protected void Button1_Click(object sender, EventArgs e) { CustomerAddresses custAddr = new CustomerAddresses(); custAddr.firstname = txtFirstName.Text; custAddr.lastname = txtLastName.Text; custAddr.address = txtAddress.Text; custAddr.city = txtCity.Text; custAddr.province = txtProvince.Text; custAddr.postalcode = txtPostalCode.Text; custAddr.phone = txtPhone.Text; custAddr.email = txtEmail.Text; Session["CustomerAddresses"] = null; Session["CustomerAddresses"] = custAddr; Response.Redirect("payment.aspx"); }
protected void Page_Load(object sender, EventArgs e) { if (Session["Cart"] == null) { Response.Redirect("cart.aspx"); } if (Session["CustomerAddresses"] == null) { Response.Redirect("customer.aspx"); } else { CustomerAddresses cust = (CustomerAddresses)Session["CustomerAddresses"]; lblBillingAddress.Text = cust.firstname + " " + cust.lastname + "<br />" + cust.address + "<br />" + cust.city + "," + cust.province + "<br />" + cust.postalcode + "<br />"; lblPhone.Text = cust.phone; lblEmail.Text = cust.email; } }
protected void Button1_Click(object sender, EventArgs e) { bool paymentSuccess = false; decimal OrderTotal = 0; string PaymentType = ddlPaymentType.SelectedValue; int customerID = 0; int orderID = 0; // This assignment does not require the credit card payment to be made. // Therefore, it is assumed that the payment is succeeded. // The below code sets the paymentSuccess value to be true. if (Session["Cart"] != null && Session["CustomerAddresses"] != null) { foreach (CartItem cartItem in (List <CartItem>)Session["Cart"]) { OrderTotal += cartItem.subtotal; } // Enter codes here to process creditcard payment! paymentSuccess = true; } else { lblError.Text = "Cart session and the customer detail sessions are not available or expired."; } if (paymentSuccess && OrderTotal > 0) { // Saving all the details to database string connString = ConfigurationManager.ConnectionStrings["ShoppingCartConnectionString"].ConnectionString; using (SqlConnection conn = new SqlConnection(connString)) { CustomerAddresses custAddr = new CustomerAddresses(); custAddr = (CustomerAddresses)Session["CustomerAddresses"]; SqlCommand com = new SqlCommand("InsertCustomerAddresses", conn); com.CommandType = CommandType.StoredProcedure; com.Parameters.Add(new SqlParameter("@firstname", custAddr.firstname.ToString())); com.Parameters.Add(new SqlParameter("@lastname", custAddr.lastname.ToString())); com.Parameters.Add(new SqlParameter("@address", custAddr.address.ToString())); com.Parameters.Add(new SqlParameter("@city", custAddr.city.ToString())); com.Parameters.Add(new SqlParameter("@province", custAddr.province.ToString())); com.Parameters.Add(new SqlParameter("@postalcode", custAddr.postalcode.ToString())); com.Parameters.Add(new SqlParameter("@phone", custAddr.phone.ToString())); com.Parameters.Add(new SqlParameter("@email", custAddr.email.ToString())); SqlParameter InsertedCustID = new SqlParameter("@InsertedCustID", SqlDbType.Int); InsertedCustID.Direction = ParameterDirection.Output; com.Parameters.Add(InsertedCustID); try { conn.Open(); com.ExecuteNonQuery(); customerID = Convert.ToInt32(InsertedCustID.Value); if (customerID != 0) { SqlCommand InsertOrderSQLCommand = new SqlCommand("InsertOrder", conn); InsertOrderSQLCommand.CommandType = CommandType.StoredProcedure; InsertOrderSQLCommand.Parameters.Add(new SqlParameter("@customer_id", customerID)); InsertOrderSQLCommand.Parameters.Add(new SqlParameter("@payment_type", PaymentType)); InsertOrderSQLCommand.Parameters.Add(new SqlParameter("@total", OrderTotal)); SqlParameter InsertedOrderID = new SqlParameter("@order_id", SqlDbType.Int); InsertedOrderID.Direction = ParameterDirection.Output; InsertOrderSQLCommand.Parameters.Add(InsertedOrderID); InsertOrderSQLCommand.ExecuteNonQuery(); orderID = Convert.ToInt32(InsertedOrderID.Value); foreach (CartItem item in (List <CartItem>)Session["Cart"]) { SqlCommand ComInsertOrderItem = new SqlCommand("InsertOrderItems", conn); ComInsertOrderItem.CommandType = CommandType.StoredProcedure; ComInsertOrderItem.Parameters.Add(new SqlParameter("@order_id", orderID)); ComInsertOrderItem.Parameters.Add(new SqlParameter("@product_id", item.prod_id)); ComInsertOrderItem.Parameters.Add(new SqlParameter("@quantity", item.quantity)); ComInsertOrderItem.ExecuteNonQuery(); } } conn.Close(); Session["Cart"] = null; Session["CustomerAddresses"] = null; Response.Redirect("confirmation.aspx?orderID=" + orderID); } catch (SqlException ex) { lblError.Text = ex.ToString(); } } } else { lblError.Text = "Payment did not go through!"; } }