protected void BtnLogin_Click(object sender, EventArgs e) { if (TextBoxN.Text.Length <= 0) { Response.Write("<script language='javascript'>alert('用户名不能为空');</script>"); return; } else if (TextBoxP.Text.Length < 6) { Response.Write("<script language='javascript'>alert('密码错误');</script>"); return; } SqlConnection con = UserSqlConnect.createConnection(); con.Open(); SqlCommand cmd = new SqlCommand("select * from [user] where name='" + TextBoxN.Text + "' and pw='" + TextBoxP.Text + "'", con); SqlDataReader reader = cmd.ExecuteReader(); if (reader.Read()) { Session["id"] = reader["id"].ToString(); Session["isLogin"] = "******"; Session["isAdmin"] = reader["authority"].ToString(); Response.Redirect("MainWeb.aspx"); } else { Response.Write("<script language='javascript'>alert('用户名或密码错误');</script>"); } reader.Close(); con.Close(); }
private void CreateBill(long userid, string strName, long screeningid, string strLocation, string strTime, string strSeats, float fCost) { SqlConnection con = UserSqlConnect.createConnection(); con.Open(); SqlCommand cmd = new SqlCommand("insert into [bill](owner,name,screeningid,location,time,seats,cost) values(" + userid + ",'" + strName + "'," + screeningid + ",'" + strLocation + "','" + strTime + "','" + strSeats + "'," + fCost + ")", con); cmd.ExecuteNonQuery(); }
private string getUserNameById(string id) { string name = null; SqlConnection con = UserSqlConnect.createConnection(); con.Open(); SqlCommand cmd = new SqlCommand("select name from [user] where id='" + id + "'", con); SqlDataReader reader = cmd.ExecuteReader(); if (reader.Read()) { name = reader["name"].ToString(); } con.Close(); return(name); }
private bool LoadBillInfo() { SqlConnection con = UserSqlConnect.createConnection(); con.Open(); SqlCommand cmd = new SqlCommand("select * from bill where owner=" + Session["id"].ToString(), con); SqlDataReader reader = cmd.ExecuteReader(); while (reader.Read()) { BillInfo Info = new BillInfo(); Info.Info_C = new ConcertInfo(); Info.Info_S = new ScreeningsInfo(); Info.Info_S.Seats = new List <SeatInfo>(); Info.BillID = long.Parse(reader["id"].ToString()); Info.Cost = float.Parse(reader["cost"].ToString()); Info.Info_C.Name = reader["name"].ToString(); Info.Info_S.ScreeningID = long.Parse(reader["screeningid"].ToString()); Info.Info_S.Location = reader["location"].ToString(); Info.Info_S.Time = reader["time"].ToString(); List <string> SeatBuffer = new List <string>(reader["seats"].ToString().Trim().Split(' ')); SeatBuffer.ForEach ( delegate(string PositionBuffer) { SeatInfo SInfo = new SeatInfo(); SInfo.Position = int.Parse(PositionBuffer); Info.Info_S.Seats.Add(SInfo); } ); BillStock.Add(Info); } con.Close(); if (BillStock.Count <= 0) { return(false); } return(true); }
private void CancelBill(string message) { long id = long.Parse(message.Split('#')[0]); SqlConnection con = UserSqlConnect.createConnection(); con.Open(); SqlCommand cmd = new SqlCommand("delete from bill where id=" + id, con); cmd.ExecuteNonQuery(); con.Close(); con = InfoSqlConnect.createConnection(); con.Open(); long sid = long.Parse(message.Split('#')[1]); List <string> SeatsBuffer = new List <string>(message.Split('#')[2].Trim().Split(' ')); SeatsBuffer.ForEach(strPosition => { cmd = new SqlCommand("update seats set avaliable='1' where avaliable='0' and screeningid=" + sid + "and position=" + strPosition, con); cmd.ExecuteNonQuery(); }); con.Close(); }
protected void ButtonReg_Click(object sender, EventArgs e) { if (TextBoxN.Text.Length < 3) { Response.Write("<script language='javascript'>alert('用户名不能小于3位');</script>"); return; } else if (TextBoxP.Text.Length < 6) { Response.Write("<script language='javascript'>alert('密码不能小于6位');</script>"); return; } else if (TextBoxP.Text != TextBoxPR.Text) { Response.Write("<script language='javascript'>alert('两次密码不一致');</script>"); return; } SqlConnection con = UserSqlConnect.createConnection(); con.Open(); SqlCommand cmd = new SqlCommand("insert into [user](name,pw) values ('" + TextBoxN.Text + "','" + TextBoxP.Text + "')", con); try { int re = cmd.ExecuteNonQuery(); con.Close(); if (re > 0) { Response.Write("<script language='javascript'>alert('欢迎加入!');self.location='MainWeb.aspx'</script>"); return; } } catch { } Response.Write("<script language='javascript'>alert('用户名已存在');</script>"); }