protected void Button2_Click(object sender, EventArgs e) { string email = emailTxt.Text.ToString(); string password = passwordTxt.Text.ToString(); DataTable dt = dbcon.getDataSQL("select * from users where email = '" + email + "' and password= '******';"); if (dt.Rows.Count > 0) { Session["userE"] = email; Response.Write("<script>alert('Login Successfully.');window.location = 'Home.aspx';</script>"); } else { DataTable dt2 = dbcon.getDataSQL("select * from users where email = '" + email + "';"); if (dt2.Rows.Count > 0) { Response.Write("<script>alert('Incorrect Password')</script>"); } else { Response.Write("<script>alert('User does not exist')</script>"); } } }
protected void Page_Load(object sender, EventArgs e) { dbcon = new SQLConnection(); if (!this.IsPostBack) { int i = 0, j = 1; DataTable dt1 = dbcon.getDataSQL("select dateTime from carts where status=1 group by dateTime order by dateTime desc;"); foreach (DataRow dr in dt1.Rows) { DataTable dt2 = dbcon.getDataSQL("select u.* from users as u left join carts as c on u.ID = c.user_id where c.dateTime='" + dt1.Rows[i]["dateTime"] + "' order by c.dateTime desc;"); table.Append("<tr>"); table.Append("<td>" + j + "</td>"); table.Append("<td>" + dt2.Rows[0]["name"] + "</td>"); table.Append("<td class=\"text-center\">" + dt2.Rows[0]["email"] + "</td>"); table.Append("<td class=\"text-center\">" + dr["dateTime"].ToString() + "</td>"); table.Append("<td><a class=\"btn btn-info\" href = 'AdminEditOrder.aspx?dateTime=" + dt1.Rows[i]["dateTime"] + "'>Edit</a></td>"); table.Append("<tr>"); i++; j++; } Panel1.Controls.Add(new Label { Text = table.ToString() }); } }
protected void Button2_Click(object sender, EventArgs e) { string name = nameTxt.Text.ToString(); string password = passwordTxt.Text.ToString(); DataTable dt = dbcon.getDataSQL("select * from admins where name = '" + name + "' and password= '******';"); if (dt.Rows.Count > 0) { Session["admin"] = name; Response.Write("<script>alert('Login Successfully.');window.location = 'Admin.aspx';</script>"); } else { DataTable dt2 = dbcon.getDataSQL("select * from admins where name = '" + name + "';"); if (dt2.Rows.Count > 0) { Response.Write("<script>alert('Incorrect Password')</script>"); } else { Response.Write("<script>alert('Admin does not exist')</script>"); } } }
protected void Payment_Click(object sender, EventArgs e) { DataTable dt = dbcon.getDataSQL("select * from carts where user_id = '" + Session["user_id"] + "'and status=0;"); for (int i = 0; i < dt.Rows.Count; i++) { string query = "UPDATE carts SET status = 1, dateTime = '" + DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss") + "' WHERE user_id = '" + Session["user_id"] + "'and status=0;"; dbcon.executeSQL(query); } Session["productCount"] = null; Session["totalPayment"] = null; DataTable dt1 = dbcon.getDataSQL("select * from users where ID = '" + Session["user_id"] + "';"); Response.Write("<script>alert('Thank you " + dt1.Rows[0]["name"].ToString() + ", Payment Successfully.');window.location = 'Home.aspx';</script>"); }
protected void Button1_Click(object sender, EventArgs e) { if (fullNameTxt.Text.Equals("") || EmailTxt.Text.Equals("") || Phone.Text.Equals("") || Address.InnerText.Equals("") || PasswordTxt.Text.Equals("") || ConfrimPasswordTxt.Text.Equals("")) { Response.Write("<script>alert('Cannot fill in the blanks')</script>"); } else if (PasswordTxt.Text != ConfrimPasswordTxt.Text) { Response.Write("<script>alert('Confrim password not same')</script>"); } else { DataTable dt = dbcon.getDataSQL("select * from users where email='" + EmailTxt.Text + "'"); if (dt.Rows.Count > 0) { Response.Write("<script>alert('Email is already taken!')</script>"); } else { try { string query = "insert into users(name, email, password, address, phone, dateTime) values ('" + fullNameTxt.Text + "','" + EmailTxt.Text + "','" + PasswordTxt.Text + "','" + Address.InnerText + "','" + Phone.Text + "','" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "');"; dbcon.executeSQL(query); Session["userE"] = EmailTxt.Text; Response.Write("<script>alert('Register Successfully.');window.location = 'Home.aspx';</script>"); } catch (Exception ex) { Response.Write(ex.ToString()); } } } }
protected void Repeater1_ItemCommand(object source, RepeaterCommandEventArgs e) { if (Session["userE"] != null) { if (e.CommandName == "AddToCart") { string product_id = e.CommandArgument.ToString(); int quantity = 1; DataTable dt = dbcon.getDataSQL("select * from carts where user_id = '" + Session["user_id"] + "' and product_id= '" + product_id + "' and status=0;"); if (dt.Rows.Count > 0) { int beforeQuantity = (int)dt.Rows[0]["quantity"]; int total = quantity + beforeQuantity; string query = "UPDATE carts SET quantity = '" + total + "' WHERE id = '" + dt.Rows[0]["id"] + "'"; dbcon.executeSQL(query); Response.Write("<script>alert('Add Item Successfully');</script>"); } else { string query = "insert into carts(user_id,product_id,quantity,status,dateTime) values('" + Session["user_id"] + "','" + product_id + "','" + quantity + "','" + 0 + "','" + null + "');"; dbcon.executeSQL(query); Response.Write("<script>alert('Add Item Successfully');</script>"); } } } else { Response.Write("<script>alert('Please login');</script>"); } }
protected void Button2_Click(object sender, EventArgs e) { dbcon = new SQLConnection(); DataTable dt1 = dbcon.getDataSQL("select * from users where email='" + email.Text + "'"); if (name.Text.Equals("") || email.Text.Equals("") || password.Text.Equals("") || phone.Text.Equals("") || address.Text.Equals("")) { Response.Write("<script>alert('Cannot fill in the blanks')</script>"); } else { if (Session["user_id"] != null) { DataTable dt = dbcon.getDataSQL("select * from users where id = '" + Session["user_id"] + "';"); var user_email = dt.Rows[0]["email"].ToString(); if (email.Text.Equals(user_email) || dt1.Rows.Count == 0) { string query = "UPDATE users SET name = '" + name.Text + "', email = '" + email.Text + "', password = '******', phone = '" + phone.Text + "', address = '" + address.Text + "', dateTime = '" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "' WHERE id = '" + Session["user_id"] + "'"; dbcon.executeSQL(query); Response.Write("<script>alert('Update User Successfully')</script>"); } else { Response.Write("<script>alert('User Email is already taken!')</script>"); email.Text = user_email; } } else if (dt1.Rows.Count > 0) { Response.Write("<script>alert('User Email is already taken!')</script>"); email.Text = null; } else { try { string query = "insert into users(name, email, password, address, phone, dateTime) values ('" + name.Text + "','" + email.Text + "','" + password.Text + "','" + address.Text + "','" + phone.Text + "','" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "');"; dbcon.executeSQL(query); Response.Write("<script>alert('Create User Successfully.');window.location = 'AdminViewUser.aspx';</script>"); } catch (Exception ex) { Response.Write(ex.ToString()); } } } }
protected void Page_Load(object sender, EventArgs e) { dbcon = new SQLConnection(); if (!this.IsPostBack) { DataTable dt = dbcon.getDataSQL("select * from products;"); Repeater1.DataSource = dt; Repeater1.DataBind(); } }
protected void Page_Load(object sender, EventArgs e) { dbcon = new SQLConnection(); DataTable dt = dbcon.getDataSQL("select * from users where email = '" + Session["userE"] + "';"); if (dt.Rows.Count > 0) { Session["user_id"] = dt.Rows[0]["id"]; } Repeater1.DataSource = dt; Repeater1.DataBind(); }
protected void Button2_Click(object sender, EventArgs e) { var dateTime = Request.QueryString["dateTime"]; DataTable dt = dbcon.getDataSQL("select * from carts where dateTime = '" + dateTime + "' and status=1;"); for (int i = 0; i < dt.Rows.Count; i++) { string query = "UPDATE carts SET status = 0 WHERE dateTime = '" + dateTime + "' and status=1;"; dbcon.executeSQL(query); } Response.Write("<script>window.location = 'AdminViewOrder.aspx';</script>"); }
protected void Page_Load(object sender, EventArgs e) { if (Session["product_id"] != null) { if (!IsPostBack) { dbcon = new SQLConnection(); DataTable dt = dbcon.getDataSQL("select * from products where id = '" + Session["product_id"] + "';"); name.Text = dt.Rows[0]["name"].ToString(); price.Text = dt.Rows[0]["price"].ToString(); } } }
protected void Page_Load(object sender, EventArgs e) { if (Session["userE"] == null) { Response.Write("<script>window.location = 'Login.aspx';</script>"); } dbcon = new SQLConnection(); if (!this.IsPostBack) { DataTable dt = dbcon.getDataSQL("select *, c.quantity * p.price as totalPrice from carts as c inner join products as p on c.product_id = p.id where user_id='" + Session["user_id"] + "'and status=0;"); Label1.Text = dt.Rows.Count.ToString(); Repeater1.DataSource = dt; Repeater1.DataBind(); if (dt.Rows.Count > 0) { DataTable dt1 = dbcon.getDataSQL("select sum(quantity * price) as total from carts as c inner join products as p on c.product_id = p.id where user_id='" + Session["user_id"] + "';"); Session["totalPayment"] = dt1.Rows[0]["total"]; Label2.Text = "$" + Session["totalPayment"].ToString(); Session["productCount"] = dt.Rows.Count.ToString(); } } }
protected void Page_Load(object sender, EventArgs e) { dbcon = new SQLConnection(); var dateTime = Request.QueryString["dateTime"]; if (dateTime != null) { if (!this.IsPostBack) { DataTable dt1 = dbcon.getDataSQL("select *, c.quantity * p.price as totalPrice from carts as c inner join products as p on c.product_id = p.id where dateTime = '" + dateTime + "'and status = 1;"); Repeater1.DataSource = dt1; Repeater1.DataBind(); } } else { Response.Redirect("AdminViewOrder.aspx"); } }
protected void Page_Load(object sender, EventArgs e) { if (Session["admin"] == null) { Response.Write("<script>window.location = 'AdminViewUser.aspx';</script>"); } else if (Session["user_id"] != null) { if (!IsPostBack) { dbcon = new SQLConnection(); DataTable dt = dbcon.getDataSQL("select * from users where id = '" + Session["user_id"] + "';"); name.Text = dt.Rows[0]["name"].ToString(); email.Text = dt.Rows[0]["email"].ToString(); password.Text = dt.Rows[0]["password"].ToString(); phone.Text = dt.Rows[0]["phone"].ToString(); address.Text = dt.Rows[0]["address"].ToString(); } } }
protected void Button2_Click(object sender, EventArgs e) { dbcon = new SQLConnection(); DataTable dt = dbcon.getDataSQL("select * from users where email='" + email.Text + "'"); if (name.Text.Equals("") || email.Text.Equals("") || password.Text.Equals("") || phone.Text.Equals("") || address.Text.Equals("")) { Response.Write("<script>alert('Cannot fill in the blanks')</script>"); } else if (email.Text.Equals(Session["userE"].ToString()) || dt.Rows.Count == 0) { string query = "UPDATE users SET name = '" + name.Text + "', email = '" + email.Text + "', password = '******', phone = '" + phone.Text + "', address = '" + address.Text + "', dateTime = '" + DateTime.Now.ToString("dd/MM/yyyy hh:mm tt") + "' WHERE email = '" + Session["userE"] + "'"; dbcon.executeSQL(query); Response.Write("<script>alert('Update Profile Successfully')</script>"); Session["userE"] = email.Text; } else { Response.Write("<script>alert('User Email is already taken!')</script>"); } }