protected void GetShopping() { SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString); try { conn.Open(); string selectSql = "SELECT * FROM ShoppingView WHERE UserID={0}"; selectSql = string.Format(selectSql, Session["UserID"].ToString()); SqlDataAdapter da = new SqlDataAdapter(selectSql, conn); DataSet ds = new DataSet(); da.Fill(ds, "Shopping"); GridView1.DataSource = ds; GridView1.DataBind(); } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false); } finally { conn.Close(); } }
protected void Buy_Click(object sender, EventArgs e) { SqlConnection Conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString); try { string sql = "select UserName,Cash from Users where UserName='******'"; Conn.Open(); SqlDataAdapter da = new SqlDataAdapter(sql, Conn); DataSet ds = new DataSet(); da.Fill(ds, "用户表"); DataRowView drv = ds.Tables["用户表"].DefaultView[0]; string Price = Convert.ToString(drv.Row["Cash"]); if (Convert.ToDouble(Price) < Convert.ToDouble(Sum.Text.Trim())) { Response.Write("<script>alert('您的余额不足,请重新充值后再购买!');</script>"); } else { string sql1 = "update Users set Cash='" + (Convert.ToDouble(Price) - Convert.ToDouble(Sum.Text)) + "'where UserName='******'"; SqlCommand Comm = new SqlCommand(sql1, Conn); Comm.ExecuteNonQuery(); string sql3 = "UPDATE Orders SET IsPaid=1, OrderTime=Getdate() WHERE UserID={0} AND IsPaid=0"; sql3 = string.Format(sql3, Session["UserID"]); SqlCommand com = new SqlCommand(sql3, Conn); com.ExecuteNonQuery(); for (int i = 0; i < GridView1.Rows.Count; i++) { sql = "UPDATE Classes SET Num = Num + 1 WHERE ClassID={0}"; sql = string.Format(sql, ((HiddenField)GridView1.Rows[i].FindControl("ClassID")).Value); com = new SqlCommand(sql, Conn); com.ExecuteNonQuery(); sql = "INSERT INTO MyClasses (ClassID, UserID) VALUES ({0}, {1})"; sql = string.Format(sql, ((HiddenField)GridView1.Rows[i].FindControl("ClassID")).Value, Session["UserID"]); com = new SqlCommand(sql, Conn); com.ExecuteNonQuery(); } sql = "INSERT INTO Orders(UserID) VALUES('{0}')"; sql = string.Format(sql, Session["UserID"]); com = new SqlCommand(sql, Conn); com.ExecuteNonQuery(); sql = "SELECT OrderID FROM Orders WHERE IsPaid=0 AND UserID='" + Session["UserID"] + "'"; com = new SqlCommand(sql, Conn); Session["ShoppingID"] = com.ExecuteScalar().ToString(); GetShopping(); Response.Write("<script>alert('支付成功!');</script>"); } } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false); } finally { Conn.Close(); } }
protected void Search_Click(object sender, EventArgs e) { if (SearchBook.Text != "") { SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;"); try { con.Open(); string sql = "select Classes.ClassID as ClassID,ClassName,ClassImg,Price,Classes.TypeID,TypeName,Num " + "from Classes,ClassType where ClassName like '%{0}%' and Classes.TypeID=ClassType.TypeID"; sql = string.Format(sql, SearchBook.Text); SqlCommand com = new SqlCommand(sql, con); SqlDataReader res = com.ExecuteReader(); SearchList.DataSource = res; SearchList.DataBind(); } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false); } finally { con.Close(); } } }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString); try { conn.Open(); string selectSql = "SELECT * FROM ClassType WHERE TypeID={0}"; selectSql = string.Format(selectSql, Request["TypeID"].ToString()); SqlDataAdapter da = new SqlDataAdapter(selectSql, conn); DataSet ds = new DataSet(); da.Fill(ds, "ClassType"); DataRowView dr = ds.Tables["ClassType"].DefaultView[0]; TypeName.InnerText = dr["TypeName"].ToString(); } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false); } finally { conn.Close(); } } }
protected void Login(object sender, EventArgs e) { SqlDataReader UserInfo; int res; string Pwd; SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;"); try { con.Open(); string sql = "select ManagerID from Managers " + "where ManagerName='{0}'"; sql = string.Format(sql, UserName.Text); SqlCommand com = new SqlCommand(sql, con); object r = com.ExecuteScalar(); if (r != null) { res = (int)r; sql = "select Pwd,Tel from Managers " + "where ManagerID='{0}'"; sql = string.Format(sql, res); com = new SqlCommand(sql, con); UserInfo = com.ExecuteReader(); UserInfo.Read(); Pwd = UserInfo["Pwd"].ToString(); if (Pwd == PassWord.Text) { Session["ManagerName"] = UserName.Text; Session["ManagerID"] = res; Session["Pwd"] = UserInfo["Pwd"]; Session["Tel"] = UserInfo["Tel"]; UserInfo.Close(); Response.Redirect("ManagerTools.aspx", false); } else { errMsg.Style["display"] = "inline-block"; info.Text = "密码错误,请重新输入!"; } } else { errMsg.Style["display"] = "inline-block"; info.Text = "该用户不存在!"; } } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), true); } finally { con.Close(); } }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { preview.ImageUrl = "~/icons/AddImg.jpg"; SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;"); try { con.Open(); string sql = "select * from ClassType"; SqlCommand com = new SqlCommand(sql, con); SqlDataReader reader = com.ExecuteReader(); Type.DataSource = reader; Type.DataTextField = "TypeName"; Type.DataValueField = "TypeID"; Type.DataBind(); reader.Close(); if (Request["ClassID"] != null) { Title = title.InnerText = "修改书籍信息"; sql = "SELECT * FROM Classes WHERE ClassID={0}"; sql = string.Format(sql, Request["ClassID"]); SqlDataAdapter da = new SqlDataAdapter(sql, con); DataSet ds = new DataSet(); da.Fill(ds, "Classes"); DataRowView row = ds.Tables["Classes"].DefaultView[0]; ClassID.Value = row["ClassID"].ToString(); ClassName.Text = row["ClassName"].ToString(); Type.SelectedValue = row["TypeID"].ToString(); ClassImg.Value = preview.ImageUrl = row["ClassImg"].ToString(); VideoAddress.Value = row["VideoAddress"].ToString(); Price.Text = row["Price"].ToString(); Author.Text = row["Teacher"].ToString(); Introduction.Text = Server.HtmlDecode(row["Introduction"].ToString()); } else { preview.ImageUrl = "~/icons/AddImg.jpg"; Title = title.InnerText = "添加书籍"; } } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false); } finally { con.Close(); } } }
protected void submit_Click(object sender, EventArgs e) { SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;"); try { con.Open(); string path = Server.MapPath("~/UserImg"); string fileName = DateTime.Now.Year.ToString() + DateTime.Now.Month.ToString() + DateTime.Now.Day.ToString() + DateTime.Now.Hour.ToString() + DateTime.Now.Minute.ToString() + DateTime.Now.Second.ToString() + DateTime.Now.Millisecond.ToString(); if (FileUpload.HasFile) { if (!Directory.Exists(path)) { Directory.CreateDirectory(path); } string[] temp = FileUpload.FileName.Split('.'); fileName = fileName + "." + temp[temp.Length - 1]; path += "/" + fileName; FileUpload.SaveAs(path); } string sql = "Insert Into Users(UserName,Pwd,Tel,UserImg)" + "values('{0}',{1},'{2}','{3}')"; sql = string.Format(sql, UserName.Text, PassWord.Text, Tel.Text, "~/UserImg/" + fileName); SqlCommand com = new SqlCommand(sql, con); com.ExecuteNonQuery(); Response.Redirect("RegSuccessful.aspx", false); } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), true); } finally { con.Close(); } }
protected void Clear_Click(object sender, EventArgs e) { SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString); try { conn.Open(); string sql = "DELETE FROM OrderDetails WHERE OrderID={0}"; sql = string.Format(sql, Session["ShoppingID"].ToString()); SqlCommand com = new SqlCommand(sql, conn); com.ExecuteNonQuery(); GetShopping(); } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false); } finally { conn.Close(); } }
protected void GridView1_RowDeleting(object sender, GridViewDeleteEventArgs e) { SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString); try { conn.Open(); string sql = "DELETE FROM OrderDetails WHERE ClassID={0}"; sql = string.Format(sql, GridView1.DataKeys[e.RowIndex].Value.ToString()); SqlCommand com = new SqlCommand(sql, conn); com.ExecuteNonQuery(); GetShopping(); } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false); } finally { conn.Close(); } }
protected void Submit_Click(object sender, EventArgs e) { if (Session["UserID"] == null) { Response.Write("<script>alert('您还没有登录或登录信息失效,请登陆后再购买!');" + "top.location.href='login.aspx';</script>"); } else { SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString); try { conn.Open(); if (IsShopping.Value.Equals("0")) { string sql = "INSERT INTO OrderDetails(OrderID,ClassID) VALUES({0},{1})"; sql = string.Format(sql, Session["ShoppingID"], Request["ClassID"]); SqlCommand com = new SqlCommand(sql, conn); com.ExecuteNonQuery(); Response.Write("<script>alert('添加购物车成功!');</script>"); } else { Response.Write("<script>alert('该课程已添加到购物车中!');</script>"); } } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false); } finally { conn.Close(); } } }
protected void Login(object sender, EventArgs e) { SqlDataReader UserInfo; int res; string rightPwd; SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;"); try { con.Open(); string sql = "select UserID from Users " + "where UserName='******'"; sql = string.Format(sql, UserName.Text); SqlCommand com = new SqlCommand(sql, con); object r = com.ExecuteScalar(); if (r != null) { res = (int)r; sql = "select Pwd,UserImg from Users " + "where UserID='{0}'"; sql = string.Format(sql, res); com = new SqlCommand(sql, con); UserInfo = com.ExecuteReader(); UserInfo.Read(); rightPwd = UserInfo["Pwd"].ToString(); if (rightPwd == PassWord.Text) { Session["UserName"] = UserName.Text; Session["UserID"] = res; Session["Pic"] = UserInfo["UserImg"]; UserInfo.Close(); sql = "SELECT OrderID FROM Orders WHERE IsPaid=0 AND UserID='" + res + "'"; com = new SqlCommand(sql, con); object shoppingID = com.ExecuteScalar(); if (shoppingID == null) { sql = "INSERT INTO Orders(UserID) VALUES('{0}')"; sql = string.Format(sql, res); com = new SqlCommand(sql, con); com.ExecuteNonQuery(); sql = "SELECT OrderID FROM Orders WHERE IsPaid=0 AND UserID='" + res + "'"; com = new SqlCommand(sql, con); Session["ShoppingID"] = com.ExecuteScalar().ToString(); } else { Session["ShoppingID"] = shoppingID.ToString(); } Response.Redirect("MainFrame.aspx", false); } else { errMsg.Style["display"] = "inline-block"; info.Text = "密码错误,请重新输入!"; } } else { errMsg.Style["display"] = "inline-block"; info.Text = "该用户不存在!"; } } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), true); } finally { con.Close(); } }
protected void Submit(object sender, EventArgs e) { SqlConnection con = new SqlConnection("Server=localhost;Initial Catalog=OnlineCourse;Integrated Security=True;"); string path = Server.MapPath("~/image"); string path0 = Server.MapPath("~/video"); string fileName = DateTime.Now.Year.ToString() + DateTime.Now.Month.ToString() + DateTime.Now.Day.ToString() + DateTime.Now.Hour.ToString() + DateTime.Now.Minute.ToString() + DateTime.Now.Second.ToString() + DateTime.Now.Millisecond.ToString(); string fileName1 = DateTime.Now.Year.ToString() + DateTime.Now.Month.ToString() + DateTime.Now.Day.ToString() + DateTime.Now.Hour.ToString() + DateTime.Now.Minute.ToString() + DateTime.Now.Second.ToString() + DateTime.Now.Millisecond.ToString(); if (FileUpload.HasFile) { if (!Directory.Exists(path)) { Directory.CreateDirectory(path); } string[] temp = FileUpload.FileName.Split('.'); fileName = fileName + "." + temp[temp.Length - 1]; path += "/" + fileName; FileUpload.SaveAs(path); } if (FileUpload0.HasFile) { if (!Directory.Exists(path0)) { Directory.CreateDirectory(path0); } string[] temp = FileUpload0.FileName.Split('.'); fileName = fileName + "." + temp[temp.Length - 1]; path0 += "/" + fileName; FileUpload0.SaveAs(path0); } try { con.Open(); string sql; if (title.InnerText.Equals("添加书籍")) { sql = "insert into Classes(ClassName,ClassImg,Price,TypeID,Introduction,Teacher,VideoAddress,IsOnSale) " + "values('{0}','{1}','{2}',{3},'{4}','{5}','{6}','{7}')"; sql = string.Format(sql, ClassName.Text, "~/image/" + fileName, Price.Text, Type.SelectedValue, Server.HtmlEncode(Introduction.Text), Author.Text, "~/video/" + fileName1, Sale.SelectedValue); SqlCommand com = new SqlCommand(sql, con); com.ExecuteNonQuery(); } else { sql = "UPDATE Classes SET ClassName='{0}',ClassImg='{1}',Price='{2}',TypeID={3},Introduction='{4}',Teacher='{5}',VideoAddress='{6}' WHERE ClassID={7}"; sql = string.Format(sql, ClassName.Text, FileUpload.HasFile ? "~/image/" + fileName : ClassImg.Value, Price.Text, Type.SelectedValue, Server.HtmlEncode(Introduction.Text), Author.Text, FileUpload0.HasFile ? "~/video/" + fileName1 : VideoAddress.Value, ClassID.Value); SqlCommand com = new SqlCommand(sql, con); com.ExecuteNonQuery(); } Response.Redirect("~/BookManager.aspx", false); } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false); } finally { con.Close(); } }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack && Request["ClassID"] != null) { BookID.Value = Request["ClassID"].ToString(); buy.Disabled = false; watch.Disabled = true; SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["OnlineCourseConnectionString"].ConnectionString); try { con.Open(); string sql = "SELECT Classes.*, ClassType.TypeName " + "FROM Classes, ClassType WHERE Classes.ClassID={0} and Classes.TypeID=ClassType.TypeID"; sql = string.Format(sql, BookID.Value); SqlCommand com = new SqlCommand(sql, con); SqlDataReader res = com.ExecuteReader(); res.Read(); TypeID.Value = res["TypeID"].ToString(); BookName.Text = res["ClassName"].ToString(); Title = BookName.Text; BookType.Text = res["TypeName"].ToString(); preview.ImageUrl = res["ClassImg"].ToString(); Price.Text = res["Price"].ToString(); Sum.Text = res["Num"].ToString(); Introduction.Text = res["Introduction"].ToString(); Author.Text = res["Teacher"].ToString(); res.Close(); if (Session["UserID"] != null) { sql = "SELECT * FROM MyClasses WHERE UserID={0} AND ClassID={1}"; sql = string.Format(sql, Session["UserID"], Request["ClassID"]); com = new SqlCommand(sql, con); res = com.ExecuteReader(); if (!res.Read()) { buy.Style["display"] = "initial"; watch.Style["display"] = "none"; watch.Disabled = true; } else { buy.Style["display"] = "none"; buy.Disabled = true; watch.Style["display"] = "initial"; } res.Close(); sql = "SELECT DetailID FROM ShoppingView WHERE UserID={0} AND ClassID={1}"; sql = string.Format(sql, Session["UserID"].ToString(), BookID.Value); com = new SqlCommand(sql, con); object n; if ((n = com.ExecuteScalar()) != null) { IsShopping.Value = "1"; } else { IsShopping.Value = "0"; } } else { buy.Style["display"] = "initial"; watch.Style["display"] = "none"; } } catch (Exception ex) { Commom commom = new Commom(); commom.ShowErrorPage(Response, Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace), false); } finally { con.Close(); } } }