protected void Page_Load(object sender, EventArgs e) { if (Session["employeeLoggedIn"] == null) { Response.Redirect("Login.aspx"); } if (Session["employeeLoggedIn"].ToString() != "True") { Response.Redirect("Login.aspx"); } loginType = (int)Session["login"]; if (loginType == 2) { Response.Redirect("Admin.aspx"); } else if (loginType == 1) { Response.Redirect("HomePage.aspx"); } else if (loginType == -1) { Response.Redirect("Logout.aspx"); } else { user = (RewardProvider)Session["user"]; } }
protected void BtnCommitRewardProvider_Click(object sender, EventArgs e) { try { RewardProvider company = new RewardProvider(CompanyNameText.Text, PhoneNumberText.Text, VendorEmailText.Text); company.setLastUpdatedBy((string)(Session["loggedIn"])); SqlConnection sc = new SqlConnection(); sc.ConnectionString = ConfigurationManager.ConnectionStrings["GroupProjectConnectionString"].ConnectionString; sc.Open(); SqlCommand insert = new SqlCommand(); insert.Connection = sc; insert.CommandText = "select [Email] from [RewardProvider] where [Email] = @E_mail"; insert.Parameters.AddWithValue("@E_mail", company.getEmail()); SqlDataReader reader = insert.ExecuteReader(); if (reader.HasRows) { //Response.Write("<script>alert('Email record has already existed in Database')</script>"); //reader.Close(); //sc.Close(); } else { reader.Close(); insert.CommandText = "INSERT INTO [dbo].[RewardProvider] ([RewardProviderName],[PhoneNumber],[Email],[UserName],[Password],[Balance],[LastUpdated],[LastUpdatedBy]) VALUES" + "(@CompanyName,@PhoneNumber,@E_mail,@userName,@Password,@Balance,@LastUpdated,@LastUpdatedBy)"; insert.Parameters.AddWithValue("@CompanyName", company.getCompanyName()); insert.Parameters.AddWithValue("@PhoneNumber", company.getPhoneNumber()); insert.Parameters.AddWithValue("@Balance", "0"); insert.Parameters.AddWithValue("@LastUpdated", company.getLastUpdated()); insert.Parameters.AddWithValue("@LastUpdatedBy", company.getLastUpdatedBy()); string password = System.Web.Security.Membership.GeneratePassword(8, 6); string passwordHashNew = SimpleHash.ComputeHash(password, "MD5", null); insert.Parameters.AddWithValue("@Password", passwordHashNew); insert.Parameters.AddWithValue("@UserName", company.getEmail()); insert.ExecuteNonQuery(); sc.Close(); Send_MailVendor(company.getEmail(), company.getCompanyName(), password); Response.Write("<script>alert('Vendor Added: " + company.getCompanyName() + " is created')</script>"); CompanyNameText.Text = string.Empty; PhoneNumberText.Text = string.Empty; VendorEmailText.Text = string.Empty; } sc.Close(); addVendorToPool(company.getEmail()); } catch { Response.Write("<script>alert('Company not found in Database')</script>"); } }
protected void loadProfilePicture() { RewardProvider rp = new RewardProvider(); con.Open(); try { SqlCommand select = new SqlCommand(); select.Connection = con; select.CommandText = "SELECT ProviderPicture FROM [dbo].[RewardProvider] WHERE ProviderID = " + Session["ProviderID"]; string currentPicture = (String)select.ExecuteScalar(); profilePicture.ImageUrl = "~/Images/" + currentPicture; lblUser.Text = (String)Session["ProviderName"]; } catch (Exception) { } con.Close(); }
protected void getLoginInfo(int loginID, int loginType) { try { SqlConnection conn = ProjectDB.connectToDB(); switch (loginType) { case 1: string empCommand = "select top 1 EmployeeID, FirstName, LastName, Email, LastUpdatedBy, LastUpdated, Points, Enabled, CompanyID, LandingPage, Nickname, " + "UseNickname, UseAnon FROM [dbo].[Employee] WHERE EmpLoginID = @EmpLoginID"; SqlCommand select = new SqlCommand(empCommand, conn); select.Parameters.AddWithValue("@EmpLoginID", loginID); SqlDataReader empReader = select.ExecuteReader(); if (empReader.HasRows) { empReader.Read(); int id = (int)empReader["EmployeeID"]; string fname = empReader["FirstName"].ToString(); string lname = empReader["LastName"].ToString(); string email = empReader["Email"].ToString(); string updateBy = empReader["LastUpdatedBy"].ToString(); DateTime update = (DateTime)empReader["LastUpdated"]; Decimal points = (Decimal)empReader["Points"]; string nickname = " "; if (empReader["Nickname"] == DBNull.Value) { nickname = " "; } else { nickname = empReader["Nickname"].ToString(); } Boolean enabled = (Boolean)empReader["Enabled"]; int companyid = (int)empReader["CompanyID"]; int landing = (int)empReader["LandingPage"]; Boolean usenick = (Boolean)empReader["UseNickname"]; Boolean anon = (Boolean)empReader["UseAnon"]; Employee user = new Employee(id, fname, lname, email, updateBy, update, loginID, points, enabled, companyid, landing, usenick, nickname, anon); Session["user"] = user; } break; case 2: string adminCommand = "select top 1 AdminID, FirstName, LastName, Email, LastUpdatedBy, LastUpdated, CompanyID from [dbo].[Administrator] where EmpLoginID = @EmpLoginID"; SqlCommand adminSelect = new SqlCommand(adminCommand, conn); adminSelect.Parameters.AddWithValue("@EmpLoginID", loginID); SqlDataReader adminReader = adminSelect.ExecuteReader(); if (adminReader.HasRows) { adminReader.Read(); int id = (int)adminReader["AdminID"]; string fname = adminReader["FirstName"].ToString(); string lname = adminReader["LastName"].ToString(); string email = adminReader["Email"].ToString(); string updatedBy = adminReader["LastUpdatedBy"].ToString(); DateTime update = (DateTime)adminReader["LastUpdated"]; int companyID = (int)adminReader["CompanyID"]; Administrator user = new Administrator(id, fname, lname, email, updatedBy, update, loginID, companyID); Session["user"] = user; } break; case 3: string vendorCommand = "select top 1 ProviderID, ProviderName, ContactFirstName, ContactLastName, ContactPhoneNum, ContactEmail, LastUpdatedBy, LastUpdated, CompanyID" + " from [dbo].[RewardProvider] where LoginID = @EmpLoginID"; SqlCommand vendorSelect = new SqlCommand(vendorCommand, conn); vendorSelect.Parameters.AddWithValue("@EmpLoginID", loginID); SqlDataReader vendorReader = vendorSelect.ExecuteReader(); if (vendorReader.HasRows) { vendorReader.Read(); int id = (int)vendorReader["ProviderID"]; String providerName = vendorReader["ProviderName"].ToString(); String fname = vendorReader["ContactFirstName"].ToString(); String lname = vendorReader["ContactLastName"].ToString(); String phone = vendorReader["ContactPhoneNum"].ToString(); String email = vendorReader["ContactEmail"].ToString(); String lastUpdatedBy = vendorReader["LastUpdatedBy"].ToString(); DateTime lastUpdated = (DateTime)vendorReader["LastUpdated"]; int companyID = (int)vendorReader["CompanyID"]; RewardProvider user = new RewardProvider(id, providerName, fname, lname, phone, email, lastUpdated, lastUpdatedBy, companyID, loginID); Session["user"] = user; } break; default: break; } conn.Close(); } catch (Exception ex) { } }