protected void btnAdd_Click(object sender, EventArgs e) { SqlCommand insertInCartCmd = new SqlCommand("sp_insert_incart"); insertInCartCmd.CommandType = CommandType.StoredProcedure; insertInCartCmd.CommandText = "sp_insert_incart"; DatabaseHelper.AddParameter(insertInCartCmd, "@user_id", SqlDbType.Int, m_userId); DatabaseHelper.AddParameter(insertInCartCmd, "@book_id", SqlDbType.Int, Int32.Parse(Request.QueryString["book_id"])); try { DatabaseHelper.SqlResult result = DatabaseHelper.ExecuteQueryWithResult(insertInCartCmd); if (result.GetReader().RecordsAffected > 0) { Button btn = (Button)sender; btn.Text = "Книгата беше добавена успешно! "; btn.Enabled = false; } } catch (Exception se) { Button btn = (Button)sender; btn.Text = "ГРЕШКА! " + se.Message; btn.Enabled = false; } }
protected void btnLogin_Click(object sender, EventArgs e) { SqlConnection connection = CreateConnection(); using (connection) { SqlCommand myCommand = new SqlCommand("UsersP", connection); myCommand.CommandType = CommandType.StoredProcedure; myCommand.CommandText = "UsersP"; SqlParameter user_name = new SqlParameter("@user_name", SqlDbType.VarChar); user_name.Value = txtUserName.Text; myCommand.Parameters.Add(user_name); SqlParameter password = new SqlParameter("@password", SqlDbType.Text); password.Value = txtPass.Text; myCommand.Parameters.Add(password); try { connection.Open(); object res = myCommand.ExecuteScalar(); if (res == null) { lbMessage.Text = "Грешен потребител или парола!"; } else { m_loggedUserId = Convert.ToInt32(res); //SqlCommand getEmailCmd = new SqlCommand("SELECT email FROM users WHERE user_id = @user_id"); //DatabaseHelper.AddParameter(getEmailCmd, "@user_id", SqlDbType.Int, m_loggedUserId); //DatabaseHelper.SqlResult result = DatabaseHelper.ExecuteQueryWithResult(getEmailCmd); Session["username"] = txtUserName.Text; //Session["email"] = result.GetNextRow()["email"]; //result.Close(); SqlCommand getUserRole = new SqlCommand("SELECT role FROM login WHERE user_id = @user_id"); DatabaseHelper.AddParameter(getUserRole, "@user_id", SqlDbType.Int, m_loggedUserId); DatabaseHelper.SqlResult result = DatabaseHelper.ExecuteQueryWithResult(getUserRole); Session["role"] = result.GetNextRow()["role"]; result.Close(); Session["userid"] = m_loggedUserId; Response.Redirect("Home.aspx"); } } catch (SqlException ol) { lbMessage.Text = ol.Message.ToString(); } } }
protected void Page_Load(object sender, EventArgs e) { BookStoreCatalog.CurrentPage = "Кошница"; if (Session["username"] != null) { m_userId = Convert.ToInt32(Session["userid"]); } else { Response.Redirect("Home.aspx"); } SqlCommand selectBooksCmd = new SqlCommand("sp_select_orders_for_user"); selectBooksCmd.CommandType = CommandType.StoredProcedure; selectBooksCmd.CommandText = "sp_select_orders_for_user"; DatabaseHelper.AddParameter(selectBooksCmd, "@user_id", SqlDbType.Int, m_userId); DatabaseHelper.SqlResult result = DatabaseHelper.ExecuteQueryWithResult(selectBooksCmd); if (!result.GetReader().HasRows) { btnOrder.Attributes["style"] = "display: none;"; btnDelete.Attributes["style"] = "display: none;"; Label2.Attributes["style"] = "display: none;"; Label1.Text = "Вашата кошница е празна!"; } else { btnOrder.Attributes["style"] = "display: ;"; btnDelete.Attributes["style"] = "display: ;"; Label2.Attributes["style"] = "display: ;"; Label1.Text = "Във вашата кошница има:"; SqlCommand totalPriceCmd = new SqlCommand("sp_select_total_price"); totalPriceCmd.CommandType = CommandType.StoredProcedure; totalPriceCmd.CommandText = "sp_select_total_price"; DatabaseHelper.AddParameter(totalPriceCmd, "@user_id", SqlDbType.Int, m_userId); result = DatabaseHelper.ExecuteQueryWithResult(totalPriceCmd); SqlDataReader reader = result.GetReader(); reader.Read(); lbSum.Text = result.GetReader().GetDecimal(0).ToString(); } result.Close(); }
protected void Page_Load(object sender, EventArgs e) { btnAdd = (Button)FormView1.FindControl("btnAdd"); addToCartContainer = (HtmlContainerControl)FormView1.FindControl("addToCartContainer"); pdfContainer = (HtmlContainerControl)FormView1.FindControl("pdfContainer"); if (Session["username"] != null) { btnAdd.Attributes["style"] = "display: ;"; addToCartContainer.Attributes["style"] = "display: ;"; m_userId = Convert.ToInt32(Session["userid"]); SqlCommand hasBookCmd = new SqlCommand("sp_select_has_book"); hasBookCmd.CommandType = CommandType.StoredProcedure; hasBookCmd.CommandText = "sp_select_has_book"; DatabaseHelper.AddParameter(hasBookCmd, "@user_id", SqlDbType.Int, m_userId); DatabaseHelper.AddParameter(hasBookCmd, "@book_id", SqlDbType.Int, Int32.Parse(Request.QueryString["book_id"])); DatabaseHelper.SqlResult result = DatabaseHelper.ExecuteQueryWithResult(hasBookCmd); if (result.HasResults()) { btnAdd.Attributes["style"] = "display: none;"; } else { pdfContainer.Visible = false; } } else { btnAdd.Attributes["style"] = "display: none;"; pdfContainer.Visible = false; btnAddComment.Attributes["style"] = "display: none;"; txtComment.Attributes["style"] = "display: none;"; } }
protected void btnReg_Click(object sender, EventArgs e) { if (txtUserName.Text.Length > 0 && txtPass.Text.Length > 0 && txtLName.Text.Length > 0 && txtName.Text.Length > 0 && txtEmail.Text.Length > 0) { SqlCommand checkUsernameExistsCmd = new SqlCommand(checkUserExistsSQL); DatabaseHelper.AddParameter(checkUsernameExistsCmd, "@user_name", SqlDbType.VarChar, txtUserName.Text.ToLower()); DatabaseHelper.SqlResult registered = DatabaseHelper.ExecuteQueryWithResult(checkUsernameExistsCmd); if (!registered.HasResults()) { registered.Close(); SqlCommand registerUserCmd = new SqlCommand("sp_insert_users"); registerUserCmd.CommandType = CommandType.StoredProcedure; registerUserCmd.CommandText = "sp_insert_users"; DatabaseHelper.AddParameter(registerUserCmd, "@fname", SqlDbType.VarChar, txtName.Text); DatabaseHelper.AddParameter(registerUserCmd, "@lname", SqlDbType.VarChar, txtLName.Text); DatabaseHelper.AddParameter(registerUserCmd, "@email", SqlDbType.VarChar, txtEmail.Text.ToLower()); DatabaseHelper.AddParameter(registerUserCmd, "@user_name", SqlDbType.VarChar, txtUserName.Text.ToLower()); DatabaseHelper.AddParameter(registerUserCmd, "@password", SqlDbType.VarChar, txtPass.Text); DatabaseHelper.SqlResult result = DatabaseHelper.ExecuteQueryWithResult(registerUserCmd); if (result.GetAffectedRows() > 0) { RegistrationForm.Attributes["style"] = "display: none;"; lbMessage.Text = "Регистрацията премина успешно!"; lbUserName.Attributes["style"] = "display: none;"; lbPassword.Attributes["style"] = "display: none;"; lbLastName.Attributes["style"] = "display: none;"; lbFirstName.Attributes["style"] = "display: none;"; lbEmail.Attributes["style"] = "display: none;"; txtUserName.Attributes["style"] = "display: none;"; txtPass.Attributes["style"] = "display: none;"; txtLName.Attributes["style"] = "display: none;"; txtName.Attributes["style"] = "display: none;"; txtEmail.Attributes["style"] = "display: none;"; btnReg.Attributes["style"] = "display: none;"; btnCancel.Attributes["style"] = "display: none;"; } else { lbMessage.Text = "Неуспешна регистрация: " + DatabaseHelper.GetLastError(); } result.Close(); } else { registered.Close(); lbMessage.Text = "Вече съществува потребител с такова име (" + txtUserName.Text + ")!"; } } else { lbMessage.Text = "Не са попълнени всички полета!"; } }