protected void Button2_Click(object sender, EventArgs e)
{
string email = emailTxt.Text.ToString();
string password = passwordTxt.Text.ToString();
DataTable dt = dbcon.getDataSQL("select * from users where email = '" + email + "' and password= '******';");
if (dt.Rows.Count > 0)
{
Session["userE"] = email;
Response.Write("<script>alert('Login Successfully.');window.location = 'Home.aspx';</script>");
}
else
{
DataTable dt2 = dbcon.getDataSQL("select * from users where email = '" + email + "';");
if (dt2.Rows.Count > 0)
{
Response.Write("<script>alert('Incorrect Password')</script>");
}
else
{
Response.Write("<script>alert('User does not exist')</script>");
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
dbcon = new SQLConnection();
if (!this.IsPostBack)
{
int i = 0, j = 1;
DataTable dt1 = dbcon.getDataSQL("select dateTime from carts where status=1 group by dateTime order by dateTime desc;");
foreach (DataRow dr in dt1.Rows)
{
DataTable dt2 = dbcon.getDataSQL("select u.* from users as u left join carts as c on u.ID = c.user_id where c.dateTime='" + dt1.Rows[i]["dateTime"] + "' order by c.dateTime desc;");
table.Append("<tr>");
table.Append("<td>" + j + "</td>");
table.Append("<td>" + dt2.Rows[0]["name"] + "</td>");
table.Append("<td class=\"text-center\">" + dt2.Rows[0]["email"] + "</td>");
table.Append("<td class=\"text-center\">" + dr["dateTime"].ToString() + "</td>");
table.Append("<td><a class=\"btn btn-info\" href = 'AdminEditOrder.aspx?dateTime=" + dt1.Rows[i]["dateTime"] + "'>Edit</a></td>");
table.Append("<tr>");
i++;
j++;
}
Panel1.Controls.Add(new Label {
Text = table.ToString()
});
}
}
protected void Button2_Click(object sender, EventArgs e)
{
string name = nameTxt.Text.ToString();
string password = passwordTxt.Text.ToString();
DataTable dt = dbcon.getDataSQL("select * from admins where name = '" + name + "' and password= '******';");
if (dt.Rows.Count > 0)
{
Session["admin"] = name;
Response.Write("<script>alert('Login Successfully.');window.location = 'Admin.aspx';</script>");
}
else
{
DataTable dt2 = dbcon.getDataSQL("select * from admins where name = '" + name + "';");
if (dt2.Rows.Count > 0)
{
Response.Write("<script>alert('Incorrect Password')</script>");
}
else
{
Response.Write("<script>alert('Admin does not exist')</script>");
}
}
}
protected void Payment_Click(object sender, EventArgs e)
{
DataTable dt = dbcon.getDataSQL("select * from carts where user_id = '" + Session["user_id"] + "'and status=0;");
for (int i = 0; i < dt.Rows.Count; i++)
{
string query = "UPDATE carts SET status = 1, dateTime = '" + DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss") + "' WHERE user_id = '" + Session["user_id"] + "'and status=0;";
dbcon.executeSQL(query);
}
Session["productCount"] = null;
Session["totalPayment"] = null;
DataTable dt1 = dbcon.getDataSQL("select * from users where ID = '" + Session["user_id"] + "';");
Response.Write("<script>alert('Thank you " + dt1.Rows[0]["name"].ToString() + ", Payment Successfully.');window.location = 'Home.aspx';</script>");
}
protected void Button1_Click(object sender, EventArgs e)
{
if (fullNameTxt.Text.Equals("") || EmailTxt.Text.Equals("") || Phone.Text.Equals("") || Address.InnerText.Equals("") || PasswordTxt.Text.Equals("") || ConfrimPasswordTxt.Text.Equals(""))
{
Response.Write("<script>alert('Cannot fill in the blanks')</script>");
}
else if (PasswordTxt.Text != ConfrimPasswordTxt.Text)
{
Response.Write("<script>alert('Confrim password not same')</script>");
}
else
{
DataTable dt = dbcon.getDataSQL("select * from users where email='" + EmailTxt.Text + "'");
if (dt.Rows.Count > 0)
{
Response.Write("<script>alert('Email is already taken!')</script>");
}
else
{
try
{
string query = "insert into users(name, email, password, address, phone, dateTime) values ('" + fullNameTxt.Text + "','" + EmailTxt.Text + "','" + PasswordTxt.Text + "','" + Address.InnerText + "','" + Phone.Text + "','" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "');";
dbcon.executeSQL(query);
Session["userE"] = EmailTxt.Text;
Response.Write("<script>alert('Register Successfully.');window.location = 'Home.aspx';</script>");
}
catch (Exception ex)
{
Response.Write(ex.ToString());
}
}
}
}
protected void Repeater1_ItemCommand(object source, RepeaterCommandEventArgs e)
{
if (Session["userE"] != null)
{
if (e.CommandName == "AddToCart")
{
string product_id = e.CommandArgument.ToString();
int quantity = 1;
DataTable dt = dbcon.getDataSQL("select * from carts where user_id = '" + Session["user_id"] + "' and product_id= '" + product_id + "' and status=0;");
if (dt.Rows.Count > 0)
{
int beforeQuantity = (int)dt.Rows[0]["quantity"];
int total = quantity + beforeQuantity;
string query = "UPDATE carts SET quantity = '" + total + "' WHERE id = '" + dt.Rows[0]["id"] + "'";
dbcon.executeSQL(query);
Response.Write("<script>alert('Add Item Successfully');</script>");
}
else
{
string query = "insert into carts(user_id,product_id,quantity,status,dateTime) values('" + Session["user_id"] + "','" + product_id + "','" + quantity + "','" + 0 + "','" + null + "');";
dbcon.executeSQL(query);
Response.Write("<script>alert('Add Item Successfully');</script>");
}
}
}
else
{
Response.Write("<script>alert('Please login');</script>");
}
}
protected void Button2_Click(object sender, EventArgs e)
{
dbcon = new SQLConnection();
DataTable dt1 = dbcon.getDataSQL("select * from users where email='" + email.Text + "'");
if (name.Text.Equals("") || email.Text.Equals("") || password.Text.Equals("") || phone.Text.Equals("") || address.Text.Equals(""))
{
Response.Write("<script>alert('Cannot fill in the blanks')</script>");
}
else
{
if (Session["user_id"] != null)
{
DataTable dt = dbcon.getDataSQL("select * from users where id = '" + Session["user_id"] + "';");
var user_email = dt.Rows[0]["email"].ToString();
if (email.Text.Equals(user_email) || dt1.Rows.Count == 0)
{
string query = "UPDATE users SET name = '" + name.Text + "', email = '" + email.Text + "', password = '******', phone = '" + phone.Text + "', address = '" + address.Text + "', dateTime = '" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "' WHERE id = '" + Session["user_id"] + "'";
dbcon.executeSQL(query);
Response.Write("<script>alert('Update User Successfully')</script>");
}
else
{
Response.Write("<script>alert('User Email is already taken!')</script>");
email.Text = user_email;
}
}
else if (dt1.Rows.Count > 0)
{
Response.Write("<script>alert('User Email is already taken!')</script>");
email.Text = null;
}
else
{
try
{
string query = "insert into users(name, email, password, address, phone, dateTime) values ('" + name.Text + "','" + email.Text + "','" + password.Text + "','" + address.Text + "','" + phone.Text + "','" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "');";
dbcon.executeSQL(query);
Response.Write("<script>alert('Create User Successfully.');window.location = 'AdminViewUser.aspx';</script>");
}
catch (Exception ex)
{
Response.Write(ex.ToString());
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
dbcon = new SQLConnection();
if (!this.IsPostBack)
{
DataTable dt = dbcon.getDataSQL("select * from products;");
Repeater1.DataSource = dt;
Repeater1.DataBind();
}
}
protected void Page_Load(object sender, EventArgs e)
{
dbcon = new SQLConnection();
DataTable dt = dbcon.getDataSQL("select * from users where email = '" + Session["userE"] + "';");
if (dt.Rows.Count > 0)
{
Session["user_id"] = dt.Rows[0]["id"];
}
Repeater1.DataSource = dt;
Repeater1.DataBind();
}
protected void Button2_Click(object sender, EventArgs e)
{
var dateTime = Request.QueryString["dateTime"];
DataTable dt = dbcon.getDataSQL("select * from carts where dateTime = '" + dateTime + "' and status=1;");
for (int i = 0; i < dt.Rows.Count; i++)
{
string query = "UPDATE carts SET status = 0 WHERE dateTime = '" + dateTime + "' and status=1;";
dbcon.executeSQL(query);
}
Response.Write("<script>window.location = 'AdminViewOrder.aspx';</script>");
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["product_id"] != null)
{
if (!IsPostBack)
{
dbcon = new SQLConnection();
DataTable dt = dbcon.getDataSQL("select * from products where id = '" + Session["product_id"] + "';");
name.Text = dt.Rows[0]["name"].ToString();
price.Text = dt.Rows[0]["price"].ToString();
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["userE"] == null)
{
Response.Write("<script>window.location = 'Login.aspx';</script>");
}
dbcon = new SQLConnection();
if (!this.IsPostBack)
{
DataTable dt = dbcon.getDataSQL("select *, c.quantity * p.price as totalPrice from carts as c inner join products as p on c.product_id = p.id where user_id='" + Session["user_id"] + "'and status=0;");
Label1.Text = dt.Rows.Count.ToString();
Repeater1.DataSource = dt;
Repeater1.DataBind();
if (dt.Rows.Count > 0)
{
DataTable dt1 = dbcon.getDataSQL("select sum(quantity * price) as total from carts as c inner join products as p on c.product_id = p.id where user_id='" + Session["user_id"] + "';");
Session["totalPayment"] = dt1.Rows[0]["total"];
Label2.Text = "$" + Session["totalPayment"].ToString();
Session["productCount"] = dt.Rows.Count.ToString();
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
dbcon = new SQLConnection();
var dateTime = Request.QueryString["dateTime"];
if (dateTime != null)
{
if (!this.IsPostBack)
{
DataTable dt1 = dbcon.getDataSQL("select *, c.quantity * p.price as totalPrice from carts as c inner join products as p on c.product_id = p.id where dateTime = '" + dateTime + "'and status = 1;");
Repeater1.DataSource = dt1;
Repeater1.DataBind();
}
}
else
{
Response.Redirect("AdminViewOrder.aspx");
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["admin"] == null)
{
Response.Write("<script>window.location = 'AdminViewUser.aspx';</script>");
}
else if (Session["user_id"] != null)
{
if (!IsPostBack)
{
dbcon = new SQLConnection();
DataTable dt = dbcon.getDataSQL("select * from users where id = '" + Session["user_id"] + "';");
name.Text = dt.Rows[0]["name"].ToString();
email.Text = dt.Rows[0]["email"].ToString();
password.Text = dt.Rows[0]["password"].ToString();
phone.Text = dt.Rows[0]["phone"].ToString();
address.Text = dt.Rows[0]["address"].ToString();
}
}
}
protected void Button2_Click(object sender, EventArgs e)
{
dbcon = new SQLConnection();
DataTable dt = dbcon.getDataSQL("select * from users where email='" + email.Text + "'");
if (name.Text.Equals("") || email.Text.Equals("") || password.Text.Equals("") || phone.Text.Equals("") || address.Text.Equals(""))
{
Response.Write("<script>alert('Cannot fill in the blanks')</script>");
}
else if (email.Text.Equals(Session["userE"].ToString()) || dt.Rows.Count == 0)
{
string query = "UPDATE users SET name = '" + name.Text + "', email = '" + email.Text + "', password = '******', phone = '" + phone.Text + "', address = '" + address.Text + "', dateTime = '" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "' WHERE email = '" + Session["userE"] + "'";
dbcon.executeSQL(query);
Response.Write("<script>alert('Update Profile Successfully')</script>");
Session["userE"] = email.Text;
}
else
{
Response.Write("<script>alert('User Email is already taken!')</script>");
}
}