| public ExecuteNonQuery ( string sql, string paramters, string values ) : void | ||
| sql | string | |
| paramters | string | |
| values | string | |
| return | void | |
protected void btnDelete_Click(object sender, EventArgs e)
{
string s1;
string[] p1 = { "@VendorID" };
string[] v1 = { txtVendorID.Text };
DAL.DataAccess da = new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString, "System.Data.SqlClient");
s1 = "DELETE FROM Vendor WHERE VendorID = @VendorID";
da.ExecuteNonQuery(s1, p1, v1);
}
protected void btnSave_Click(object sender, EventArgs e)
{
string s1;
string[] p1 = { "@VendorID", "@IsActive","@VendorName","@MainPhone","@ContactName","@ContactEmail", "@ContactPhone",
"@Website", "@Address", "@Address2", "@City", "@State", "@Zip", "@Country" };
string[] v1 = { txtVendorID.Text, Convert.ToString(cboxIsActive.Checked), txtVendorName.Text,
txtMainPhone.Text,txtContactName.Text,txtContactEmail.Text,txtContactPhone.Text,
txtWebsite.Text,txtAddress.Text,txtAddress2.Text,txtCity.Text,txtState.Text,
txtZip.Text,txtCountry.Text };
DAL.DataAccess da = new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString, "System.Data.SqlClient");
s1 = "UPDATE Vendor " +
"SET IsActive = @IsActive, VendorName = @VendorName, MainPhone = @MainPhone, ContactName = @ContactName, " +
"ContactEmail = @ContactEmail, ContactPhone = @ContactPhone, Website = @Website, Address = @Address, " +
"Address2 = @Address2, City = @City, State = @State, Zip = @Zip, Country = @Country " +
"WHERE VendorID = @VendorID";
da.ExecuteNonQuery(s1, p1, v1);
}
protected void btnClickMe_Click(object sender, EventArgs e)
{
DAL.DataAccess da = new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString, "System.Data.SqlClient");
string sql1 = "Update categories set CategoryName = @catname where categoryid = @catid";
//the parameters must be in the order they appear in the sql above!
string[] s1 = { "@catname", "@catid" };
string[] r1 = { txtsearch.Text, "1" };
da.ExecuteNonQuery(sql1, s1, r1);
//Rob wrote all of this code....
string sql = "select * from categories where categoryName = @categoryname";
DataSet ds = new DataSet();
string[] s = {"@categoryname"};
string[] r = {txtsearch.Text};
ds = da.ExecuteQuery(sql, s, r);
repeater1.DataSource = ds.Tables[0];
repeater1.DataBind();
s = null;
sql = null;
}
protected void btnAdd_Click(object sender, EventArgs e)
{
if(txtVendorID.Text != "")
{
txtVendorID.Text = "";
}
string s1;
string[] p1 = { "@IsActive","@VendorName","@MainPhone","@ContactName","@ContactEmail", "@ContactPhone",
"@Website", "@Address", "@Address2", "@City", "@State", "@Zip", "@Country" };
string[] v1 = { Convert.ToString(cboxIsActive.Checked), txtVendorName.Text,
txtMainPhone.Text,txtContactName.Text,txtContactEmail.Text,txtContactPhone.Text,
txtWebsite.Text,txtAddress.Text,txtAddress2.Text,txtCity.Text,txtState.Text,
txtZip.Text,txtCountry.Text };
DAL.DataAccess da = new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString, "System.Data.SqlClient");
s1 = "INSERT INTO Vendor(IsActive,VendorName,MainPhone,ContactName,ContactEmail, ContactPhone, " +
"Website, Address, Address2, City, State, Zip, Country) " +
"VALUES(@VendorID, @IsActive,@VendorName,@MainPhone,@ContactName,@ContactEmail, @ContactPhone, " +
"@Website, @Address, @Address2, @City, @State, @Zip, @Country)";
da.ExecuteNonQuery(s1, p1, v1);
}
private string txn_id; //unique transaction id
#endregion Fields
#region Methods
protected void Page_Load(object sender, EventArgs e)
{
//Post back to either sandbox or live
string strSandbox = "https://www.sandbox.paypal.com/cgi-bin/webscr";
string strLive = "https://www.paypal.com/cgi-bin/webscr";
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(strSandbox);
//Set values for the request back
req.Method = "POST";
req.ContentType = "application/x-www-form-urlencoded";
byte[] param = Request.BinaryRead(HttpContext.Current.Request.ContentLength);
string strRequest = Encoding.ASCII.GetString(param);
strRequest += "&cmd=_notify-validate";
req.ContentLength = strRequest.Length;
//for proxy
//WebProxy proxy = new WebProxy(new Uri("http://*****:*****@orderID";
DataSet ds6 = new DataSet();
// make arrays for paramaters and input
string[] s6 = { "@orderID" };
string[] v6 = { orderID };
ds6 = da6.ExecuteQuery(comm6, s6, v6);
// returns a 1 if the item exists if not the transaction is a dummy
grossTotal = decimal.Parse(ds6.Tables[0].Rows[0].ItemArray[0].ToString());
// subtract shipping to compare to gross total
decimal total = decimal.Parse(grossTotal.ToString("n2")) - decimal.Parse(mc_shipping);
//clear
s6 = null;
v6 = null;
// make sure customer paid the correct amount
// total < 0 for reversals
if (grossTotal.ToString("n2") == total.ToString("n2") || total < 0)
{
// check to see if email returned is ours
if (receiver_email == "*****@*****.**") // make sure the receiver email is ours
{
// count how many orderIDs that have not been verified exist in the orders table
DAL.DataAccess da5 =
new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
// make command statement
string comm5 = "SELECT COUNT(OrderID) FROM Orders WHERE TXNID = @txnID";
DataSet ds5 = new DataSet();
// make arrays for paramaters and input
string[] s5 = { "@txnID" };
string[] v5 = { txn_id };
ds5 = da5.ExecuteQuery(comm5, s5, v5);
// returns one item
txnID = ds5.Tables[0].Rows[0].ItemArray[0];
//clear
s5 = null;
v5 = null;
if (int.Parse(txnID.ToString()) == 0)
{
if (payment_status == "Completed")
{
// update total of orders table for the customer
DAL.DataAccess da2 =
new DAL.DataAccess(
ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm2 =
"UPDATE Orders SET TXNID = @txnID, PaymentStatus, Date = @date = @paymentStatus WHERE OrderID = @orderID";
// empty array
string[] p2 = { "@txnID", "@paymentStatus", "@orderID", "@date" };
string[] v2 = { txn_id, "Completed", orderID, datetime.ToString() };
da2.ExecuteNonQuery(comm2, p2, v2);
// clear
p2 = null;
v2 = null;
}
// if payment status is pending
if (payment_status == "Pending")
{
// update total of orders table for the customer
DAL.DataAccess da2 =
new DAL.DataAccess(
ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm2 =
"UPDATE Orders SET TXNID = @txnID, PaymentStatus = @paymentStatus, Date = @date WHERE OrderID = @orderID";
// empty array
string[] p2 = { "@txnID", "@paymentStatus", "@orderID", "@date" };
string[] v2 = { txn_id, "Pending", orderID, datetime.ToString() };
da2.ExecuteNonQuery(comm2, p2, v2);
// clear
p2 = null;
v2 = null;
}
// if payment status is Processed
if (payment_status == "Processed")
{
// update total of orders table for the customer
DAL.DataAccess da2 =
new DAL.DataAccess(
ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm2 =
"UPDATE Orders SET TXNID = @txnID, PaymentStatus = @paymentStatus, Date = @date WHERE OrderID = @orderID";
// empty array
string[] p2 = { "@txnID", "@paymentStatus", "@orderID", "@date" };
string[] v2 = { txn_id, "Processed", orderID, datetime.ToString() };
da2.ExecuteNonQuery(comm2, p2, v2);
// clear
p2 = null;
v2 = null;
}
// if payment status is Refunded
// parent_txn_id = old txn_id
if (payment_status == "Refunded")
{
// update total of orders table for the customer
DAL.DataAccess da2 =
new DAL.DataAccess(
ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm2 =
"UPDATE Orders SET TXNID = @txnID, PaymentStatus = @paymentStatus, Date = @date WHERE OrderID = @orderID";
// empty array
string[] p2 = { "@txnID", "@paymentStatus", "@orderID", "@date" };
string[] v2 = { txn_id, "Refunded", orderID, datetime.ToString() };
da2.ExecuteNonQuery(comm2, p2, v2);
// clear
p2 = null;
v2 = null;
}
// if payment status is Reversed
// parent_txn_id = old txn_id
if (payment_status == "Reversed")
{
// update total of orders table for the customer
DAL.DataAccess da2 =
new DAL.DataAccess(
ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm2 =
"UPDATE Orders SET TXNID = @txnID, PaymentStatus = @paymentStatus, Date = @date WHERE OrderID = @orderID";
// empty array
string[] p2 = { "@txnID", "@paymentStatus", "@orderID", "@date" };
string[] v2 = { txn_id, "Reversed", orderID, datetime.ToString() };
da2.ExecuteNonQuery(comm2, p2, v2);
// clear
p2 = null;
v2 = null;
}
// if payment status is Canceled_Reversal
// parent_txn_id = old txn_id
if (payment_status == "Canceled_Reversal")
{
// update total of orders table for the customer
DAL.DataAccess da2 =
new DAL.DataAccess(
ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm2 =
"UPDATE Orders SET TXNID = @txnID, PaymentStatus = @paymentStatus, Date = @date WHERE OrderID = @orderID";
// empty array
string[] p2 = { "@txnID", "@paymentStatus", "@orderID", "@date" };
string[] v2 = { txn_id, "Canceled Reversal", orderID, datetime.ToString() };
da2.ExecuteNonQuery(comm2, p2, v2);
// clear
p2 = null;
v2 = null;
}
// if payment status is Voided
if (payment_status == "Voided")
{
// update total of orders table for the customer
DAL.DataAccess da2 =
new DAL.DataAccess(
ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm2 =
"UPDATE Orders SET TXNID = @txnID, PaymentStatus = @paymentStatus, Date = @date WHERE OrderID = @orderID";
// empty array
string[] p2 = { "@txnID", "@paymentStatus", "@orderID", "@date" };
string[] v2 = { txn_id, "Voided", orderID, datetime.ToString() };
da2.ExecuteNonQuery(comm2, p2, v2);
// clear
p2 = null;
v2 = null;
}
// if payment status is Denied
if (payment_status == "Denied")
{
// update total of orders table for the customer
DAL.DataAccess da2 =
new DAL.DataAccess(
ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm2 =
"UPDATE Orders SET TXNID = @txnID, PaymentStatus = @paymentStatus, Date = @date WHERE OrderID = @orderID";
// empty array
string[] p2 = { "@txnID", "@paymentStatus", "@orderID", "@date" };
string[] v2 = { txn_id, "Denied", orderID, datetime.ToString() };
da2.ExecuteNonQuery(comm2, p2, v2);
// clear
p2 = null;
v2 = null;
}
}
//abandon session
Session.Abandon();
Session.Clear();
}
}
} // end of try
catch (SqlException)
{
// nothing
}
catch (Exception)
{
// nothing
}
// string paymentStatus = HttpUtility.UrlDecode(Request.Form["payment_status"].ToString());
}
else if (strResponse == "INVALID")
{
//log for manual investigation
}
}
// on logged in
protected void LoggedIn(object sender, EventArgs e)
{
// seeing if there is an order just in case I missed something
if (Session["AnonymousUserName"] != null)
{
// if the user has an order on going delete it and replace it
// with the items that the anonymous user just made(which is really a customer)
//Instantiate our Category specific DataAccess Class
CustomerDA customerDA = new CustomerDA();
// check to see if user has items in their cart
//Create an Object that specifies what we want to Get
Customer customer = new Customer();
//gets customer info based on customer username
customer.Username = UserLogin.UserName;
//We will be returned a collection so lets Declare that and fill it using Get()
Collection<Customer> getCustomer = customerDA.Get(customer);
// count orders with customerid = @customerid and txtnid = @txnid
// instantiate class
Order orders = new Order();
orders.CustomerId = getCustomer[0].Id;
orders.TxnId = "";
OrderDA orderDA = new OrderDA();
Collection<Order> getOrders = orderDA.Get(orders);
// returns number of orders
object getOrder = getOrders.Count;
//clear
orders = null;
orderDA = null;
getOrders = null;
// if the user who is logged has items in his cart as an anonymous user
// delete the items he had previously on his cart and add the new items and order
// that they just put into his cart
if (int.Parse(getOrder.ToString()) > 0)
{
// get the orderID of the customer that he had on going order
// instantiate class
Order oID = new Order();
oID.CustomerId = getCustomer[0].Id;
oID.TxnId = "";
OrderDA ordersDA = new OrderDA();
Collection<Order> getOID = ordersDA.Get(oID);
// returns one item
object getOrderID = getOID[0].Id;
//clear
oID = null;
ordersDA = null;
getOID = null;
// delete the order and items that involve the order above
// delete items from the orderItem table associated with that order if any
//Create an Object that specifies what we want to Get
// OrderItem deleteOrderItem = new OrderItem();
//OrderItemDA deleteOrderItemDA = new OrderItemDA();
////gets orderItem info based on customerID
//deleteOrderItem.OrderId = int.Parse(getOrderID.ToString());
//// deletes the orderItems with that customerID
//deleteOrderItemDA.Delete(deleteOrderItem);
//// clear
//deleteOrderItemDA = null;
//deleteOrderItem = null;
DAL.DataAccess da5 =
new DAL.DataAccess(
ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm5 =
"Delete FROM OrderItem WHERE OrderID = @orderID";
// array with orderID
string[] p5 = { "@orderID" };
string[] v5 = { getOrderID.ToString() };
da5.ExecuteNonQuery(comm5, p5, v5);
// clear
p5 = null;
v5 = null;
// delete order
//Instantiate our Order specific DataAccess Class
OrderDA deleteOrderDA = new OrderDA();
//Create an Object that specifies what we want to Get
Order deleteOrder = new Order();
//gets order info based on customerID
deleteOrder.Id = int.Parse(getOrderID.ToString());
// deletes the order with that customerID
deleteOrderDA.Delete(deleteOrder);
// clear
deleteOrderDA = null;
deleteOrder = null;
// get cusotmerID of anonymous user
//Instantiate our Category specific DataAccess Class
CustomerDA customerDA2 = new CustomerDA();
// check to see if user has items in their cart
//Create an Object that specifies what we want to Get
Customer customer2 = new Customer();
//gets customer info based on customer username
customer2.Username = Session["AnonymousUserName"].ToString();
//We will be returned a collection so lets Declare that and fill it using Get()
Collection<Customer> getCustomer2 = customerDA2.Get(customer2);
//for (int i = 0; i < getCustomer2.Count; i++)
//{
// getCustomer2[i].Id;
//}
// get orderID of anonymous user
//Create an Object that specifies what we want to Get
Order ordersID = new Order();
//gets order info based on customerID
ordersID.CustomerId = getCustomer2[0].Id;
OrderDA ordersIDDA = new OrderDA();
// deletes the order with that customerID
Collection<Order> getOrder2 = ordersIDDA.Get(ordersID);
// update the customerid of the anonymous order to the customer, of the user who just logged on
DAL.DataAccess da4 =
new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm4 =
"UPDATE Orders SET CustomerID = @customerID WHERE OrderID = @orderID AND TXNID = @txnID";
// empty array
string[] p4 = { "@customerID", "@orderID", "@txnID" };
string[] v4 = { getCustomer[0].Id.ToString(), getOrder2[0].Id.ToString(), "" };
// new cus old get order
da4.ExecuteNonQuery(comm4, p4, v4);
// clear
p4 = null;
v4 = null;
// delete anonymous customer from customer table
Customer customers = new Customer();
customers.Id = getCustomer2[0].Id;
CustomerDA customersDA = new CustomerDA();
customersDA.Delete(customers);
// clear
customers = null;
customersDA = null;
//abandon session
Session.Abandon();
Session.Clear();
}
// if user doesn't have an on going order just
// change the customer ID on the order
else
{
// get cusotmerID of anonymous user
//Instantiate our Category specific DataAccess Class
CustomerDA customerDA2 = new CustomerDA();
// check to see if user has items in their cart
//Create an Object that specifies what we want to Get
Customer customer2 = new Customer();
//gets customer info based on customer username
customer2.Username = Session["AnonymousUserName"].ToString();
//We will be returned a collection so lets Declare that and fill it using Get()
Collection<Customer> getCustomer2 = customerDA2.Get(customer2);
//for (int i = 0; i < getCustomer2.Count; i++)
//{
// getCustomer2[i].Id;
//}
// get orderID of anonymous user based on customerID
OrderDA ordersIDDA = new OrderDA();
//Create an Object that specifies what we want to Get
Order ordersID = new Order();
//gets order info based on customerID
ordersID.CustomerId = getCustomer2[0].Id;
// deletes the order with that customerID
Collection<Order> getOrder2 = ordersIDDA.Get(ordersID);
// update the customerid of the anonymous order to the customer, of the user who just logged on
DAL.DataAccess da4 =
new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm4 =
"UPDATE Orders SET CustomerID = @customerID WHERE OrderID = @orderID AND TXNID = @txnID";
// empty array
string[] p4 = { "@customerID", "@orderID", "@txnID" };
string[] v4 = { getCustomer[0].Id.ToString(), getOrder2[0].Id.ToString(), "" };
// new cus old get order
da4.ExecuteNonQuery(comm4, p4, v4);
// clear
p4 = null;
v4 = null;
// delete anonymous customer from customer table
Customer customers = new Customer();
customers.Id = getCustomer2[0].Id;
CustomerDA customersDA = new CustomerDA();
customersDA.Delete(customers);
// clear
customers = null;
customersDA = null;
//DAL.DataAccess da8 =
// new DAL.DataAccess(
// ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
// "System.Data.SqlClient");
//string comm8 =
// "Delete FROM Customer WHERE CustomerID = @customerID";
//// array with customerID
//string[] p8 = { "@customerID" };
//string[] v8 = { getCustomer2[0].Id.ToString() };
//da8.ExecuteNonQuery(comm8, p8, v8);
//// clear
//p8 = null;
//v8 = null;
//abandon session
Session.Abandon();
Session.Clear();
}
}
}
protected void btnAddToCart_Click(object sender, EventArgs e)
{
// try catch for notifying the user when they
// try to enter an item to their shopping cart
// that is already in their shopping cart
try
{
// call method to get values from the labels and textboxes
// on the formview
GetItems();
// check to see if user is logged on
if (System.Web.HttpContext.Current.User.Identity.IsAuthenticated)
{
// get the customerID of the user who is logged on
// get the id of the user that I just created
Customer customer = new Customer();
customer.Username = User.Identity.Name;
CustomerDA customerIDDA = new CustomerDA();
Collection<Customer> getCustomersID = customerIDDA.Get(customer);
customerID = getCustomersID[0].Id;
// clear
customer = null;
customerIDDA = null;
// count how many orders that have not been verified exist in the orders table
Order order = new Order();
order.CustomerId = int.Parse(customerID.ToString());
order.TxnId = "";
OrderDA orderDA = new OrderDA();
Collection<Order> getOrders = orderDA.Get(order);
// returns one item
countOrders = getOrders.Count;
//clear
order = null;
orderDA = null;
getOrders = null;
// if there are no orders with a txnID = "" then add a new order
// then get the OrderID of the Order to add items to the shopping
// cart using that OrderID
// if there are orders with a txnID = "" then select the OrderID
// and add orders to the shopping cart using that OrderID
if (int.Parse(countOrders.ToString()) == 0)
{
// add a new order to the order table
// instantiate class
DAL.DataAccess da6 =
new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
// make command statement
string comm6 = "INSERT INTO Orders VALUES (@customerID, @grossTotal, @tax, @netTotal, @txnID, @paymentStatus)";
// make arrays for paramaters and input
string[] s6 = { "@customerID", "@grossTotal", "@tax", "@netTotal", "@txnID", "@paymentStatus" };
string[] v6 = { customerID.ToString(), "0", "0", "0", "", "" };
da6.ExecuteNonQuery(comm6, s6, v6);
//clear
s6 = null;
v6 = null;
// get the orderID of the order that was just created
// insert sale price
Order orderIID = new Order();
orderIID.CustomerId = int.Parse(customerID.ToString());
orderIID.TxnId = "";
OrderDA orderIDDA = new OrderDA();
Collection<Order> getOrder = orderIDDA.Get(orderIID);
orderID = getOrder[0].Id;
//clear
orderIID = null;
getOrder = null;
// see if item is on sale
if (isItemOnSale() == true)
{
// insert item into the database using the OrderID that was created
// instantiate class
// insert sale price
OrderItem orderItem = new OrderItem();
orderItem.OrderId = int.Parse(orderID.ToString());
orderItem.ItemId = itemID.Text;
orderItem.VendorId = int.Parse(vendorID.Text);
orderItem.Price = decimal.Parse(salePriceAnswerDouble.ToString("n2"));
orderItem.TotalPrice = decimal.Parse(salePriceAnswerDouble.ToString("n2"));
orderItem.Quantity = int.Parse(quantity.Text);
OrderItemDA orderItemDA = new OrderItemDA();
//Save the Objects to the Database
orderItemDA.Save(orderItem);
// clear
orderItem = null;
orderItemDA = null;
//// tell user the item was added to their cart successfully
successful.Text = "Added to shopping cart successfully!";
successful.Visible = true;
Response.Redirect(Request.RawUrl);
}
else
{
// insert regular price
OrderItem orderItem = new OrderItem();
orderItem.OrderId = int.Parse(orderID.ToString());
orderItem.ItemId = itemID.Text;
orderItem.VendorId = int.Parse(vendorID.Text);
orderItem.Price = decimal.Parse(price.ToString("n2"));
orderItem.TotalPrice = decimal.Parse(price.ToString("n2"));
orderItem.Quantity = int.Parse(quantity.Text);
OrderItemDA orderItemDA = new OrderItemDA();
//Save the Objects to the Database
orderItemDA.Save(orderItem);
// clear
orderItem = null;
orderItemDA = null;
// tell user the item was added to their cart successfully
successful.Text = "Added to shopping cart successfully!";
successful.Visible = true;
// refresh page
Response.AppendHeader("Refresh", "0;URL=ItemDetails.aspx?ItemID=" + Request.QueryString["ItemID"]);
// Response.Redirect(Request.RawUrl);
}
}
else
{
// get the orderID of the user that has a txnID = ""
// instantiate class
Order orderIID = new Order();
orderIID.CustomerId = int.Parse(customerID.ToString());
orderIID.TxnId = "";
OrderDA orderIDDA = new OrderDA();
Collection<Order> getOrder = orderIDDA.Get(orderIID);
orderID = getOrder[0].Id;
//clear
orderIID = null;
getOrder = null;
// check to see if the customer has the item in their cart already.
// if they do, do not insert item into database
OrderItem orderItemExistence = new OrderItem();
orderItemExistence.OrderId = int.Parse(orderID.ToString());
orderItemExistence.ItemId = itemID.Text;
OrderItemDA orderItemExistenceDA = new OrderItemDA();
Collection<OrderItem> getOrderItemExistence = orderItemExistenceDA.Get(orderItemExistence);
countItems = getOrderItemExistence.Count;
if (countItems > 0)
{
error.Text = "This item is in your shopping cart.";
error.Visible = true;
}
else
{
// see if item is on sale
if (isItemOnSale() == true)
{
// insert sale price
OrderItem orderItem = new OrderItem();
orderItem.OrderId = int.Parse(orderID.ToString());
orderItem.ItemId = itemID.Text;
orderItem.VendorId = int.Parse(vendorID.Text);
orderItem.Price = decimal.Parse(salePriceAnswerDouble.ToString("n2"));
orderItem.TotalPrice = decimal.Parse(salePriceAnswerDouble.ToString("n2"));
orderItem.Quantity = int.Parse(quantity.Text);
OrderItemDA orderItemDA = new OrderItemDA();
//Save the Objects to the Database
orderItemDA.Save(orderItem);
// tell user the item was added to their cart successfully
successful.Text = "Added to shopping cart successfully!";
successful.Visible = true;
// refresh page
Response.AppendHeader("Refresh", "0;URL=ItemDetails.aspx?ItemID=" + Request.QueryString["ItemID"]);
}
else
{
// insert regular price
OrderItem orderItem = new OrderItem();
orderItem.OrderId = int.Parse(orderID.ToString());
orderItem.ItemId = itemID.Text;
orderItem.VendorId = int.Parse(vendorID.Text);
orderItem.Price = decimal.Parse(price.ToString("n2"));
orderItem.TotalPrice = decimal.Parse(price.ToString("n2"));
orderItem.Quantity = int.Parse(quantity.Text);
OrderItemDA orderItemDA = new OrderItemDA();
//Save the Objects to the Database
orderItemDA.Save(orderItem);
// tell user the item was added to their cart successfully
successful.Text = "Added to shopping cart successfully!";
successful.Visible = true;
// refresh page
Response.AppendHeader("Refresh", "0;URL=ItemDetails.aspx?ItemID=" + Request.QueryString["ItemID"]);
}
}
}
}
// if user is not logged on make up and account
else
{
// if the anonymous session anonymouscustomerID is empty
// create a new username and customerID
if (Session["AnonymousUserName"] == null)
{
// get all rows to get maximum customerID
CustomerDA customerDA = new CustomerDA();
//We will be returned a collection so lets Declare that and fill it using Get()
Collection<Customer> getCustomers = customerDA.Get(null);
// gets max customerID in table
// adds one and combines websites domain name
// with the anonymousID
max = (int)getCustomers[getCustomers.Count - 1].Id;
usernameID = int.Parse(max.ToString()) + 1;
anonymousUserName = "******" + usernameID;
//clear
customerDA = null;
getCustomers = null;
// insert the anonymousCustomerID into the customer table with the username of
// and the usernameID/customerID
// mypetsfw.com + customerID
Customer customer = new Customer(usernameID, true, anonymousUserName, "Fill In", "Fill In", "Fill In", "Fill In", "Fill In", "", "Fill In", "");
CustomerDA customerDA1 = new CustomerDA();
customerDA1.Save(customer);
// clear
customer = null;
customerDA = null;
// put the anonymoususername in a session
Session["AnonymousUserName"] = anonymousUserName.ToString();
// create a new order of the anonymous user
// add a new order to the order table
// instantiate class
Order oID1 = new Order();
oID1.Id = GetOrderIDPlusOne();
oID1.CustomerId = usernameID;
oID1.GrossTotal = 0;
oID1.Tax = 0;
oID1.NetTotal = 0;
// for payment status
oID1.TxnId = "";
OrderDA orderIDDA1 = new OrderDA();
// save
orderIDDA1.Save(oID1);
//DAL.DataAccess da11 =
// new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
// "System.Data.SqlClient");
//// make command statement
//string comm11 = "INSERT INTO Orders VALUES (@customerID, @grossTotal, @tax, @netTotal, @txnID, @paymentStatus)";
//// make arrays for paramaters and input
//string[] s11 = { "@customerID", "@grossTotal", "@tax", "@netTotal", "@txnID", "@paymentStatus" };
//string[] v11 = { usernameID.ToString(), "0", "0", "0", "", "" };
//da11.ExecuteNonQuery(comm11, s11, v11);
//clear
oID1 = null;
orderIDDA1 = null;
// get the orderID of the anonymoususer
// get the id of the user that I just created
Order oID = new Order();
oID.CustomerId = usernameID;
oID.TxnId = "";
OrderDA orderIDDA = new OrderDA();
Collection<Order> getOrderID = orderIDDA.Get(oID);
orderID = getOrderID[0].Id;
//clear
oID = null;
getOrderID = null;
// see if item is on sale
if (isItemOnSale() == true)
{
// insert item into the database using the OrderID that was created
// instantiate class
OrderItem orderItem = new OrderItem();
orderItem.OrderId = int.Parse(orderID.ToString());
orderItem.ItemId = itemID.Text;
orderItem.VendorId = int.Parse(vendorID.Text);
orderItem.Price = decimal.Parse(salePriceAnswerDouble.ToString());
orderItem.TotalPrice = decimal.Parse(salePriceAnswerDouble.ToString());
orderItem.Quantity = int.Parse(quantity.Text);
OrderItemDA orderItemDA = new OrderItemDA();
//Save the Objects to the Database
orderItemDA.Save(orderItem);
// clear
orderItem = null;
orderItemDA = null;
// tell anonymous the item was added to their cart successfully
successful.Text = "Added to shopping cart successfully!";
successful.Visible = true;
// refresh page
Response.AppendHeader("Refresh", "0;URL=ItemDetails.aspx?ItemID=" + Request.QueryString["ItemID"]);
}
else
{
// insert item into the database using the OrderID that was created
// instantiate class
OrderItem orderItem = new OrderItem();
orderItem.OrderId = int.Parse(orderID.ToString());
orderItem.ItemId = itemID.Text;
orderItem.VendorId = int.Parse(vendorID.Text);
orderItem.Price = decimal.Parse(price.ToString());
orderItem.TotalPrice = decimal.Parse(price.ToString());
orderItem.Quantity = int.Parse(quantity.Text);
OrderItemDA orderItemDA = new OrderItemDA();
//Save the Objects to the Database
orderItemDA.Save(orderItem);
// clear
orderItem = null;
orderItemDA = null;
// tell anonymous the item was added to their cart successfully
successful.Text = "Added to shopping cart successfully!";
successful.Visible = true;
// refresh page
Response.AppendHeader("Refresh", "0;URL=ItemDetails.aspx?ItemID=" + Request.QueryString["ItemID"]);
}
}
// if the session doesn't != null
else
{
// get the customerID of the user that I just created
Customer customer2 = new Customer();
customer2.Username = Session["AnonymousUserName"].ToString();
CustomerDA customerDA2 = new CustomerDA();
Collection<Customer> getCustomers2 = customerDA2.Get(customer2);
customerID = getCustomers2[0].Id;
// clear
customer2 = null;
customerDA2 = null;
getCustomers2 = null;
// see if an order doesn't already exist for the anonymousUser
// count how many orderIDs that have not been verified exist in the orders table
Order orders = new Order();
orders.CustomerId = int.Parse(customerID.ToString());
orders.TxnId = "";
OrderDA orderDA = new OrderDA();
Collection<Order> getOrder = orderDA.Get(orders);
// returns one item
countOrders = getOrder.Count;
//clear
orders = null;
orderDA = null;
getOrder = null;
// if there are no orders with a txnID = "" then add a new order
// then get the OrderID of the Order to add items to the shopping
// cart using that OrderID
// if there are orders with a txnID = "" then select the OrderID
// and add orders to the shopping cart using that OrderID
if (int.Parse(countOrders.ToString()) == 0)
{
// get the customerID of the user that I just created
Customer customerIDID = new Customer();
customerIDID.Username = Session["AnonymousUserName"].ToString();
CustomerDA customerIDDA = new CustomerDA();
Collection<Customer> getCustomers3 = customerIDDA.Get(customerIDID);
customerID = getCustomers3[0].Id;
// clear
customerIDID = null;
customerIDDA = null;
getCustomers3 = null;
// create a new order of the anonymous user
// add a new order to the order table
// instantiate class
Order oID1 = new Order();
oID1.Id = GetOrderIDPlusOne();
oID1.CustomerId = usernameID;
oID1.GrossTotal = 0;
oID1.Tax = 0;
oID1.NetTotal = 0;
// for payment status
oID1.TxnId = "";
OrderDA orderIDDA1 = new OrderDA();
// save
orderIDDA1.Save(oID1);
//DAL.DataAccess da11 =
// new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
// "System.Data.SqlClient");
//// make command statement
//string comm11 = "INSERT INTO Orders VALUES (@customerID, @grossTotal, @tax, @netTotal, @txnID, @paymentStatus)";
//// make arrays for paramaters and input
//string[] s11 = { "@customerID", "@grossTotal", "@tax", "@netTotal", "@txnID", "@paymentStatus" };
//string[] v11 = { customerID.ToString(), "0", "0", "0", "", "" };
//da11.ExecuteNonQuery(comm11, s11, v11);
//clear
oID1 = null;
orderIDDA1 = null;
// get the orderid for the anonymous users new order
Order oID = new Order();
oID.CustomerId = int.Parse(customerID.ToString());
oID.TxnId = "";
OrderDA orderIDDA = new OrderDA();
Collection<Order> getOrderID = orderIDDA.Get(oID);
orderID = int.Parse(getOrderID[0].Id.ToString());
//clear
oID = null;
orderIDDA = null;
getOrderID = null;
// see if item is on sale
if (isItemOnSale() == true)
{
// insert item into the database using the OrderID that was created
// instantiate class
OrderItem orderItem = new OrderItem();
orderItem.OrderId = int.Parse(orderID.ToString());
orderItem.ItemId = itemID.Text;
orderItem.VendorId = int.Parse(vendorID.Text);
orderItem.Price = decimal.Parse(salePriceAnswerDouble.ToString());
orderItem.TotalPrice = decimal.Parse(salePriceAnswerDouble.ToString());
orderItem.Quantity = int.Parse(quantity.Text);
OrderItemDA orderItemDA = new OrderItemDA();
//Save the Objects to the Database
orderItemDA.Save(orderItem);
// clear
orderItem = null;
orderItemDA = null;
// tell user the item was added to their cart successfully
successful.Text = "Added to shopping cart successfully!";
successful.Visible = true;
// refresh page
Response.AppendHeader("Refresh", "0;URL=ItemDetails.aspx?ItemID=" + Request.QueryString["ItemID"]);
}
else
{
// insert item into the database using the OrderID that was created
// instantiate class
OrderItem orderItem = new OrderItem();
orderItem.OrderId = int.Parse(orderID.ToString());
orderItem.ItemId = itemID.Text;
orderItem.VendorId = int.Parse(vendorID.Text);
orderItem.Price = decimal.Parse(price.ToString());
orderItem.TotalPrice = decimal.Parse(price.ToString());
orderItem.Quantity = int.Parse(quantity.Text);
OrderItemDA orderItemDA = new OrderItemDA();
//Save the Objects to the Database
orderItemDA.Save(orderItem);
// clear
orderItem = null;
orderItemDA = null;
// tell user the item was added to their cart successfully
successful.Text = "Added to shopping cart successfully!";
successful.Visible = true;
// refresh page
Response.AppendHeader("Refresh", "0;URL=ItemDetails.aspx?ItemID=" + Request.QueryString["ItemID"]);
}
}
// if an order is open and exists for the anonymous user
else
{
// get the customerID of the user that I just created
Customer customerIDID = new Customer();
customerIDID.Username = Session["AnonymousUserName"].ToString();
CustomerDA customerIDDA = new CustomerDA();
Collection<Customer> getCustomers3 = customerIDDA.Get(customerIDID);
customerID = getCustomers3[0].Id;
// clear
customerIDID = null;
customerIDDA = null;
getCustomers3 = null;
// get the orderID of the anonymoususer that has a txnID = ""
// instantiate class
Order oID = new Order();
oID.CustomerId = int.Parse(customerID.ToString());
oID.TxnId = "";
OrderDA orderIDDA = new OrderDA();
Collection<Order> getOrderID = orderIDDA.Get(oID);
orderID = getOrderID[0].Id;
//clear
oID = null;
orderIDDA = null;
getOrderID = null;
// check to see if the anonymous user has the item in their cart already.
// if they do, do not insert item into database
OrderItem orderItemExistence = new OrderItem();
orderItemExistence.OrderId = int.Parse(orderID.ToString());
orderItemExistence.ItemId = itemID.Text;
OrderItemDA orderItemExistenceDA = new OrderItemDA();
Collection<OrderItem> getOrderItemExistence = orderItemExistenceDA.Get(orderItemExistence);
countItems = getOrderItemExistence.Count;
if (countItems > 0)
{
error.Text = "This item is in your shopping cart.";
error.Visible = true;
}
else
{
// see if item is on sale
if (isItemOnSale() == true)
{
// insert item into the database using the existing OrdersID
// instantiate class
OrderItem orderItem = new OrderItem();
orderItem.OrderId = int.Parse(orderID.ToString());
orderItem.ItemId = itemID.Text;
orderItem.VendorId = int.Parse(vendorID.Text);
orderItem.Price = decimal.Parse(salePriceAnswerDouble.ToString());
orderItem.TotalPrice = decimal.Parse(salePriceAnswerDouble.ToString());
orderItem.Quantity = int.Parse(quantity.Text);
OrderItemDA orderItemDA = new OrderItemDA();
//Save the Objects to the Database
orderItemDA.Save(orderItem);
// clear
orderItem = null;
orderItemDA = null;
// tell user the item was added to their cart successfully
successful.Text = "Added to shopping cart successfully!";
successful.Visible = true;
// refresh page
Response.AppendHeader("Refresh",
"0;URL=ItemDetails.aspx?ItemID=" + Request.QueryString["ItemID"]);
}
else
{
// insert item into the database using the existing OrdersID
// instantiate class
OrderItem orderItem = new OrderItem();
orderItem.OrderId = int.Parse(orderID.ToString());
orderItem.ItemId = itemID.Text;
orderItem.VendorId = int.Parse(vendorID.Text);
orderItem.Price = decimal.Parse(price.ToString());
orderItem.TotalPrice = decimal.Parse(price.ToString());
orderItem.Quantity = int.Parse(quantity.Text);
OrderItemDA orderItemDA = new OrderItemDA();
//Save the Objects to the Database
orderItemDA.Save(orderItem);
// tell user the item was added to their cart successfully
successful.Text = "Added to shopping cart successfully!";
successful.Visible = true;
// refresh page
Response.AppendHeader("Refresh",
"0;URL=ItemDetails.aspx?ItemID=" + Request.QueryString["ItemID"]);
}
}
}
}
}
}
catch (SqlException)
{
// error.Text = "The item is in your shopping cart already.";
// error.Visible = true;
}
catch (Exception)
{
}
}
private void UpdateQuantity()
{
// catch format exception and sql exception
try
{
foreach (GridViewRow row in GridView1.Rows)
{
// Regex tagMatch = new Regex("<[^>]+>");
// gets the text of the control from the gridview
quantity = (TextBox)row.FindControl("txtQuantity");
itemID = (Label)row.FindControl("lblItemIDHidden");
orderID = (Label)row.FindControl("lblOrderIDHidden");
minQuantity = (Label)row.FindControl("lblMinQuantityAnswer");
quantityAvailable = (Label)row.FindControl("lblQuantityAvailableAnswer");
price = (Label)row.FindControl("lblPrice");
totalIndividualItem = (Label)row.FindControl("lblTotaIndividualPrice");
vendorID = (Label)row.FindControl("lblVendorIDHidden");
// make text from labels double types
addPrice = double.Parse(price.Text, System.Globalization.NumberStyles.Currency);
// quantityAvailable.Text = tagMatch.Replace(quantityAvailable.Text, "");
// strText = tagMatch.Replace(strText, "");
minQuantityInt = int.Parse(minQuantity.Text, System.Globalization.NumberStyles.Integer);
quantityAvailableInt = int.Parse(quantityAvailable.Text, System.Globalization.NumberStyles.Integer);
quantityInt = int.Parse(quantity.Text, System.Globalization.NumberStyles.Integer);
double TotalPrice = addPrice * quantityInt;
// call method to validate quantity amount
ValidateQuantity(minQuantityInt, quantityAvailableInt, quantityInt);
if (quantityInt < minQuantityInt || quantityInt > quantityAvailableInt || quantityInt < 1)
{
quantity.BackColor = Color.Red;
}
else
{
// set quantity color back to original color
quantity.BackColor = Color.White;
}
if (totalCount < 1)
{
// calculate total price for each individual item
OrderItem orderItem = new OrderItem();
orderItem.OrderId = int.Parse(orderID.Text);
orderItem.ItemId = itemID.Text;
orderItem.VendorId = int.Parse(vendorID.Text);
orderItem.TotalPrice = decimal.Parse(TotalPrice.ToString("n2"));
orderItem.Quantity = int.Parse(quantity.Text);
OrderItemDA orderItemDA = new OrderItemDA();
//Save the Objects to the Database
orderItemDA.Save(orderItem);
//DAL.DataAccess da =
//new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
// "System.Data.SqlClient");
//string comm =
// "UPDATE OrderItem SET TotalPrice = @totalPrice, Quantity = @quantity WHERE ItemID = @itemID AND OrderID = @orderID AND VendorID = @vendorID";
//// array with quantity, itemID, orderiD, vendorID, and totalPrice
//string[] p = { "@quantity", "@itemID", "@orderID", "@vendorID", "@totalPrice" };
//string[] v = {
// quantity.Text, itemID.Text, orderID.Text, vendorID.Text, TotalPrice.ToString("n2")
// };
//da.ExecuteNonQuery(comm, p, v);
// clear
orderItem = null;
orderItemDA = null;
// add to total to calculate total
total += addPrice * Convert.ToDouble(quantity.Text);
// access the checkbox
CheckBox cb = (CheckBox)row.FindControl("ItemSelector");
if (cb != null && cb.Checked)
{
// delete item with specific itemID, orderId, and vendorId
//OrderItem myOrderItemDelete = new OrderItem();
//myOrderItemDelete.ItemId = itemID.Text;
//myOrderItemDelete.OrderId = Convert.ToInt32(orderID.Text);
//myOrderItemDelete.VendorId = Convert.ToInt32(vendorID.Text);
//OrderItemDA orderItemDADelete = new OrderItemDA();
//orderItemDADelete.Delete(myOrderItemDelete);
DAL.DataAccess da3 =
new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm3 =
"Delete FROM OrderItem WHERE ItemID = @itemID AND OrderID = @orderID AND VendorID = @vendorID";
// array with itemID, orderID, and vendorID
string[] p3 = { "@itemID", "@orderID", "@vendorID" };
string[] v3 = { itemID.Text, orderID.Text, vendorID.Text };
da3.ExecuteNonQuery(comm3, p3, v3);
// clear
p3 = null;
v3 = null;
}
// bind repeater and gridview
BindGridRepeater();
}
if (totalCount < 1)
{
// update total of orders table for the customer
DAL.DataAccess da2 =
new DAL.DataAccess(ConfigurationManager.ConnectionStrings["MyPetStoreDB"].ConnectionString,
"System.Data.SqlClient");
string comm2 =
"UPDATE Orders SET GrossTotal = @grossTotal, Tax = @tax, NetTotal = @netTotal WHERE OrderID = @orderID AND CustomerID = @customerID";
string calculateTax = CalculateTax(total, tax).ToString("n2");
string calculateTotal = CalculateTotal(total, double.Parse(calculateTax));
// empty array
string[] p2 = { "@grossTotal", "@orderID", "@customerID", "@txnID", "@tax", "@netTotal" };
string[] v2 = { calculateTotal, orderID.Text, GetCustomerID(), "", calculateTax, total.ToString("n2") };
da2.ExecuteNonQuery(comm2, p2, v2);
// clear
p2 = null;
v2 = null;
// bind gridview and repeater to show changes
BindGridRepeater();
// redirect using if page ispost back so when user deletes
// items from shopping cart grosstotal, tax, and nettotal get updated.
//if (Page.IsPostBack)
//{
// Response.Redirect("CheckOut.aspx?OrderReview=true");
// // UpdateQuantity();
// //Response.AppendHeader("Refresh", "0;URL=CheckOut.aspx?OrderReview=true");
//}
}
}
}
catch (FormatException ex)
{
lblError.Text = "Shopping Cart could not be updated: quantity must not have alphabetical characters, special characters, and periods, or be left blank.";
}
catch (SqlException ex)
{
lblError.Text = "Please contact your network administrator.";
}
}