public string[] UpdateCustomer(CustomerClass fred, CreditCardClass cc, object[] stupid)
{
DBConnect DB = new DBConnect();
SqlCommand command = new SqlCommand();
string[] meh = new string[3];
ErrorCodes ec = new ErrorCodes();
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "CustomerUpdate";
command.Parameters.AddWithValue("@FirstName", fred.Firstname);
command.Parameters.AddWithValue("@Address", fred.Address);
command.Parameters.AddWithValue("@City", fred.City);
command.Parameters.AddWithValue("@State", fred.State);
command.Parameters.AddWithValue("@ZipCode", fred.ZipCode);
command.Parameters.AddWithValue("@AccountBalance", cc.AccountBalance);
meh[0] = (DB.DoUpdateUsingCmdObj(command) > 0) ? "true" : "false";
SqlCommand sandy = new SqlCommand();
sandy.CommandType = CommandType.StoredProcedure;
sandy.CommandText = "VerifyInfo";
sandy.Parameters.AddWithValue("@CreditCardNum", cc.CardNumber);
sandy.Parameters.AddWithValue("@CVV", cc.CVV);
sandy.Parameters.AddWithValue("@TransAmnt", float.Parse(stupid[2].ToString()));
sandy.Parameters.AddWithValue("@FirstName", fred.Firstname);
SqlParameter returnParam = new SqlParameter("@RVAL", DbType.Int32);
returnParam.Direction = ParameterDirection.ReturnValue;
sandy.Parameters.Add(returnParam);
// DataSet ds = DB.GetDataSetUsingCmdObj(sandy);
DB.GetDataSetUsingCmdObj(sandy);
meh[1] = sandy.Parameters["@RVAL"].Value.ToString();
meh[2] = ec.GetErrorCodeMessage(int.Parse(meh[1]));
return meh;
}
protected void btnSaveChanges_Click(object sender, EventArgs e)
{
string email = txtCurrentEmail.Text;
string newPhone = txtPhonenumber.Text;
SqlCommand phoneCmd = new SqlCommand();
DBConnect objDB = new DBConnect();
phoneCmd.CommandType = CommandType.StoredProcedure;
phoneCmd.CommandText = "dbo.TP_ResetPhonenumber";
SqlParameter inputEmail = new SqlParameter("@email", email);
inputEmail.Direction = ParameterDirection.Input;
inputEmail.SqlDbType = SqlDbType.NVarChar;
inputEmail.Size = 50;
phoneCmd.Parameters.Add(inputEmail);
SqlParameter inputPhone = new SqlParameter("@newPhone", newPhone);
inputPhone.Direction = ParameterDirection.Input;
inputPhone.SqlDbType = SqlDbType.NVarChar;
inputPhone.Size = 50;
phoneCmd.Parameters.Add(inputPhone);
phoneCmd.Parameters.Add("@results", SqlDbType.Int).Direction = ParameterDirection.Output;
objDB.DoUpdateUsingCmdObj(phoneCmd);
int result = Convert.ToInt32(phoneCmd.Parameters["@results"].Value);
if (result == 1)
lblMsg.Text = "Your phone number was changed succesfully!";
else if (result == 0)
lblMsg.Text = "Your phone number was not changed!Please try again";
}
protected void btnSaveChanges_Click(object sender, EventArgs e)
{
if (String.IsNullOrEmpty(txtCurrentEmail.Text) || String.IsNullOrEmpty(txtCurrentPassword.Text) || String.IsNullOrEmpty(txtNewPassword.Text))
Page.ClientScript.RegisterStartupScript(this.GetType(), "Script", "<script> alert('All fields are required.Thank you!'); </script>");
SqlCommand pass = new SqlCommand();
DBConnect objDB = new DBConnect();
//string currentPassword = (string)pass.ExecuteScalar();
//if (currentPassword == txtCurrentPassword.Text)
// { }
//else
// lblMsg.Text = "Please enter your current password again!";
Salt salt = new Salt();
string currentEmail = txtCurrentEmail.Text;
string currentPassword = txtCurrentPassword.Text;
string newPassword1 = txtNewPassword.Text;
customer customerObj=new customer();
int result = customerObj.ResetPassword(currentEmail, currentPassword, newPassword1, salt.ToString(),role);
if (result == 0)
lblMsg.Text = "The password you entered is incorrect!";
else if (result == 1)
lblMsg.Text = "The password was changed successfully.";
// Response.Redirect("LoginPage.aspx");
}
public Boolean AssessmentsUpdate(String fiscalYear)
{
SqlCommand objcomm = new SqlCommand();
objcomm.CommandType = CommandType.StoredProcedure;
objcomm.CommandText = "UpdateAssessments";
objcomm.Parameters.Add("@fiscalYear", fiscalYear);
SqlParameter outputParameter = new SqlParameter("@result", DbType.Int32);
outputParameter.Direction = ParameterDirection.ReturnValue;
objcomm.Parameters.Add(outputParameter);
DBConnect objDB = new DBConnect();
objDB.DoUpdateUsingCmdObj(objcomm);
int result = int.Parse(objcomm.Parameters["@result"].Value.ToString());
if (result == 1)
{
return true;
}
else
{
return false;
}
}
protected void btnSaveChanges_Click(object sender, EventArgs e)
{
if (String.IsNullOrEmpty(txtPhonenumber.Text) || String.IsNullOrEmpty(txtCurrentEmail.Text))
Page.ClientScript.RegisterStartupScript(this.GetType(), "Script", "<script> alert('All fields are required.Thank you!'); </script>");
string email = txtCurrentEmail.Text;
string newPhone = txtPhonenumber.Text;
SqlCommand phoneCmd = new SqlCommand();
DBConnect objDB = new DBConnect();
phoneCmd.CommandType = CommandType.StoredProcedure;
phoneCmd.CommandText = "dbo.TP_ResetPhonenumber";
SqlParameter inputEmail = new SqlParameter("@email", email);
inputEmail.Direction = ParameterDirection.Input;
inputEmail.SqlDbType = SqlDbType.NVarChar;
inputEmail.Size = 50;
phoneCmd.Parameters.Add(inputEmail);
SqlParameter inputPhone = new SqlParameter("@newPhone", newPhone);
inputPhone.Direction = ParameterDirection.Input;
inputPhone.SqlDbType = SqlDbType.NVarChar;
inputPhone.Size = 50;
phoneCmd.Parameters.Add(inputPhone);
phoneCmd.Parameters.Add("@results", SqlDbType.Int).Direction = ParameterDirection.Output;
objDB.DoUpdateUsingCmdObj(phoneCmd);
int result = Convert.ToInt32(phoneCmd.Parameters["@results"].Value);
if (result == 1)
lblMsg.Text = "Your phone number was changed succesfully!";
else if (result == 0)
lblMsg.Text = "Your phone number was not changed!Please try again";
}
protected void btnConfirm_Click(object sender, EventArgs e)
{
string oldpass = txtOldPass.Text;
string newpass1 = txtNewPass1.Text;
string newpass2 = txtNewPass2.Text;
if (newpass1 == newpass2)
{
DBConnect db = new DBConnect();
string email = Session["emailSession"].ToString();
SqlCommand command = new SqlCommand();
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "UpdateMerch";
command.Parameters.AddWithValue("@email", email);
command.Parameters.AddWithValue("@oldPass", oldpass);
command.Parameters.AddWithValue("@newPass1", newpass1);
command.Parameters.AddWithValue("@newPass2", newpass2);
db.DoUpdateUsingCmdObj(command);
}
else
{
Label lblerror = new Label();
lblerror.Text = "New Passwords do not match please try again";
}
}
protected void btnSaveChanges_Click(object sender, EventArgs e)
{
string email = txtCurrentEmail.Text;
string newName = txtNewName.Text;
SqlCommand name = new SqlCommand();
DBConnect objDB = new DBConnect();
name.CommandType = CommandType.StoredProcedure;
name.CommandText = "dbo.TP_ResetName";
SqlParameter inputEmail = new SqlParameter("@email", email);
inputEmail.Direction = ParameterDirection.Input;
inputEmail.SqlDbType = SqlDbType.NVarChar;
inputEmail.Size = 50;
name.Parameters.Add(inputEmail);
SqlParameter inputName = new SqlParameter("@newName", newName);
inputName.Direction = ParameterDirection.Input;
inputName.SqlDbType = SqlDbType.NVarChar;
inputName.Size = 50;
name.Parameters.Add(inputName);
name.Parameters.Add("@result", SqlDbType.Int).Direction = ParameterDirection.Output;
objDB.DoUpdateUsingCmdObj(name);
int result = Convert.ToInt32(name.Parameters["@result"].Value);
if (result == 1)
lblMsg.Text = "Your name was changed succesfully!";
else if (result==0)
lblMsg.Text = "Your name was not changed!";
}
public bool ValidMerchantLogin(string email, string password)
{
DataSet myDS = new DataSet();
SqlCommand objCommand = new SqlCommand();
objCommand.CommandType = CommandType.StoredProcedure;
objCommand.CommandText = "TP_ValidMerchantLogin";
objCommand.Parameters.AddWithValue("@email", email);
objCommand.Parameters.AddWithValue("@password", password);
DBConnect objDB = new DBConnect();
myDS = objDB.GetDataSetUsingCmdObj(objCommand);
bool returnvalue = true;
//if the values are found in the DB return true
if ((myDS.Tables[0].Rows.Count <= 1) && (myDS.Tables[0].Rows[0]["password"].ToString() == password))
{
returnvalue = true;
}
//the user does not exist in the DB
else
{
returnvalue = false;
}
return returnvalue;
}
public bool AddNewCustomer(Customer newCustomer)
{
DBConnect objDB = new DBConnect();
SqlCommand objCommand = new SqlCommand();
objCommand.CommandType = CommandType.StoredProcedure;
objCommand.CommandText = "AddTPCustomer";
objCommand.Parameters.AddWithValue("@Name", newCustomer.name);
objCommand.Parameters.AddWithValue("@Email", newCustomer.email );
objCommand.Parameters.AddWithValue("@password", newCustomer.password);
objCommand.Parameters.AddWithValue("@address", newCustomer.shippingAddress);
objCommand.Parameters.AddWithValue("@city", newCustomer.shippingAddress);
objCommand.Parameters.AddWithValue("@state", newCustomer.shippingState);
objCommand.Parameters.AddWithValue("@zipcode", newCustomer.shippingZipcode);
//integer to determine if value was added into DB or not
int result= objDB.DoUpdateUsingCmdObj(objCommand);
if (!(result <= 0)) //if a new row was successsfully added
{
return false;
}
else //else the row was not added successfully
{
return true;
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
string query = "SELECT * FROM Student";
DBConnect db = new DBConnect();
ddStudentSelect.DataSource = db.GetDataSet(query);
ddStudentSelect.DataValueField = "StudentID";
ddStudentSelect.DataTextField = "Name";
ddStudentSelect.DataBind();
SqlCommand command = new SqlCommand();
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "GetAllCourses";
gvCourses.DataSource = db.GetDataSetUsingCmdObj(command);
gvCourses.DataBind();
for(int r = 0; r<gvCourses.Rows.Count; r++)
{
CheckBox cb;
cb = (CheckBox)gvCourses.Rows[r].FindControl("cbSelectCourse");
if (int.Parse(gvCourses.Rows[r].Cells[10].Text) == 0)
{
cb.Enabled = false;
}
}
}
}
public Boolean cartExists(int loginID)
{
Boolean cartExists = false;
DataSet cart = new DataSet();
DBConnect objDB = new DBConnect();
SqlCommand logID = new SqlCommand();
logID.CommandType = CommandType.StoredProcedure;
logID.CommandText = ("TP_findCartByLogin");
SqlParameter theID = new SqlParameter("@loginID", loginID);
theID.Direction = ParameterDirection.Input;
theID.SqlDbType = SqlDbType.Int;
theID.Size = 4;
logID.Parameters.Add(theID);
cart = objDB.GetDataSetUsingCmdObj(logID);
int size = Convert.ToInt32(cart.Tables[0].Rows[0][0].ToString());
if (size > 0)
{
cartExists = true;
return cartExists;
}
else
{
return cartExists;
}
}
public Boolean AssestmentsUpdate(String fiscalYear,double financialAidRateGrad,double plandFundFeeGradRate,double financialAidRateUndergrad,double plandFundFeeRateUndergrad )
{
SqlCommand objcomm = new SqlCommand();
objcomm.CommandType = CommandType.StoredProcedure;
objcomm.CommandText = "AssesmentsUpdate";
objcomm.Parameters.Add("@fiscalYearId", fiscalYear);
objcomm.Parameters.Add("@financialAidRateGrad", financialAidRateGrad);
objcomm.Parameters.Add("@plandFundFeeGradRate", plandFundFeeGradRate);
objcomm.Parameters.Add("@financialAidRateUndergrad", financialAidRateUndergrad);
objcomm.Parameters.Add("@plandFundFeeRateUndergrad", plandFundFeeRateUndergrad);
SqlParameter outputParameter = new SqlParameter("@result", DbType.Int32);
outputParameter.Direction = ParameterDirection.ReturnValue;
objcomm.Parameters.Add(outputParameter);
DBConnect objDB = new DBConnect();
objDB.GetDataSetUsingCmdObj(objcomm);
int result = int.Parse(objcomm.Parameters["@result"].Value.ToString());
if (result == 1)
{
return true;
}
else
{
return false;
}
}
protected void btnPlaceOrder_Click(object sender, EventArgs e)
{
List<cartItem> cartItems = new List<cartItem>();
cartItems = (List<cartItem>)Session["cart"];
DBConnect objDB = new DBConnect();
SqlCommand addPurchase = new SqlCommand();
addPurchase.CommandType = CommandType.StoredProcedure;
addPurchase.CommandText = "TP_CustomerTransactions";
SqlCommand updateProdQuan = new SqlCommand();
updateProdQuan.CommandType = CommandType.StoredProcedure;
updateProdQuan.CommandText = "TP_subtractProducts";
foreach(cartItem obj in cartItems)
{
SqlParameter prodID = new SqlParameter("@prodNum", obj.ProdNum);
prodID.Direction = ParameterDirection.Input;
prodID.SqlDbType = SqlDbType.Int;
prodID.Size = 4;
addPurchase.Parameters.Add(prodID);
SqlParameter quantity = new SqlParameter("@quantity", obj.ProdQuantity);
quantity.Direction = ParameterDirection.Input;
prodID.SqlDbType = SqlDbType.Int;
prodID.Size = 4;
addPurchase.Parameters.Add(quantity);
SqlParameter loginiD = new SqlParameter("@loginID", Convert.ToInt32(Session["loginId"]));
loginiD.Direction = ParameterDirection.Input;
loginiD.SqlDbType = SqlDbType.Int;
loginiD.Size = 4;
addPurchase.Parameters.Add(loginiD);
SqlParameter quan = new SqlParameter("@prodNum", obj.ProdNum);
quan.Direction = ParameterDirection.Input;
quan.SqlDbType = SqlDbType.Int;
quan.Size = 4;
updateProdQuan.Parameters.Add(quan);
objDB.DoUpdateUsingCmdObj(updateProdQuan);
}
//SqlCommand removeCart = new SqlCommand();
//updateProdQuan.CommandType = CommandType.StoredProcedure;
//updateProdQuan.CommandText = "TP_removeCart";
//SqlParameter id = new SqlParameter("@custID", Convert.ToInt32(Session["loginId"]));
//id.Direction = ParameterDirection.Input;
//id.SqlDbType = SqlDbType.Int;
//id.Size = 4;
//objDB.DoUpdateUsingCmdObj(removeCart);
//List<cartItem> emptyCart = new List<cartItem>();
//Session["cart"] = emptyCart;
}
public void rebind()
{
DBConnect db = new DBConnect();
SqlCommand command = new SqlCommand();
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "GetAllCourses";
gvCourses.DataSource = db.GetDataSetUsingCmdObj(command);
gvCourses.DataBind();
}
protected void btnSaveChanges_Click(object sender, EventArgs e)
{
if (String.IsNullOrEmpty(txtCurrentEmail.Text) || String.IsNullOrEmpty(txtPassword.Text) || String.IsNullOrEmpty(txtNewEmail2.Text))
Page.ClientScript.RegisterStartupScript(this.GetType(), "Script", "<script> alert('All fields are required.Thank you!'); </script>");
{
string currentEmail = txtCurrentEmail.Text;
string passord = txtPassword.Text;
string newEmail2 = txtNewEmail2.Text;
SqlCommand emailCmd = new SqlCommand();
DBConnect objDB = new DBConnect();
emailCmd.CommandType = CommandType.StoredProcedure;
emailCmd.CommandText = "dbo.TP_ResetEmail";
SqlParameter inputEmail = new SqlParameter("@currentEmail", currentEmail);
inputEmail.Direction = ParameterDirection.Input;
inputEmail.SqlDbType = SqlDbType.NVarChar;
inputEmail.Size = 50;
emailCmd.Parameters.Add(inputEmail);
SqlParameter inputPassword = new SqlParameter("@password", passord);
inputPassword.Direction = ParameterDirection.Input;
inputPassword.SqlDbType = SqlDbType.NVarChar;
inputPassword.Size = 50;
emailCmd.Parameters.Add(inputPassword);
SqlParameter inputEmail2 = new SqlParameter("@newEmail", newEmail2);
inputEmail2.Direction = ParameterDirection.Input;
inputEmail2.SqlDbType = SqlDbType.NVarChar;
inputEmail2.Size = 50;
emailCmd.Parameters.Add(inputEmail2);
emailCmd.Parameters.Add("@result", SqlDbType.Int).Direction = ParameterDirection.Output;
objDB.DoUpdateUsingCmdObj(emailCmd);
int result = Convert.ToInt32(emailCmd.Parameters["@result"].Value);
if (result == -1)
lblMsg.Text = "The password you entered is incorrect!";
else if (result == 0)
{
lblMsg.Text = "The new email you entered already exists.";
}
else
{
lblMsg.Text = "The email was changed succesfully.";
}
}
}
public void CreateFiscalYear(String fiscalYear)
{
SqlCommand objcomm = new SqlCommand();
objcomm.CommandType = CommandType.StoredProcedure;
objcomm.CommandText = "sp_CreateFiscalYear";
objcomm.Parameters.Add("@fiscalYear", fiscalYear);
DBConnect objDB = new DBConnect();
objDB.DoUpdateUsingCmdObj(objcomm);
}
protected void ddlDepartments_SelectedIndexChanged(object sender, EventArgs e)
{
DataSet products = new DataSet();
DBConnect objDB = new DBConnect();
string depNum = ddlDepartments.SelectedValue;
//string depNum = "SELECT departmentNum FROM TP_DEPARTMENT WHERE departmentName = "+depName+"";
products = pxy.GetProductCatalog(depNum);
gvProducts.DataSource = products;
gvProducts.DataBind();
}
public void saveStudent()
{
SqlCommand command = new SqlCommand();
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "NewStudent";
command.Parameters.AddWithValue("@ID", id);
command.Parameters.AddWithValue("@Name", name);
command.Parameters.AddWithValue("@Tuition", tuition);
DBConnect DB = new DBConnect();
DB.DoUpdateUsingCmdObj(command);
}
protected void Page_Load(object sender, EventArgs e)
{
DBConnect db = new DBConnect();
string merchEmail = Session["emailSession"].ToString();
SqlCommand command = new SqlCommand();
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "GetMerchAccount";
command.Parameters.AddWithValue("@email", merchEmail);
DataSet ds = db.GetDataSetUsingCmdObj(command);
gvMerchAccount.DataSource = ds;
gvMerchAccount.DataBind();
}
protected void btnSaveChanges_Click(object sender, EventArgs e)
{
SqlCommand pass = new SqlCommand();
DBConnect objDB = new DBConnect();
pass.CommandType = CommandType.StoredProcedure;
pass.CommandText = "dbo.TP_ResetPassword";
//string currentPassword = (string)pass.ExecuteScalar();
//if (currentPassword == txtCurrentPassword.Text)
// { }
//else
// lblMsg.Text = "Please enter your current password again!";
string currentEmail = txtCurrentEmail.Text;
string currentPassword = txtCurrentPassword.Text;
string newPassword1 = txtNewPassword.Text;
SqlParameter inputEmail = new SqlParameter("@email", currentEmail);
inputEmail.Direction = ParameterDirection.Input;
inputEmail.SqlDbType = SqlDbType.NVarChar;
inputEmail.Size = 50;
pass.Parameters.Add(inputEmail);
SqlParameter inputPassword = new SqlParameter("@currentPass", currentPassword);
inputPassword.Direction = ParameterDirection.Input;
inputPassword.SqlDbType = SqlDbType.NVarChar;
inputPassword.Size = 50;
pass.Parameters.Add(inputPassword);
SqlParameter inputPassword1 = new SqlParameter("@newPass", newPassword1);
inputPassword1.Direction = ParameterDirection.Input;
inputPassword1.SqlDbType = SqlDbType.NVarChar;
inputPassword1.Size = 50;
pass.Parameters.Add(inputPassword1);
pass.Parameters.Add("@returnId", SqlDbType.Int).Direction = ParameterDirection.Output;
objDB.DoUpdateUsingCmdObj(pass);
int result = Convert.ToInt32(pass.Parameters["@returnId"].Value);
if (result == 1)
lblMsg.Text = "The password you entered is incorrect!";
else if (result == 0)
lblMsg.Text = "The password was not changed.";
// Response.Redirect("LoginPage.aspx");
}
protected void btnSaveChanges_Click(object sender, EventArgs e)
{
{
string currentEmail = txtCurrentEmail.Text;
string passord = txtPassword.Text;
string newEmail2 = txtNewEmail2.Text;
SqlCommand emailCmd = new SqlCommand();
DBConnect objDB = new DBConnect();
emailCmd.CommandType = CommandType.StoredProcedure;
emailCmd.CommandText = "dbo.TP_ResetEmail";
SqlParameter inputEmail = new SqlParameter("@currentEmail", currentEmail);
inputEmail.Direction = ParameterDirection.Input;
inputEmail.SqlDbType = SqlDbType.NVarChar;
inputEmail.Size = 50;
emailCmd.Parameters.Add(inputEmail);
SqlParameter inputPassword = new SqlParameter("@password", passord);
inputPassword.Direction = ParameterDirection.Input;
inputPassword.SqlDbType = SqlDbType.NVarChar;
inputPassword.Size = 50;
emailCmd.Parameters.Add(inputPassword);
SqlParameter inputEmail2 = new SqlParameter("@newEmail", newEmail2);
inputEmail2.Direction = ParameterDirection.Input;
inputEmail2.SqlDbType = SqlDbType.NVarChar;
inputEmail2.Size = 50;
emailCmd.Parameters.Add(inputEmail2);
emailCmd.Parameters.Add("@result", SqlDbType.Int).Direction = ParameterDirection.Output;
objDB.DoUpdateUsingCmdObj(emailCmd);
int result = Convert.ToInt32(emailCmd.Parameters["@result"].Value);
if (result == -1)
lblMsg.Text = "The password you entered is incorrect!";
else if (result == 0)
{
lblMsg.Text = "The new email you entered already exists.";
}
else
{
lblMsg.Text = "The email was changed succesfully.";
}
}
}
protected void btnAPI_Click(object sender, EventArgs e)
{
Label lblAPI = new Label();
DBConnect db = new DBConnect();
string merchEmail = Session["emailSession"].ToString();
SqlCommand command = new SqlCommand();
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "GetAPI";
command.Parameters.AddWithValue("@email", merchEmail);
DataSet ds = db.GetDataSetUsingCmdObj(command);
string api = ds.Tables[0].Rows[0]["APIKey"].ToString();
lblAPI.Text = api;
}
public DataSet GetDepartments()
{
SqlCommand dep = new SqlCommand();
DBConnect objDB = new DBConnect();
DataSet department = new DataSet();
dep.CommandType = CommandType.StoredProcedure;
dep.CommandText = "dbo.TP_getDepartments";
department = objDB.GetDataSetUsingCmdObj(dep);
return department;
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
string query = "SELECT * FROM Student";
DBConnect db = new DBConnect();
ddStudentSelect.DataSource = db.GetDataSet(query);
ddStudentSelect.DataValueField = "StudentID";
ddStudentSelect.DataTextField = "Name";
ddStudentSelect.DataBind();
}
}
public void loadProducts()
{
//display data from each item in Product DB into correct template feilds
//display product name into label
//display product url image into image
DBConnect dbobj = new DBConnect();
SqlCommand objCommand = new SqlCommand();
objCommand.CommandType = CommandType.StoredProcedure;
objCommand.CommandText = "GetAllProducts";
DataSet ds = dbobj.GetDataSetUsingCmdObj(objCommand);
rptProducts.DataSource = ds;
rptProducts.DataBind();
}
public void insertIntoPurchase(string email, string CardNum, string ProductID)
{
//Email, CardNum, SaleTotal, Products
DBConnect objdb = new DBConnect();
SqlCommand sqlCommand = new SqlCommand();
sqlCommand.CommandType = CommandType.StoredProcedure;
sqlCommand.CommandText = "TP_InsertIntoPurchase";
sqlCommand.Parameters.AddWithValue("@email", email);
sqlCommand.Parameters.AddWithValue("@CardNum", CardNum);
//sqlCommand.Parameters.AddWithValue("@SaleTotal", SaleTotal);
sqlCommand.Parameters.AddWithValue("@products", ProductID);
objdb.DoUpdateUsingCmdObj(sqlCommand);
//
}
//Register Merchant Button
protected void btnContinue_Click(object sender, EventArgs e)
{
DBConnect DB = new DBConnect();
Register register = new Register();
Merchant newMerchant = new Merchant();
newMerchant.groupName = txtName.Text;
newMerchant.email = txtEmail.Text;
newMerchant.address = txtAddress.Text;
newMerchant.url = txtURL.Text;
SqlCommand command = new SqlCommand();
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "RegisterMerchant";
command.Parameters.AddWithValue("@GroupName", newMerchant.groupName);
command.Parameters.AddWithValue("@Email", newMerchant.email);
command.Parameters.AddWithValue("@Address", newMerchant.address);
command.Parameters.AddWithValue("@URL", newMerchant.url);
DB.DoUpdateUsingCmdObj(command);
DB = new DBConnect();
SqlCommand key = new SqlCommand();
key.CommandType = CommandType.StoredProcedure;
key.CommandText = "InsertKey";
key.Parameters.AddWithValue("@GroupName", newMerchant.groupName);
DataSet ds = DB.GetDataSetUsingCmdObj(key);
string apikey = ds.Tables[0].Rows[0]["APIKey"].ToString();
lblGeneralError.Text = "Your APIKey is " + apikey;
//Stored procedure to insert new merchant into a merchant table
//if "Remember Me" is checked, store userName in cookie
//if (chkbxRemeberMe.Checked)
//{
// HttpCookie emailCookie = new HttpCookie("Login_Cookie");//cookie's name
// emailCookie.Values["email"] = txtEmail.Text; //set cookies value
// emailCookie.Values["LastVisited"] = DateTime.Now.ToString();
// emailCookie.Expires = DateTime.Now.AddYears(1);
// Response.Cookies.Add(emailCookie);
//}
//else
//{
// //remove user's email from username textbox
// Response.Cookies.Remove("mycookie");
//}
//Response.Redirect("Login.aspx");
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
DBConnect DB = new DBConnect();
SqlCommand command = new SqlCommand();
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "GetDep";
DataSet ds = DB.GetDataSetUsingCmdObj(command);
ddDepartment.DataSource = ds;
ddDepartment.DataTextField = "DepartmentName";
ddDepartment.DataValueField = "DepartmentID";
ddDepartment.DataBind();
}
}
public void AddAdmin(AdminObject admin)
{
DBConnect objDB = new DBConnect();
SqlCommand objcomm = new SqlCommand();
objcomm.CommandType = CommandType.StoredProcedure;
objcomm.CommandText = "sp_addadmin";
objcomm.Parameters.Add("@tuid", admin.tuid);
objcomm.Parameters.Add("@firstName", admin.firstName);
objcomm.Parameters.Add("@lastName", admin.lastName);
objcomm.Parameters.Add("@department", admin.department);
objcomm.Parameters.Add("@accessLevel", admin.accessLevel);
objDB.DoUpdateUsingCmdObj(objcomm);
}
public bool HelloWorld(CreditCardClass cc, CustomerClass arthur)
{
DBConnect DB = new DBConnect();
SqlCommand command = new SqlCommand();
command.CommandType = CommandType.StoredProcedure;
command.CommandText = "AddCard";
command.Parameters.AddWithValue("@CreditCardNumber", cc.CardNumber);
command.Parameters.AddWithValue("@CVV", cc.CVV);
command.Parameters.AddWithValue("@AccountNumber", cc.AccountNumber);
command.Parameters.AddWithValue("@CreditLimit", cc.CreditLimit);
command.Parameters.AddWithValue("@AccountBalance", cc.AccountBalance);
command.Parameters.AddWithValue("@FirstName", arthur.Firstname);
command.Parameters.AddWithValue("@LastName", arthur.LastName);
return (DB.DoUpdateUsingCmdObj(command) > 0) ? true : false;
}
public List <ProfileFeedClass> RetrieveProfileFeed(String RequestingUser, String RequestedUserEmail, String privacySetting)
{
List <ProfileFeedClass> EmptyArray = new List <ProfileFeedClass>();
Profile ProfileObject = new Profile();
Boolean checkifFriends = ProfileObject.CheckIf2UsersAreFriends(RequestingUser, RequestedUserEmail);
if (checkifFriends == true)
{
List <ProfileFeedClass> feedArray = new List <ProfileFeedClass>();
DBConnect objDB = new DBConnect();
SqlCommand objCommand = new SqlCommand();
objCommand.CommandType = CommandType.StoredProcedure;
objCommand.CommandText = "TP_LoadProfileFeed";
objCommand.Parameters.AddWithValue("@Email", RequestedUserEmail);
DataSet FeedDS = objDB.GetDataSetUsingCmdObj(objCommand);
if (FeedDS.Tables[0].Rows.Count > 0)
{
for (int i = 0; i < FeedDS.Tables[0].Rows.Count; i++)
{
ProfileFeedClass postObject = new ProfileFeedClass();
postObject.postID = int.Parse(FeedDS.Tables[0].Rows[i][0].ToString());
postObject.userEmail = FeedDS.Tables[0].Rows[i][1].ToString();
postObject.postBody = FeedDS.Tables[0].Rows[i][2].ToString();
postObject.datePosted = FeedDS.Tables[0].Rows[i][4].ToString();
postObject.imageURL = FeedDS.Tables[0].Rows[i][3].ToString();
postObject.postType = FeedDS.Tables[0].Rows[i][6].ToString();
postObject.postingToUser = FeedDS.Tables[0].Rows[i][7].ToString();
feedArray.Add(postObject);
}
return(feedArray);
}
else
{
return(EmptyArray);
}
}
if (privacySetting == "Public")
{
List <ProfileFeedClass> feedArray = new List <ProfileFeedClass>();
DBConnect objDB = new DBConnect();
SqlCommand objCommand = new SqlCommand();
objCommand.CommandType = CommandType.StoredProcedure;
objCommand.CommandText = "TP_LoadProfileFeed";
objCommand.Parameters.AddWithValue("@Email", RequestedUserEmail);
DataSet FeedDS = objDB.GetDataSetUsingCmdObj(objCommand);
if (FeedDS.Tables[0].Rows.Count > 0)
{
for (int i = 0; i < FeedDS.Tables[0].Rows.Count; i++)
{
ProfileFeedClass postObject = new ProfileFeedClass();
postObject.postID = int.Parse(FeedDS.Tables[0].Rows[i][0].ToString());
postObject.userEmail = FeedDS.Tables[0].Rows[i][1].ToString();
postObject.postBody = FeedDS.Tables[0].Rows[i][2].ToString();
postObject.datePosted = FeedDS.Tables[0].Rows[i][4].ToString();
postObject.imageURL = FeedDS.Tables[0].Rows[i][3].ToString();
postObject.postType = FeedDS.Tables[0].Rows[i][6].ToString();
postObject.postingToUser = FeedDS.Tables[0].Rows[i][7].ToString();
feedArray.Add(postObject);
}
return(feedArray);
}
else
{
return(EmptyArray);
}
}
if (privacySetting == "Friends")
{
List <ProfileFeedClass> feedArray = new List <ProfileFeedClass>();
Boolean flag = ProfileObject.CheckIf2UsersAreFriends(RequestingUser, RequestedUserEmail);
if (flag == true)
{
DBConnect objDB = new DBConnect();
SqlCommand objCommand = new SqlCommand();
objCommand.CommandType = CommandType.StoredProcedure;
objCommand.CommandText = "TP_LoadProfileFeed";
objCommand.Parameters.AddWithValue("@Email", RequestedUserEmail);
DataSet FeedDS = objDB.GetDataSetUsingCmdObj(objCommand);
if (FeedDS.Tables[0].Rows.Count > 0)
{
for (int i = 0; i < FeedDS.Tables[0].Rows.Count; i++)
{
ProfileFeedClass postObject = new ProfileFeedClass();
postObject.postID = int.Parse(FeedDS.Tables[0].Rows[i][0].ToString());
postObject.userEmail = FeedDS.Tables[0].Rows[i][1].ToString();
postObject.postBody = FeedDS.Tables[0].Rows[i][2].ToString();
postObject.datePosted = FeedDS.Tables[0].Rows[i][4].ToString();
postObject.imageURL = FeedDS.Tables[0].Rows[i][3].ToString();
postObject.postType = FeedDS.Tables[0].Rows[i][6].ToString();
postObject.postingToUser = FeedDS.Tables[0].Rows[i][7].ToString();
feedArray.Add(postObject);
}
return(feedArray);
}
else
{
return(EmptyArray);
}
}
}
if (privacySetting == "FOF")
{
List <ProfileFeedClass> feedArray = new List <ProfileFeedClass>();
Boolean flag = ProfileObject.CheckIfFOF(RequestingUser, RequestedUserEmail);
if (flag == true)
{
DBConnect objDB = new DBConnect();
SqlCommand objCommand = new SqlCommand();
objCommand.CommandType = CommandType.StoredProcedure;
objCommand.CommandText = "TP_LoadProfileFeed";
objCommand.Parameters.AddWithValue("@Email", RequestedUserEmail);
DataSet FeedDS = objDB.GetDataSetUsingCmdObj(objCommand);
if (FeedDS.Tables[0].Rows.Count > 0)
{
for (int i = 0; i < FeedDS.Tables[0].Rows.Count; i++)
{
ProfileFeedClass postObject = new ProfileFeedClass();
postObject.postID = int.Parse(FeedDS.Tables[0].Rows[i][0].ToString());
postObject.userEmail = FeedDS.Tables[0].Rows[i][1].ToString();
postObject.postBody = FeedDS.Tables[0].Rows[i][2].ToString();
postObject.datePosted = FeedDS.Tables[0].Rows[i][4].ToString();
postObject.imageURL = FeedDS.Tables[0].Rows[i][3].ToString();
postObject.postType = FeedDS.Tables[0].Rows[i][6].ToString();
postObject.postingToUser = FeedDS.Tables[0].Rows[i][7].ToString();
feedArray.Add(postObject);
}
return(feedArray);
}
else
{
return(EmptyArray);
}
}
else
{
return(EmptyArray);
}
}
else
{
return(EmptyArray);
}
}
public StoredProcedure()
{
objDB = new DBConnect();
objCmd = new SqlCommand();
}
