protected void GetCourse()
{
//connect
using (DefaultConnection db = new DefaultConnection())
{
//Get the selected courseID from the url
Int32 CourseID = Convert.ToInt32(Request.QueryString["CourseID"]);
//query the db
Course objC = (from c in db.Courses
where c.CourseID == CourseID
select c).FirstOrDefault();
//populate the form
txtTitle.Text = objC.Title;
txtCredits.Text = objC.Credits.ToString();
ddlDepartment.SelectedValue = objC.DepartmentID.ToString();
//populate student enrollments grid
var Enrollments = from en in db.Enrollments
where en.CourseID == CourseID
orderby en.Student.LastName, en.Student.FirstMidName
select en;
//bind to the grid
grdEnrollments.DataSource = Enrollments.ToList();
grdEnrollments.DataBind();
}
}
protected void GetCourses()
{
using (DefaultConnection db = new DefaultConnection())
{
var Courses = from c in db.Courses
select c;
grdCourses.DataSource = Courses.ToList();
grdCourses.DataBind();
}
}
protected void GetStudents()
{
//connect to EF
using (DefaultConnection db = new DefaultConnection())
{
//query the students table using EF and LINQ
var Students = from s in db.Students
select s;
//bind the result to the gridview
grdStudents.DataSource = Students.ToList();
grdStudents.DataBind();
}
}
protected void GetDepartments()
{
using (DefaultConnection db = new DefaultConnection())
{
//get departments
var deps = from d in db.Departments
orderby d.Name
select d;
//populate dropdown
ddlDepartment.DataSource = deps.ToList();
ddlDepartment.DataBind();
//add a default option to the dropdown
ListItem default_item = new ListItem("-Select-", "0");
ddlDepartment.Items.Insert(0, default_item);
}
}
protected void GetDepartment()
{
//look up the selected department and fill the form
using (DefaultConnection db = new DefaultConnection())
{
//store the id from the url in a variable
Int32 DepartmentID = Convert.ToInt32(Request.QueryString["DepartmentID"]);
//look up the department
Department dep = (from d in db.Departments
where d.DepartmentID == DepartmentID
select d).FirstOrDefault();
//pre-populate the form fields
txtName.Text = dep.Name;
txtBudget.Text = dep.Budget.ToString();
}
}
protected void GetDepartments()
{
//connect
using (DefaultConnection db = new DefaultConnection())
{
//get the department list
var Departments = from d in db.Departments
orderby d.Name
select d;
//bind to the dropdown list
ddlDepartment.DataSource = Departments.ToList();
ddlDepartment.DataBind();
//add a default option to the dropdown after we fill it
ListItem DefaultItem = new ListItem("-Select-", "0");
ddlDepartment.Items.Insert(0, DefaultItem);
}
}
protected void grdDepartments_RowDeleting(object sender, GridViewDeleteEventArgs e)
{
//identify the DepartmentID to be deleted from the row the user selected
Int32 DepartmentID = Convert.ToInt32(grdDepartments.DataKeys[e.RowIndex].Values["DepartmentID"]);
//connect
using (DefaultConnection db = new DefaultConnection())
{
Department dep = (from d in db.Departments
where d.DepartmentID == DepartmentID
select d).FirstOrDefault();
//delete
db.Departments.Remove(dep);
db.SaveChanges();
//refresh grid
GetDepartments();
}
}
protected void GetDepartments()
{
//use Entity Framework to connect and get the list of Departments
using (DefaultConnection db = new DefaultConnection())
{
//old query that shows all departments
//var deps = from d in db.Departments
// select d;
//new query filtered for logged in user only
Int32 DepartmentID = Convert.ToInt32(Session["DepartmentID"]);
var deps = from d in db.Departments
where d.DepartmentID == DepartmentID
select d;
//bind the deps query result to our grid
grdDepartments.DataSource = deps.ToList();
grdDepartments.DataBind();
}
}
protected void btnSave_Click(object sender, EventArgs e)
{
//connect
using (DefaultConnection db = new DefaultConnection())
{
//create a new course and fill the properties
Course objC = new Course();
objC.Title = txtTitle.Text;
objC.Credits = Convert.ToInt32(txtCredits.Text);
objC.DepartmentID = Convert.ToInt32(ddlDepartment.SelectedValue);
//save
db.Courses.Add(objC);
db.SaveChanges();
//redirect
Response.Redirect("courses.aspx");
}
}
protected void btnRegister_Click(object sender, EventArgs e)
{
//connect
using (DefaultConnection db = new DefaultConnection())
{
//create a new instructor
Instructor objI = new Instructor();
//fill the properties from the form inputs
objI.FirstName = txtFirstName.Text;
objI.LastName = txtLastName.Text;
objI.Username = txtUsername.Text;
objI.DepartmentID = Convert.ToInt32(ddlDepartment.SelectedValue);
//salt and hash the plain text password
String password = txtPassword.Text;
String salt = CreateSalt(8);
String pass_and_salt = password + salt;
// Create a new instance of the hash crypto service provider.
HashAlgorithm hashAlg = new SHA256CryptoServiceProvider();
// Convert the data to hash to an array of Bytes.
byte[] bytValue = System.Text.Encoding.UTF8.GetBytes(pass_and_salt);
// Compute the Hash. This returns an array of Bytes.
byte[] bytHash = hashAlg.ComputeHash(bytValue);
// Optionally, represent the hash value as a base64-encoded string,
// For example, if you need to display the value or transmit it over a network.
string base64 = Convert.ToBase64String(bytHash);
objI.Password = base64;
objI.Salt = salt;
//save
db.Instructors.Add(objI);
db.SaveChanges();
}
}
protected void GetStudent()
{
//populate form with existing student record
Int32 StudentID = Convert.ToInt32(Request.QueryString["StudentID"]);
//connect to db via EF
using (DefaultConnection db = new DefaultConnection())
{
//populate a student instance with the StudentID from the URL parameter
Student s = (from objS in db.Students
where objS.StudentID == StudentID
select objS).FirstOrDefault();
//map the student properties to the form controls if we found a match
if (s != null)
{
txtLastName.Text = s.LastName;
txtFirstMidName.Text = s.FirstMidName;
txtEnrollmentDate.Text = s.EnrollmentDate.ToString("yyyy-MM-dd");
}
}
}
protected void btnSave_Click(object sender, EventArgs e)
{
//use EF to connect to SQL Server
using (DefaultConnection db = new DefaultConnection())
{
//use the Student model to save the new record
Student s = new Student();
Int32 StudentID = 0;
//check the querystring for an id so we can determine add / update
if (Request.QueryString["StudentID"] != null)
{
//get the id from the url
StudentID = Convert.ToInt32(Request.QueryString["StudentID"]);
//get the current student from EF
s = (from objS in db.Students
where objS.StudentID == StudentID
select objS).FirstOrDefault();
}
s.LastName = txtLastName.Text;
s.FirstMidName = txtFirstMidName.Text;
s.EnrollmentDate = Convert.ToDateTime(txtEnrollmentDate.Text);
//call add only if we have no student ID
if (StudentID == 0)
{
db.Students.Add(s);
}
//run the update or insert
db.SaveChanges();
//redirect to the updated students page
Response.Redirect("students.aspx");
}
}
protected void btnSave_Click(object sender, EventArgs e)
{
//connect
using (DefaultConnection db = new DefaultConnection())
{
//create a new department in memory
Department dep = new Department();
Int32 DepartmentID = 0;
//check for a url
if (!String.IsNullOrEmpty(Request.QueryString["DepartmentID"]))
{
//get the id from the url
DepartmentID = Convert.ToInt32(Request.QueryString["DepartmentID"]);
//look up the department
dep = (from d in db.Departments
where d.DepartmentID == DepartmentID
select d).FirstOrDefault();
}
//fill the properties of the new department
dep.Name = txtName.Text;
dep.Budget = Convert.ToDecimal(txtBudget.Text);
//add if we have no id in the url
if (DepartmentID == 0)
{
db.Departments.Add(dep);
}
//save the new department
db.SaveChanges();
//redirect to the departments list page
Response.Redirect("departments.aspx");
}
}
protected void grdStudents_RowDeleting(object sender, GridViewDeleteEventArgs e)
{
//store which row was clicked
Int32 selectedRow = e.RowIndex;
//get the selected StudentID using the grid's Data Key collection
Int32 StudentID = Convert.ToInt32(grdStudents.DataKeys[selectedRow].Values["StudentID"]);
//use EF to remove the selected student from the db
using (DefaultConnection db = new DefaultConnection())
{
Student s = (from objS in db.Students
where objS.StudentID == StudentID
select objS).FirstOrDefault();
//do the delete
db.Students.Remove(s);
db.SaveChanges();
}
//refresh the grid
GetStudents();
}
protected void btnLogin_Click(object sender, EventArgs e)
{
//connect
using (DefaultConnection db = new DefaultConnection())
{
//create instructor object
Instructor objI = new Instructor();
//first get salt value for this username
String username = txtUsername.Text;
objI = (from i in db.Instructors
where i.Username == username
select i).FirstOrDefault();
//did we find this username?
if (objI != null)
{
String salt = objI.Salt;
//salt and hash the plain text password
String password = txtPassword.Text;
String pass_and_salt = password + salt;
// Create a new instance of the hash crypto service provider.
HashAlgorithm hashAlg = new SHA256CryptoServiceProvider();
// Convert the data to hash to an array of Bytes.
byte[] bytValue = System.Text.Encoding.UTF8.GetBytes(pass_and_salt);
// Compute the Hash. This returns an array of Bytes.
byte[] bytHash = hashAlg.ComputeHash(bytValue);
// Optionally, represent the hash value as a base64-encoded string,
// For example, if you need to display the value or transmit it over a network.
string base64 = Convert.ToBase64String(bytHash);
//check if the password we just salted and hashed matches the password in the db
if (objI.Password == base64)
{
//lblError.Text = "Valid Login";
//store the identity in the session object
Session["InstructorID"] = objI.InstructorID;
Session["InstructorName"] = objI.FirstName + " " + objI.LastName;
Session["DepartmentID"] = objI.DepartmentID;
//redirect to departments page
Response.Redirect("departments.aspx");
}
else
{
lblError.Text = "Invalid Login";
}
}
else
{
lblError.Text = "Invalid Login";
}
}
}