protected void Page_Load(object sender, EventArgs e) { // Connect to the database DatabaseMgmt objdbMgmt = new DatabaseMgmt(); objdbMgmt.Connect(); string strSqlCmd; // System.Data.OleDb.OleDbDataReader objDataReader; System.Data.SqlClient.SqlDataReader objDataReader; double curOringalPrice; // Retrieve the details of product of a given product ID // from the database int intProductId; intProductId = Convert.ToInt32(Request.QueryString["ProductId"]); strSqlCmd = "SELECT * FROM Product WHERE ProductId=" + intProductId; objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd); // Read the only record retrieved if (objDataReader.Read()) { // Display the product title lblProductTitle.Text = (string)objDataReader["ProductTitle"]; // Display the product description if (objDataReader["ProductDesc"] != DBNull.Value) { lblProductDesc.Text = (string)objDataReader["ProductDesc"]; } // Display the product image imgProduct.ImageUrl = "images/products/" + (string)objDataReader["ProductImage"]; // Display the product price // Format to display two decimals curOringalPrice = Convert.ToDouble(objDataReader["Price"]); lblProductPrice.Text = "$" + string.Format(Convert.ToString(curOringalPrice), "0.00"); objDataReader.Close(); } // Retrieve the dynamic attributes of a given product strSqlCmd = "SELECT an.AttributeName, pa.AttributeVal FROM AttributeName an INNER JOIN ProductAttribute pa ON an.AttributeNameID=pa.AttributeNameID WHERE pa.ProductID=" + intProductId; objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd); // Bind the records to the data grid control dgAttribute.DataSource = objDataReader; dgAttribute.DataBind(); objDataReader.Close(); objdbMgmt.Close(); }
protected void getAnswer_Changed(object sender, EventArgs e) { string Question; //Read Database DatabaseMgmt dbObj = new DatabaseMgmt(); SqlDataReader dR; dbObj.Connect(); string strSqlCmd; strSqlCmd = $"select Name, ShopperID, SecurityQn, QnAnswer from Shopper where Name='{nameEmailViewTextBox.Text}' and passwd = '{passwordEmailViewTextBox.Text}'"; dR = dbObj.ExecuteSelect(strSqlCmd); if (dR.Read()) { MultiView1.SetActiveView(EmailView); Question = dR["SecurityQn"].ToString(); QuestionEmailLabel.Text = Question; } else { QuestionEmailLabel.Text = "No Account found"; MultiView1.SetActiveView(EmailView); } }
protected void loginButton_Click(object sender, EventArgs e) { SqlDataReader dR; string strPassword; DatabaseMgmt dbObj = new DatabaseMgmt(); string selStr = $"select passwd, name, ShopperId from SHopper Where email ='{emailTextBox.Text}'"; dR = dbObj.ExecuteSelect(selStr); if (dR.Read()) { strPassword = dR["passwd"].ToString(); if (strPassword == pswTextBox.Text) { Session["Password"] = strPassword; Session["Name"] = dR["name"].ToString(); Session["ShopperId"] = dR["ShopperID"].ToString(); Response.Redirect("Home.aspx"); } else { msgLabel.Text = "Email or password incorrect"; } } else { msgLabel.Text = "Email or password incorrect"; } dR.Close(); }
protected void EmailDetailsChanged_Changed(object sender, EventArgs e) { MultiView1.SetActiveView(PasswordView); object returnVal; string Name; //Read Database DatabaseMgmt dbObj = new DatabaseMgmt(); SqlDataReader dR; dbObj.Connect(); string strSqlCmd; strSqlCmd = $"select SecurityQn, ShopperID from Shopper where Email='{emailDetailsTextBox.Text}'"; dR = dbObj.ExecuteSelect(strSqlCmd); if (dR.Read()) { SecurityQnLabel.Text = dR["SecurityQn"].ToString(); } else { SecurityQnLabel.Text = "No Account found!"; } }
protected void Page_Load(object sender, EventArgs e) { if (Session["ShopperID"] == null) { Response.Redirect("Login.aspx"); } else { DatabaseMgmt objdbMgmt = new DatabaseMgmt(); SqlDataReader dR; objdbMgmt.Connect(); string strSqlCmd; strSqlCmd = $"select address,email,phone, passwd from Shopper where ShopperID='{Session["ShopperId"]}'"; dR = objdbMgmt.ExecuteSelect(strSqlCmd); if (displayNameCheckBox.Checked == true) { } NameLabel.Text = (string)Session["Name"]; if (dR.Read()) { PasswordLabel.Text = dR["Passwd"].ToString().Trim(); AddressLabel.Text = dR["address"].ToString(); EmailLabel.Text = dR["email"].ToString(); PhoneLabel.Text = dR["phone"].ToString(); } } }
protected void btnAddCart_Click(object sender, EventArgs e) { // Set the Session Variables: // ProductID, ProductName, ProductPrice and Quantity //=================================================== DatabaseMgmt objdbMgmt = new DatabaseMgmt(); SqlDataReader dR; string strSqlCmd = $"select quantity from Product where productId = {int.Parse(Request["ProductId"])}"; dR = objdbMgmt.ExecuteSelect(strSqlCmd); if (dR.Read()) { if (int.Parse(txtQty.Text) > int.Parse(dR["quantity"].ToString())) { Response.Write("<script>alert('Invalid quantity/Sold out');</script>"); return; } } Session["Quantity"] = txtQty.Text; Session["ProductName"] = lblProductTitle.Text; Session["ProductPrice"] = lblProductPrice.Text; Session["ProductID"] = Request["ProductId"]; // Re-direct to AddItem page to add the // selected item to the shopping cart Response.Redirect("AddItem.aspx"); }
protected void RegisterButton_Click(object sender, EventArgs e) { int intQty = 0; double dblBalance = 0, dblTotalValue = 0, dblPrice = 0; DatabaseMgmt objdbMgmt = new DatabaseMgmt(); DatabaseMgmt objdbMgmtProduct = new DatabaseMgmt(); DatabaseMgmt objdbMgmtUpdate = new DatabaseMgmt(); DatabaseMgmt objdbAccCredit = new DatabaseMgmt(); SqlDataReader dR, dRProduct, dRBalance; string strSqlCmd = $"Select productId,price,quantity from shopcartitem where shopcartid = '{Session["ShopCartId"]}'"; dR = objdbMgmt.ExecuteSelect(strSqlCmd); while (dR.Read()) { intQty = int.Parse(dR["quantity"].ToString()); dblPrice = double.Parse(dR["price"].ToString()); strSqlCmd = $"Select productid,quantity from product where productid = '{dR["productId"]}'"; dRProduct = objdbMgmtProduct.ExecuteSelect(strSqlCmd); while (dRProduct.Read()) { dblTotalValue = dblPrice * intQty; strSqlCmd = $"Select Balance FROM AccountCredit Where AccBalanceID = " + Session["ShopperID"]; dRBalance = objdbAccCredit.ExecuteSelect(strSqlCmd); if (dRBalance.Read()) { dblBalance = double.Parse(dRBalance["Balance"].ToString()); } dRBalance.Close(); dblBalance = dblBalance - dblTotalValue; if (dblBalance >= 0) { strSqlCmd = $"Update AccountCredit Set Balance = {dblBalance} Where AccBalanceID = " + Session["ShopperID"]; objdbAccCredit.ExecuteNonQuery(strSqlCmd); int intTmp = int.Parse(dRProduct["quantity"].ToString()) - int.Parse(dR["quantity"].ToString()); strSqlCmd = $"update Product set quantity = {intTmp} where productId = '{dRProduct["productid"]}'"; objdbMgmtUpdate.ExecuteNonQuery(strSqlCmd); msgLabel.Text = "Your order will be delivered soon"; } else { msgLabel.Text = "Insufficient Funds, please top up your account"; } } dRProduct.Close(); Session["ShopCartId"] = null; Response.AddHeader("REFRESH", "3;URL=Home.aspx"); } }
protected void btnUpdateCart_Click(object sender, EventArgs e) { // Connect to the database DatabaseMgmt objdbMgmt = new DatabaseMgmt(); string strSqlCmd; // Iterate through all rows within shopping cart list // (i.e. the dgShopCart data grid) int i; for (i = 0; i <= dgShopCart.Rows.Count - 1; i++) { // Obtain references to row's controls TextBox txtQuantity; txtQuantity = (TextBox)dgShopCart.Rows[i].FindControl("txtQty"); // Get the quantity value from textbox // and convert to integer int intQuantity; intQuantity = Convert.ToInt16(txtQuantity.Text); if (intQuantity <= 0) { Response.Write("<script>alert('Invalid quantity');</script>"); return; } // Get the ProductId from the first cell // and convert to integer int intProductID; intProductID = Convert.ToInt16(dgShopCart.Rows[i].Cells[0].Text); strSqlCmd = $"select quantity from Product where productId = {intProductID}"; SqlDataReader dR = objdbMgmt.ExecuteSelect(strSqlCmd); if (dR.Read()) { if (intQuantity > int.Parse(dR["quantity"].ToString())) { Response.Write("<script>alert('Invalid quantity');</script>"); return; } } objdbMgmt.Close(); // Update quantity order of shopping cart in database strSqlCmd = "UPDATE ShopCartItem SET Quantity=" + intQuantity + " WHERE ShopCartID=" + Session["ShopCartID"] + " AND ProductId=" + intProductID; objdbMgmt.Open(); objdbMgmt.ExecuteNonQuery(strSqlCmd); } displayShopCart(); objdbMgmt.Close(); }
protected void cardSaveButton_Click(object sender, EventArgs e) { strCardName = nameTextBox2.Text; strCardNumber = cardTextBox.Text; strExpiryDate = expiryDateTextbox.Text; strCVC = cvcTextbox.Text; //getting sessioin ID strSqlCmd = $"Select ShopperID FROM Shopper Where ShopperID = " + Session["ShopperID"]; objDataReader = dbObj.ExecuteSelect(strSqlCmd); if (objDataReader.Read()) { intShopperID = int.Parse(objDataReader["ShopperID"].ToString()); } objDataReader.Close(); //checking if card is already saved strSqlCmd = $"Select ManualID FROM CreditCard Where ManualID = " + Session["ShopperID"]; objDataReader = dbObj.ExecuteSelect(strSqlCmd); if (objDataReader.Read()) { intManualID = int.Parse(objDataReader["ManualID"].ToString()); } objDataReader.Close(); if (intShopperID != intManualID) { strSqlCmd = $"Insert into CreditCard(NameOnCard, CardNumber, ExpiryDate, CVC, ManualId) VALUES ('{strCardName}','{strCardNumber}'," + $"'{strExpiryDate}','{strCVC}', {intShopperID})"; dbObj.ExecuteNonQuery(strSqlCmd); msgLabel3.Text = "Card Successfully Saved"; } else { msgLabel3.Text = "Card Previously Saved"; } }
protected void Page_Load(object sender, EventArgs e) { DatabaseMgmt dbObj = new DatabaseMgmt(); string strSqlCmd; SqlDataReader sqlDataReader; strSqlCmd = "Select * From Department"; sqlDataReader = dbObj.ExecuteSelect(strSqlCmd); dgDept.DataSource = sqlDataReader; dgDept.DataBind(); dbObj.Close(); }
private void displayShopCart() { lblEmptyShopCart.Visible = false; dgShopCart.Visible = true; lblSubTotal.Visible = true; btnUpdateCart.Visible = true; btnCheckOut.Visible = true; // Establish a database connection DatabaseMgmt objdbMgmt = new DatabaseMgmt(); // Get items in the designated shopping cart. string strSqlCmd; SqlDataReader objDataReader; strSqlCmd = "SELECT ShopCartID, ProductID, Name, Price, Quantity, DateAdded, Price * Quantity as Total FROM ShopCartItem WHERE ShopCartID=" + Session["ShopCartId"]; objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd); // Bind the records to the data list control dgShopCart.DataSource = objDataReader; dgShopCart.DataBind(); objDataReader.Close(); // Check for empty shopping cart if (dgShopCart.Rows.Count == 0) { // Call a subroutine to display empty Shopping Cart message displayEmptyShopCart(); } else { // Calculate the subtotal. double dblSubTotal; strSqlCmd = "SELECT SUM(Price * Quantity) as SubTotal FROM ShopCartItem WHERE ShopCartID=" + Session["ShopCartId"]; dblSubTotal = Convert.ToDouble(objdbMgmt.ExecuteScalar(strSqlCmd)); // Display the subtotal. string strSubTotal = string.Format("{0:c}", dblSubTotal, 2); lblSubTotal.Text = "Subtotal (before tax and shipping charge): " + strSubTotal; } objdbMgmt.Close(); }
protected void Page_Load(object sender, EventArgs e) { //loads balance strSqlCmd = $"Select Balance FROM AccountCredit Where AccBalanceID = " + Session["ShopperID"]; objDataReader = dbObj.ExecuteSelect(strSqlCmd); if (objDataReader.Read()) { dblBalance = Convert.ToDouble(objDataReader["Balance"]); } objDataReader.Close(); balanceTextBox.Text = "$" + string.Format(Convert.ToString(dblBalance), "0.00"); }
protected void Page_Load(object sender, EventArgs e) { DatabaseMgmt objdbMgmt = new DatabaseMgmt(); SqlDataReader dR; objdbMgmt.Connect(); string strSqlCmd; strSqlCmd = $"select address,email,phone from Shopper where ShopperID='{Session["ShopperId"]}'"; dR = objdbMgmt.ExecuteSelect(strSqlCmd); nameTextBox.Text = (string)Session["Name"]; if (dR.Read()) { addressTextbox.Text = dR["address"].ToString(); emailTextbox.Text = dR["email"].ToString(); phoneTextbox.Text = dR["phone"].ToString(); } }
protected void Page_Load(object sender, EventArgs e) { DatabaseMgmt objdbMgmt = new DatabaseMgmt(); string strSqlCmd; SqlDataReader dR; if (Session["ShopperID"] != null) { LogoutButton.Visible = true; RegisterButton.Visible = false; loginsButton.Visible = false; SellButton.Visible = true; ProfileButton.Visible = true; Shopping_cartBtn.Visible = true; CheckoutBtn.Visible = true; ProfileButton.Text = $"Welcome , {Session["Name"]}"; } else { RegisterButton.Visible = true; LogoutButton.Visible = false; loginsButton.Visible = true; SellButton.Visible = false; ProfileButton.Visible = false; Shopping_cartBtn.Visible = false; CheckoutBtn.Visible = false; } if (Session["ShopCartId"] != null) { strSqlCmd = $"select quantity from shopcartitem where shopcartid = '{Session["ShopCartId"]}'"; dR = objdbMgmt.ExecuteSelect(strSqlCmd); while (dR.Read()) { itemnum = itemnum + int.Parse(dR["quantity"].ToString()); } Shopping_cartBtn.Text = $"Shop Cart ({itemnum})"; } }
protected void Page_Load(object sender, EventArgs e) { DatabaseMgmt objdbMgmt = new DatabaseMgmt(); string strSqlCmd; SqlDataReader objDataReader; if (IsPostBack == false) { if (Request.QueryString["search"] == null) { Session["LastDeptID"] = Request["DeptID"]; strSqlCmd = "SELECT DeptName, DeptDesc FROM Department WHERE DepartmentID=" + Request.QueryString["DeptID"]; objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd); // Close the data reader objDataReader.Close(); strSqlCmd = "SELECT count(p.ProductId) FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE dp.DepartmentID = " + Request.QueryString["DeptID"]; dgDeptProduct.VirtualItemCount = int.Parse(objdbMgmt.ExecuteScalar(strSqlCmd).ToString()); BindData("SELECT p.ProductID, p.ProductTitle, p.ProductImage, p.Price, p.Quantity FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE dp.DepartmentID = " + Request.QueryString["DeptID"]); } else { strSqlCmd = "SELECT count(p.ProductId) FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID = p.ProductID" + " WHERE p.ProductTitle like '%" + Request.QueryString["search"] + "%'"; dgDeptProduct.VirtualItemCount = int.Parse(objdbMgmt.ExecuteScalar(strSqlCmd).ToString()); BindData("SELECT p.ProductID, p.ProductTitle,p.ProductImage, p.Price, p.Quantity FROM DepartmentProduct dp INNER JOIN Product p ON dp.ProductID=p.ProductID" + " WHERE p.ProductTitle like '%" + Request.QueryString["search"] + "%'"); } } }
protected void PasswordFormSubmitButton_Click(object sender, EventArgs e) { string Question; //Read Database DatabaseMgmt dbObj = new DatabaseMgmt(); SqlDataReader dR; dbObj.Connect(); string strSqlCmd; strSqlCmd = $"select Name, ShopperID, SecurityQn, QnAnswer from Shopper where Email='{emailDetailsTextBox.Text}'"; dR = dbObj.ExecuteSelect(strSqlCmd); if (dR.Read()) { Question = dR["QnAnswer"].ToString(); if (AnswerTextBox.Text == Question) { MultiView1.SetActiveView(PasswordChangeView); Session["email"] = emailDetailsTextBox.Text; } else { SecurityQnLabel.Text = "Wrong"; MultiView1.SetActiveView(PasswordView); } } else { SecurityQnLabel.Text = "No Account found!"; MultiView1.SetActiveView(PasswordView); } }
protected void ContinueButton_Click(object sender, EventArgs e) { string Question; //Read Database DatabaseMgmt dbObj = new DatabaseMgmt(); SqlDataReader dR; dbObj.Connect(); string strSqlCmd; strSqlCmd = $"select SecurityQn, QnAnswer, Email, ShopperID from Shopper where Name='{nameEmailViewTextBox.Text}'"; dR = dbObj.ExecuteSelect(strSqlCmd); if (dR.Read()) { Question = dR["QnAnswer"].ToString(); if (answerEmailViewTextBox.Text == Question) { MultiView1.SetActiveView(EmailChangeView); Session["name"] = nameEmailViewTextBox.Text; Session["passwd"] = passwordEmailViewTextBox.Text; } else { MultiView1.SetActiveView(EmailView); QuestionEmailLabel.Text = "Wrong Answer!"; } } else { MultiView1.SetActiveView(EmailView); QuestionEmailLabel.Text = "No Account found!"; } }
protected void Update_Click(object sender, EventArgs e) { int temp; string sqlcmd = $"update shopper set address = '{addressTextbox.Text}', email = '{emailTextbox.Text}', passwd = '{pswTextBox.Text}', phone = '{phoneTextBox.Text}' where shopperid = '{Session["ShopperId"]}'"; DatabaseMgmt dbObj = new DatabaseMgmt(); temp = dbObj.ExecuteNonQuery(sqlcmd); //Read the Database. DatabaseMgmt objdbMgmt = new DatabaseMgmt(); SqlDataReader dR; objdbMgmt.Connect(); string strSqlCmd; strSqlCmd = $"select address,email,phone, passwd from Shopper where ShopperID='{Session["ShopperId"]}'"; dR = dbObj.ExecuteSelect(strSqlCmd); NameLabel.Text = (string)Session["Name"]; if (dR.Read()) { AddressLabel.Text = dR["address"].ToString(); EmailLabel.Text = dR["email"].ToString(); PhoneLabel.Text = dR["phone"].ToString(); } int other; string sqlcommands = $"Insert into shopper (DisplayName) VALUES ('{displaynameTextBox.Text}')" + $"Select DisplayName from ShopperID where ShopperID = '{Session["ShopperID"]}'"; if (displayNameCheckBox.Checked == true) { DatabaseMgmt db = new DatabaseMgmt(); other = db.ExecuteNonQuery(sqlcommands); objdbMgmt.Connect(); string strSqlCmds; strSqlCmds = $"select DisplayName from Shopper where ShopperID='{Session["ShopperId"]}'"; dR = db.ExecuteSelect(strSqlCmds); if (dR.Read()) { displayNameLabel.Text = dR["DisplayName"].ToString(); } } else { displayNameLabel.Text = "Unused"; } msgLabel.Text = "Updated Information!"; NameLabel.Visible = true; PasswordLabel.Visible = true; AddressLabel.Visible = true; EmailLabel.Visible = true; PhoneLabel.Visible = true; nameTextBox.Visible = false; pswTextBox.Visible = false; addressTextbox.Visible = false; emailTextbox.Visible = false; phoneTextBox.Visible = false; if (displaynameTextBox.Visible == true) { displaynameTextBox.Visible = false; } ConfirmButton.Visible = false; backButton.Visible = false; EditButton.Visible = true; }
protected void loginButton_Click(object sender, EventArgs e) { attemptCounts = attemptCounts + 1; SqlDataReader dR; string strPassword; DatabaseMgmt dbObj = new DatabaseMgmt(); string selStr = $"select passwd, name, ShopperId from SHopper Where email ='{emailTextBox.Text}'"; dR = dbObj.ExecuteSelect(selStr); if (dR.Read()) { if (attemptCounts < 3) { strPassword = dR["passwd"].ToString(); if (strPassword == pswTextBox.Text) { Session["Password"] = strPassword; Session["Name"] = dR["name"].ToString(); Session["ShopperId"] = dR["ShopperID"].ToString(); Response.Redirect("Home.aspx"); } else { msgLabel.Text = "Email or password incorrect"; } } else if (attemptCounts == 3) { suggestionHyperLink.Visible = true; suggestionHyperLink.Text = "Forgot your password?"; if (dR.Read()) { strPassword = dR["passwd"].ToString(); if (strPassword == pswTextBox.Text) { Session["Password"] = strPassword; Session["Name"] = dR["name"].ToString(); Session["ShopperId"] = dR["ShopperID"].ToString(); Response.Redirect("Home.aspx"); } else { msgLabel.Text = "Email or password incorrect"; } } } else { if (attemptCounts == 3) { suggestionHyperLink.Visible = true; suggestionHyperLink.Text = "Forgot your password?"; } else { //timeout msgLabel.Text = "Reload the Web"; } } } else { msgLabel.Text = "Email or password incorrect"; } dR.Close(); }
protected void Page_Load(object sender, EventArgs e) { // Don't allow non-member to purchase a product if (Session["ShopperID"] == null) { Response.Redirect("Login.aspx"); } int intProductID; string strProductName; double dblProductPrice; int intQuantity; int intShopCartID; int intShopperID; bool flgAddItem; string strSqlCmd; // Read product's details from session variables intProductID = Convert.ToInt32(Session["ProductID"]); dblProductPrice = Convert.ToDouble(Double.Parse((string)Session["ProductPrice"], System.Globalization.NumberStyles.Currency)); intQuantity = Convert.ToInt32(Session["Quantity"]); // Replace any single-quote with two single-quote strProductName = Convert.ToString(Session["ProductName"]); // Connect to the database DatabaseMgmt objdbMgmt = new DatabaseMgmt(); //objdbMgmt.Connect(); // Check whether a shopping cart has been created. if (Session["ShopCartID"] == null) { // Create a new shopping cart //--------------------------- intShopperID = Convert.ToInt32(Session["ShopperID"]); strSqlCmd = "INSERT INTO ShopCart(ShopperID) VALUES(" + intShopperID + ")"; objdbMgmt.ExecuteNonQuery(strSqlCmd); // Get the new Shopping Cart ID strSqlCmd = "SELECT MAX(ShopCartID) AS maxShopCartID " + "FROM ShopCart WHERE ShopperID=" + intShopperID; // Save the Shopping Cart ID in a session variable Session["ShopCartID"] = objdbMgmt.ExecuteScalar(strSqlCmd); // Set AddItem flag to true - to add item to shopping cart. flgAddItem = true; } else { // Shopping cart already created //------------------------------- intShopCartID = Convert.ToInt32(Session["ShopCartID"]); // Retrieve selected product from shopping cart. System.Data.SqlClient.SqlDataReader objDataReader; strSqlCmd = "SELECT Quantity FROM ShopCartItem WHERE ProductID=" + intProductID + " AND ShopCartID=" + intShopCartID; objDataReader = objdbMgmt.ExecuteSelect(strSqlCmd); // Check whether selected item is already in shopping cart. // If yes, update order quantity instead of adding new item. if (objDataReader.HasRows) { // Close the data reader objDataReader.Close(); // update quantity of Shop Cart Item strSqlCmd = "UPDATE ShopCartItem SET Quantity = Quantity + " + intQuantity + " WHERE ProductID =" + intProductID + " AND ShopCartID =" + intShopCartID; objdbMgmt.ExecuteNonQuery(strSqlCmd); // Set AddItem flag to false - do not add item to cart flgAddItem = false; } else { // Close the data reader objDataReader.Close(); // Set AddItem flag to true - to add item to cart flgAddItem = true; } } // If it is a new item, add item into shopping cart. if (flgAddItem) { // Add Shop Cart Item to the database strSqlCmd = "INSERT INTO ShopCartitem (ShopCartID, Quantity, Price, Name, ProductID)" + " VALUES (" + Session["ShopCartId"] + "," + intQuantity + "," + dblProductPrice + ",'" + strProductName + "'," + intProductID + ")"; objdbMgmt.ExecuteNonQuery(strSqlCmd); } objdbMgmt.Close(); // Re-direct to ShopCart page for display of shopping cart Response.Redirect("ShopCart.aspx"); }