variable
Session["ShopCartID"] = objdbMgmt.ExecuteScalar(strSqlCmd);
// Set AddItem flag to true - to add item to shopping cart.
flgAddItem = true;
}
else
{
// Shopping cart already created
//-------------------------------
intShopCartID = Convert.ToInt32(Session["ShopCartID"]);
// Retrieve selected product from shopping cart.
System.Data.SqlClient.SqlDataReader objDataReader;
strSqlCmd = "SELECT Quantity FROM ShopCartItem WHERE ProductID=" + intProductID + " AND ShopCartID=" + intShopCartID;
objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd);
// Check whether selected item is already in shopping cart.
// If yes, update order quantity instead of adding new item.
if (objDataReader.HasRows)
{
// Close the data reader
objDataReader.Close();
// update quantity of Shop Cart Item
strSqlCmd = "UPDATE ShopCartItem SET Quantity = Quantity + " + intQuantity + " WHERE ProductID =" + intProductID + " AND ShopCartID =" + intShopCartID;
objdbMgmt.ExecuteNonQuery(strSqlCmd);
// Set AddItem flag to false - do not add item to cart
flgAddItem = false;
}
else
{
// Close the data reader
objDataReader.Close();
// Set AddItem flag to true - to add item to cart
flgAddItem = true;
}
}
// If it is a new item, add item into shopping cart.
if (flgAddItem)
{
// Add Shop Cart Item to the database
strSqlCmd = "INSERT INTO ShopCartitem (ShopCartID, Quantity, Price, Name, ProductID)" + " VALUES (" + Session["ShopCartId"] + "," + intQuantity + "," + dblProductPrice + ",'" + strProductName + "'," + intProductID + ")";
objdbMgmt.ExecuteNonQuery(strSqlCmd);
}
objdbMgmt.Close();
// Re-direct to ShopCart page for display of shopping cart
Response.Redirect("ShopCart.aspx");
}
