private int validateLogin()
{
if (Request.Form["txtEmail"].ToUpper().Equals("") || Request.Form["txtPassword"].ToUpper().Equals(""))
{
return(0);
}
string query1, query2;
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd;
SqlDataAdapter da;
DataSet ds;
//Check email from lecturer, return 1 if lecturer
query1 = "Select * from Lecture where email = '" + Request.Form["txtEmail"].ToUpper() + "'";
cmd = new SqlCommand(query1, con);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
da = new SqlDataAdapter();
da.SelectCommand = cmd;
ds = new DataSet();
da.Fill(ds);
con.Close();
if (ds.Tables[0].Rows.Count > 0)
{
ds.Clear();
return(1);
}
//Check email from lecturer, return 2 if student
query2 = "Select * from Student where email = '" + Request.Form["txtEmail"].ToUpper() + "'";
cmd = new SqlCommand(query2, con);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
da = new SqlDataAdapter();
da.SelectCommand = cmd;
ds = new DataSet();
da.Fill(ds);
con.Close();
if (ds.Tables[0].Rows.Count > 0)
{
ds.Clear();
return(2);
}
//return 0 if none
return(0);
}
private void addStudAns(int stuAssID, int questID, String answer)
{
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
string query = "INSERT INTO StudentAnswer(stuAssessID, questID, answer)" +
"VALUES (@param1, @param2, @param3)";
SqlCommand cmd = new SqlCommand(query, con);
cmd.Parameters.Add("@param1", SqlDbType.Int).Value = stuAssID;
cmd.Parameters.Add("@param2", SqlDbType.Int).Value = questID;
cmd.Parameters.Add("@param3", SqlDbType.NVarChar).Value = answer;
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
con.Close();
}
protected void btnFinish_Click(object sender, EventArgs e)
{
Repeater1.DataSource = SqlDataSource2;
Repeater1.DataBind();
if (Repeater1.Items.Count == 0)
{
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd;
string query = "DELETE FROM Question WHERE assessID = @param1";
cmd = new SqlCommand(query, con);
cmd.Parameters.Add("@param1", SqlDbType.Int).Value = Session["assessID"];
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
con.Close();
}
Response.Redirect("~/lectViewAssessments.aspx");
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
int assessID = Convert.ToInt32(Session["assessID"].ToString());
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
string query = "INSERT INTO Student_Assessment(status, score, stuID, assessID)" +
"VALUES (@param1, @param2, @param3, @param4)";
SqlCommand cmd = new SqlCommand(query, con);
cmd.Parameters.Add("@param1", SqlDbType.NVarChar).Value = "progress";
cmd.Parameters.Add("@param2", SqlDbType.Int).Value = -1;
cmd.Parameters.Add("@param3", SqlDbType.NVarChar).Value = Convert.ToInt32(Session["userID"].ToString());
cmd.Parameters.Add("@param4", SqlDbType.NVarChar).Value = assessID;
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
con.Close();
string strCon1 = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con1 = new SqlConnection(strCon1);
SqlCommand cmd1;
try
{
con1.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd1 = new SqlCommand("select MAX(stuAssessID) from Student_Assessment", con1);
int stuAssID = (int)cmd1.ExecuteScalar();
con1.Close();
foreach (DataListItem row in DataList1.Items)
{
Label questID = (Label)row.FindControl("questID");
TextBox answer = (TextBox)row.FindControl("subAns");
addStudAns(stuAssID, Convert.ToInt32(questID.Text), answer.Text);
}
btnSubmit.Visible = false;
btnReset.Visible = false;
btnHome.Visible = true;
lblResult.Visible = true;
lblResult.Text = "Thank for your participation,<br/>" +
"your paper will be marked soon.<br/>";
}
protected void btnEnroll_Click(object sender, EventArgs e)
{
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd;
string query = "INSERT INTO enrollLecturer(lecID, subjectID)" +
"VALUES (@param1, @param2)";
cmd = new SqlCommand(query, con);
cmd.Parameters.Add("@param1", SqlDbType.Int).Value = Session["userID"];
cmd.Parameters.Add("@param2", SqlDbType.Int).Value = ddlSubjectEnroll.SelectedValue;
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
con.Close();
// Response.Redirect("enrollLecturers.aspx?enroll=" + ddlSubjectEnroll.SelectedItem.Text, false);
Response.Redirect("~/lectSubjects.aspx");
}
private void addStudAssess(int studID, string assessID)
{
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
string query = "INSERT INTO Student_Assessment(status, score, stuID, assessID)" +
"VALUES (@param1, @param2, @param3, @param4)";
SqlCommand cmd = new SqlCommand(query, con);
cmd.Parameters.Add("@param1", SqlDbType.NVarChar).Value = "progress";
cmd.Parameters.Add("@param2", SqlDbType.Int).Value = -1;
cmd.Parameters.Add("@param3", SqlDbType.NVarChar).Value = studID;
cmd.Parameters.Add("@param4", SqlDbType.NVarChar).Value = assessID;
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
con.Close();
}
protected void DataList1_ItemCommand(object source, DataListCommandEventArgs e)
{
if (e.CommandName == "edit")
{
DataList1.EditItemIndex = e.Item.ItemIndex;
}
else if (e.CommandName == "delete")
{
int questID = Convert.ToInt32(((Label)e.Item.FindControl("lblQuest")).Text);
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd = new SqlCommand("DELETE from Question WHERE questID = " + questID, con);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.ExecuteNonQuery();
con.Close();
DataList1.EditItemIndex = -1;
DataList1.EditItemIndex = -1;
}
else if (e.CommandName == "cancel")
{
DataList1.EditItemIndex = -1;
}
else if (e.CommandName == "update")
{
int questID = int.Parse(((Label)e.Item.FindControl("lblQuest")).Text);
int assessID = int.Parse(((Label)e.Item.FindControl("lblAssess")).Text);
string question = ((TextBox)e.Item.FindControl("editQName")).Text;
int mark = int.Parse(((DropDownList)e.Item.FindControl("ddlEditMark")).SelectedValue);
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd = new SqlCommand("update question set questName = '"
+ question + "', mark = " + mark +
" WHERE questID = " + questID + " AND assessID = " + assessID, con);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.ExecuteNonQuery();
con.Close();
DataList1.EditItemIndex = -1;
}
DataList1.DataBind();
}
private Boolean checkEmailExist()
{
Boolean emailExist = false;
string query1, query2;
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd;
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
query1 = "Select * from Lecture where email = '" + txtEmail.Text.ToUpper() + "'";
cmd = new SqlCommand(query1, con);
SqlDataAdapter da = new SqlDataAdapter();
da.SelectCommand = cmd;
DataSet ds = new DataSet();
da.Fill(ds);
if (ds.Tables[0].Rows.Count > 0)
{
emailExist = true;
}
con.Close();
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
query2 = "Select * from Student where email = '" + txtEmail.Text.ToUpper() + "'";
cmd = new SqlCommand(query2, con);
SqlDataAdapter da1 = new SqlDataAdapter();
da1.SelectCommand = cmd;
DataSet ds1 = new DataSet();
da1.Fill(ds1);
if (ds1.Tables[0].Rows.Count > 0)
{
emailExist = true;
}
con.Close();
return(emailExist);
}
protected void Repeater1_ItemCommand(object source, RepeaterCommandEventArgs e)
{
Label subjectCode = (Label)e.Item.FindControl("lblSubjectCode");
Label subjectName = (Label)e.Item.FindControl("lblSubjectName");
Session["subjectCode"] = subjectCode.Text;
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
SqlCommand cmd = new SqlCommand("select * FROM Subject WHERE subjectCode= '" + Session["subjectCode"] + "'", con);
using (SqlDataReader rdr = cmd.ExecuteReader())
{
if (rdr.Read())
{
Session["subjectID"] = rdr.GetInt32(0);
Session["subjectCode"] = rdr.GetString(1);
Session["subjectName"] = rdr.GetString(2);
Session["subjectDesc"] = rdr.GetString(3);
}
}
con.Close();
if (e.CommandName.Equals("view"))
{
Response.Redirect("~/lectSubjectList.aspx");
}
else if (e.CommandName.Equals("unenroll"))
{
SqlCommand cmd2 = new SqlCommand("delete FROM enrollLecturer WHERE lecID = " + Int16.Parse(Session["userID"].ToString()) + " AND subjectID = " + Int16.Parse(Session["subjectID"].ToString()), con);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd2.ExecuteNonQuery();
con.Close();
Response.Redirect("lectSubjects.aspx?delete=" + subjectCode, false);
}
}
protected void regist()
{
string role = rblRole.SelectedValue;
string query;
if (checkEmailExist() == true)
{
Response.Write("<script>alert('Email Registered. Please Choose another');</script>");
}
else
{
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd;
if (role == "Lecturer")
{
query = "INSERT INTO Lecture(lecName, psw, email, gender) " +
"VALUES (@param1, @param2, @param3, @param4)";
}
else
{
query = "INSERT INTO Student(stuName, psw, email, gender) " +
"VALUES (@param1, @param2, @param3, @param4)";
}
cmd = new SqlCommand(query, con);
cmd.Parameters.Add("@param1", SqlDbType.NVarChar).Value = txtName.Text;
cmd.Parameters.Add("@param2", SqlDbType.NVarChar).Value = password1.Text;
cmd.Parameters.Add("@param3", SqlDbType.NVarChar).Value = txtEmail.Text.ToUpper();
cmd.Parameters.Add("@param4", SqlDbType.NVarChar).Value = rblGender.SelectedValue;
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
con.Close();
Response.Write("<script>alert('Register Successfuly. As a " + role + ". Proceed to Login..');" +
"window.location = 'login.aspx'</script>");
}
}
protected void Page_Load(object sender, EventArgs e)
{
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
string query = "SELECT lecName from Lecture L, Assessment A, Student_Assessment SA WHERE L.lecID = A.lecID AND " +
"SA.assessID = A.assessID AND SA.stuAssessID = " + Convert.ToInt32(Session["stuAssessID"].ToString());
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
SqlCommand cmd = new SqlCommand(query, con);
string getLecName = cmd.ExecuteScalar().ToString();
con.Close();
scoreDetail.Text = "Your Score: " + Session["score"].ToString();
if (Convert.ToInt32(Session["score"]) < 50)
{
scoreDetail.ForeColor = Color.Red;
}
else
{
scoreDetail.ForeColor = Color.Green;
}
if (Session["subjectName"].ToString() != "")
{
questionDetail.Text = "MCQ - <b>#" + Session["assessID"] + "</b> "
+ Session["assessName"].ToString() + "<br/>Subject : "
+ Session["subjectName"].ToString() + "<br/>Type : Private"
+ "<br/>Created by : " + getLecName;
}
else
{
questionDetail.Text = "MCQ - <b>#" + Session["assessID"] + "</b> "
+ Session["assessName"].ToString() + "<br/>Type : Public"
+ "<br/>Created by : " + getLecName;
}
}
private void updateStuAns(int stuAssessID, String lecComment, int questID, int stuScore)
{
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd = new SqlCommand("update StudentAnswer set lecComment = '" + lecComment + "', stuScore= '" + stuScore + "' WHERE stuAssessID = " + stuAssessID + " AND questID = " + questID, con);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.ExecuteNonQuery();
con.Close();
}
protected void addAssessment()
{
string query;
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd;
query = "INSERT INTO ASSESSMENT(assessName, assessType, questType, subjectID, lecID) " +
"VALUES (@param1, @param2, @param3, @param4, @param5)";
cmd = new SqlCommand(query, con);
cmd.Parameters.Add("@param1", SqlDbType.NVarChar).Value = txtName.Text;
cmd.Parameters.Add("@param2", SqlDbType.NVarChar).Value = rblAssessType.SelectedValue;
cmd.Parameters.Add("@param3", SqlDbType.NVarChar).Value = rblQuestType.SelectedValue;
cmd.Parameters.Add("@param4", SqlDbType.Int).Value = ddlSubject.SelectedValue;
cmd.Parameters.Add("@param5", SqlDbType.NVarChar).Value = Session["userID"];
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
con.Close();
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
SqlCommand getAssessID = new SqlCommand("select MAX(assessID) from Assessment", con);
assessID = (int)getAssessID.ExecuteScalar();
con.Close();
}
private void calculateStuScore(int TotalMark, int stuScore, int stuAssID)
{
int score = stuScore * 100 / TotalMark;
finalmark = Convert.ToInt32(score.ToString());
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd = new SqlCommand("update Student_Assessment set score = '" + finalmark + "', status = 'done' WHERE stuAssessID = " + stuAssID, con);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.ExecuteNonQuery();
con.Close();
}
protected void Repeater2_ItemCommand(object source, RepeaterCommandEventArgs e)
{
Label enrollID = (Label)e.Item.FindControl("lblEnrollID");
int enrollSID = Convert.ToInt32(enrollID.Text);
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd = new SqlCommand("delete FROM EnrollStudent WHERE enrollSID = '" + enrollSID + "'", con);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.ExecuteNonQuery();
con.Close();
Response.Redirect("lectSubjectList.aspx?kick=" + enrollSID.ToString(), false);
}
protected void Repeater1_ItemCommand(object source, RepeaterCommandEventArgs e)
{
Label assessID = (Label)e.Item.FindControl("lblAssID");
Label subName = (Label)e.Item.FindControl("lblSubname");
Label assessType = (Label)e.Item.FindControl("lblAssessType");
Label assessName = (Label)e.Item.FindControl("lblAssName");
Label questType = (Label)e.Item.FindControl("lblQuestType");
Session["assessID"] = assessID.Text;
Session["subName"] = subName.Text;
Session["assessType"] = assessType.Text;
Session["assessName"] = assessName.Text;
Session["questType"] = questType.Text;
if (e.CommandName.Equals("view"))
{
Response.Redirect("~/lectViewAssessmentList.aspx");
}
else if (e.CommandName.Equals("delete"))
{
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd = new SqlCommand("delete FROM Assessment WHERE assessID = '" + assessID.Text + "'", con);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.ExecuteNonQuery();
con.Close();
Response.Redirect("lectViewAssessments.aspx?delete=" + assessID, false);
}
}
protected void Page_Load(object sender, EventArgs e)
{
Response.Cache.SetNoStore();
int subjectID = Convert.ToInt32(Session["subjectID"]);
if (subjectID != 0)
{
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
SqlCommand getSubject = new SqlCommand("SELECT (subjectCode + ' ' + subjectName) AS SUBJECT " +
"FROM Subject WHERE subjectID = " + subjectID, con);
string subject = getSubject.ExecuteScalar().ToString();
con.Close();
subjectName.Text = subject;
}
else
{
subjectName.Text = "-";
}
type.Text = (String)Session["type"];
assessName.Text = Session["assessID"].ToString() + " " + (String)Session["assessment"];
if (!IsPostBack)
{
MultiView1.ActiveViewIndex = 0;
}
}
protected void btnSubmit_Click(object sender, EventArgs e)
{
string assessID = Session["assessID"].ToString();
addStudAssess(Convert.ToInt32(Session["userID"].ToString()), assessID);
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd;
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd = new SqlCommand("select MAX(stuAssessID) from Student_Assessment", con);
int stuAssID = (int)cmd.ExecuteScalar();
con.Close();
foreach (DataListItem row in DataList1.Items)
{
total_question += 1;
Label questID = (Label)row.FindControl("questID");
RadioButton selectA = (RadioButton)row.FindControl("selectA");
RadioButton selectB = (RadioButton)row.FindControl("selectB");
RadioButton selectC = (RadioButton)row.FindControl("selectC");
RadioButton selectD = (RadioButton)row.FindControl("selectD");
HtmlContainerControl divA = (HtmlContainerControl)row.FindControl("div_A");
HtmlContainerControl divB = (HtmlContainerControl)row.FindControl("div_B");
HtmlContainerControl divC = (HtmlContainerControl)row.FindControl("div_C");
HtmlContainerControl divD = (HtmlContainerControl)row.FindControl("div_D");
if (selectA.Checked)
{
studAns = "A";
divA.Attributes.Add("Style", "background-color:#ff7d7d;");
}
else if (selectB.Checked)
{
studAns = "B";
divB.Attributes.Add("Style", "background-color:#ff7d7d;");
}
else if (selectC.Checked)
{
studAns = "C";
divC.Attributes.Add("Style", "background-color:#ff7d7d;");
}
else if (selectD.Checked)
{
studAns = "D";
divD.Attributes.Add("Style", "background-color:#ff7d7d;");
}
selectA.Enabled = false;
selectB.Enabled = false;
selectC.Enabled = false;
selectD.Enabled = false;
addStuAns(stuAssID, Convert.ToInt32(questID.Text));
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd = new SqlCommand("Select answer FROM Question WHERE questID = @questID", con);
cmd.Parameters.Add("@questID", SqlDbType.Int).Value = Convert.ToInt32(questID.Text);
string correctAns = cmd.ExecuteScalar().ToString().Replace(" ", "");
if (correctAns == "A")
{
divA.Attributes.Add("Style", "background-color:#5cfb5c;");
}
else if (correctAns == "B")
{
divB.Attributes.Add("Style", "background-color:#5cfb5c;");
}
else if (correctAns == "C")
{
divC.Attributes.Add("Style", "background-color:#5cfb5c;");
}
else if (correctAns == "D")
{
divD.Attributes.Add("Style", "background-color:#5cfb5c;");
}
if (studAns == correctAns)
{
correct_ans += 1;
}
con.Close();
}
calculateScore(correct_ans, total_question, Convert.ToInt32(Session["userID"].ToString()), Convert.ToInt32(assessID), stuAssID);
btnSubmit.Visible = false;
btnReset.Visible = false;
btnHome.Visible = true;
lblResult.Visible = true;
if (finalmark < 50)
{
lblResult.ForeColor = Color.Red;
}
else
{
lblResult.ForeColor = Color.YellowGreen;
}
lblResult.Text = "You have submitted your answer.. <br/>" +
correct_ans + " correct answers out of " + total_question + "<br/>" +
"Total mark: " + finalmark;
//send email
string name = Session["username"].ToString();
string email = Session["email"].ToString();
string assessName = Session["assessName"].ToString();
string body = "Dear " + name + ", your assessment score for " + assessName + " is " + finalmark + "%. ";
string subject = "Assessment Score for " + assessName;
Email(email, body, subject, "*****@*****.**", "Assessment Point");
}
protected void DataList1_ItemCommand(object source, DataListCommandEventArgs e)
{
if (e.CommandName == "edit")
{
DataList1.EditItemIndex = e.Item.ItemIndex;
}
else if (e.CommandName == "delete")
{
int questID = Convert.ToInt32(((Label)e.Item.FindControl("lblQuest")).Text);
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd = new SqlCommand("DELETE from Question WHERE questID = " + questID, con);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.ExecuteNonQuery();
con.Close();
DataList1.EditItemIndex = -1;
DataList1.EditItemIndex = -1;
}
else if (e.CommandName == "cancel")
{
DataList1.EditItemIndex = -1;
}
else if (e.CommandName == "update")
{
RadioButton rbEditA = (RadioButton)e.Item.FindControl("rbEditA");
RadioButton rbEditB = (RadioButton)e.Item.FindControl("rbEditB");
RadioButton rbEditC = (RadioButton)e.Item.FindControl("rbEditC");
RadioButton rbEditD = (RadioButton)e.Item.FindControl("rbEditD");
char answer = '-';
if (rbEditA.Checked == true)
{
answer = 'A';
}
else if (rbEditB.Checked == true)
{
answer = 'B';
}
else if (rbEditC.Checked == true)
{
answer = 'C';
}
else if (rbEditD.Checked == true)
{
answer = 'D';
}
int questID = Convert.ToInt32(((Label)e.Item.FindControl("lblQuest")).Text);
int assessID = Convert.ToInt32(((Label)e.Item.FindControl("lblAssess")).Text);
string question = ((TextBox)e.Item.FindControl("editQuest")).Text;
string selectA = ((TextBox)e.Item.FindControl("editA")).Text;
string selectB = ((TextBox)e.Item.FindControl("editB")).Text;
string selectC = ((TextBox)e.Item.FindControl("editC")).Text;
string selectD = ((TextBox)e.Item.FindControl("editD")).Text;
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd = new SqlCommand("update question set questName = '"
+ question + "', selectA = '" + selectA + "', selectB = '" +
selectB +
"', selectC = '" + selectC + "', selectD = '" + selectD +
"', answer = '" + answer +
"' WHERE questID = " + questID + " AND assessID = " + assessID,
con);
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.ExecuteNonQuery();
con.Close();
DataList1.EditItemIndex = -1;
}
DataList1.DataBind();
}
protected void addQuestion()
{
// Image Upload
byte[] data = null;
if (imageUpload.HasFile)
{
imageUpload.PostedFile.SaveAs(Server.MapPath("~/Images/temp.jpeg"));
data = File.ReadAllBytes(Server.MapPath("~/Images/temp.jpeg"));
}
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
SqlCommand cmd;
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
SqlCommand CountAssess = new SqlCommand("Select count(*) from Assessment", con);
int count = (int)CountAssess.ExecuteScalar();
int assessID = 1001;
con.Close();
if (count > 0)
{
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd = new SqlCommand("select MAX(assessID) from Assessment", con);
assessID = (int)cmd.ExecuteScalar();
con.Close();
}
string query = "INSERT INTO Question(assessID, questName, mark, image) " +
"VALUES (@param1, @param2, @param3, @param4)";
cmd = new SqlCommand(query, con);
cmd.Parameters.Add("@param1", SqlDbType.Int).Value = assessID;
cmd.Parameters.Add("@param2", SqlDbType.NVarChar).Value = txtDesc.Text;
cmd.Parameters.Add("@param3", SqlDbType.Int).Value = ddlMark.SelectedValue;
if (data != null)
{
cmd.Parameters.Add("@param4", SqlDbType.VarBinary).Value = data;
}
else
{
cmd.Parameters.Add("@param4", SqlDbType.VarBinary).Value = DBNull.Value;
}
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
cmd.Parameters.Clear();
con.Close();
DataList1.DataBind();
}
protected void loginFunc()
{
lblErrorMsg.Visible = false;
string strCon = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
SqlConnection con = new SqlConnection(strCon);
if (validateLogin() == 0)
{
Response.Write("<script>alert('Password and email does not match!');</script>");
}
else
{
if (validateLogin() == 1) // lecturer
{
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
SqlCommand getPsw = new SqlCommand("SELECT psw from Lecture WHERE email = '" + Request.Form["txtEmail"] + "'", con);
string psw = getPsw.ExecuteScalar().ToString().Replace(" ", "");
con.Close();
if (psw == Request.Form["txtPassword"])
{
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
SqlCommand getName = new SqlCommand("SELECT lecID, lecName, gender from Lecture WHERE email = '" + Request.Form["txtEmail"] + "'", con);
string name = "";
string gender = "";
int lecID = 0;
using (SqlDataReader rdr = getName.ExecuteReader())
{
if (rdr.Read())
{
lecID = rdr.GetInt32(0);
name = rdr.GetString(1);
gender = rdr.GetString(2).Replace(" ", "");
}
}
con.Close();
Session["userID"] = lecID;
Session["username"] = name;
Session["gender"] = gender;
Session["role"] = "Lecturer";
Response.Redirect("~/lectViewAssessments.aspx", false);
}
else
{
lblErrorMsg.Visible = true;
lblErrorMsg.Text = "Wrong Password / Email Entered";
}
}
else // student
{
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
SqlCommand getPsw = new SqlCommand("SELECT psw from Student WHERE email = '" + Request.Form["txtEmail"].ToUpper() + "'", con);
string psw = getPsw.ExecuteScalar().ToString().Replace(" ", "");
con.Close();
if (psw == Request.Form["txtPassword"])
{
try
{
con.Open();
}
catch (Exception ex)
{
Response.Redirect(ExceptionManagersHandler.PublishException("MyApplication", ex));
}
SqlCommand getName = new SqlCommand("SELECT stuID, stuName, gender from Student WHERE email = '" + Request.Form["txtEmail"].ToUpper() + "'", con);
string name = "";
string gender = "";
int stuID = 0;
using (SqlDataReader rdr = getName.ExecuteReader())
{
if (rdr.Read())
{
stuID = rdr.GetInt32(0);
name = rdr.GetString(1);
gender = rdr.GetString(2).Replace(" ", "");
}
}
con.Close();
Session["userID"] = stuID;
Session["username"] = name;
Session["email"] = Request.Form["txtEmail"];
Session["gender"] = gender;
Session["role"] = "Student";
Response.Redirect("~/studDoAssessments.aspx", false);
}
else
{
lblErrorMsg.Visible = true;
lblErrorMsg.Text = "Wrong Password / Email Entered";
}
}
}
}