protected void Button13_Click(object sender, EventArgs e)
{
try
{
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
string labid = Session["lab_id"].ToString();
dw.SetCommand("UPDATE Labreport SET Medical_officer=@moff, Patient_ID=@pid, Issue_date=@isd, Issue_month=@ism, Issue_year=@isy, Report_type=@rtype WHERE Lab_report_ID='" + labid + "'");
//dw.SetSqlCommandParameters("lid", labid);
dw.SetSqlCommandParameters("moff", DropDownList13.SelectedValue);
dw.SetSqlCommandParameters("pid", ApptP_ID);
dw.SetSqlCommandParameters("isd", DropDownList14.SelectedValue);
dw.SetSqlCommandParameters("ism", DropDownList15.SelectedValue);
dw.SetSqlCommandParameters("isy", DropDownList16.SelectedValue);
dw.SetSqlCommandParameters("rtype", "Urine");
dw.Update();
dw.SetCommand("UPDATE Urinereport SET Glucose=@Glucose, Protein=@Protein, Crystal=@Crystal, Acidity=@Acidity, Other=@Other WHERE Lab_report_ID='" + labid + "'");
dw.SetSqlCommandParameters("Glucose", TextBox16.Text.Trim());
dw.SetSqlCommandParameters("Protein", TextBox17.Text.Trim());
dw.SetSqlCommandParameters("Crystal", TextBox18.Text.Trim());
dw.SetSqlCommandParameters("Acidity", TextBox20.Text.Trim());
dw.SetSqlCommandParameters("Other", TextBox23.Text.Trim());
dw.Update();
Response.Redirect("~/User/Doctor/Dashboard.aspx");
}
catch
{
}
}
protected void Button11_Click(object sender, EventArgs e)
{
try
{
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
string labid = Session["lab_id"].ToString();
dw.SetCommand("UPDATE Labreport SET Medical_officer=@moff, Patient_ID=@pid, Issue_date=@isd, Issue_month=@ism, Issue_year=@isy, Report_type=@rtype WHERE Lab_report_ID='" + labid + "'");
//dw.SetSqlCommandParameters("lid", labid);
dw.SetSqlCommandParameters("moff", DropDownList7.SelectedValue);
dw.SetSqlCommandParameters("pid", ApptP_ID);
dw.SetSqlCommandParameters("isd", DropDownList10.SelectedValue);
dw.SetSqlCommandParameters("ism", DropDownList11.SelectedValue);
dw.SetSqlCommandParameters("isy", DropDownList12.SelectedValue);
dw.SetSqlCommandParameters("rtype", "Cholestrol");
dw.Update();
dw.SetCommand("UPDATE Colestoroll SET LDL=@LDL, HDL=@HDL, Triglicerides=@Triglicerides, VLDL_Cholesterol=@VLDL_Cholesterol, Total_Cholesterol=@Total_Cholesterol, Other=@Other WHERE Lab_report_ID='" + labid + "'");
dw.SetSqlCommandParameters("LDL", TextBox9.Text.Trim());
dw.SetSqlCommandParameters("HDL", TextBox10.Text.Trim());
dw.SetSqlCommandParameters("Triglicerides", TextBox11.Text.Trim());
dw.SetSqlCommandParameters("VLDL_Cholesterol", TextBox12.Text.Trim());
dw.SetSqlCommandParameters("Total_Cholesterol", TextBox13.Text.Trim());
dw.SetSqlCommandParameters("Other", TextBox19.Text.Trim());
dw.Update();
Response.Redirect("~/User/Doctor/Dashboard.aspx");
}
catch
{
}
}
protected void Button6_Click(object sender, EventArgs e)
{
try
{
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
string labid = Session["lab_id"].ToString();
dw.SetCommand("UPDATE Labreport SET Medical_officer=@moff, Patient_ID=@pid, Issue_date=@isd, Issue_month=@ism, Issue_year=@isy, Report_type=@rtype WHERE Lab_report_ID='" + labid + "'");
//dw.SetSqlCommandParameters("lid", labid);
dw.SetSqlCommandParameters("moff", DropDownList1.SelectedValue);
dw.SetSqlCommandParameters("pid", ApptP_ID);
dw.SetSqlCommandParameters("isd", DropDownList3.SelectedValue);
dw.SetSqlCommandParameters("ism", DropDownList4.SelectedValue);
dw.SetSqlCommandParameters("isy", DropDownList6.SelectedValue);
dw.SetSqlCommandParameters("rtype", "Blood");
dw.Update();
dw.SetCommand("UPDATE Bloodreport SET Red_blood_cells=@redbcell, White_blood_cells=@whitebcell, Glucose=@glu, Blood_type=@btype, Hemoglobin=@hemog, Platelets=@plate, Other=@other WHERE Lab_report_ID='" + labid + "'");
dw.SetSqlCommandParameters("redbcell", TextBox2.Text.Trim());
dw.SetSqlCommandParameters("whitebcell", TextBox3.Text.Trim());
dw.SetSqlCommandParameters("glu", TextBox5.Text.Trim());
dw.SetSqlCommandParameters("btype", TextBox24.Text.Trim());
dw.SetSqlCommandParameters("hemog", TextBox6.Text.Trim());
dw.SetSqlCommandParameters("plate", TextBox8.Text.Trim());
dw.SetSqlCommandParameters("other", TextBox7.Text.Trim());
dw.Update();
Response.Redirect("~/User/Doctor/Dashboard.aspx");
}
catch
{
}
}
protected void Button16_Click(object sender, EventArgs e)
{
try
{
DateTime date = DateTime.Now;
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
dw.SetCommand("SELECT MAX(Prescription_ID) FROM Prescription");
int preid = Convert.ToInt32(dw.GetSingleData()) + 1;
dw.SetCommand("INSERT INTO Prescription(Prescription_ID,Medical_officer,Issue_date,Issue_month,Issue_year,Medicine,Dosage,Notes,Patient_ID,date) VALUES(@Prescription_ID,@Medical_officer,@Issue_date,@Issue_month,@Issue_year,@Medicine,@Dosage,@Notes,@Patient_ID,@date)");
dw.SetSqlCommandParameters("Prescription_ID", preid);
dw.SetSqlCommandParameters("Medical_officer", DropDownList17.SelectedValue);
dw.SetSqlCommandParameters("Issue_date", DropDownList18.SelectedValue);
dw.SetSqlCommandParameters("Issue_month", DropDownList19.SelectedValue);
dw.SetSqlCommandParameters("Issue_year", DropDownList20.SelectedValue);
dw.SetSqlCommandParameters("Medicine", DropDownList21.SelectedValue.Trim());
dw.SetSqlCommandParameters("Dosage", TextBox22.Text.Trim());
dw.SetSqlCommandParameters("Notes", TextBox27.Text.Trim());
dw.SetSqlCommandParameters("Patient_ID", ApptP_ID);
dw.SetSqlCommandParameters("date", date);
dw.Insert();
DropDownList21.SelectedIndex = 0;
TextBox22.Text = "";
TextBox27.Text = "";
this.Button14_ModalPopupExtender.Show();
}
catch
{
}
}
protected void btnSearch_Click(object sender, EventArgs e)
{
select = selection1;
select1 = selection2;
if (select == 1 && select1 != 2)
{
dw.SetCommand("SELECT COUNT(Doctor_ID) FROM Doctor WHERE Last_name = @lname");
dw.SetSqlCommandParameters("lname", drpDoctor.SelectedItem.ToString());
count = Convert.ToInt32(dw.GetSingleData());
dw.SetCommand("SELECT Doctor_ID FROM Doctor WHERE Last_name = @lname");
dw.SetSqlCommandParameters("lname", drpDoctor.SelectedItem.ToString());
docid = dw.GetSingleData().ToString().Trim();
if (count == 1)
{
Session["docid"] = docid;
// Session["Docname"] = drpDoctor.SelectedItem.ToString();
// Session["specializedarea"] = drpSpecialization.SelectedItem.ToString();
Response.Redirect("~/DocSearch.aspx");
}
else
{
Response.Write("<script language=javascript>alert('THAT DOCTOR IS NOT AVAILABLE')</script>");
}
}
if (select != 1 && select1 == 2)
{
dw.SetCommand("SELECT COUNT(Doctor_ID) FROM Doctor WHERE Specialized_area = @sarea");
dw.SetSqlCommandParameters("sarea", drpSpecialization.SelectedItem.ToString());
count = Convert.ToInt32(dw.GetSingleData());
dw.SetCommand("SELECT Doctor_ID FROM Doctor WHERE Specialized_area = @sarea");
dw.SetSqlCommandParameters("sarea", drpSpecialization.SelectedItem.ToString());
docid = dw.GetSingleData().ToString().Trim();
//if (count == 1)
//{
Session["specarea"] = drpSpecialization.SelectedItem.Text.Trim();
// Session["docid"] = docid;
// Session["Docname"] = drpDoctor.SelectedItem.ToString();
Response.Redirect("~/SpecSearch.aspx");
//}
//else
//{
// Response.Redirect("~/Default.aspx");
//}
}
else
{
Response.Redirect("~/Default.aspx");
}
}
protected void btnPP_Click(object sender, EventArgs e)
{
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
dw.SetDataAdapter(@"SELECT * FROM Admin WHERE User_ID='" + uid + "' ");
DataTable dt = dw.GetDataTable();
if (dw != null)
{
try
{
//dw.SetCommand(@"UPDATE Admin SET Working_hospital=@Working_hospital,Trained_area=@Trained_area,Salary=@Salary,First_name=@First_name,Last_name=@Last_name where User_ID='" + uid + "' ");
dw.SetCommand(@"UPDATE Admin SET Working_hospital=@Working_hospital,Salary=@Salary,First_name=@First_name,Last_name=@Last_name where User_ID='" + uid + "' ");
dw.SetSqlCommandParameters("@Working_hospital", DropDownList13.SelectedValue.Trim());
//dw.SetSqlCommandParameters("@Trained_area", DropDownList12.SelectedValue.Trim());
dw.SetSqlCommandParameters("@Salary", TextBox14.Text.Trim());
dw.SetSqlCommandParameters("@First_name", TextBox1.Text.Trim());
dw.SetSqlCommandParameters("@Last_name", TextBox2.Text.Trim());
dw.Update();
dw.SetCommand(@"UPDATE namal SET Title=@Title,Gender=@Gender,DOBy=@DOBy,DOBd=@DOBd,DOBm=@DOBm,NIC=@NIC,PassportN=@PassportN where User_ID='" + uid + "' ");
dw.SetSqlCommandParameters("@Title", DropDownList1.SelectedIndex);
dw.SetSqlCommandParameters("@Gender", DropDownList11.SelectedValue.Trim());
dw.SetSqlCommandParameters("@DOBy", DropDownList5.SelectedValue.Trim());
dw.SetSqlCommandParameters("@DOBd", DropDownList3.SelectedValue.Trim());
dw.SetSqlCommandParameters("@DOBm", DropDownList4.SelectedValue.Trim());
dw.SetSqlCommandParameters("@NIC", TextBox3.Text.Trim());
dw.SetSqlCommandParameters("@PassportN", TextBox4.Text.Trim());
dw.Update();
Response.Write("<script language=javascript>alert('Update Success!')</script>");
}
catch (Exception)
{
Response.Write("<script language=javascript>alert('Updation Failed!')</script>");
}
}
else
{
Response.Write("<script language=javascript>alert('No Records Found!')</script>");
}
}
protected void btnSearchNurse_Click(object sender, EventArgs e)
{
//string uid;
//string pid;
string aaaa = txtSearchNurse.Text.Trim();
try
{
dw.SetCommand("SELECT User_ID FROM namal WHERE NIC = @nic");
dw.SetSqlCommandParameters("nic", txtSearchNurse.Text.Trim());
uid = dw.GetSingleData().ToString().Trim();
}
catch { }
try
{
dw.SetCommand("SELECT Patient_ID FROM Patient WHERE User_ID = @uid");
dw.SetSqlCommandParameters("uid", uid);
pid = dw.GetSingleData().Trim();
}
catch { }
if (pid == "0")
{
dw.SetCommand("SELECT Patient_ID FROM Patient WHERE User_ID = @uid");
dw.SetSqlCommandParameters("uid", txtSearchNurse.Text.Trim());
pid = dw.GetSingleData().Trim();
if (pid == "0")
{
Response.Write("<script language=javascript>alert('THERE IS NO ANY PATIENT RELATED TO THIS NUMBER')</script>");
}
else
{
Session["ApptPat_ID"] = pid;
Response.Redirect("~/User/Admin/Dashboard.aspx");
}
}
else
{
Session["ApptPat_ID"] = pid;
Response.Redirect("~/User/Admin/Dashboard.aspx");
}
}
protected void Button10_Click1(object sender, EventArgs e)
{
try
{
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
dw.SetCommand("SELECT MAX(Lab_report_ID) FROM Labreport");
int labid = Convert.ToInt32(dw.GetSingleData()) + 1;
dw.SetCommand("SELECT MAX(Colestoroll_ID) FROM Colestoroll");
int cholid = Convert.ToInt32(dw.GetSingleData()) + 1;
dw.SetCommand("INSERT INTO Labreport(Lab_report_ID,Medical_officer,Patient_ID ,Issue_date,Issue_month,Issue_year,Report_type) VALUES(@lid,@moff,@pid,@isd,@ism,@isy,@rtype)");
dw.SetSqlCommandParameters("lid", labid);
dw.SetSqlCommandParameters("moff", DropDownList7.SelectedValue);
dw.SetSqlCommandParameters("pid", ApptP_ID);
dw.SetSqlCommandParameters("isd", DropDownList10.SelectedValue);
dw.SetSqlCommandParameters("ism", DropDownList11.SelectedValue);
dw.SetSqlCommandParameters("isy", DropDownList12.SelectedValue);
dw.SetSqlCommandParameters("rtype", "Cholestrol");
dw.Insert();
dw.SetCommand("INSERT INTO Colestoroll(Lab_report_ID ,Colestoroll_ID,LDL,HDL,Triglicerides,VLDL_Cholesterol,Total_Cholesterol,Pat_ID,Other) VALUES(@Lab_report_ID,@Colestoroll_ID,@LDL,@HDL ,@Triglicerides,@VLDL_Cholesterol,@Total_Cholesterol,@Pat_ID,@Other)");
dw.SetSqlCommandParameters("Lab_report_ID", labid);
dw.SetSqlCommandParameters("Colestoroll_ID", cholid);
dw.SetSqlCommandParameters("LDL", TextBox9.Text.Trim());
dw.SetSqlCommandParameters("HDL", TextBox10.Text.Trim());
dw.SetSqlCommandParameters("Triglicerides", TextBox11.Text.Trim());
dw.SetSqlCommandParameters("VLDL_Cholesterol", TextBox12.Text.Trim());
dw.SetSqlCommandParameters("Total_Cholesterol", TextBox13.Text.Trim());
dw.SetSqlCommandParameters("Pat_ID", TextBox4.Text.Trim());
dw.SetSqlCommandParameters("Other", TextBox19.Text.Trim());
dw.Insert();
Response.Redirect("~/User/Doctor/Dashboard.aspx");
}
catch
{
}
}
protected void Button10_Click(object sender, EventArgs e)
{
try
{
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
dw.SetCommand("SELECT MAX(Lab_report_ID) FROM Labreport");
int labid = Convert.ToInt32(dw.GetSingleData()) + 1;
dw.SetCommand("SELECT MAX(Blood_report_ID) FROM Bloodreport");
int bloodrepid = Convert.ToInt32(dw.GetSingleData()) + 1;
dw.SetCommand("INSERT INTO Labreport(Lab_report_ID,Medical_officer,Patient_ID ,Issue_date,Issue_month,Issue_year,Report_type) VALUES(@lid,@moff,@pid,@isd,@ism,@isy,@rtype)");
dw.SetSqlCommandParameters("lid", labid);
dw.SetSqlCommandParameters("moff", DropDownList1.SelectedValue);
dw.SetSqlCommandParameters("pid", ApptP_ID);
dw.SetSqlCommandParameters("isd", DropDownList3.SelectedValue);
dw.SetSqlCommandParameters("ism", DropDownList4.SelectedValue);
dw.SetSqlCommandParameters("isy", DropDownList6.SelectedValue);
dw.SetSqlCommandParameters("rtype", "Blood");
dw.Insert();
dw.SetCommand("INSERT INTO Bloodreport(Blood_report_ID ,Lab_report_ID,Red_blood_cells,White_blood_cells,Glucose,Blood_type,Hemoglobin,Platelets,Other) VALUES(@bid,@lid,@redbcell,@whitebcell ,@glu,@btype,@hemog,@plate,@other)");
dw.SetSqlCommandParameters("bid", bloodrepid);
dw.SetSqlCommandParameters("lid", labid);
dw.SetSqlCommandParameters("redbcell", TextBox2.Text.Trim());
dw.SetSqlCommandParameters("whitebcell", TextBox3.Text.Trim());
dw.SetSqlCommandParameters("glu", TextBox5.Text.Trim());
dw.SetSqlCommandParameters("btype", TextBox24.Text.Trim());
dw.SetSqlCommandParameters("hemog", TextBox6.Text.Trim());
dw.SetSqlCommandParameters("plate", TextBox8.Text.Trim());
dw.SetSqlCommandParameters("other", TextBox7.Text.Trim());
dw.Insert();
Response.Redirect("~/User/Doctor/Dashboard.aspx");
}
catch {
}
}
protected void Button12_Click(object sender, EventArgs e)
{
try
{
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
dw.SetCommand("SELECT MAX(Lab_report_ID) FROM Labreport");
int labid = Convert.ToInt32(dw.GetSingleData()) + 1;
dw.SetCommand("SELECT MAX(Urine_report_ID) FROM Urinereport");
int urid = Convert.ToInt32(dw.GetSingleData()) + 1;
dw.SetCommand("INSERT INTO Labreport(Lab_report_ID,Medical_officer,Patient_ID ,Issue_date,Issue_month,Issue_year,Report_type) VALUES(@lid,@moff,@pid,@isd,@ism,@isy,@rtype)");
dw.SetSqlCommandParameters("lid", labid);
dw.SetSqlCommandParameters("moff", DropDownList13.SelectedValue);
dw.SetSqlCommandParameters("pid", ApptP_ID);
dw.SetSqlCommandParameters("isd", DropDownList14.SelectedValue);
dw.SetSqlCommandParameters("ism", DropDownList15.SelectedValue);
dw.SetSqlCommandParameters("isy", DropDownList16.SelectedValue);
dw.SetSqlCommandParameters("rtype", "Urine");
dw.Insert();
dw.SetCommand("INSERT INTO Urinereport(Urine_report_ID ,Lab_report_ID,Glucose,Protein,Crystal,Acidity,Pat_ID,Other) VALUES(@Urine_report_ID,@Lab_report_ID,@Glucose,@Protein,@Crystal,@Acidity,@Pat_ID,@Other)");
dw.SetSqlCommandParameters("Urine_report_ID", urid);
dw.SetSqlCommandParameters("Lab_report_ID", labid);
dw.SetSqlCommandParameters("Glucose", TextBox16.Text.Trim());
dw.SetSqlCommandParameters("Protein", TextBox17.Text.Trim());
dw.SetSqlCommandParameters("Crystal", TextBox18.Text.Trim());
dw.SetSqlCommandParameters("Acidity", TextBox20.Text.Trim());
dw.SetSqlCommandParameters("Pat_ID", TextBox15.Text.Trim());
dw.SetSqlCommandParameters("Other", TextBox13.Text.Trim());
dw.Insert();
Response.Redirect("~/User/Doctor/Dashboard.aspx");
}
catch
{
}
}
protected void Button3_Click1(object sender, EventArgs e)
{
dw.SetCommand("UPDATE namal SET Mobile_number = @mob, Home_telephone_number = @home, office_number = @onu, Address = @address, Country = @country , Province = @province, ZIPcode = @zip WHERE User_ID = @uid");
// dw.SetCommand("UPDATE namal SET Mobile_number = @mob WHERE User_ID = @uid");
dw.SetSqlCommandParameters("uid", ApptU_ID);
dw.SetSqlCommandParameters("mob", txtmobile.Text.Trim());
dw.SetSqlCommandParameters("home", txthome.Text.Trim());
dw.SetSqlCommandParameters("onu", txtoffice.Text.Trim());
dw.SetSqlCommandParameters("address", txtaddress.Text.Trim());
dw.SetSqlCommandParameters("country", ddlcountry.SelectedIndex.ToString().Trim());
dw.SetSqlCommandParameters("province", ddlprovince.SelectedIndex.ToString().Trim());
dw.SetSqlCommandParameters("zip", txtzip.Text.Trim());
dw.Update();
dw.SetCommand("UPDATE Family SET Contact_number = @con, Name = @name WHERE Patient_ID = @pid");
dw.SetSqlCommandParameters("con", txtemergencycontact.Text.Trim());
dw.SetSqlCommandParameters("name", txtemergencyname.Text.Trim());
dw.SetSqlCommandParameters("pid", ApptP_ID);
dw.Update();
}
protected void GridView1_SelectedIndexChanged(object sender, EventArgs e)
{
string fname = GridView1.SelectedRow.Cells[0].Text.Trim();
string working = GridView1.SelectedRow.Cells[1].Text.Trim();
dw.SetCommand("select Doctor_ID FROM Doctor WHERE First_name = @fname AND Working_hospital = @working AND Specialized_area = @specarea");
dw.SetSqlCommandParameters("fname", fname);
dw.SetSqlCommandParameters("Working", working);
dw.SetSqlCommandParameters("specarea", specarea);
string docid = dw.GetSingleData();
//string docid = Session["docid"].ToString().Trim();
Session["docid"] = docid;
Response.Redirect("~/DocSearch.aspx");
}
protected void Button2_Click1(object sender, EventArgs e)
{
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
dw.SetCommand(@"UPDATE namal SET Mobile_number=@Mobile_number,Home_telephone_number=@Home_telephone_number,office_number=@office_number,Address=@Address,Country=@Country,Province=@Province,ZIPcode=@ZIPcode,EmName=@EmName,EmConMob=@EmConMob where User_ID='" + uid + "' ");
dw.SetSqlCommandParameters("@Mobile_number", TextBox7.Text.Trim());
dw.SetSqlCommandParameters("@Home_telephone_number", TextBox8.Text.Trim());
dw.SetSqlCommandParameters("@office_number", TextBox9.Text.Trim());
dw.SetSqlCommandParameters("@Address", TextBox10.Text.Trim());
dw.SetSqlCommandParameters("@Country", DropDownList7.SelectedIndex);
dw.SetSqlCommandParameters("@Province", DropDownList6.SelectedIndex);
dw.SetSqlCommandParameters("@ZIPcode", TextBox11.Text.Trim());
dw.SetSqlCommandParameters("@EmName", TextBox12.Text.Trim());
dw.SetSqlCommandParameters("@EmConMob", TextBox13.Text.Trim());
dw.Update();
}
protected void btnlogin_Click(object sender, EventArgs e)
{
//Email Start......................................................
dw.SetCommand(@"SELECT COUNT(User_ID) FROM namal WHERE User_name = @uname and E_mail = @email and NIC = @nic");
dw.SetSqlCommandParameters("uname", txtuname.Text.Trim());
dw.SetSqlCommandParameters("email", txtemail.Text.Trim());
dw.SetSqlCommandParameters("nic", txtnic.Text.Trim());
int count = Convert.ToInt32(dw.GetSingleData());
if (count == 1)
{
string email = txtemail.Text.Trim();
dw.SetCommand("SELECT Password FROM namal WHERE User_name = @uname and E_mail = @email and NIC = @nic");
dw.SetSqlCommandParameters("uname", txtuname.Text.Trim());
dw.SetSqlCommandParameters("email", txtemail.Text.Trim());
dw.SetSqlCommandParameters("nic", txtnic.Text.Trim());
string pass = dw.GetSingleData().Trim();
MailMessage mm = new MailMessage("*****@*****.**", email); //(your gmail,receiver gmail)
mm.Subject = "KDU CMS | Password Reminder!"; //Subject
mm.Body = "<b>" + "Dear " + txtuname.Text.Trim() + "," + "</b> <br>" + "Your password has been retrieved by KDU Online Channelling and Management System." + "<br> <br>" + "<table>" + "<tr>" + "<td>" + "Your Recorded Password " + "</td>" + "<td>" + "<b>" + pass + "</b>" + "</td>" + "</tr>" + "</table>" + "<br> <br>" + "<i>" + "Important! Keep your password in a secure place. After remembering your password, permanantly delete this email for your account's safty." + "</i>" + "<br> <br>" + "<table>" + "<tr>" + "<td>" + "<img src=\"https://preview.ibb.co/kaGrEf/logo.png\" width=\"50px\">" + " " + "</td>" + "<td>" + "<b>" + "KDU Channeling Center," + "<br>" + "General Sir John Kotelawala Defence University," + "<br>" + "Southern Campus," + "<br>" + "Sooriyawewa." + "<br>" + "+94718810575" + "</b>" + "</td>" + "</tr>" + "</table>"; //Message
//+"<table>"+
// "<tr>"+
// "<td>" + "Your Channel Number " + "</td>" +
// "<td>" + "<b>" + channelno + "</b>" + "</td>" +
// "</tr>"+
// "<tr>" +
// "<td>" + "Your Reserved Date " + "</td>" +
// "<td>" + "<b>" + TextBox3.Text.Trim() + "</b>" + "</td>" +
// "</tr>" +
// "<tr>" +
// "<td>" + "Doctor " + "</td>" +
// "<td>" + "<b>" + TextBox2.Text.Trim() + "</b>" + "</td>" +
// "</tr>" +
// "<tr>" +
// "<td>" + "Specialization " +"</td>" +
// "<td>" + "<b>" + TextBox4.Text.Trim() + "</b>" + "</td>" +
// "</tr>" +
//"</table>"+
//+"<table>" +
// "<tr>" +
// "<td>" + "<img src=\"https://preview.ibb.co/kaGrEf/logo.png\" width=\"50px\">" + " " + "</td>" +
// "<td>" + "<b>" + "KDU Channeling Center,"+"<br>"+"General Sir John Kotelawala Defence University,"+"<br>"+"Southern Campus,"+"<br>"+"Sooriyawewa."+"<br>"+"+94718810575"+"</b>" + "</td>" +
// "</tr>" +
//"</table>" +
mm.IsBodyHtml = true;
SmtpClient smtp = new SmtpClient();
smtp.Host = "smtp.gmail.com";
smtp.EnableSsl = true;
NetworkCredential networkcred = new NetworkCredential("*****@*****.**", "KDU123cms");//(your gmail & gmail password)
smtp.UseDefaultCredentials = true;
smtp.Credentials = networkcred;
smtp.Port = 587;
smtp.Send(mm);
//Response.Write("<script language=javascript>alert('BOOKING SUCCESSFULL! CHECK YOUR EMAILS!')</script>");
Response.Redirect("~/Account/Login.aspx");
}
else
{
Response.Write("<script language=javascript>alert('YOUR DETAILS ARE NOT MATCH WITH YOUR ACCOUNT DETAILS !!!!')</script>");
}
//---------------------------------End Email
}
protected void btnreg_Click(object sender, EventArgs e)
{
string type = drpStaffType.SelectedValue.Trim();
// ====================================================================================================================== case 1
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
dw.SetCommand("SELECT count(User_ID) FROM namal WHERE User_name = @uname");
dw.SetSqlCommandParameters("uname", txtuname.Text.Trim());
int count1 = Convert.ToInt32(dw.GetSingleData().Trim());
if (count1 < 1)
{
dw.SetCommand("SELECT MAX(User_ID) FROM namal");
int count = Convert.ToInt32(dw.GetSingleData()) + 1;
if (txtpassword.Text.Trim() == txtconfirmpassword.Text.Trim())
{
const int MIN_LENGTH = 8;
const int MAX_LENGTH = 15;
if (txtpassword.Text == null)
{
throw new ArgumentNullException();
}
bool meetsLengthRequirements = txtpassword.Text.Trim().Length >= MIN_LENGTH && txtpassword.Text.Trim().Length <= MAX_LENGTH;
bool hasUpperCaseLetter = false;
bool hasLowerCaseLetter = false;
bool hasDecimalDigit = false;
if (meetsLengthRequirements)
{
foreach (char c in txtpassword.Text.Trim())
{
if (char.IsUpper(c))
{
hasUpperCaseLetter = true;
}
else if (char.IsLower(c))
{
hasLowerCaseLetter = true;
}
else if (char.IsDigit(c))
{
hasDecimalDigit = true;
}
}
bool isValid = meetsLengthRequirements &&
hasUpperCaseLetter &&
hasLowerCaseLetter &&
hasDecimalDigit
;
if (isValid == true)
{
dw.SetCommand("INSERT INTO namal(User_ID,User_name,Password,E_mail,Type) VALUES (@uid,@uname,@pass,@email,@type)");
dw.SetSqlCommandParameters("uid", count.ToString());
dw.SetSqlCommandParameters("uname", txtuname.Text.Trim());
dw.SetSqlCommandParameters("pass", txtpassword.Text.Trim());
dw.SetSqlCommandParameters("email", txtemail.Text.Trim());
dw.SetSqlCommandParameters("type", type);
dw.Insert();
switch (type)
{
case "doctor":
dw.SetCommand("select max(Doctor_ID) from Doctor");
int did = Convert.ToInt32(dw.GetSingleData()) + 1;
dw.SetCommand("INSERT INTO Doctor(Doctor_ID,User_ID) VALUES (@did,@uid)");
dw.SetSqlCommandParameters("did", did);
dw.SetSqlCommandParameters("uid", count);
dw.Insert();
break;
case "nurse":
dw.SetCommand("SELECT MAX(Nurse_ID) FROM Nurse");
int nid = Convert.ToInt32(dw.GetSingleData()) + 1;
dw.SetCommand("insert into Nurse(Nurse_ID,User_ID) VALUES (@nid,@uid)");
dw.SetSqlCommandParameters("nid", nid);
dw.SetSqlCommandParameters("uid", count);
dw.Insert();
break;
case "admin":
dw.SetCommand("SELECT MAX(Admin_ID) FROM Admin");
int aid = Convert.ToInt32(dw.GetSingleData()) + 1;
dw.SetCommand("insert into Admin(Admin_ID,User_ID) VALUES (@aid,@uid)");
dw.SetSqlCommandParameters("aid", aid);
dw.SetSqlCommandParameters("uid", count);
dw.Insert();
break;
}
//Email Start......................................................
string email = txtemail.Text.Trim();
string pass = txtpassword.Text.Trim();
string uname = txtuname.Text.Trim();
MailMessage mm = new MailMessage("*****@*****.**", email); //(your gmail,receiver gmail)
mm.Subject = "KDU CMS | Registration Success!"; //Subject
mm.Body = "<b>" + "Dear " + txtuname.Text.Trim() + "," + "</b> <br>" + "You have registered on KDU Online Channelling and Management System." + "<br> <br>" + "<table>" + "<tr>" + "<td>" + "Your Username " + "</td>" + "<td>" + "<b>" + uname + "</b>" + "</td>" + "</tr>" + "</table>" + "<br> <br>" + "<i>" + "Important! Keep your username and password in a secure place." + "</i>" + "<br> <br>" + "<table>" + "<tr>" + "<td>" + "<img src=\"https://preview.ibb.co/kaGrEf/logo.png\" width=\"50px\">" + " " + "</td>" + "<td>" + "<b>" + "KDU Channeling Center," + "<br>" + "General Sir John Kotelawala Defence University," + "<br>" + "Southern Campus," + "<br>" + "Sooriyawewa." + "<br>" + "+94718810575" + "</b>" + "</td>" + "</tr>" + "</table>"; //Message
mm.IsBodyHtml = true;
SmtpClient smtp = new SmtpClient();
smtp.Host = "smtp.gmail.com";
smtp.EnableSsl = true;
NetworkCredential networkcred = new NetworkCredential("*****@*****.**", "KDU123cms"); //(your gmail & gmail password)
smtp.UseDefaultCredentials = true;
smtp.Credentials = networkcred;
smtp.Port = 587;
smtp.Send(mm);
//---------------------------------End Email
txtuname.Text = "";
txtpassword.Text = "";
txtemail.Text = "";
txtconfirmpassword.Text = "";
Response.Write("<script language=javascript>alert('SUCCESSFULLY REGISTERED!!!')</script>");
Response.Redirect("~/User/Admin/AdminDefault.aspx");
}
else
{
string ss = "PASSWORD SHOULD BE INCLUDED LOWER CASES AND UPPER CASES";
lbl1.Visible = true;
lbl1.Text = ss;
}
}
else
{
string ss = "Password Length should be in 8 to 15";
lbl1.Visible = true;
lbl1.Text = ss;
}
}
else
{
string ss = "PASSWORDS ARE NOT MATCHING!!!!";
lbl2.Visible = true;
lbl2.Text = ss;
}
}
else
{
string ss = "THIS USER NAME ALREADY IN USE";
lbl3.Visible = true;
lbl3.Text = ss;
}
}
protected void Button3_Click2(object sender, EventArgs e)
{
try
{
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
dw.SetDataAdapter(@"select * from namal where User_ID='" + uid + "' ");
DataTable dt = dw.GetDataTable();
cPass = (dt.Rows[0][2].ToString()).Trim(); //current pass
string newPass = TextBox17.Text.Trim();
string newPassConf = TextBox18.Text.Trim();
if (TextBox16.Text.Trim() == cPass)
{
if (newPass == newPassConf)
{
dw.SetCommand(@"UPDATE namal SET Password=@Password where User_ID='" + uid + "' ");
dw.SetSqlCommandParameters("@Password", TextBox17.Text.Trim());
dw.Update();
Label32.Text = "";
Label33.Text = "";
//Email Start......................................................
dw.SetCommand("SELECT E_mail FROM namal WHERE User_ID = @uid");
dw.SetSqlCommandParameters("uid", uid);
string email = dw.GetSingleData().Trim();
string npass = TextBox17.Text.Trim();
dw.SetCommand("SELECT First_name FROM Doctor WHERE User_ID = @uid");
dw.SetSqlCommandParameters("uid", uid);
string fname = dw.GetSingleData().Trim();
MailMessage mm = new MailMessage("*****@*****.**", email); //(your gmail,receiver gmail)
mm.Subject = "KDU CMS | Password Reset!"; //Subject
mm.Body = "<b>" + "Dear " + fname + "," + "</b> <br>" + "Your password has been changed on KDU Online Channelling and Management System." + "<br> <br>" + "<table>" + "<tr>" + "<td>" + "Your changed Password " + "</td>" + "<td>" + "<b>" + npass + "</b>" + "</td>" + "</tr>" + "</table>" + "<br> <br>" + "<i>" + "Important! Keep your password in a secure place. After remembering your password, permanantly delete this email for your account's safty." + "</i>" + "<br> <br>" + "<table>" + "<tr>" + "<td>" + "<img src=\"https://preview.ibb.co/kaGrEf/logo.png\" width=\"50px\">" + " " + "</td>" + "<td>" + "<b>" + "KDU Channeling Center," + "<br>" + "General Sir John Kotelawala Defence University," + "<br>" + "Southern Campus," + "<br>" + "Sooriyawewa." + "<br>" + "+94718810575" + "</b>" + "</td>" + "</tr>" + "</table>"; //Message
//+"<table>"+
// "<tr>"+
// "<td>" + "Your Channel Number " + "</td>" +
// "<td>" + "<b>" + channelno + "</b>" + "</td>" +
// "</tr>"+
// "<tr>" +
// "<td>" + "Your Reserved Date " + "</td>" +
// "<td>" + "<b>" + TextBox3.Text.Trim() + "</b>" + "</td>" +
// "</tr>" +
// "<tr>" +
// "<td>" + "Doctor " + "</td>" +
// "<td>" + "<b>" + TextBox2.Text.Trim() + "</b>" + "</td>" +
// "</tr>" +
// "<tr>" +
// "<td>" + "Specialization " +"</td>" +
// "<td>" + "<b>" + TextBox4.Text.Trim() + "</b>" + "</td>" +
// "</tr>" +
//"</table>"+
//+"<table>" +
// "<tr>" +
// "<td>" + "<img src=\"https://preview.ibb.co/kaGrEf/logo.png\" width=\"50px\">" + " " + "</td>" +
// "<td>" + "<b>" + "KDU Channeling Center,"+"<br>"+"General Sir John Kotelawala Defence University,"+"<br>"+"Southern Campus,"+"<br>"+"Sooriyawewa."+"<br>"+"+94718810575"+"</b>" + "</td>" +
// "</tr>" +
//"</table>" +
mm.IsBodyHtml = true;
SmtpClient smtp = new SmtpClient();
smtp.Host = "smtp.gmail.com";
smtp.EnableSsl = true;
NetworkCredential networkcred = new NetworkCredential("*****@*****.**", "KDU123cms");//(your gmail & gmail password)
smtp.UseDefaultCredentials = true;
smtp.Credentials = networkcred;
smtp.Port = 587;
smtp.Send(mm);
//Response.Write("<script language=javascript>alert('BOOKING SUCCESSFULL! CHECK YOUR EMAILS!')</script>");
Response.Redirect("~/User/Doctor/Account.aspx");
//---------------------------------End Email
}
else
{
Label33.Text = "";
Label32.Text = "Password does not match!";
}
}
else
{
Label33.Text = "Incorrect Password!";
Label32.Text = "";
}
}
catch { }
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
Label6.Visible = false;
// string session = Session["Docname"].ToString().Trim();
session1 = Session["docid"].ToString().Trim();
//string nu = GridView1.Rows.Count.ToString();
Label6.Text = session1;
dw.SetCommand("SELECT COUNT(Appointmentdate_ID) from Appointment_date WHERE Doctor_ID=@docid");
dw.SetSqlCommandParameters("docid", Label6.Text.Trim());
lblNoSessions.Text = dw.GetSingleData();
dw.SetDataAdapter("SELECT Working_hospital,First_name,Specialized_area FROM Doctor WHERE Doctor_ID = @docid");
//dw.SetSqlCommandParameters("fname",session);
dw.SetDataAdapterParameters("docid", session1);
DataTable dt = dw.GetDataTable();
string hospital = (dt.Rows[0][0].ToString().Trim()) + " Hospital";
string fname = dt.Rows[0][1].ToString().Trim();
string specarea = dt.Rows[0][2].ToString().Trim();
// string hospital = dw.GetSingleData().ToString().Trim()+" Hospital";
lblName.Text = fname;
lblSpecArea.Text = specarea;
lblOther.Text = hospital;
}
catch {
Response.Redirect("~/Default.aspx");
}
}
protected void btnlogin_Click(object sender, EventArgs e)
{
string constring = ConfigurationManager.ConnectionStrings["DefaultConnection"].ConnectionString.ToString();
DataWorksClass dw = new DataWorksClass(constring);
dw.SetCommand(@"select count(User_ID) from namal where User_name=@username and Password = @password");
dw.SetSqlCommandParameters("username", txtuname.Text.Trim());
dw.SetSqlCommandParameters("password", txtpassword.Text.Trim());
int count = Convert.ToInt32(dw.GetSingleData());
dw.SetCommand("SELECT MAX(id) FROM loginlog");
int i = Convert.ToInt32(dw.GetSingleData()) + 1;
DateTime d = DateTime.Now;
string date = d.ToString("yyyy-MM-dd");
string time = d.ToString("hh:mm:ss");
//validating the user
if (count == 1)
{
dw.SetDataAdapter(@"select Type,User_name,User_ID from namal where User_name=@username and Password = @password");
dw.SetDataAdapterParameters("username", txtuname.Text.Trim());
dw.SetDataAdapterParameters("password", txtpassword.Text.Trim());
DataTable dt = dw.GetDataTable();
string uname = (dt.Rows[0][1].ToString()).Trim();
string type = (dt.Rows[0][0].ToString()).Trim();
string uid = (dt.Rows[0][2].ToString()).Trim();
Session["User_ID"] = uid;
Session["type"] = type;
dw.SetCommand("SELECT Patient_ID FROM Patient WHERE User_ID = @uid");
dw.SetSqlCommandParameters("uid", uid);
string pid = dw.GetSingleData().Trim();
Session["Patient_ID"] = pid;
//filling login log table
dw.SetCommand("INSERT INTO loginlog (id,username,attempt,date,time,type) VALUES (@id,@uname,@attempt,@date,@time,@type)");//,,
dw.SetSqlCommandParameters("id", i);
dw.SetSqlCommandParameters("uname", txtuname.Text.Trim());
dw.SetSqlCommandParameters("attempt", "success");
dw.SetSqlCommandParameters("date", date);
dw.SetSqlCommandParameters("time", time);
dw.SetSqlCommandParameters("type", type);
dw.Insert();
Session["User_name"] = uname;
//checking the type of users
switch (type)
{
case "doctor":
dw.SetCommand("SELECT Doctor_ID FROM Doctor WHERE User_ID = @uid");
dw.SetSqlCommandParameters("uid", uid);
string did = dw.GetSingleData().Trim();
Session["Doctor_ID"] = did;
if (CheckBox1.Checked)
{
Session["ok"] = "go";
}
else
{
Session["ok"] = null;
}
Session["User_name"] = uname;
Response.Redirect("~/User/Doctor/Appointments.aspx");
break;
case "patient":
if (CheckBox1.Checked)
{
Session["ok"] = "go";
}
else
{
Session["ok"] = null;
}
Session["User_name"] = uname;
Response.Redirect("~/Default.aspx");
break;
case "admin":
dw.SetCommand("SELECT Admin_ID FROM Admin WHERE User_ID = @uid");
dw.SetSqlCommandParameters("uid", uid);
string aid = dw.GetSingleData().Trim();
Session["Admin_ID"] = aid;
if (CheckBox1.Checked)
{
Session["ok"] = "go";
}
else
{
Session["ok"] = null;
}
Session["User_name"] = uname;
Response.Redirect("~/User/Admin/AdminDefault.aspx");
break;
case "nurse":
dw.SetCommand("SELECT Nurse_ID FROM Nurse WHERE User_ID = @uid");
dw.SetSqlCommandParameters("uid", uid);
string nid = dw.GetSingleData().Trim();
Session["Nurse_ID"] = nid;
if (CheckBox1.Checked)
{
Session["ok"] = "go";
}
else
{
Session["ok"] = null;
}
Session["User_name"] = uname;
Response.Redirect("~/User/Nurse/NurseDefault.aspx");
break;
}
}
else
{
//print a error msg when user try to login without providing user credentials and in here userlogs table not filling
if (txtuname.Text == "" || txtpassword.Text == "")
{
Response.Write("<script language=javascript>alert('PLZ FILL THE USERNAME AND PASSWORD FIELDS!!!!')</script>");
}
else if (txtuname.Text != "" || txtpassword.Text != "")
{
//filing loginlog table
dw.SetCommand("INSERT INTO loginlog (id,username,attempt,date,time,type) VALUES (@id,@uname,@attempt,@date,@time,@type)");//,,
dw.SetSqlCommandParameters("id", i);
dw.SetSqlCommandParameters("uname", txtuname.Text.Trim());
dw.SetSqlCommandParameters("attempt", "not success");
dw.SetSqlCommandParameters("date", date);
dw.SetSqlCommandParameters("time", time);
dw.SetSqlCommandParameters("type", "unbound");
dw.Insert();
Response.Write("<script language=javascript>alert('WRONG CREDENTIALS!!!!')</script>");
}
}
}