protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { // Retrieve the user's id. string id = Session["userId"].ToString(); // Create the query string query = "SELECT * FROM person WHERE id = " + id; // Open a connection and execute the query. DBMaster dbm = new DBMaster(); SqlDataReader reader = dbm.GetReader(query); // Read in the information reader.Read(); lblFName.Text = reader["firstName"].ToString(); lblLName.Text = reader["lastName"].ToString(); lblUser.Text = reader["userName"].ToString(); lblPassword.Text = reader["password"].ToString(); lblAddress.Text = reader["address"].ToString(); lblEmail.Text = reader["email"].ToString(); lblPhone.Text = reader["phone"].ToString(); dbm.CloseConnection(); // Close the connection } }
protected void btnLogin_Click(object sender, EventArgs e) { // Get login info string user = txtUser.Text; string password = txtPassword.Text; // Create query string query = string.Format( "SELECT firstName, id FROM person WHERE userName = '******' AND password = '******'", user, password); //System.Diagnostics.Debug.WriteLine("######### query: " + query); // Open connection and execute query DBMaster dbm = new DBMaster(); SqlDataReader reader = dbm.GetReader(query); // If login is successful, reader will have data if (reader.Read()) { // Save user's name & id string fName = reader["firstName"].ToString(); string id = reader["id"].ToString(); // Save session info Session["fName"] = fName; Session["userID"] = id; // Greet user lblGreet.Text = string.Format("Welcome {0}!", fName); // Toggle login box and logout button ShowLogin(false); } else { // Display error message lblGreet.Text = "Sorry, the provided information did not match any of our records."; } // Close the connection dbm.CloseConnection(); }
protected void Page_Load(object sender, EventArgs e) { // Verify a user is logged in if (Session["userID"] == null) { // Passing status to main page via GET to let it handle // the no logged in user situation. Response.Redirect("~/index.aspx?status=nologin"); } else { //System.Diagnostics.Debug.WriteLine("######### id: " + Session["userID"].ToString()); // Retrieve user's name string user = Session["fName"].ToString(); // Greet user lblGreet.Text = user + ", here are our current products:"; DBMaster dbm = new DBMaster(); // Create Query string query = "SELECT pid, productName, description, price " + "FROM products WHERE currentAmount > 0 ORDER BY productName ASC"; //System.Diagnostics.Debug.WriteLine("######### query: " + query); // Open connection and execute Query. SqlDataReader reader = dbm.GetReader(query); // Display the found products while (reader.Read()) { double price2 = 0.0; // Get the current record string pid = reader["pid"].ToString(); string product = reader["productName"].ToString(); string description = reader["description"].ToString(); string price = reader["price"].ToString(); HtmlAnchor link = new HtmlAnchor(); // Create the link control. link.HRef = "oneclickBuy.aspx?id=" + pid; // Since I'm selling ice cream, humorously saying lick to buy. link.InnerText = "Single Lick Buy\x2122"; // Let's see if I can successfully format the price as 00.00 if (double.TryParse(price, out price2)) { price = string.Format("{0:C}", price2); } else { // The chances of this executing are slim to none since // price is in the database as a number. price = "$" + price; } // Create a Table Row and cells TableRow trRow = new TableRow(); TableCell tcProduct = new TableCell(); TableCell tcDescription = new TableCell(); TableCell tcPrice = new TableCell(); TableCell tcBuy = new TableCell(); // Populate the row cells tcProduct.Text = product; tcDescription.Text = description; tcPrice.Text = price; tcBuy.Controls.Add(link); // Add the cells to the Row trRow.Cells.Add(tcProduct); trRow.Cells.Add(tcDescription); trRow.Cells.Add(tcPrice); trRow.Cells.Add(tcBuy); // And add the row to the table tblProducts.Rows.Add(trRow); } // Close the connection. dbm.CloseConnection(); } }
protected void Page_Load(object sender, EventArgs e) { // Verify a user is logged in if (Session["userID"] == null) { // Passing status to main page via GET to let it handle the no // logged-in user situation. Response.Redirect("~/index.aspx?status=nologin"); } else { const string BUSINESS = "Ice Cream Internet Parlor"; DBMaster dbm = new DBMaster(); SqlDataReader reader = null; string query = ""; string product = ""; string price = ""; string address = ""; string email = ""; string id = Session["UserID"].ToString(); // Retrieve user's name from Session string fName = Session["fName"].ToString(); string lName = ""; // Get id from URL string pid = Request.QueryString["id"]; string message = "Hi! " + fName; double price2 = 0.0; // First, get product name & price query = "SELECT productName, price FROM products WHERE pid = " + pid; // Execute the query reader = dbm.GetReader(query); if (reader.Read()) { product = reader["productName"].ToString(); price = reader["price"].ToString(); // Make Price look like a proper price (2 significant digits) if (double.TryParse(price, out price2)) { price = string.Format("{0:C}", price2); } else { // The chances of this executing are slim to none since // price is in the database as a number. price = "$" + price; } } dbm.CloseReader(); // Done with the reader, for now. // Second, decrement the amount query = "UPDATE products SET currentAmount -= 1 WHERE pid = " + pid; dbm.ExecuteNonQuery(query); // Third, get user's address. query = "SELECT * FROM person WHERE id = " + id; // Get the needed info from the person table. reader = dbm.GetReader(query); if (reader.Read()) { address = reader["address"].ToString(); email = reader["email"].ToString(); lName = reader["lastName"].ToString(); } // We have all the pieces we need from the database. dbm.CloseReader(); dbm.CloseConnection(); // Build up the message; the Greeting line is already added. message += string.Format( "<p>Thank you for purchasing <b>{0}</b>. " + "Your credit card on file will be charged <b>{1}</b><br/>" + "Your purchase will be shipped to: <b>{2}</b></p>" + "<p>Thanks for shopping at {3}! " + "It is a pleasure doing business with you.</p>", product, price, address, BUSINESS); divGreet.InnerHtml = message; /* No point in running the rest of the code if there is no from email and * password - JK * // Get sender credentials * string fromEmail = ""; * string fromPassword = ""; * * // Combine first and last names into one string * string toName = string.Format("{0} {1}", fName, lName); * * // Create a MailMessage object * MailAddress from = new MailAddress(fromEmail, BUSINESS); * MailAddress to = new MailAddress(email, toName); * MailMessage mail = new MailMessage(from, to); * * // Build the email * mail.Subject = "Your order from " + BUSINESS; * mail.Body = message; * // And tell message we're using HTML * mail.IsBodyHtml = true; * * // Set SMTP for gmail * SmtpClient smtp = new SmtpClient("smtp.gmail.com", 587); * * // Provide the credentials * smtp.Credentials = new NetworkCredential(fromEmail, fromPassword); * smtp.EnableSsl = true; * * // Send the email * smtp.Send(mail); */ } }