protected void Page_Load(object sender, EventArgs e)
{
UserInfo = Session["UserInfo"] as Auth.UserInfo;
if (UserInfo == null)
{
if (Request.FilePath != "/Login.aspx")
{
Auth.Helpers.Logout(Page);
Response.End();
}
return;
}
if (Session["ShowPermissionError"] != null && (bool)Session["ShowPermissionError"] == true)
{
ErrorText.Visible = true;
ErrorText.Text = "You do not have the permissions to do that.";
Session["ShowPermissionError"] = null;
}
// Only administrators can view the admin panel
if (UserInfo.PermissionLevel >= 2)
{
LoginView1.FindControl("AdminPanel").Visible = true;
}
}
protected void Page_Load(object sender, EventArgs e)
{
UserInfo = Session["UserInfo"] as Auth.UserInfo;
if (UserInfo == null)
{
Response.Redirect("~/Login.aspx", true);
return;
}
if (UserInfo.PermissionLevel <= 1)
{
Session["ShowPermissionError"] = true;
Response.Redirect("~/Default.aspx", true);
return;
}
if (Session["ShowUserAddedMessage"] != null && (bool)Session["ShowUserAddedMessage"] == true)
{
UserAddedMessage.Visible = true;
Session["ShowUserAddedMessage"] = null;
}
if (!Page.IsPostBack)
{
// Populate the GridView with the users in the database
try
{
var connString = ConfigurationManager.ConnectionStrings["CineQuilla"].ConnectionString;
using (SqlConnection connection = new SqlConnection(connString))
{
connection.Open();
using (SqlCommand command = new SqlCommand(null, connection))
{
command.CommandText = "SELECT id, username, first_name, last_name, permission_level FROM users";
SqlDataAdapter adapter = new SqlDataAdapter(command);
DataSet dataset = new DataSet();
int rows = adapter.Fill(dataset);
if (rows == 0)
{
UsersTable.Visible = false;
NoUsers.Visible = true;
}
else
{
UsersTable.DataSource = dataset;
UsersTable.DataBind();
}
}
}
}
catch (SqlException ex)
{
ErrorLabel.Visible = true;
return;
}
}
}
protected void LoginButton_Click(object sender, EventArgs e)
{
if (!Page.IsValid)
return;
try
{
var connString = ConfigurationManager.ConnectionStrings["CineQuilla"].ConnectionString;
using (SqlConnection connection = new SqlConnection(connString))
{
connection.Open();
using (SqlCommand command = new SqlCommand(null, connection))
{
command.CommandText = "SELECT TOP 1 id, username, first_name, last_name, permission_level FROM users WHERE username = @user AND password_hash = HASHBYTES('SHA2_256', @pass)";
SqlParameter userParam = new SqlParameter("@user", SqlDbType.VarChar, 255);
SqlParameter passParam = new SqlParameter("@pass", SqlDbType.VarChar, 255);
userParam.Value = UsernameBox.Text;
passParam.Value = PasswordBox.Text;
command.Parameters.Add(userParam);
command.Parameters.Add(passParam);
command.Prepare();
var reader = command.ExecuteReader();
if (!reader.HasRows)
{
// There's no matching user
LoginError.Visible = true;
return;
}
else
{
reader.Read();
Session["UserInfo"] = new UserInfo
{
Id = reader.GetInt32(0),
Username = reader.GetString(1),
FirstName = reader.GetString(2),
LastName = reader.GetString(3),
PermissionLevel = reader.GetInt32(4)
};
// Login success!
FormsAuthentication.RedirectFromLoginPage(reader.GetInt32(0).ToString(), true);
}
}
}
}
catch (SqlException ex)
{
throw;
}
}
protected void Page_Load(object sender, EventArgs e)
{
UserInfo = Session["UserInfo"] as Auth.UserInfo;
if (UserInfo == null)
{
Response.Redirect("~/Login.aspx", true);
return;
}
if (UserInfo.PermissionLevel <= 1)
{
Session["ShowPermissionError"] = true;
Response.Redirect("~/Default.aspx", true);
return;
}
if (!Page.IsPostBack)
{
// Populate the GridView with the users in the database
try
{
var connString = ConfigurationManager.ConnectionStrings["CineQuilla"].ConnectionString;
using (SqlConnection connection = new SqlConnection(connString))
{
connection.Open();
using (SqlCommand command = new SqlCommand(null, connection))
{
command.CommandText = "SELECT t.id, t.date, t.client_id, CONCAT(c.first_name, ' ', c.last_name) as client_name, t.cashier_id, CONCAT(u.first_name, ' ', u.last_name) as cashier_name, t.quantity, t.amount, CASE t.payment_method WHEN 1 THEN 'Tarjeta Debito' WHEN 2 THEN 'Tarjeta CineQuilla' END as payment_method, t.debit_number, t.points_card_id FROM transactions t LEFT JOIN clients c ON c.id = t.client_id LEFT JOIN users u ON u.id = t.cashier_id";
SqlDataAdapter adapter = new SqlDataAdapter(command);
DataSet dataset = new DataSet();
int rows = adapter.Fill(dataset);
if (rows == 0)
{
TransactionsTable.Visible = false;
NoTransactions.Visible = true;
}
else
{
TransactionsTable.DataSource = dataset;
TransactionsTable.DataBind();
}
}
}
}
catch (SqlException ex)
{
ErrorLabel.Visible = true;
}
}
}
protected void Session_Start(object sender, EventArgs e)
{
if (!Request.IsAuthenticated)
return;
// Fill the needed session information
try
{
var connString = ConfigurationManager.ConnectionStrings["CineQuilla"].ConnectionString;
using (SqlConnection connection = new SqlConnection(connString))
{
connection.Open();
using (SqlCommand command = new SqlCommand(null, connection))
{
command.CommandText = "SELECT TOP 1 id, username, first_name, last_name, permission_level FROM users WHERE id = @id";
SqlParameter idParam = new SqlParameter("@id", SqlDbType.Int);
idParam.Value = HttpContext.Current.User.Identity.Name;
command.Parameters.Add(idParam);
command.Prepare();
var reader = command.ExecuteReader();
if (!reader.HasRows)
{
// There's no matching user
Auth.Helpers.Logout(null);
return;
}
else
{
reader.Read();
Session["UserInfo"] = new UserInfo
{
Id = reader.GetInt32(0),
Username = reader.GetString(1),
FirstName = reader.GetString(2),
LastName = reader.GetString(3),
PermissionLevel = reader.GetInt32(4)
};
}
}
}
}
catch (SqlException ex)
{
throw;
}
}
protected void Page_Load(object sender, EventArgs e)
{
UserInfo = Session["UserInfo"] as Auth.UserInfo;
if (UserInfo == null)
{
Response.Redirect("~/Login.aspx", true);
return;
}
if (!Page.IsPostBack)
{
if (Session["ShowDefaultError"] != null)
{
Session["ShowDefaultError"] = null;
ErrorLabel.Visible = true;
}
try
{
var connString = ConfigurationManager.ConnectionStrings["CineQuilla"].ConnectionString;
using (SqlConnection connection = new SqlConnection(connString))
{
connection.Open();
using (SqlCommand command = new SqlCommand(null, connection))
{
command.CommandText = "SELECT id, name, image FROM movies WHERE id IN (SELECT movie_id FROM shows WHERE CAST(end_date as DateTime) + CAST(end_time AS DateTime) > CURRENT_TIMESTAMP)";
SqlDataAdapter adapter = new SqlDataAdapter(command);
DataSet dataset = new DataSet();
int rows = adapter.Fill(dataset);
if (rows == 0)
{
ShowingGridView.Visible = false;
NoShows.Visible = true;
}
else
{
ShowingGridView.DataSource = dataset;
ShowingGridView.DataBind();
}
}
}
}
catch (SqlException ex)
{
ErrorLabel.Visible = true;
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
UserInfo = Session["UserInfo"] as Auth.UserInfo;
if (UserInfo == null)
{
Response.Redirect("~/Login.aspx", true);
return;
}
if (UserInfo.PermissionLevel <= 1)
{
Session["ShowPermissionError"] = true;
Response.Redirect("~/Default.aspx", true);
return;
}
if (Session["ShowShowAddedMessage"] != null && (bool)Session["ShowShowAddedMessage"] == true)
{
ShowAddedMessage.Visible = true;
Session["ShowShowAddedMessage"] = null;
}
}
protected void Page_Load(object sender, EventArgs e)
{
UserInfo = Session["UserInfo"] as Auth.UserInfo;
if (UserInfo == null)
{
Response.Redirect("~/Login.aspx", true);
return;
}
if (Session["PurchaseDate"] == null || Session["PurchaseMovieId"] == null || Session["PurchaseShowId"] == null || Session["PurchaseSelectedChairs"] == null || Session["PurchasePrice"] == null)
{
Session["PurchaseDate"] = null;
Session["PurchaseMovieId"] = null;
Session["PurchaseShowId"] = null;
Session["PurchaseSelectedChairs"] = null;
Session["PurchasePrice"] = null;
Session["ShowDefaultError"] = true;
Response.Redirect("~/Default.aspx", true);
return;
}
PriceToPayBox.Text = Session["PurchasePrice"].ToString();
RewardPointsLabel.Text = ((int)Session["PurchasePrice"] / 10).ToString();
}
protected void Page_Load(object sender, EventArgs e)
{
UserInfo = Session["UserInfo"] as Auth.UserInfo;
if (UserInfo == null)
{
Response.Redirect("~/Login.aspx", true);
return;
}
if (Session["PurchaseDate"] == null || Session["PurchaseMovieId"] == null || Session["PurchaseShowId"] == null)
{
Session["PurchaseDate"] = null;
Session["PurchaseMovieId"] = null;
Session["PurchaseShowId"] = null;
Session["ShowDefaultError"] = true;
Response.Redirect("~/Default.aspx", true);
return;
}
try
{
var connString = ConfigurationManager.ConnectionStrings["CineQuilla"].ConnectionString;
using (SqlConnection connection = new SqlConnection(connString))
{
connection.Open();
using (SqlCommand command = new SqlCommand(null, connection))
{
command.CommandText = @"SELECT sr.rows, sr.columns, price FROM shows s LEFT JOIN (SELECT show_id, COUNT(*) as num_chairs FROM chairs WHERE date = @date GROUP BY chairs.show_id) ch ON ch.show_id = s.id LEFT JOIN showroom sr ON sr.id = s.showroom_id WHERE movie_id = @mov_id AND start_date <= @date AND end_date >= @date AND (sr.rows * sr.columns) - ISNULL(ch.num_chairs, 0) > 0 AND s.id = @show_id";
SqlParameter dateParam = new SqlParameter("@date", SqlDbType.Date);
SqlParameter movieParam = new SqlParameter("@mov_id", SqlDbType.Int);
SqlParameter showParam = new SqlParameter("@show_id", SqlDbType.Int);
dateParam.Value = Session["PurchaseDate"];
movieParam.Value = Session["PurchaseMovieId"];
showParam.Value = Session["PurchaseShowId"];
command.Parameters.Add(dateParam);
command.Parameters.Add(movieParam);
command.Parameters.Add(showParam);
var reader = command.ExecuteReader();
if (!reader.HasRows)
{
Session["PurchaseDate"] = null;
Session["PurchaseMovieId"] = null;
Session["PurchaseShowId"] = null;
Session["ShowDefaultError"] = true;
Response.Redirect("~/Default.aspx", true);
return;
}
reader.Read();
int rows = reader.GetInt32(0);
int columns = reader.GetInt32(1);
TicketPrice = reader.GetInt32(2);
reader.Close();
command.CommandText = "SELECT row, [column] FROM chairs WHERE show_id = @show_id AND date = @date";
var chairsReader = command.ExecuteReader();
List<ChairPosition> bought_chairs = new List<ChairPosition>();
while (chairsReader.Read())
{
bought_chairs.Add(new ChairPosition
{
Row = chairsReader.GetInt32(0),
Column = chairsReader.GetInt32(1)
});
}
for (int i = 0; i < rows; ++i)
{
var tr = new TableRow();
for (int j = 0; j < columns; ++j)
{
var td = new TableCell();
var chair = new ChairPosition
{
Row = i,
Column = j
};
CheckBox checkbox = new CheckBox();
checkbox.ID = i + "," + j;
if (bought_chairs.Contains(chair))
{
checkbox.Checked = true;
checkbox.Enabled = false;
}
else
checkbox.Checked = false;
checkbox.CausesValidation = false;
checkbox.CheckedChanged += Checkbox_CheckedChanged;
td.Controls.Add(checkbox);
tr.Cells.Add(td);
}
ChairsTable.Rows.Add(tr);
}
}
}
}
catch (SqlException ex)
{
ErrorLabel.Visible = true;
return;
}
}
protected void Page_Load(object sender, EventArgs e)
{
UserInfo = Session["UserInfo"] as Auth.UserInfo;
if (UserInfo == null)
{
Response.Redirect("~/Login.aspx", true);
return;
}
if (UserInfo.PermissionLevel <= 1)
{
Session["ShowPermissionError"] = true;
Response.Redirect("~/Default.aspx", true);
return;
}
if (!Page.IsPostBack)
{
try
{
var connString = ConfigurationManager.ConnectionStrings["CineQuilla"].ConnectionString;
using (SqlConnection connection = new SqlConnection(connString))
{
connection.Open();
using (SqlCommand command = new SqlCommand(null, connection))
{
command.CommandText = @"SELECT id, name, image, views FROM movies m INNER JOIN (SELECT TOP 10 s.movie_id, COUNT(c.show_id) as views FROM shows s INNER JOIN chairs c ON c.show_id = s.id GROUP BY s.movie_id ORDER BY COUNT(c.show_id)) counts ON counts.movie_id = m.id ORDER BY views DESC";
SqlDataAdapter da = new SqlDataAdapter(command);
DataTable dt = new DataTable();
int rows = da.Fill(dt);
if (rows == 0)
{
MostViewedMoviesGrid.DataSource = null;
NoPopularMovies.Visible = true;
}
else
{
MostViewedMoviesGrid.DataSource = dt;
MostViewedMoviesGrid.DataBind();
}
}
using (SqlCommand command = new SqlCommand(null, connection))
{
command.CommandText = @"SELECT TOP 10 first_name, last_name, email, views FROM clients c RIGHT JOIN (SELECT client_id, SUM(bb.bought) AS views FROM transactions t INNER JOIN (SELECT transaction_id, COUNT(transaction_id) as bought FROM chairs GROUP BY transaction_id) bb ON bb.transaction_id = t.id GROUP BY client_id) vv ON vv.client_id = c.id ORDER BY views DESC";
SqlDataAdapter da = new SqlDataAdapter(command);
DataTable dt = new DataTable();
int rows = da.Fill(dt);
if (rows == 0)
{
MostBuyersGrid.DataSource = null;
NoMostBuyers.Visible = true;
}
else
{
MostBuyersGrid.DataSource = dt;
MostBuyersGrid.DataBind();
}
}
using (SqlCommand command = new SqlCommand(null, connection))
{
command.CommandText = @"SELECT dia, AVG(sells) as promedio, COUNT(sells) as muestras FROM (SELECT (CASE DATEPART(WeekDay, date) WHEN 1 THEN 'Lunes' WHEN 2 THEN 'Martes' WHEN 3 THEN 'Miercoles' WHEN 4 THEN 'Jueves' WHEN 5 THEN 'Viernes' WHEN 6 THEN 'Sabado' WHEN 7 THEN 'Domingo' END) as dia, date, COUNT(*) as sells FROM chairs GROUP BY date) s GROUP BY dia ORDER BY promedio DESC";
SqlDataAdapter da = new SqlDataAdapter(command);
DataTable dt = new DataTable();
int rows = da.Fill(dt);
if (rows == 0)
{
WeekdayMeansGrid.DataSource = null;
NoMeans.Visible = true;
}
else
{
WeekdayMeansGrid.DataSource = dt;
WeekdayMeansGrid.DataBind();
}
}
}
}
catch (SqlException ex)
{
ErrorLabel.Visible = true;
}
}
}
