protected void Button2_Click(object sender, EventArgs e)
{
MsitUtility.LoginCheck();
using (SqlConnection conn = new SqlConnection(connStr))
{
using (SqlCommand cmd = new SqlCommand("OrderCreate", conn))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@CartID", Session["CartID"].ToString());
cmd.Parameters.AddWithValue("@CustomerID", Convert.ToInt32(Session["CartID"]));
cmd.Parameters.AddWithValue("@OrderDate", DateTime.Now.ToShortDateString());
cmd.Parameters.AddWithValue("@ShipDate", DateTime.Now.AddHours(6).ToShortDateString());
cmd.Parameters.Add("@OrderID", SqlDbType.Int);
cmd.Parameters["@OrderID"].Direction = ParameterDirection.Output;
conn.Open();
cmd.ExecuteNonQuery();
conn.Close();
Response.Redirect("~/Orders.aspx?OrderID=" + cmd.Parameters["@OrderID"].Value);
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
MsitUtility.LoginCheck();
}