コード例 #1
0
ファイル: Home.aspx.cs プロジェクト: biletnam/MoviesAreUs
    protected void btnEnter_Click(object sender, EventArgs e)
    {
        System.Data.SqlClient.SqlDataReader SqlDataReader1;
        //the connection object
        string constr = @"Data Source=AviMaymon-PC\MYSERVER;Initial Catalog=MoviesAreUsDB;Integrated Security=True";

        sqlConnection1 = new System.Data.SqlClient.SqlConnection(constr);                       //the command object
        sqlCommand1    = new SqlCommand("SELECT * FROM Users WHERE Username=@Username AND Password=@Password", sqlConnection1);
        sqlCommand1.Parameters.AddWithValue("@Username", txtUserName.Text);
        sqlCommand1.Parameters.AddWithValue("@Password", txtUserPass.Text);
        sqlCommand1.Connection.Open();                  //open the command connection
        SqlDataReader1 = sqlCommand1.ExecuteReader();   //the Reader gets the selected records
        if (SqlDataReader1.Read())
        {
            sqlCommand1.Connection.Close();         //close the command object
            SqlDataReader1.Close();                 //you have to close the Reader in order to use the Command again!
            Session["UserName"] = txtUserName.Text;
            Guid       uid      = Guid.NewGuid();
            HttpCookie myCookie = new HttpCookie("UniqueID");
            myCookie.Value = uid.ToString();
            Response.Cookies.Add(myCookie);
            Response.Redirect("Buy_A_Ticket.aspx");
        }
        else
        {
            sqlCommand1.Connection.Close();         //close the command object
            SqlDataReader1.Close();
        }
    }
コード例 #2
0
    SqlConnection sqlConnection1, sqlConnection2; //will be availabe for all functions
    protected void Page_Load(object sender, EventArgs e)
    {
        System.Data.SqlClient.SqlDataReader SqlDataReader1, SqlDataReader2;
        string constr = @"Data Source=NICHOLAS\SQLEXPRESS;Initial Catalog=FlixTix;Integrated Security=True";

        sqlConnection1 = new System.Data.SqlClient.SqlConnection(constr);
        sqlConnection2 = new System.Data.SqlClient.SqlConnection(constr);
        string snackStr = "";

        if (Request.Cookies["UniqueID"] == null)
        {
            Response.Redirect("Home.aspx");
        }
        if (Session["PhoneNumber"] != null)
        {
            lblPhoneNumber.Text = "Your phone number : " + (string)Session["PhoneNumber"];
        }
        OrdersTable.InnerHtml = "<table class='ordersTable center' runat='server'>" +
                                "<tr class='ordersRowCol'>" +
                                "<td class='ordersRowCol'>Title</td>" +
                                "<td class='ordersRowCol'>Poster</td>" +
                                "<td class='ordersRowCol'>Seats</td>" +
                                "<td class='ordersRowCol'>Credit Card</td>";
        //get all records of user from orders table
        sqlCommand1 = new SqlCommand("SELECT *,Orders.Id AS Oid FROM Orders INNER JOIN Users ON Orders.UserId = Users.Id AND Users.Id=@UserId INNER JOIN Films ON Orders.FilmId=Films.Id ", sqlConnection1);
        sqlCommand1.Parameters.AddWithValue("@UserId", Int32.Parse(Session["UserId"].ToString()));
        sqlCommand1.Connection.Open();                  //open the command connection
        SqlDataReader1 = sqlCommand1.ExecuteReader();   //the Reader gets the selected records
        while (SqlDataReader1.Read())
        {
            //fill table
            var seatCount = SqlDataReader1["Seats"].ToString().Split(new string[] { "True" }, StringSplitOptions.None).Length - 1;
            OrdersTable.InnerHtml += "<tr class='ordersRowCol'>" +
                                     "<td class='ordersRowCol'>" + SqlDataReader1["Title"].ToString() + "</td>" +
                                     "<td class='ordersRowCol'><img width='108' src='graphics/" + SqlDataReader1["Poster"].ToString() + "' /></td>" +
                                     "<td class='ordersRowCol'>" + seatCount + "</td>" +
                                     "<td class='ordersRowCol'>" + SqlDataReader1["Payment"].ToString() + "</td>" +
                                     "<td class='ordersRowCol'>" + snackStr + "</td></tr>";
            snackStr = "";
        }
        OrdersTable.InnerHtml += "</table>";
        sqlCommand1.Connection.Close();         //close the command object
        SqlDataReader1.Close();
    }
        public List <Schedule> GetScheduleInfoByDeptmentId(int CLid)
        {
            string        connection     = WebConfigurationManager.ConnectionStrings["UniversityManagementConDB"].ConnectionString;
            SqlConnection SqlConnection1 = new SqlConnection(connection);
            SqlCommand    SqlCommand1;
            SqlDataReader SqlDataReader1;


            string query =
                "SELECT * FROM Course WHERE DepartmentId=@did";

            SqlCommand1 = new SqlCommand(query, SqlConnection1);
            SqlCommand1.Parameters.AddWithValue("@did", CLid);
            SqlConnection1.Open();
            SqlDataReader1 = SqlCommand1.ExecuteReader();

            List <Schedule> scheduleList = new List <Schedule>();

            while (SqlDataReader1.Read())
            {
                Schedule schedule        = new Schedule();
                Course   courseViewModel = new Course();
                courseViewModel.Code = SqlDataReader1["Code"].ToString();
                courseViewModel.Name = SqlDataReader1["Name"].ToString();
                courseViewModel.Id   = Convert.ToInt32(SqlDataReader1["Id"]);

                int id = courseViewModel.Id;
                //string code = courseViewModel.Code;
                string s = FindInfo(id, CLid);

                schedule.CoureCode    = courseViewModel.Code;
                schedule.Name         = courseViewModel.Name;
                schedule.ScheduleInfo = s;
                if (s != "")
                {
                    scheduleList.Add(schedule);
                }
            }
            SqlDataReader1.Close();
            SqlConnection1.Close();
            return(scheduleList);
        }
コード例 #4
0
    protected void btnPay_Click(object sender, EventArgs e)
    {
        string Seats, Payment, DateNTime;
        int    FilmId, UserId;

        System.Data.SqlClient.SqlDataReader SqlDataReader1;
        string constr = @"Data Source=NICHOLAS\SQLEXPRESS;Initial Catalog=FlixTix;Integrated Security=True";

        sqlConnection1 = new System.Data.SqlClient.SqlConnection(constr);                       //the command object
        //get filmId
        sqlCommand1 = new SqlCommand("SELECT Id FROM Films WHERE Title=@Title", sqlConnection1);
        sqlCommand1.Parameters.AddWithValue("@Title", (string)Session["FilmName"]);
        sqlCommand1.Connection.Open();                  //open the command connection
        SqlDataReader1 = sqlCommand1.ExecuteReader();   //the Reader gets the selected records
        SqlDataReader1.Read();
        FilmId = Int32.Parse(SqlDataReader1["Id"].ToString());
        sqlCommand1.Connection.Close();                     //close the command object
        SqlDataReader1.Close();
        UserId = Int32.Parse(Session["UserId"].ToString()); //get user id
        //get the rest
        Seats     = (string)Session["SeatsInfo"];
        Payment   = DD_CardType.Text;
        DateNTime = DateTime.Now.ToString();
        //insert to orders table
        sqlCommand1 = new SqlCommand("INSERT Orders (FilmId,UserId,Seats,Payment,DateNTime) VALUES (@FilmId,@UserId,@Seats,@Payment,@DateNTime) SELECT SCOPE_IDENTITY() ", sqlConnection1);
        sqlCommand1.Parameters.AddWithValue("@FilmId", FilmId);
        sqlCommand1.Parameters.AddWithValue("@UserId", UserId);
        sqlCommand1.Parameters.AddWithValue("@Seats", Seats);
        sqlCommand1.Parameters.AddWithValue("@Payment", Payment);
        sqlCommand1.Parameters.AddWithValue("@DateNTime", DateNTime);
        sqlCommand1.Connection.Open();                  //open the command connection
        int OrderId = Convert.ToInt32(sqlCommand1.ExecuteScalar());

        sqlCommand1.Connection.Close();         //close the command object
        SqlDataReader1.Close();
        //insert to Food table

        Session["PhoneNumber"] = txtPhoneNumber.Text;
        Session["UserId"]      = UserId;
        Response.Redirect("Orders.aspx");
    }
        private string FindInfo(int id, int cLid)
        {
            string        connection     = WebConfigurationManager.ConnectionStrings["UniversityManagementConDB"].ConnectionString;
            SqlConnection SqlConnection1 = new SqlConnection(connection);
            SqlCommand    SqlCommand1;
            SqlDataReader SqlDataReader1;

            //"SELECT * FROM ClassRoom WHERE CourseId=@code AND DepartmentId=@did
            string query =
                "SELECT * FROM ClassRoom WHERE CourseId=@code AND DepartmentId=@did AND Flag=1";

            SqlCommand1 = new SqlCommand(query, SqlConnection1);
            SqlCommand1.Parameters.AddWithValue("@did", cLid);
            SqlCommand1.Parameters.AddWithValue("@code", id);
            SqlConnection1.Open();
            SqlDataReader1 = SqlCommand1.ExecuteReader();

            List <Schedule> scheduleList = new List <Schedule>();

            string info = "";

            while (SqlDataReader1.Read())
            {
                ClassRoom cr = new ClassRoom();
                cr.RoomId   = Convert.ToInt32(SqlDataReader1["RoomId"]);
                cr.DayId    = Convert.ToInt32(SqlDataReader1["DayId"]);
                cr.TimeFrom = SqlDataReader1["TimeFrom"].ToString();
                cr.TimeTo   = SqlDataReader1["TimeTo"].ToString();

                string rn  = FindRoomName(cr.RoomId);
                string day = FindDayName(cr.DayId);

                info += "R. No: " + rn + ", " + day + ", " + cr.TimeFrom + " - " + cr.TimeTo + "@";
            }
            info = info.Replace("@", Environment.NewLine);
            SqlDataReader1.Close();
            SqlConnection1.Close();
            return(info);
        }
        private string FindRoomName(int roomId)
        {
            string        connection     = WebConfigurationManager.ConnectionStrings["UniversityManagementConDB"].ConnectionString;
            SqlConnection SqlConnection1 = new SqlConnection(connection);
            SqlCommand    SqlCommand1;
            SqlDataReader SqlDataReader1;


            string query = "SELECT * FROM Room WHERE Id=@id";

            SqlCommand1 = new SqlCommand(query, SqlConnection1);
            SqlCommand1.Parameters.AddWithValue("@id", roomId);

            SqlConnection1.Open();
            SqlDataReader1 = SqlCommand1.ExecuteReader();

            SqlDataReader1.Read();
            string name = SqlDataReader1["Name"].ToString();

            SqlDataReader1.Close();
            SqlConnection1.Close();
            return(name);
        }
コード例 #7
0
ファイル: Home.aspx.cs プロジェクト: banananug/FlixTixV3
    protected void btnEnter_Click(object sender, EventArgs e)
    {
        System.Data.SqlClient.SqlDataReader SqlDataReader1;
        //the connection object
        string constr = @"Data Source=NICHOLAS\SQLEXPRESS;Initial Catalog=FlixTix;Integrated Security=True";

        sqlConnection1 = new System.Data.SqlClient.SqlConnection(constr);                       //the command object
        sqlCommand1    = new SqlCommand("SELECT * FROM Users WHERE Username=@Username AND Password=@Password", sqlConnection1);
        sqlCommand1.Parameters.AddWithValue("@Username", txtUserName.Text);
        sqlCommand1.Parameters.AddWithValue("@Password", txtUserPass.Text);
        sqlCommand1.Connection.Open();                  //open the command connection
        SqlDataReader1 = sqlCommand1.ExecuteReader();   //the Reader gets the selected records

        if (txtUserName.Text == "ADMIN" && txtUserPass.Text == "ADMIN")
        {
            Response.Redirect("AdminHome.aspx");
        }

        else if (SqlDataReader1.Read())
        {
            sqlCommand1.Connection.Close();         //close the command object
            SqlDataReader1.Close();                 //close the Reader
            Session["UserName"] = txtUserName.Text;
            Guid       uid      = Guid.NewGuid();
            HttpCookie myCookie = new HttpCookie("UniqueID");
            myCookie.Value = uid.ToString();
            Response.Cookies.Add(myCookie);
            Response.Redirect("Buy_A_Ticket.aspx");
        }


        else
        {
            sqlCommand1.Connection.Close();         //close the command object
            SqlDataReader1.Close();
        }
    }
コード例 #8
0
ファイル: Orders.aspx.cs プロジェクト: biletnam/MoviesAreUs
    SqlConnection sqlConnection1, sqlConnection2; //will be availabe for all function
    protected void Page_Load(object sender, EventArgs e)
    {
        System.Data.SqlClient.SqlDataReader SqlDataReader1, SqlDataReader2;
        string constr = @"Data Source=AviMaymon-PC\MYSERVER;Initial Catalog=MoviesAreUsDB;Integrated Security=True";

        sqlConnection1 = new System.Data.SqlClient.SqlConnection(constr);
        sqlConnection2 = new System.Data.SqlClient.SqlConnection(constr);
        string snackStr = "";

        if (Request.Cookies["UniqueID"] == null)
        {
            Response.Redirect("Home.aspx");
        }
        if (Session["PhoneNumber"] != null)
        {
            lblPhoneNumber.Text = "Your phone number : " + (string)Session["PhoneNumber"];
        }
        OrdersTable.InnerHtml = "<table class='ordersTable center' runat='server'>" +
                                "<tr class='ordersRowCol'>" +
                                "<td class='ordersRowCol'>Title</td>" +
                                "<td class='ordersRowCol'>Poster</td>" +
                                "<td class='ordersRowCol'>Seats</td>" +
                                "<td class='ordersRowCol'>Credit Card</td>" +
                                "<td class='ordersRowCol'>Snacks</td></tr>";
        //get all records of user from orders table
        sqlCommand1 = new SqlCommand("SELECT *,Orders.Id AS Oid FROM Orders INNER JOIN Users ON Orders.UserId = Users.Id AND Users.Id=@UserId INNER JOIN Films ON Orders.FilmId=Films.Id ", sqlConnection1);
        sqlCommand1.Parameters.AddWithValue("@UserId", Int32.Parse(Session["UserId"].ToString()));
        sqlCommand1.Connection.Open();                  //open the command connection
        SqlDataReader1 = sqlCommand1.ExecuteReader();   //the Reader gets the selected records
        while (SqlDataReader1.Read())
        {
            sqlCommand2 = new SqlCommand("SELECT  Food.FoodId, Food.OrderId, Food.OrderQuantity, Orders.Id FROM Food INNER JOIN Orders ON Food.OrderId = Orders.Id AND Orders.Id=@OrderId", sqlConnection2);
            sqlCommand2.Parameters.AddWithValue("@OrderId", Int32.Parse(SqlDataReader1["Oid"].ToString()));
            sqlCommand2.Connection.Open();                  //open the command connection
            SqlDataReader2 = sqlCommand2.ExecuteReader();   //the Reader gets the selected records
            int snackTypes = 0;
            while (SqlDataReader2.Read())
            {
                if (Int32.Parse(SqlDataReader2["FoodId"].ToString()) == 1)
                {
                    if (snackTypes != 0)
                    {
                        snackStr += ",";
                    }
                    snackTypes++;
                    snackStr += "Popcorn:" + SqlDataReader2["OrderQuantity"].ToString();
                }
                if (Int32.Parse(SqlDataReader2["FoodId"].ToString()) == 2)
                {
                    if (snackTypes != 0)
                    {
                        snackStr += ",";
                    }
                    snackTypes++;
                    snackStr += "Nachos:" + SqlDataReader2["OrderQuantity"].ToString();
                }
                if (Int32.Parse(SqlDataReader2["FoodId"].ToString()) == 3)
                {
                    if (snackTypes != 0)
                    {
                        snackStr += ",";
                    }
                    snackTypes++;
                    snackStr += "Drinks:" + SqlDataReader2["OrderQuantity"].ToString();
                }
            }
            //fill table
            var seatCount = SqlDataReader1["Seats"].ToString().Split(new string[] { "True" }, StringSplitOptions.None).Length - 1;
            OrdersTable.InnerHtml += "<tr class='ordersRowCol'>" +
                                     "<td class='ordersRowCol'>" + SqlDataReader1["Title"].ToString() + "</td>" +
                                     "<td class='ordersRowCol'><img width='108' src='graphics/" + SqlDataReader1["Poster"].ToString() + "' /></td>" +
                                     "<td class='ordersRowCol'>" + seatCount + "</td>" +
                                     "<td class='ordersRowCol'>" + SqlDataReader1["Payment"].ToString() + "</td>" +
                                     "<td class='ordersRowCol'>" + snackStr + "</td></tr>";
            snackStr = "";
            sqlCommand2.Connection.Close();         //close the command object
            SqlDataReader2.Close();
        }
        OrdersTable.InnerHtml += "</table>";
        sqlCommand1.Connection.Close();         //close the command object
        SqlDataReader1.Close();
    }
コード例 #9
0
    protected void link_Click(object sender, System.EventArgs e)
    {
        LinkButton btn = (LinkButton)sender;
        string     id  = btn.ID;

        System.Data.SqlClient.SqlDataReader SqlDataReader1;
        //the connection object
        string constr = @"Data Source=NICHOLAS\SQLEXPRESS;Initial Catalog=FlixTix;Integrated Security=True";

        sqlConnection1 = new System.Data.SqlClient.SqlConnection(constr);                       //the command object
        //update poster and info as per movie selection
        sqlCommand1 = new SqlCommand("SELECT * FROM Films WHERE Poster=@poster", sqlConnection1);
        sqlCommand1.Parameters.AddWithValue("@Poster", id + ".jpg");
        sqlCommand1.Connection.Open();                  //open the command connection
        SqlDataReader1 = sqlCommand1.ExecuteReader();   //the Reader gets the selected records
        SqlDataReader1.Read();
        posterImg.ImageUrl = "~/graphics/" + SqlDataReader1["Poster"];
        int FilmId = Int32.Parse(SqlDataReader1["Id"].ToString()); //for use in the next part

        tmpFilmName.Text = FilmName = SqlDataReader1["Title"].ToString();
        sqlCommand1.Connection.Close();         //close the command object
        SqlDataReader1.Close();
        //re-enable checkboxes
        if (selectedSeatsData != null)
        {
            for (int row = 0; row < 5; row++)
            {
                for (int col = 0; col < 5; col++)
                {
                    Seats[row, col].Enabled = true;
                }
            }
        }
        //disable purchased ticket
        sqlCommand1 = new SqlCommand("SELECT Seats FROM Orders WHERE FilmId=@FilmId", sqlConnection1);
        sqlCommand1.Parameters.AddWithValue("@FilmId", FilmId);
        sqlCommand1.Connection.Open();                //open the command connection
        SqlDataReader1 = sqlCommand1.ExecuteReader(); //the Reader gets the selected records
        while (SqlDataReader1.Read())                 //for every order of the current film
        {                                             //build array of seats from Seats string in database
            string   str     = SqlDataReader1["Seats"].ToString();
            string[] seatArr = str.Split(',');
            //build seats matrix from seat array
            for (int i = 0; i < 5; i++)
            {
                for (int j = 0; j < 5; j++)
                {
                    selectedSeatsData[i, j] = Convert.ToBoolean(seatArr[i * 5 + j]);
                }
            }
            //disabling purchased seats for specific film
            if (selectedSeatsData != null)
            {
                for (int row = 0; row < 5; row++)
                {
                    for (int col = 0; col < 5; col++)
                    {
                        if (selectedSeatsData[row, col])
                        {
                            Seats[row, col].Checked = false;
                            Seats[row, col].Enabled = false;
                        }
                    }
                }
            }
        }
        sqlCommand1.Connection.Close();         //close the command object
        SqlDataReader1.Close();
    }
コード例 #10
0
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Request.Cookies["UniqueID"] == null)
        {
            Response.Redirect("Home.aspx");
        }
        string constr = @"Data Source=NICHOLAS\SQLEXPRESS;Initial Catalog=FlixTix;Integrated Security=True";

        sqlConnection1 = new System.Data.SqlClient.SqlConnection(constr);                       //the command object
        System.Data.SqlClient.SqlDataReader SqlDataReader1;
        //get user id and save with Session
        sqlCommand1 = new SqlCommand("SELECT Id FROM Users WHERE Username=@Username", sqlConnection1);
        sqlCommand1.Parameters.AddWithValue("@Username", (string)Session["Username"]);
        sqlCommand1.Connection.Open();                  //open the command connection
        SqlDataReader1 = sqlCommand1.ExecuteReader();   //the Reader gets the selected records
        SqlDataReader1.Read();
        Session["UserId"] = Int32.Parse(SqlDataReader1["Id"].ToString());
        sqlCommand1.Connection.Close();         //close the command object
        SqlDataReader1.Close();
        //loading from database
        sqlCommand1 = new SqlCommand("SELECT * FROM Films", sqlConnection1);
        sqlCommand1.Connection.Open();                  //open the command connection
        SqlDataReader1 = sqlCommand1.ExecuteReader();   //the Reader gets the selected records
        while (SqlDataReader1.Read())
        {
            LinkButton lnk = new LinkButton();
            lnk.ID       = SqlDataReader1["Poster"].ToString().Substring(0, SqlDataReader1["Poster"].ToString().Length - 4);
            lnk.Text     = SqlDataReader1["Title"].ToString();
            lnk.CssClass = "list-group-item list-group-item-action posterLink";
            string str = SqlDataReader1["Poster"].ToString().Substring(0, SqlDataReader1["Poster"].ToString().Length - 4) + "_Click";
            lnk.Click += new EventHandler(link_Click);
            movieList.Controls.Add(lnk);
        }
        sqlCommand1.Connection.Close();         //close the command object
        SqlDataReader1.Close();
        //binding
        Seats[0, 0] = check0_0;
        Seats[0, 1] = check0_1;
        Seats[0, 2] = check0_2;
        Seats[0, 3] = check0_3;
        Seats[0, 4] = check0_4;
        Seats[1, 0] = check1_0;
        Seats[1, 1] = check1_1;
        Seats[1, 2] = check1_2;
        Seats[1, 3] = check1_3;
        Seats[1, 4] = check1_4;
        Seats[2, 0] = check2_0;
        Seats[2, 1] = check2_1;
        Seats[2, 2] = check2_2;
        Seats[2, 3] = check2_3;
        Seats[2, 4] = check2_4;
        Seats[3, 0] = check3_0;
        Seats[3, 1] = check3_1;
        Seats[3, 2] = check3_2;
        Seats[3, 3] = check3_3;
        Seats[3, 4] = check3_4;
        Seats[4, 0] = check4_0;
        Seats[4, 1] = check4_1;
        Seats[4, 2] = check4_2;
        Seats[4, 3] = check4_3;
        Seats[4, 4] = check4_4;
    }
コード例 #11
0
    protected void link_Click(object sender, System.EventArgs e)
    {
        LinkButton btn = (LinkButton)sender;
        string     id  = btn.ID;

        System.Data.SqlClient.SqlDataReader SqlDataReader1;
        //the connection object
        string constr = @"Data Source=AviMaymon-PC\MYSERVER;Initial Catalog=MoviesAreUsDB;Integrated Security=True";

        sqlConnection1 = new System.Data.SqlClient.SqlConnection(constr);                       //the command object
        //CHANGE POSTER AND FILM NAME LABEL
        sqlCommand1 = new SqlCommand("SELECT * FROM Films WHERE Poster=@poster", sqlConnection1);
        sqlCommand1.Parameters.AddWithValue("@Poster", id + ".jpg");
        sqlCommand1.Connection.Open();                  //open the command connection
        SqlDataReader1 = sqlCommand1.ExecuteReader();   //the Reader gets the selected records
        SqlDataReader1.Read();
        posterImg.ImageUrl = "~/graphics/" + SqlDataReader1["Poster"];
        int FilmId = Int32.Parse(SqlDataReader1["Id"].ToString()); //for use in the next part

        tmpFilmName.Text = FilmName = SqlDataReader1["Title"].ToString();
        sqlCommand1.Connection.Close();         //close the command object
        SqlDataReader1.Close();
        //ENABLING CHECKBOXES THAT WERE DISABLED FOR OTHER FILM
        if (selectedSeatsData != null)
        {
            for (int row = 0; row < 5; row++)
            {
                for (int col = 0; col < 5; col++)
                {
                    Seats[row, col].Enabled = true;
                }
            }
        }
        //DISABLING PURCHASED TICKET PER MOVIE
        sqlCommand1 = new SqlCommand("SELECT Seats FROM Orders WHERE FilmId=@FilmId", sqlConnection1);
        sqlCommand1.Parameters.AddWithValue("@FilmId", FilmId);
        sqlCommand1.Connection.Open();                //open the command connection
        SqlDataReader1 = sqlCommand1.ExecuteReader(); //the Reader gets the selected records
        while (SqlDataReader1.Read())                 //for every order of the current film
        {                                             //build array of seats from Seats string in database
            string   str     = SqlDataReader1["Seats"].ToString();
            string[] seatArr = str.Split(',');
            //build seats matrix from seat array
            for (int i = 0; i < 5; i++)
            {
                for (int j = 0; j < 5; j++)
                {
                    selectedSeatsData[i, j] = Convert.ToBoolean(seatArr[i * 5 + j]);
                }
            }
            //disabling purchased seats for specific film
            if (selectedSeatsData != null)
            {
                for (int row = 0; row < 5; row++)
                {
                    for (int col = 0; col < 5; col++)
                    {
                        if (selectedSeatsData[row, col])
                        {
                            Seats[row, col].Checked = false;
                            Seats[row, col].Enabled = false;
                        }
                    }
                }
            }
        }
        sqlCommand1.Connection.Close();         //close the command object
        SqlDataReader1.Close();
    }