// User Login
protected void btnLoginUser_Click(object sender, EventArgs e)
{
// Gather the input data and use it to create an Order server object.
// Trim input value and save it to a variable
string inputLoyaltyNumber = txtLoyaltyNumberInput.Text.Trim();
// Verify the Loyalty Number exists
if (inputLoyaltyNumber != "")
{
//TODO: Check the database for the Loyalty Number
DataTable returnedData = QueryGroceryStoreSimulator.QueryGroceryStoreSimulatorDataTable("SELECT LoyaltyNumber FROM tLoyalty WHERE LoyaltyNumber = '" + inputLoyaltyNumber + "'");
// Check the DataTable to see if the Loyalty Number is in it
if (returnedData.Rows.Count > 0)
{
if (returnedData.Rows[0][0].ToString().Trim() == inputLoyaltyNumber)
{
// Check if a store is selected
if (lbStores.SelectedValue != null)
{
// Create the login and selected store for the session order
Order order = new Order();
order = (Order)Session["order"];
order.login = new Login(inputLoyaltyNumber, false);
order.store = new Store(lbStores.SelectedValue);
Session["order"] = order;
// Redirect to Order page
Response.Redirect("http://localhost:41711/Product.aspx");
}
else
{
// Show Incorrect Loyalty Number Error
lblError.Text = "Please Select a Store";
lblError.Visible = true;
}
}
else
{
// Show Incorrect Loyalty Number Error
lblError.Text = "Incorrect Loyalty Number";
lblError.Visible = true;
}
}
else
{
// Show Incorrect Loyalty Number Error
lblError.Text = "Incorrect Loyalty Number";
lblError.Visible = true;
}
}
else
{
// Show Empty Loyalty Number Error
lblError.Text = "Please Input a Loyalty Number";
lblError.Visible = true;
}
}
// Employee Login
protected void btnLoginEmployee_Click(object sender, EventArgs e)
{
// Gather the input data and use it to create an Order server object.
// Trim input value and save it to a variable
string inputEmployee = txtEmployeeNumber.Text.Trim();
// Verify the Employee exists
if (inputEmployee != "")
{
//TODO: Check the database for the Employee Number
DataTable returnedData = QueryGroceryStoreSimulator.QueryGroceryStoreSimulatorDataTable("SELECT Empl FROM tEmpl WHERE Empl = '" + inputEmployee + "'");
// Check the DataTable to see if the Employee is in it
if (returnedData.Rows.Count > 0)
{
if (returnedData.Rows[0][0].ToString().Trim() == inputEmployee)
{
// Create the login for the session order
Order order = new Order();
order = (Order)Session["order"];
order.login = new Login(inputEmployee, true);
Session["order"] = order;
// Redirect to Employee page
Response.Redirect("http://localhost:41711/Employee.aspx");
}
else
{
// Show Incorrect Employee Error
lblEmpError.Text = "Incorrect Employee Login";
lblEmpError.Visible = true;
}
}
else
{
// Show Incorrect Loyalty Error
lblEmpError.Text = "Incorrect Employee Login";
lblEmpError.Visible = true;
}
}
else
{
// Show Empty Employee Error
lblEmpError.Text = "Please Input a Employee Login";
lblEmpError.Visible = true;
}
}
public void CreateOrderOnDatabase(Order order)
{
// Create new SqlConnection using ConnectionString in Web.Config
SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["GroceryStoreSimulatorConnectionString"].ConnectionString);
// Create new SqlCommand
SqlCommand comm = new SqlCommand("spAddOrder", conn);
// Set command type to stored procedure
comm.CommandType = CommandType.StoredProcedure;
// Create new DataTable for our Query and query it for the loyaltyID
DataTable dt = new DataTable();
dt = QueryGroceryStoreSimulator.QueryGroceryStoreSimulatorDataTable(("SELECT LoyaltyID FROM tLoyalty WHERE LoyaltyNumber = '" + order.login.login + "'"));
// Create loyaltyID and set it to the returned loyaltyID
string loyaltyID = dt.Rows[0][0].ToString();
// Get StoreID
dt = QueryGroceryStoreSimulator.QueryGroceryStoreSimulatorDataTable(("SELECT StoreID FROM tStore WHERE Store = '" + order.store.storeName + "'"));
string storeID = dt.Rows[0][0].ToString();
// Add params to command
comm.Parameters.Add("@OrderID", SqlDbType.Int).Direction = ParameterDirection.Output;
comm.Parameters.Add("@LoyaltyID", SqlDbType.Int).Value = loyaltyID;
comm.Parameters.Add("@StoreID", SqlDbType.Int).Value = storeID;
comm.Parameters.Add("@DeliveryCharge", SqlDbType.Int).Value = 0;
comm.Parameters.Add("@OrderStatusID", SqlDbType.Int).Value = 1;
// Create return variable
//var returnParam = comm.Parameters.Add("@OrderID", SqlDbType.Int);
//returnParam
// Open Connection
conn.Open();
// Run command and save the OrderNumber
comm.ExecuteNonQuery();
order.orderNumber = comm.Parameters["@OrderID"].Value.ToString();
// Close Connection
conn.Close();
}