protected void Page_Load(object sender, EventArgs e) { string ime = Request.Form["ime"]; string prezime = Request.Form["prezime"]; string username = Request.Form["username"]; string password = Request.Form["password"]; string password2 = Request.Form["password2"]; string email = Request.Form["email"]; string naredba = "select * FROM Klijent WHERE username='******'"; SqlDataAdapter da = new SqlDataAdapter(naredba, Konekcija.Connect()); DataTable klijent = new DataTable(); da.Fill(klijent); if (klijent.Rows.Count == 0) { //Response.Write("Nema ga"); StringBuilder Naredba = new StringBuilder("INSERT INTO "); Naredba.Append(" KLIJENT ("); Naredba.Append("ime, prezime,username,password,email) "); Naredba.Append($" VALUES ( '{ime}','{prezime}','{username}','{password}','{email}')"); Response.Write(Naredba.ToString()); SqlConnection conn = Konekcija.Connect(); SqlCommand Komanda = new SqlCommand(Naredba.ToString(), conn); conn.Open(); Komanda.ExecuteNonQuery(); conn.Close(); Response.Redirect("Login.aspx"); } else { Response.Write("Ima ga" + klijent.Rows[0][1]); } }
protected void Button1_Click1(object sender, EventArgs e) { string Username = TextBox1.Text; string FRMpass = TextBox2.Text; string naredba = "select * FROM Klijent WHERE Username='******'"; SqlDataAdapter da = new SqlDataAdapter(naredba, Konekcija.Connect()); DataTable Klijent = new DataTable(); da.Fill(Klijent); if (Klijent.Rows.Count == 0) { Response.Write("Nema ga"); } else { string DBpass = Klijent.Rows[0]["Password"].ToString(); if (!FRMpass.Equals(DBpass)) { Response.Write("Los password"); } else { Session["Klijent"] = Username; //Session["tip"] = Klijent.Rows[0]["tip_korisnika"].ToString(); Session["Ime"] = Klijent.Rows[0][3].ToString(); SqlConnection conn = Konekcija.Connect(); //SqlCommand komanda = new SqlCommand("update Klijent set Username where Username = '******'", conn); SqlCommand Komanda = new SqlCommand(naredba.ToString(), conn); conn.Open(); Komanda.ExecuteNonQuery(); conn.Close(); Response.Redirect("Zakazivanje.aspx"); } } }