private void InsertToDB(string item, int price)
{
string cmdStr = string.Format($"INSERT INTO Cart(OrderName, UserName, Price) VALUES (N'{item}', N'{Session["UserName"]}', {price})");
DBAccesor dB = ServiceLocator.Instance.GetService <DBAccesor>();
dB.runSqlCommand(cmdStr);
}
protected void Page_Load(object sender, EventArgs e)
{
userStr = (string)Session["UserName"];
if (userStr == null)
{
Response.Redirect("Register.aspx");
}
if ((string)Session["Admin"] == "y")
{
Response.Redirect("AdminUserDetails.aspx");
}
else
{
string cmdString = string.Format("SELECT * FROM UserDetails WHERE ([UserName] = N'{0}')", Session["UserName"]);
DBAccesor dB = ServiceLocator.Instance.GetService <DBAccesor>();
DataTable dataTable = dB.runSelectCmd(cmdString);
for (int i = 0; i < dataTable.Rows.Count; i++)
{
fullName += dataTable.Rows[i]["FirstName"].ToString() + " " + dataTable.Rows[i]["LastName"].ToString();
userDetailsTable += "<table style='border:none'>"
+ "<tr><td>סיסמה: "
+ dataTable.Rows[i]["Password"] + "</td></tr>" + "<tr><td>מייל: "
+ dataTable.Rows[i]["Mail"] + "</td></tr>" + "<tr><td>טלפון: "
+ dataTable.Rows[i]["Phone"] + "</td></tr>" + "<tr><td>כתובת: "
+ dataTable.Rows[i]["Adress"] + "</td></tr>" + "<tr><td>מין: "
+ dataTable.Rows[i]["Gender"] + "</td></tr>" + "<tr><td>תאריך לידה: "
+ dataTable.Rows[i]["DateOfBirth"] + "</td></tr>";
}
userDetailsTable += "</table>";
}
}
/**
* Validates user details against DB
* returns true if user details exist.
*/
private bool IsExist(string username, string password)
{
string cmdStr = string.Format("SELECT * FROM UserDetails WHERE [UserName]=N'{0}' and Password=N'{1}'", username, password);
DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();
return(dbAccessor.isExist(cmdStr));
}
protected void Page_Load(object sender, EventArgs e)
{
string user = (string)Session["UserName"];
if (Request.Form["menu"] != null)
{
DBAccesor dB = ServiceLocator.Instance.GetService <DBAccesor>();
if (user != null)
{
string cmdStr = string.Format("SELECT * FROM TetrisHighScore WHERE [UserName]=N'{0}'", user);
int score = int.Parse(Request.Form["scoreDB"]);
if (dB.isExist(cmdStr))
{
var table = dB.runSelectCmd(cmdStr);
int highScore = (int)table.Rows[0]["Score"];
if (score > highScore)
{
table.Rows[0]["Score"] = score;
dB.updateTable(cmdStr, table);
}
}
else
{
string cmdStr1 = string.Format($"INSERT INTO TetrisHighScore(UserName, Score) VALUES (N'{user}',{score})");
dB.runSqlCommand(cmdStr1);
}
}
Response.Redirect("tetrisGameOver.aspx");
}
}
private bool isExist(string user, int id)
{
string cmdString = string.Format($"SELECT * FROM Cart WHERE UserName = N'{user}' and OrderId = {id} ");
DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();
return(dbAccessor.isExist(cmdString));
}
protected void Page_Load(object sender, EventArgs e)
{
DBAccesor dB = ServiceLocator.Instance.GetService <DBAccesor>();
string cmdStr = string.Format("Select * From TetrisHighScore ORDER BY Score DESC ");
var table = dB.runSelectCmd(cmdStr);
for (int i = 0; i < table.Rows.Count; i++)
{
if (i < 10)
{
highScores += "<tr><td>" + table.Rows[i]["UserName"] + "</td>" + "<td>"
+ table.Rows[i]["Score"] + "</td></tr>";
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["UserName"] == null)
{
Session["ErrorText"] = "לאורח אין גישה לעמוד זה - כדי להזמין עליך להירשם ";
Response.Redirect("ErrorPage.aspx");
}
if (Request.Form["submit"] != null)
{
id = int.Parse(Request.Form["delId"]);
if (isExist((string)Session["UserName"], int.Parse(Request.Form["delId"])) == false)
{
Session["ErrorText"] = "הזמנה זו לא שלך הכנס את המספר המתאים בבקשה";
Response.Redirect("ErrorPage.aspx");
}
}
DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();
string cmdString1 = string.Format("SELECT * FROM Cart WHERE ([UserName] = N'{0}')", Session["UserName"]);
DataTable dataTable = dbAccessor.runSelectCmd(cmdString1);
for (int i = 0; i < dataTable.Rows.Count; i++)
{
cartTable +=
"<tr><td> פריט: " + dataTable.Rows[i]["OrderName"] + "</td>"
+ "<td> מספר פריט: " + dataTable.Rows[i]["OrderId"] + " </td > "
+ "<td> מחיר: " + dataTable.Rows[i]["Price"] + "$" + " </td ></tr>";
totalAmount += (int)dataTable.Rows[i]["Price"];
}
cartTable += "</table>";
if (Request.Form["submit"] != null)
{
string delCmd = string.Format($"delete from Cart where OrderId = {id}");
dbAccessor.runSqlCommand(delCmd);
Response.Redirect("Cart.aspx");
}
Session["TotalPrice"] = totalAmount;
// }
}
/**
* Logic behind the page check if account exists
* Creates record for new users
* Redirect for Login or error pages.
*/
protected void Page_Load(object sender, EventArgs e)
{
if (Request.Form["submit"] != null)
{
string Fname = getNCleanRequestParamByName("fname");
string Lname = getNCleanRequestParamByName("lname");
string DOB = getNCleanRequestParamByName("bd");
string user = getNCleanRequestParamByName("un");
string pass = getNCleanRequestParamByName("pass");
string address = getNCleanRequestParamByName("address");
string mail = getNCleanRequestParamByName("mail");
string phone = getNCleanRequestParamByName("phone");
string gender = "Rather not say";
if (Request.Form["gender"] != null)
{
gender = Request.Form["gender"].ToString();
}
Session["UserName"] = user;
if (mail != "" && user != "")
{
if (isExistsMail(mail))
{
Session["ErrorText"] = mail + " כבר קיים";
Response.Redirect("ErrorPage.aspx");
Response.End();
}
if (isExistsUserName(user))
{
Session["ErrorText"] = user + " כבר קיים";
Response.Redirect("ErrorPage.aspx");
Response.End();
}
string cmdStr = string.Format("INSERT INTO UserDetails(FirstName, LastName, UserName , Password , Mail , Phone, Adress, Gender, DateOfBirth) VALUES (N'{0}', N'{1}', N'{2}', N'{3}', N'{4}', N'{5}', N'{6}',N'{7}',N'{8}')", Fname, Lname, user, pass, mail, phone, address, gender, DOB);
DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();
if (dbAccessor.runSqlCommand(cmdStr) == 1)
{
Response.Redirect("Login.aspx");
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if ((string)Session["UserName"] == null)
{
Session["ErrorText"] = "לאורח אין גישה לעמוד זה ";
Response.Redirect("ErrorPage.aspx");
}
string btn = Request.Form["DelUsr"];
if (btn != null)
{
string cmdString = string.Format("DELETE From Cart Where OrderId in (select c.OrderId from Cart c, UserDetails ud where c.UserName = ud.UserName and ud.UserName = N'{0}') Delete FROM UserDetails Where (UserName = N'{0}')", Session["UserName"]);
DBAccesor adbAccesor = ServiceLocator.Instance.GetService <DBAccesor>();
adbAccesor.runSqlCommand(cmdString);
Response.Redirect("Login.aspx");
}
}
/**
* Run query against DB
* return true if result exist otherwise false.
*/
private bool checkDB(string query)
{
DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();
return(dbAccessor.isExist(query));
}
protected void Page_Load(object sender, EventArgs e)
{
string cmdString = "SELECT FirstName, LastName, UserName, Password, Mail, Phone FROM UserDetails";
bool @continue = true;
if (Request.Form["sub"] != null)
{
string field1 = Request.Form["where1"].ToString();
string field2 = Request.Form["where2"].ToString();
string field1Value = Request.Form["txt1"].ToString();
string field2Value = Request.Form["txt2"].ToString();
if (field1Value != "" && field2Value != "")
{
if (field1 != field2)
{
filterWhere = " WHERE (" + field1 + " = N'" + field1Value + "')";
filterWhere += " AND (" + field2 + " = N'" + field2Value + "')";
}
else
{
userTable += "<tr><td td colspan= '6' style='color:red ; font-weight:bold; text-align:center'>על שני החתכים להיות שונים</td></tr>";
@continue = false;
}
}
else if (field1Value != "" && field2Value == "")
{
filterWhere = " WHERE (" + field1 + " = N'" + field1Value + "')";
}
else if (field1Value == "" && field2Value != "")
{
filterWhere = " WHERE (" + field2 + " = N'" + field2Value + "')";
}
if (filterWhere != "")
{
cmdString += filterWhere;
}
}
if (@continue)
{
DBAccesor dbAccessor = ServiceLocator.Instance.GetService <DBAccesor>();
DataTable dataTable = dbAccessor.runSelectCmd(cmdString);
if (dataTable.Rows.Count == 0)
{
userTable += "<tr><td colspan= '6' style='color:red ; font-weight:bold; text-align:center'>אין התאמות</td></tr>";
}
for (int i = 0; i < dataTable.Rows.Count; i++)
{
userTable += "<tr><td>" + dataTable.Rows[i]["FirstName"] + "</td>" + "<td>"
+ dataTable.Rows[i]["LastName"] + "</td>" + "<td>" + dataTable.Rows[i]["UserName"]
+ "</td>" + "<td>" + dataTable.Rows[i]["password"] + "</td>" + "<td>"
+ dataTable.Rows[i]["Mail"] + "</td>" + "<td>" + dataTable.Rows[i]["Phone"]
+ "</td><td>" + "<input type=\"checkbox\" name =\"chk" + i + "\" id =\"chk" + i + "\""
+ "/> " + "</td><td>" + $"<input onClick='checkUpdate({i})' type=\"checkbox\" name =\"" + i + "\" id =\"" + i + "\"" + "/> " + "</td> </tr>";
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["UserName"] == null)
{
Session["ErrorText"] = "לאורח אין גישה לעמוד זה ";
Response.Redirect("ErrorPage.aspx");
}
else
{
if ((string)Session["Admin"] == "y" && Session["UpdateByAdmin"] != null)
{
user = Session["UpdateByAdmin"].ToString();
string cmdStr = string.Format("SELECT * FROM UserDetails WHERE (UserName = N'{0}')", user);
DBAccesor dbAccesor = ServiceLocator.Instance.GetService <DBAccesor>();
DataTable dataTable = dbAccesor.runSelectCmd(cmdStr);
password = dataTable.Rows[0]["Password"].ToString();
mail = dataTable.Rows[0]["Mail"].ToString();
phone = dataTable.Rows[0]["Phone"].ToString();
address = dataTable.Rows[0]["Adress"].ToString();
birthDate = dataTable.Rows[0]["DateOfBirth"].ToString();
lName = dataTable.Rows[0]["LastName"].ToString();
fName = dataTable.Rows[0]["FirstName"].ToString();
if (Request.Form["updateBtn"] != null)
{
password = Request.Form["pass"].ToString();
mail = Request.Form["mail"].ToString();
phone = Request.Form["phone"].ToString();
address = Request.Form["address"].ToString();
birthDate = Request.Form["bd"].ToString();
lName = Request.Form["lname"].ToString();
fName = Request.Form["fname"].ToString();
string gender = "Rather not say";
if (Request.Form["gender"] != null)
{
gender = Request.Form["gender"].ToString();
}
if (phone == "")
{
phone = "No Data";
}
if (address == "")
{
address = "No Data";
}
dataTable.Rows[0]["FirstName"] = fName;
dataTable.Rows[0]["LastName"] = lName;
dataTable.Rows[0]["Password"] = password;
dataTable.Rows[0]["Mail"] = mail;
dataTable.Rows[0]["Phone"] = phone;
dataTable.Rows[0]["Adress"] = address;
dataTable.Rows[0]["Gender"] = gender;
dataTable.Rows[0]["DateOfBirth"] = birthDate;
dbAccesor.updateTable(cmdStr, dataTable);
Session["UpdateByAdmin"] = null;
Response.Redirect("UsersIframeSrc.aspx");
}
}
else
{
Response.Redirect("UsersIframeSrc.aspx");
}
}
}
