protected void Upload(object sender, EventArgs e) { if (Session["username"] != null) { string name = Session["username"].ToString(); string desc = Despription.Text; string Catagory = ddl_c.Text; string Pname = PName.Text; string price = Price.Text; DateTime time = DateTime.Now; int min = int.Parse(Min.Text); int hour = int.Parse(Hour.Text); while (min > 60) { min -= 60; hour++; } if (FileUpload1.HasFile || !(desc.Equals("")) || !(name.Equals("")) || !(price.Equals(""))) { SqlAC.udi("INSERT INTO PhotosID (F) VALUES (0)"); ak = SqlAC.CheckData("SELECT * FROM PhotosID WHERE F='0'"); string extension = Path.GetExtension(FileUpload1.PostedFile.FileName); string fileName = ak.Tables[0].Rows[0]["ID"].ToString(); FileUpload1.PostedFile.SaveAs(Server.MapPath("~/APhotos/") + fileName + extension); SqlAC.udi("UPDATE PhotosID SET PhotosID.F='1'"); SqlAC.udi("INSERT INTO PendingAuctions (PName,SUser,Price,[Min],[Hour],ImgUrl,Catagory,Description) VALUES ('" + Pname + "','" + name + "','" + price + "','" + min.ToString() + "','" + hour.ToString() + "','" + fileName + extension + "','" + Catagory + "','" + desc + "')"); Response.Redirect(Request.Url.AbsoluteUri); } } else { Response.Redirect("Home.aspx"); } }
protected void Btn_Offer_Click(object sender, EventArgs e) { string id = Request.QueryString["id"]; if (Offer.Text == null) { Offer.Text = "0"; } long offer = int.Parse(Offer.Text); //input int Coffer = int.Parse(ak.Tables[0].Rows[0]["Price"].ToString()); //current offer string user; user = Session["login"].ToString(); if (Session["login"] == null) { Offer.Enabled = false; } if (offer > Coffer) { int v = ak.Tables[0].Rows.Count; SqlAC.udi("UPDATE Auctions SET Auctions.price='" + offer + "', Buser='******' WHERE Auctions.ID=" + id); SqlAC.udi("INSERT INTO History VALUES('1','" + id + "','" + Session["username"].ToString() + "','" + offer.ToString() + "')"); Response.Redirect("ProductPage.aspx?id=" + id); } }
private void UpdateDB(DataRow r) { string Insert = "INSERT INTO CompletedAuctions VALUES ('" + r["ID"] + "','" + r["PName"] + "','" + r["SUser"] + "','" + r["Buser"] + "','" + r["price"] + "','" + r["ImgUrl"] + "','" + r["Catagory"] + "','" + r["Description"] + "')"; string Delete = "DELETE FROM Auctions WHERE ID=" + r["ID"]; SqlAC.udi(Insert); SqlAC.udi(Delete); }
protected void Btn_SignUp_Click(object sender, EventArgs e) { if (ask()) { LBL_output.Text = "User info updated"; SqlAC.udi("UPDATE Users SET Users.Password='******', Users.Email='" + TB_Email.Text + "', Users.FName='" + TB_FN.Text + "', Users.LName='" + TB_LN.Text + "', Users.City='" + TB_City.Text + "', Users.Phone='" + TB_PN.Text + "' WHERE Users.Username='******'"); } }
protected void Btn_SignUp_Click(object sender, EventArgs e) { try { if (ask()) { SqlAC.udi("INSERT INTO Users VALUES('" + TB_User.Text + "','" + TB_password.Text + "','" + TB_Email.Text + "','" + TB_FN.Text + "','" + TB_LN.Text + "','" + TB_City.Text + "','" + TB_PN.Text + "','0')"); Response.Redirect("Home.aspx"); } } catch (Exception) { LBL_output.Text = "username taken"; } }
protected void Submit_Click(object sender, EventArgs e) { int price = int.Parse(ak["Price"].ToString()); switch (CM) { case 1: //balance int AmountLeft = GetBalance() - price; if (AmountLeft < 0) { string seller = ak["SUser"].ToString(); string buyer = ak["BUser"].ToString(); SqlAC.udi("UPDATE Users SET Balance=Balance+" + price + " WHERE Username='******'"); SqlAC.udi("UPDATE Users SET Balance=" + AmountLeft + " WHERE Username='******'"); SqlAC.udi("DELETE FROM CompletedAuctions WHERE ID='" + ID + "'"); Output.Text = "Transaction completed"; Submit.Enabled = false; } else { Output.Text = "not enough funds"; } break; case 2: //CreditCard Check.Enabled = false; Service.WebService s = new Service.WebService(); int result = s.Purchase(CCNum.Text, CVV.Text, ExpDate.Text, Person_ID.Text, price.ToString()); if (result == 1) { Output.Text = " Transaction completed"; Submit.Enabled = false; SqlAC.udi("DELETE FROM CompletedAuctions WHERE ID='" + ID + "'"); } else if (result == 0) { Output.Text = "Check your input"; } else { Output.Text = "You can't use that credit card"; } break; } }
protected void Activate_Click(object sender, EventArgs e) { DateTime date = DateTime.Now; int H = int.Parse(Hours.Text); int M = int.Parse(mins.Text); TimeSpan time = new TimeSpan(0, H, M); DateTime combined = date.Add(time); string t = title.Text; string Userr = User.Text; string P = Price.Text; string ey = combined.Year.ToString(); string em = combined.Month.ToString(); string ed = combined.Day.ToString(); string eh = combined.Hour.ToString(); string emin = combined.Minute.ToString(); string url = ak.Tables[0].Rows[0]["ImgUrl"].ToString(); string catagory = ak.Tables[0].Rows[0]["Catagory"].ToString(); SqlAC.udi("INSERT INTO Auctions (PName,SUser,Price,EY,EM,ED,EH,EMin,Open,ImgUrl,Catagory,Description) VALUES ('" + t + "','" + Userr + "','" + P + "','" + ey + "','" + em + "','" + ed + "','" + eh + "','" + emin + ",'1'," + url + "','" + catagory + "','" + desc + "'"); SqlAC.udi("DELETE FROM PendingAuctions WHERE id=" + id); }
private void Delete(int i) { SqlAC.udi("UPDATE Auctions SET Auctions.Open='0' WHERE ID=" + ak.Tables[0].Rows[i]["ID"].ToString() + ""); }
protected void Unnamed_Click(object sender, EventArgs e) { s = DDL.Text; SqlAC.udi("UPDATE Complaints SET Response='" + Res.Text + "',Checked='1' WHERE Title='" + s + "'"); Response.Redirect("Compllaints.aspx"); }