protected void GridViewFriends_RowCommand(object sender, GridViewCommandEventArgs e) { if (e.CommandName.CompareTo("FriendsReject") == 0) { SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings["ShopConnectionString"].ConnectionString); SqlCommand sqlCmd; try { sqlCmd = new SqlCommand("sp_requestsConnectionsFriendsReject", sqlConn); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@RequestId", SqlDbType.Int).Value = Convert.ToInt32(e.CommandArgument.ToString()); sqlConn.Open(); sqlCmd.ExecuteNonQuery(); } catch { } finally { sqlConn.Close(); } GridViewFriends.DataBind(); } if (e.CommandName.CompareTo("FriendsAccept") == 0) { SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings["ShopConnectionString"].ConnectionString); SqlCommand sqlCmd; try { DataTable dt = new DataTable(); DataTable dt2 = new DataTable(); DataSet ds = new DataSet(); SqlDataAdapter sda = new SqlDataAdapter("sp_requestsConnectionsFriendsVerify", sqlConn); sda.SelectCommand.CommandType = CommandType.StoredProcedure; sda.SelectCommand.Parameters.Add("@RequestId", SqlDbType.Int).Value = Convert.ToInt32(e.CommandArgument.ToString()); sda.SelectCommand.Parameters.Add("@UserId", SqlDbType.Int).Value = Convert.ToInt32(Session["UserId"]); sda.Fill(ds); dt = ds.Tables[0]; dt2 = ds.Tables[1]; NotificationsClass nc = new NotificationsClass(); nc.addNotification(1, Convert.ToInt32(dt.Rows[0]["FriendId"].ToString()), 7, dt2.Rows[0]["FullName"].ToString(), ""); } catch { } finally { sqlConn.Close(); } GridViewFriends.DataBind(); } }
protected void ImageButtonBuy_Click(object sender, ImageClickEventArgs e) { if (Session["UserId"] != null) { DataTable dt = new DataTable(); DataSet ds = new DataSet(); SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings["ShopConnectionString"].ConnectionString); SqlDataAdapter sda = new SqlDataAdapter("sp_buyActionOfferInfo", sqlConn); sda.SelectCommand.CommandType = CommandType.StoredProcedure; sda.SelectCommand.Parameters.Add("@OfferId", SqlDbType.Int).Value = Convert.ToInt32(Request.QueryString["ItemId"]); sda.Fill(ds); dt = ds.Tables[0]; if (dt.Rows.Count == 0) //offer doesn't exist { PanelError.Visible = true; PanelProcess.Visible = false; PanelSuccessful.Visible = false; ImageError.ImageUrl = "~/images/messages/notfound.png"; } else //offer exists { DateTime Deadline = Convert.ToDateTime(dt.Rows[0]["EndDate"].ToString()); if (DateTime.Now <= Deadline) { DataTable dtUser = new DataTable(); DataSet ds2 = new DataSet(); SqlDataAdapter sda2 = new SqlDataAdapter("sp_buyActionUserCreditInfo", sqlConn); sda2.SelectCommand.CommandType = CommandType.StoredProcedure; sda2.SelectCommand.Parameters.Add("@UserId", SqlDbType.Int).Value = Convert.ToInt32(Session["UserId"]); sda2.Fill(ds2); dtUser = ds2.Tables[0]; int GiftCredit = 0; int AllPrice = Convert.ToInt32(DropDownListQuantity.SelectedValue) * Convert.ToInt32(dt.Rows[0]["PriceOffer"].ToString()) + Convert.ToInt32(LabelPostPrice.Text); int AllGift = Convert.ToInt32(DropDownListQuantity.SelectedValue) * Convert.ToInt32(dt.Rows[0]["PriceGift"].ToString()); int UserGift = Convert.ToInt32(dtUser.Rows[0]["GiftCredit"].ToString()); int UserCredit = Convert.ToInt32(dtUser.Rows[0]["Credit"].ToString()); if (AllGift > UserGift) { GiftCredit = UserGift; } else { GiftCredit = AllGift; } int UserPayment = AllPrice - GiftCredit; if (UserCredit >= UserPayment) { PanelError.Visible = false; PanelProcess.Visible = false; PanelSuccessful.Visible = true; BuyAction ba = new BuyAction(); LabelCode.Text = ba.buyAction("Offers", Convert.ToInt32(Session["UserId"]), Convert.ToInt32(Request.QueryString["ItemId"]), Convert.ToInt32(DropDownListQuantity.SelectedValue), UserPayment, GiftCredit); LabelQuantity.Text = DropDownListQuantity.SelectedValue; NotificationsClass nc = new NotificationsClass(); nc.addNotification(1, Convert.ToInt32(Session["UserId"]), 2, HyperLinkTitle.Text, ""); } else { PanelNoCredit.Visible = true; PanelProcess.Visible = true; LabelCurrentCredit.Text = dtUser.Rows[0]["Credit"].ToString(); LabelCreditDifference.Text = (UserPayment - UserCredit).ToString(); } sda2.Dispose(); } else if (DateTime.Now > Deadline) { PanelError.Visible = true; PanelProcess.Visible = false; PanelSuccessful.Visible = false; ImageError.ImageUrl = "~/images/messages/expired.png"; } } sda.Dispose(); sqlConn.Close(); } else { PanelError.Visible = true; PanelProcess.Visible = false; PanelSuccessful.Visible = false; ImageError.ImageUrl = "~/images/messages/loginfirst.png"; } }
public void addCredit(int UserId, int Type, int Credit, int AdminId, string Text) { SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings["ShopConnectionString"].ConnectionString); //get before credit int BeforeCredit = 0; switch (Type) { case 1: case 2: case 3: case 4: case 5: case 6: case 7: { DataTable dt = new DataTable(); DataSet ds = new DataSet(); SqlDataAdapter sda = new SqlDataAdapter("SELECT Credit FROM Credit WHERE (UserId = @UserId)", sqlConn); sda.SelectCommand.CommandType = CommandType.Text; sda.SelectCommand.Parameters.Add("@UserId", SqlDbType.Int).Value = UserId; sda.Fill(ds); dt = ds.Tables[0]; BeforeCredit = Convert.ToInt32(dt.Rows[0]["Credit"].ToString()); sda.Dispose(); break; } case 8: { DataTable dt = new DataTable(); DataSet ds = new DataSet(); SqlDataAdapter sda = new SqlDataAdapter("SELECT Credit FROM GiftCredit WHERE (UserId = @UserId)", sqlConn); sda.SelectCommand.CommandType = CommandType.Text; sda.SelectCommand.Parameters.Add("@UserId", SqlDbType.Int).Value = UserId; sda.Fill(ds); dt = ds.Tables[0]; BeforeCredit = Convert.ToInt32(dt.Rows[0]["GiftCredit"].ToString()); sda.Dispose(); break; } case 9: case 10: { DataTable dt = new DataTable(); DataSet ds = new DataSet(); SqlDataAdapter sda = new SqlDataAdapter("SELECT GiftCredit FROM Credit WHERE (UserId = @UserId)", sqlConn); sda.SelectCommand.CommandType = CommandType.Text; sda.SelectCommand.Parameters.Add("@UserId", SqlDbType.Int).Value = UserId; sda.Fill(ds); dt = ds.Tables[0]; BeforeCredit = Convert.ToInt32(dt.Rows[0]["GiftCredit"].ToString()); sda.Dispose(); break; } } //insert credit log SqlCommand sqlCmd = new SqlCommand("sp_creditLogAdd", sqlConn); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@UserId", SqlDbType.Int).Value = UserId; sqlCmd.Parameters.Add("@Type", SqlDbType.Int).Value = Type; sqlCmd.Parameters.Add("@Credit", SqlDbType.Int).Value = Credit; sqlCmd.Parameters.Add("@AdminId", SqlDbType.Int).Value = AdminId; sqlCmd.Parameters.Add("@Text", SqlDbType.NVarChar).Value = Text; sqlCmd.Parameters.Add("@BeforeCredit", SqlDbType.Int).Value = BeforeCredit; sqlConn.Open(); sqlCmd.ExecuteNonQuery(); //insert credit switch (Type) { case 1: case 2: case 3: case 4: case 5: case 6: case 7: { sqlCmd = new SqlCommand("sp_creditAdd", sqlConn); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@UserId", SqlDbType.Int).Value = UserId; sqlCmd.Parameters.Add("@Credit", SqlDbType.Int).Value = Credit; sqlCmd.ExecuteNonQuery(); NotificationsClass nc = new NotificationsClass(); nc.addNotification(1, UserId, 4, Credit.ToString(), ""); break; } case 8: { sqlCmd = new SqlCommand("sp_creditGiftAdd", sqlConn); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@UserId", SqlDbType.Int).Value = UserId; sqlCmd.Parameters.Add("@Credit", SqlDbType.Int).Value = Credit; sqlCmd.ExecuteNonQuery(); break; } case 9: case 10: { sqlCmd = new SqlCommand("sp_creditGiftAdd", sqlConn); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@UserId", SqlDbType.Int).Value = UserId; sqlCmd.Parameters.Add("@Credit", SqlDbType.Int).Value = Credit; sqlCmd.ExecuteNonQuery(); break; } } sqlConn.Dispose(); }
protected void ImageButtonSubmit_Click(object sender, ImageClickEventArgs e) { DataTable dt = new DataTable(); DataSet ds = new DataSet(); SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings["ShopConnectionString"].ConnectionString); SqlCommand sqlCmd = new SqlCommand("sp_register", sqlConn); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@Email", SqlDbType.NVarChar).Value = LabelEmailValue.Text; sqlCmd.Parameters.Add("@FirstName", SqlDbType.NVarChar).Value = TextBoxFirstName.Text; sqlCmd.Parameters.Add("@LastName", SqlDbType.NVarChar).Value = TextBoxLastName.Text; sqlCmd.Parameters.Add("@BirthDate", SqlDbType.VarChar).Value = DropDownListBirthYear.SelectedValue + "/" + DropDownListBirthMonth.SelectedValue + "/" + DropDownListBirthDay.SelectedValue; sqlCmd.Parameters.Add("@Gender", SqlDbType.Bit).Value = Convert.ToBoolean(DropDownListGender.SelectedValue); sqlCmd.Parameters.Add("@Country", SqlDbType.VarChar).Value = DropDownListLocationCountry.SelectedValue; sqlCmd.Parameters.Add("@City", SqlDbType.NVarChar).Value = DropDownListLocationCity.SelectedValue; sqlCmd.Parameters.Add("@Province", SqlDbType.NVarChar).Value = DropDownListLocationProvince.SelectedValue; sqlCmd.Parameters.Add("@Job", SqlDbType.NVarChar).Value = TextBoxJob.Text; sqlCmd.Parameters.Add("@Education", SqlDbType.NVarChar).Value = DropDownListEducations.SelectedValue; sqlCmd.Parameters.Add("@Address", SqlDbType.NVarChar).Value = TextBoxAddress.Text; sqlCmd.Parameters.Add("@HomeTel", SqlDbType.NVarChar).Value = TextBoxHomePhone.Text; sqlCmd.Parameters.Add("@WorkTel", SqlDbType.NVarChar).Value = TextBoxWorkPhone.Text; sqlCmd.Parameters.Add("@Mobile", SqlDbType.NVarChar).Value = TextBoxMobile.Text; MD5CryptoServiceProvider md5Hasher = new MD5CryptoServiceProvider(); byte[] hashedBytes; UTF8Encoding encoder = new UTF8Encoding(); hashedBytes = md5Hasher.ComputeHash(encoder.GetBytes(TextBoxPassword.Text)); SqlParameter paramPwd; paramPwd = new SqlParameter("@Password", SqlDbType.Binary, 16); paramPwd.Value = hashedBytes; sqlCmd.Parameters.Add(paramPwd); sqlConn.Open(); sqlCmd.ExecuteNonQuery(); dt = new DataTable(); ds = new DataSet(); sqlCmd = new SqlCommand("sp_userIdByEmail", sqlConn); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@Email", SqlDbType.VarChar).Value = LabelEmailValue.Text; SqlDataAdapter sda = new SqlDataAdapter(sqlCmd); sda.Fill(ds); dt = ds.Tables[0]; Session["UserId"] = dt.Rows[0]["UserId"].ToString(); //add credit records sqlCmd = new SqlCommand("sp_registerInsertRecords", sqlConn); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@UserId", SqlDbType.Int).Value = Session["UserId"]; sqlCmd.Parameters.Add("@Introduction", SqlDbType.Int).Value = DropDownListIntroduction.SelectedValue; sqlCmd.ExecuteNonQuery(); NotificationsClass nc = new NotificationsClass(); nc.addNotification(1, Convert.ToInt32(Session["UserId"]), 1, "", ""); //regeants credit if (TextBoxRegeantId.Text.Trim() != "") { string Regeant = TextBoxRegeantId.Text.Trim(); if (Regeant.Length >= 6) { if (Regeant.Trim().Substring(0, 6).ToUpper() == "GP800-") { dt = new DataTable(); ds = new DataSet(); sqlCmd = new SqlCommand("sp_userCheckExistsByUserId", sqlConn); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@UserId", SqlDbType.Int).Value = Convert.ToInt32(TextBoxRegeantId.Text.Trim().Substring(6)); sda = new SqlDataAdapter(sqlCmd); sda.Fill(ds); dt = ds.Tables[0]; if (dt.Rows.Count != 0) //user exist { sqlCmd = new SqlCommand("sp_registerRegeantCredits", sqlConn); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@UserId", SqlDbType.Int).Value = Session["UserId"]; sqlCmd.Parameters.Add("@RegeantId", SqlDbType.Int).Value = Convert.ToInt32(TextBoxRegeantId.Text.Trim().Substring(6)); sqlCmd.ExecuteNonQuery(); sqlCmd.Dispose(); sqlConn.Dispose(); sda.Dispose(); nc.addNotification(1, Convert.ToInt32(TextBoxRegeantId.Text.Trim().Substring(6)), 3, TextBoxFirstName.Text + " " + TextBoxLastName.Text, "8000"); } } } } sqlConn.Close(); sqlConn.Dispose(); //send email string urlBase = Request.Url.GetLeftPart(UriPartial.Authority) + Request.ApplicationPath; string RegUrl = "/Offers.aspx?UserId=" + UserId; string fullUrl = urlBase + RegUrl; string AppPath = Request.PhysicalApplicationPath; StreamReader sr = new StreamReader(AppPath + "EmailTemplates/SuccessfulRegister.txt"); MailMessage mail = new MailMessage(); mail.Subject = "Successful Registeration"; mail.BodyEncoding = System.Text.Encoding.GetEncoding("utf-8"); mail.IsBodyHtml = true; mail.Body = sr.ReadToEnd(); System.Net.Mail.AlternateView plainView = System.Net.Mail.AlternateView.CreateAlternateViewFromString (System.Text.RegularExpressions.Regex.Replace(sr.ReadToEnd(), @"<(.|\n)*?>", string.Empty), null, "text/plain"); System.Net.Mail.AlternateView htmlView = System.Net.Mail.AlternateView.CreateAlternateViewFromString(sr.ReadToEnd(), null, "text/html"); mail.AlternateViews.Add(plainView); mail.AlternateViews.Add(htmlView); mail.To.Add(new MailAddress(LabelEmailValue.Text)); MailAddress m = new MailAddress("*****@*****.**"); mail.From = m; SmtpClient sc = new SmtpClient(); sc.Host = "WebMail.salestan.ir"; sc.Port = 25; sc.EnableSsl = false; NetworkCredential c = new NetworkCredential("*****@*****.**", "$users12345"); sc.Credentials = c; sc.Send(mail); sr.Close(); int Hours = 2; string VerificationCode = Convert.ToString(Guid.NewGuid()); LoginSession ls = new LoginSession(); ls.setLoginSession(Convert.ToInt32(Session["UserId"]), VerificationCode, Hours); HttpCookie _userInfoCookies = new HttpCookie("VC"); _userInfoCookies["VC"] = VerificationCode; _userInfoCookies.Expires = DateTime.Now.AddHours(Hours); Response.Cookies.Add(_userInfoCookies); Response.Redirect("~/Panel.aspx"); }