public static CustomerSession CreateCustomerSession(int customerid, string SessionName, string SessionValue, string ipaddr)
{
CustomerSession cs = null;
string err = String.Empty;
SqlConnection cn = new SqlConnection(DB.GetDBConn());
cn.Open();
SqlCommand cmd = new SqlCommand();
cmd.Connection = cn;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "dbo.aspdnsf_SessionInsert";
cmd.Parameters.Add(new SqlParameter("@CustomerID", SqlDbType.Int, 4));
cmd.Parameters.Add(new SqlParameter("@SessionValue", SqlDbType.NText));
cmd.Parameters.Add(new SqlParameter("@ipaddr", SqlDbType.VarChar, 15));
cmd.Parameters.Add(new SqlParameter("@CustomerSessionID", SqlDbType.Int, 4)).Direction = ParameterDirection.Output;
cmd.Parameters["@CustomerID"].Value = customerid;
StringBuilder sessionparams = new StringBuilder(1024);
sessionparams.Append("<params>");
if (SessionName != null && SessionName != "")
{
sessionparams.Append("<param name=\"");
sessionparams.Append(XmlCommon.XmlEncodeAttribute(SessionName));
sessionparams.Append("\" val=\"");
sessionparams.Append(XmlCommon.XmlEncodeAttribute(SessionValue));
sessionparams.Append("\"/>");
}
sessionparams.Append("</params>");
cmd.Parameters["@SessionValue"].Value = sessionparams.ToString();
if (ipaddr == null)
{
cmd.Parameters["@ipaddr"].Value = DBNull.Value;
}
else
{
cmd.Parameters["@ipaddr"].Value = ipaddr;
}
try
{
cmd.ExecuteNonQuery();
int SessionID = Convert.ToInt32(cmd.Parameters["@CustomerSessionID"].Value);
cs = new CustomerSession(SessionID, false);
}
catch (Exception ex)
{
err = ex.Message;
}
cn.Close();
cmd.Dispose();
cn.Dispose();
return(cs);
}
private void LoadFromDB()
{
using (SqlConnection dbconn = DB.dbConn())
{
dbconn.Open();
using (IDataReader rs = DB.GetRS("aspdnsf_SessionGetByCustomerID " + m_CustomerID.ToString(), dbconn))
{
if (rs.Read())
{
m_CustomerID = DB.RSFieldInt(rs, "CustomerID");
m_SessionID = DB.RSFieldInt(rs, "CustomerSessionID");
m_LastActivity = DB.RSFieldDateTime(rs, "LastActivity");
m_IPAddress = DB.RSField(rs, "ipaddr");
string sessionparams = DB.RSField(rs, "SessionValue");
DeserializeParams(sessionparams);
}
else
{
int sessionid = CustomerSession.createSession(m_CustomerID, "", "", CommonLogic.CustomerIpAddress());
using (SqlConnection dbconn2 = DB.dbConn())
{
dbconn2.Open();
using (IDataReader rs2 = DB.GetRS("aspdnsf_SessionGetByID " + sessionid.ToString(), dbconn2))
{
if (rs2.Read())
{
m_CustomerID = DB.RSFieldInt(rs2, "CustomerID");
m_SessionID = sessionid;
m_LastActivity = DB.RSFieldDateTime(rs2, "LastActivity");
m_IPAddress = DB.RSField(rs2, "ipaddr");
string sessionparams = DB.RSField(rs2, "SessionValue");
DeserializeParams(sessionparams);
}
}
}
}
}
}
}
public static string UpdateCustomerSession(int CustomerSessionID, string SessionParams, string ExpiresOn, object LoggedOut)
{
if (LoggedOut != null)
{
CustomerSession.StaticClear();
return("");
}
string err = String.Empty;
SqlConnection cn = new SqlConnection(DB.GetDBConn());
cn.Open();
SqlCommand cmd = new SqlCommand();
cmd.Connection = cn;
cmd.CommandType = CommandType.StoredProcedure;
cmd.CommandText = "dbo.aspdnsf_SessionUpdate";
cmd.Parameters.Add(new SqlParameter("@CustomerSessionID", SqlDbType.Int, 4));
cmd.Parameters.Add(new SqlParameter("@SessionName", SqlDbType.NVarChar, 200));
cmd.Parameters.Add(new SqlParameter("@SessionValue", SqlDbType.NText));
cmd.Parameters.Add(new SqlParameter("@ExpiresOn", SqlDbType.VarChar, 30));
cmd.Parameters.Add(new SqlParameter("@LoggedOut", SqlDbType.DateTime));
cmd.Parameters["@CustomerSessionID"].Value = CustomerSessionID;
cmd.Parameters["@SessionName"].Value = "";
if (SessionParams == null)
{
cmd.Parameters["@SessionValue"].Value = DBNull.Value;
}
else
{
cmd.Parameters["@SessionValue"].Value = SessionParams;
}
if (ExpiresOn == null)
{
cmd.Parameters["@ExpiresOn"].Value = DBNull.Value;
}
else
{
cmd.Parameters["@ExpiresOn"].Value = ExpiresOn;
}
if (LoggedOut == null)
{
cmd.Parameters["@LoggedOut"].Value = DBNull.Value;
}
else
{
cmd.Parameters["@LoggedOut"].Value = LoggedOut;
}
try
{
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
err = ex.Message;
}
cn.Close();
cmd.Dispose();
cn.Dispose();
return(err);
}