protected void SetPicture_Click(object sender, EventArgs e)
{
if (PhotoUpload.HasFile && (PhotoUpload.FileName.ToLower().EndsWith(".jpg") ||
PhotoUpload.FileName.ToLower().EndsWith(".jpeg")))
{
string virtualFolder = "~/Patient/Photo/";
string physicalFolder = Server.MapPath(virtualFolder);
string filename = Guid.NewGuid().ToString();
string extension = System.IO.Path.GetExtension(PhotoUpload.FileName);
if (!String.IsNullOrEmpty(photoUrl))
{
System.IO.File.Delete(photoUrl);
photoUrl = null;
}
photoUrl = System.IO.Path.Combine(physicalFolder, filename + extension);
PhotoUpload.SaveAs(photoUrl);
Photo.ImageUrl = virtualFolder + filename + extension;
DeletePicture.Visible = true;
ImageError.Visible = false;
}
else
{
ImageError.Visible = true;
}
}
protected void btnAdd_Click1(object sender, EventArgs e)
{
int i = blp.AddPhone(Convert.ToInt32(ddlManufacturer.SelectedValue.ToString()), txtPhone.Text, Convert.ToDecimal(txtPrice.Text), PhotoUpload.FileName);
if (i > 0)
{
PhotoUpload.SaveAs(Server.MapPath("~/Phoneimages" + PhotoUpload.FileName));
lblMessage.Text = "Phone Added";
txtPhone.Text = "";
txtPrice.Text = "";
}
}
protected void Confirm_Click(object sender, EventArgs e)
{
if (!Request.IsAuthenticated)
{
FormsAuthentication.RedirectToLoginPage();
return;
}
Repository repository = null;
if (Application["repository"] != null)
{
repository = (Repository)Application["repository"];
}
string nickname = User.Identity.Name;
var id = repository.GetAccountId(nickname);
Account account = repository.GetAccount(id);
if (!AuthorizationManager.PasswordMatch(nickname, InputActualPassword.Text))
{
return;
}
string fName = string.IsNullOrEmpty(InputFName.Text)
? account.FirstName : InputFName.Text;
string lName = string.IsNullOrEmpty(InputLName.Text)
? account.LastName : InputLName.Text;
string info = string.IsNullOrEmpty(InputInformation.Text)
? account.Information : InputInformation.Text;
string email = string.IsNullOrEmpty(InputEmail.Text)
? account.RegistrationInfo.Email : InputEmail.Text;
DateTime?birthDate = string.IsNullOrEmpty(InputBirthDate.Text)
? account.BirthDate : DateTime.Parse(InputBirthDate.Text);
if (!string.IsNullOrEmpty(InputPassword.Text) &&
string.Equals(InputPassword.Text, InputPassword2.Text))
{
AuthorizationManager.ChangePassword(nickname, InputPassword.Text);
}
if (PhotoUpload.HasFile && PhotoUpload.FileName.EndsWith(".jpg"))
{
PhotoUpload.SaveAs(Server.MapPath("~/Photos/photo_" + id + ".jpg"));
}
account.ChangeInformation(fName, lName, info, email, birthDate);
Application["repository"] = repository;
Response.Redirect("Page.aspx?id=" + id);
}
protected void btn_update_Click(object sender, EventArgs e)
{
PhotoGalleryObject photogalleryObj = new PhotoGalleryObject();
photogalleryObj.PhotoId = int.Parse(Session["PhotoGallery_id"].ToString());
DataTable dt = dal.SelectInformationById(photogalleryObj.PhotoId);
photogalleryObj.PhotoBrief = tbxPhotoBrief.Text;
photogalleryObj.PhotoDetail = tbxPhotoDetail.Text;
photogalleryObj.UserId = Int32.Parse(Session["user_id"].ToString());
if (ddlPhotoStatus.SelectedValue == "1")
{
photogalleryObj.Status = true;
}
else if (ddlPhotoStatus.SelectedValue == "0")
{
photogalleryObj.Status = false;
}
if (PhotoUpload.HasFile)
{
string extension = Path.GetExtension(PhotoUpload.FileName);
string photopath = Guid.NewGuid().ToString() + extension;
string uploadFolder = "~/Photo_gallery/";
PhotoUpload.SaveAs(Server.MapPath(uploadFolder + photopath));
photogalleryObj.PhotoPath = photopath;
}
else
{
photogalleryObj.PhotoPath = dt.Rows[0]["PhotoPath"].ToString();
}
try
{
int result = dal.UpdateInformation(photogalleryObj);
if (result == 1)
{
getPhotoGalleryById();
SuccessPanel.Visible = true;
}
else
{
DangerPanel.Visible = true;
}
}
catch
{
throw;
}
}
protected void btn_update_Click(object sender, EventArgs e)
{
BannerObject bannerObj = new BannerObject();
bannerObj.BannerId = int.Parse(Session["Banner_id"].ToString());
DataTable dt = dal.SelectInformationById(bannerObj.BannerId);
bannerObj.BannerInformation = tbxBannerInfo.Text;
bannerObj.UserId = Int32.Parse(Session["user_id"].ToString());
if (ddlBannerStatus.SelectedValue == "1")
{
bannerObj.Status = true;
}
else if (ddlBannerStatus.SelectedValue == "0")
{
bannerObj.Status = false;
}
if (PhotoUpload.HasFile)
{
string extension = Path.GetExtension(PhotoUpload.FileName);
string photopath = Guid.NewGuid().ToString() + extension;
string uploadFolder = "~/Banner_Photos/";
PhotoUpload.SaveAs(Server.MapPath(uploadFolder + photopath));
bannerObj.PhotoPath = photopath;
}
else
{
bannerObj.PhotoPath = dt.Rows[0]["PhotoPath"].ToString();
}
try
{
int result = dal.UpdateInformation(bannerObj);
if (result == 1)
{
getBannerById();
SuccessPanel.Visible = true;
}
else
{
DangerPanel.Visible = true;
}
}
catch
{
throw;
}
}
protected void choosePhoto_Click(object sender, EventArgs e)
{
Session["ImageBytes"] = PhotoUpload.FileBytes;
ImagePreview.ImageUrl = "~/ImageHandler.ashx";
if (PhotoUpload.HasFile)
{
// Get the file extension
string fileExtension = System.IO.Path.GetExtension(PhotoUpload.FileName);
if (fileExtension.ToLower() != ".png" && fileExtension.ToLower() != ".jpg" && fileExtension.ToLower() != ".gif")
{
choosePhotolbl.ForeColor = System.Drawing.Color.Red;
choosePhotolbl.Text = "Only files with .png and .jpg extension are allowed";
}
else
{
// Get the file size
int fileSize = PhotoUpload.PostedFile.ContentLength;
// If file size is greater than 2 MB
if (fileSize > 2097152)
{
choosePhotolbl.ForeColor = System.Drawing.Color.Red;
choosePhotolbl.Text = "File size cannot be greater than 2 MB";
}
else
{
// Upload the file
PhotoUpload.SaveAs(Server.MapPath("~/userImages/" + getFirstName() + PhotoUpload.FileName));
choosePhotolbl.ForeColor = System.Drawing.Color.Green;
choosePhotolbl.Text = "File uploaded successfully";
string connStr = WebConfigurationManager.ConnectionStrings["ProjectDB"].ConnectionString;
SqlConnection dbConnection = new SqlConnection(connStr);
dbConnection.Open();
int uid = Convert.ToInt32(HttpContext.Current.Session["userID"]);
string path = "userImages/" + getFirstName() + PhotoUpload.FileName;
string strQuery = "insert into userImageTable (userID, ImageFileName, ImageFilePath) values (@userID, @FileName, @FilePath)";
SqlCommand cmd = new SqlCommand(strQuery, dbConnection);
cmd.Parameters.AddWithValue("@userID", uid);
cmd.Parameters.AddWithValue("@FileName", getFirstName() + PhotoUpload.FileName);
cmd.Parameters.AddWithValue("@FilePath", path);
cmd.ExecuteNonQuery();
}
}
}
else
{
choosePhotolbl.ForeColor = System.Drawing.Color.Red;
choosePhotolbl.Text = "Please select a file";
}
}
protected void Button4_Click(object sender, EventArgs e)
{
string imagefile4 = "";
if (PhotoUpload.HasFile)
{
imagefile4 = "~/upload/" + PhotoUpload.FileName;
PhotoUpload.SaveAs(Server.MapPath(imagefile4));
con.Open(); SqlCommand cmd = new SqlCommand("update [dbo].[tblMemberMaster] set photoupdatedate=getdate(),UploadPhoto='" + imagefile4 + "' where usercode='" + TextBox1.Text + "'", con);
cmd.ExecuteNonQuery();
con.Close();
MsgBox("Uploaded Successfully");
}
}
protected void upload(object sender, EventArgs e)
{
if (PhotoUpload.HasFile)
{
try
{
string filename = Path.GetFileName(PhotoUpload.FileName);
PhotoUpload.SaveAs(path + @"\" + albums.SelectedItem.Text + @"\" + filename);
statusLabel.Visible = true;
statusLabel.Text = "Picture was uploaded";
updatePicturesList();
}
catch (Exception ex)
{
statusLabel.Text = "error" + ex.Message;
}
}
}
protected void btnRegister_Click(object sender, EventArgs e)
{
try
{ String path;
studentID = txtStudentID.Text;
EmailConfirmation obj = new EmailConfirmation();
DatabaseRegistration objdb = new DatabaseRegistration();
if (objdb.isStudentIDAvailable(studentID) && objdb.isEmailIDAvailable(txtEmailID.Text))
{
if (PhotoUpload.HasFile)
{
PhotoUpload.SaveAs(MapPath("~/Files/Images/Students/" + PhotoUpload.FileName));
path = PhotoUpload.FileName;;
}
else
{
path = " ";
}
objdb.insert_Student_Info(txtStudentID.Text, txtFName.Text, txtLName.Text, ddlProgram.SelectedValue, txtCurrentSemester.Text, path);
objdb.insert_Student_Login_Info(txtEmailID.Text, txtPassword.Text, txtStudentID.Text);
String Subject = "Registration Confirmation Email";
String body = "You are Successfully registered with Advisor Booking Service.";
body = body + "\n Now You can make an appointment with the advisor";
body = body + "\n Your User Name is =" + txtEmailID.Text;
body = body + "\n Your Password is =" + txtPassword.Text;
obj.sendEmail("*****@*****.**", "Passwordisimportant", txtEmailID.Text, Subject, body);
lblMessage.Text = "Successfully Registered";
/// clear_Fields();
Response.Redirect("UserLogin.aspx");
}
else
{
lblMessage.Text = "StudentID or Email ID is already registered";
clear_Fields();
} }
catch (Exception obj)
{
lblMessage.Text = "Error in Registeration. Please try again";
}
}
protected void ButtonConfirm_Click(object sender, EventArgs e)
{
try
{
string nickname = InputNickname.Text;
string email = InputEmail.Text;
string password = InputPassword.Text;
string firstName = InputFName.Text;
string lastName = InputLName.Text;
string info = InputInformation.Text;
DateTime?birthDate = DateTime.Parse(InputBirthDate.Text);
Account account =
new Account(email, nickname, firstName, lastName, info, birthDate);
Repository repository;
if (Application["repository"] == null)
{
repository = new Repository();
}
else
{
repository = (Repository)Application["repository"];
}
repository.AddAccount(account);
Application["repository"] = repository;
AuthorizationManager.RegisterUser(nickname, password);
if (PhotoUpload.HasFile && PhotoUpload.FileName.EndsWith(".jpg"))
{
PhotoUpload.SaveAs(Server.MapPath("~/Photos/photo_" + account.RegistrationInfo.AccountId + ".jpg"));
}
Response.Redirect("Default.aspx", true);
}
catch (Exception exception)
{
}
}
protected void btnPhtoUpload_Click(object sender, EventArgs e)
{
string ConnectionString = WebConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
//連接資料庫
SqlConnection Conn = new SqlConnection(ConnectionString);
Conn.Open();
//Cmd命令,選取所有AdminID
SqlCommand checkCmd = new SqlCommand("SELECT AdminID FROM UploadPhoto", Conn);
SqlDataReader Reader = checkCmd.ExecuteReader();
//設定檔案名稱
string fileName = PhotoUpload.FileName;
//判斷資料夾是否存在,若無則建立資料夾
if (!Directory.Exists("Img/"))
{
Directory.CreateDirectory(Server.MapPath("Img"));
}
// 設定檔案路徑
string savePath = Server.MapPath("Img/");
//設定完整存檔路徑
string saveResults = System.IO.Path.Combine(savePath, fileName);
//確認使用者是否已經有上傳過檔案了,若有的話使用Update
if (Reader.Read())
{
if (Reader["AdminID"].ToString() == Session["Login"].ToString())
{
Reader.Close();
//判斷檔案否存在
if (PhotoUpload.HasFile)
{
//判斷是否為指定類型檔案,using System.IO;
string saveExt = Path.GetExtension(PhotoUpload.FileName);
if (saveExt == ".jpg" || saveExt == ".png")
{
PhotoUpload.SaveAs(saveResults);
//Cmd命令,更新檔名與日期
SqlCommand updateCmd = new SqlCommand("UPDATE UploadPhoto SET PhotoFileName =@PhotoFileName, UploadTime =@UploadTime WHERE (AdminID = @AdminID)", Conn);
updateCmd.Parameters.AddWithValue("@PhotoFileName", fileName);
updateCmd.Parameters.AddWithValue("@AdminID", Session["Login"].ToString());
updateCmd.Parameters.AddWithValue("@UploadTime", DateTime.Now.ToString("yyyy/MM/dd HH:mm"));
//執行命令
updateCmd.ExecuteNonQuery();
updateCmd.Cancel();
Conn.Close();
Conn.Dispose();
Response.Redirect(this.Request.Url.ToString()); //頁面跳轉更新
}
else
{
lblMessage.Text = "請使用指定檔案類型:jpg、png";
}
}
else
{
lblMessage.Text = "請選擇檔案上傳!";
}
}
}
else //若沒有的話使用INSERT INTO
{
Reader.Close();
//判斷檔案否存在
if (PhotoUpload.HasFile)
{
//判斷是否為指定類型檔案,using System.IO;
string saveExt = Path.GetExtension(PhotoUpload.FileName);
if (saveExt == ".jpg" || saveExt == ".png")
{
PhotoUpload.SaveAs(saveResults);
//Cmd命令,新增Photo資料
SqlCommand insertCmd = new SqlCommand("INSERT INTO UploadPhoto (AdminID, PhotoFileName, UploadTime) VALUES (@AdminID,@PhotoFileName,@UploadTime)", Conn);
insertCmd.Parameters.AddWithValue("@AdminID", Session["Login"].ToString());
insertCmd.Parameters.AddWithValue("@PhotoFileName", fileName);
insertCmd.Parameters.AddWithValue("@UploadTime", DateTime.Now.ToString("yyyy/MM/dd HH:mm"));
//執行命令
insertCmd.ExecuteNonQuery();
insertCmd.Cancel();
Conn.Close();
Conn.Dispose();
Response.Redirect(this.Request.Url.ToString());//頁面跳轉更新
}
else
{
lblMessage.Text = "請使用指定檔案類型:jpg、png";
}
}
else
{
lblMessage.Text = "請選擇檔案上傳!";
}
}
}
protected void insertButton_Click(object sender, EventArgs e)
{
string name = schoolName.Text;
int schoolRank = Convert.ToInt32(rank.Text);
string schoolCity = city.Text;
string schoolState = state.Text;
string schoolDescription = description.Text;
string schoolWebsite = website.Text;
DateTime appDeadline = Convert.ToDateTime(deadline.Text);
string schoolAddress = address.Text;
string schoolPhoneNumber = phone.Text;
if (PhotoUpload.HasFile)
{
// Get the file extension
string fileExtension = System.IO.Path.GetExtension(PhotoUpload.FileName);
if (fileExtension.ToLower() != ".png" && fileExtension.ToLower() != ".jpg" && fileExtension.ToLower() != ".gif")
{
choosePhotolbl.ForeColor = System.Drawing.Color.Red;
choosePhotolbl.Text = "Only files with .png and .jpg extension are allowed";
}
else
{
// Get the file size
int fileSize = PhotoUpload.PostedFile.ContentLength;
// If file size is greater than 2 MB
if (fileSize > 2097152)
{
choosePhotolbl.ForeColor = System.Drawing.Color.Red;
choosePhotolbl.Text = "File size cannot be greater than 2 MB";
}
else
{
// Upload the file
PhotoUpload.SaveAs(Server.MapPath("~/universityImages/" + name + PhotoUpload.FileName));
choosePhotolbl.ForeColor = System.Drawing.Color.Green;
choosePhotolbl.Text = "File uploaded successfully";
string connStr = WebConfigurationManager.ConnectionStrings["ProjectDB"].ConnectionString;
SqlConnection dbConnection = new SqlConnection(connStr);
dbConnection.Open();
//int uid = Convert.ToInt32(HttpContext.Current.Session["userID"]);
string path = "universityImages/" + name + PhotoUpload.FileName;
string strQuery = "insert into schoolInfo (schoolImagePath,schoolName, schoolRank, schoolCity, schoolState,"
+ " schoolDescription, schoolWebsite, applicationDeadline, schoolAddress, schoolPhone) values" +
" (@FilePath, @schoolName, @schoolRank, @schoolCity, @schoolState, @schoolDescription, @schoolWebsite," +
" @applicationDeadline, @schoolAddress, @schoolPhone)";
SqlCommand cmd = new SqlCommand(strQuery, dbConnection);
cmd.Parameters.AddWithValue("@FilePath", path);
cmd.Parameters.AddWithValue("@schoolName", name);
cmd.Parameters.AddWithValue("@schoolRank", schoolRank);
cmd.Parameters.AddWithValue("@schoolCity", schoolCity);
cmd.Parameters.AddWithValue("@schoolState", schoolState);
cmd.Parameters.AddWithValue("@schoolDescription", schoolDescription);
cmd.Parameters.AddWithValue("@schoolWebsite", schoolWebsite);
cmd.Parameters.AddWithValue("@applicationDeadline", appDeadline);
cmd.Parameters.AddWithValue("@schoolAddress", schoolAddress);
cmd.Parameters.AddWithValue("@schoolPhone", schoolPhoneNumber);
cmd.ExecuteNonQuery();
dbConnection.Close();
}
}
}
else
{
choosePhotolbl.ForeColor = System.Drawing.Color.Red;
choosePhotolbl.Text = "Please select a file";
}
}
protected void ImageButton9_Click(object sender, ImageClickEventArgs e)
{
if (TextBox1.Text.Length < 250)
{
Label1.Text = "Maximum Text Limit is 250.";
}
else if (antiSqlInjection() == 0)
{
Label1.Text = "";
if (!PhotoUpload.HasFile)
{
invalid += 1;
}
if (!VideoUpload.HasFile)
{
invalid += 1;
}
if (!AudioUpload.HasFile)
{
invalid += 1;
}
if (invalid == 3 && TextBox1.Text.Trim() == "") // No Contents
{
Label1.Text = " Nothing to Upload.";
}
else
{
Label1.Text = "";
}
}
if (recipient.Text.Trim().Length != 0 && invalid < 3)
{
SqlCommand check = new SqlCommand("Select Count(*) from user_db where phone_no='" + recipient.Text + "'", conn);
int phone = (int)check.ExecuteScalar();
String temp = (phone + 100001).ToString(), pic = "", aud = "", vid = "";
if (phone == 1) // Phone exist
{
if (PhotoUpload.HasFile)
{
pic = "pic" + temp + ".jpg";
PhotoUpload.SaveAs(Server.MapPath("~/uploads/feed" + pic));
}
else
{
pic = "";
}
if (VideoUpload.HasFile)
{
vid = "vid" + temp + ".3gp";
VideoUpload.SaveAs(Server.MapPath("~/uploads/feed" + vid));
}
else
{
pic = "";
}
if (AudioUpload.HasFile)
{
aud = "aud" + temp + ".amr";
AudioUpload.SaveAs(Server.MapPath("~/uploads/feed" + aud));
}
else
{
aud = "";
}
SqlCommand enter = new SqlCommand("Insert into feed_db(user_id,recipient_id,pic_id,text,vid_id,aud_id) values('" + temp + "'" + recipient.Text.Trim() + "'" + pic + "'" + vid + "'" + aud + "')", conn);
enter.ExecuteNonQuery();
Label1.Text = " Mail Sent Successfully";
}
else // invalid phone number
{
Label1.Text = " No user Found.";
}
// SqlCommand enter = new SqlCommand("Insert into feed_db'" + recipient.Text + "'", conn);
}
}
