protected void Button1_Click(object sender, EventArgs e) { if (Session["User"] != null) { string Pid = Request.QueryString["id"].ToString(); string tblUser = (String)Session["User"]; DBConn myDB = new DBConn(); if (myDB.LookUp("select id from tblFav where tblUser='******' and Pid=" + Pid, "id") != "") { Response.Write("<script>alert('您已经收藏该产品了 ~');</script>"); myDB.Close(); return; } string sql = "insert into [tblFav](tblUser,Pid) values ( '" + tblUser + "', '" + Pid + "')"; myDB.ExecuteNonQuery(sql); myDB.Close(); Response.Write("<script>alert('收藏成功 ~');</script>"); } else { Response.Write("<script>alert('未登陆无法收藏~');</script>"); } }
protected void Button1_Click(object sender, EventArgs e) { if (Session["User"] != null) { string Pid = Request.QueryString["id"].ToString(); //检查库存 string strNum = DropDownList1.SelectedValue; DBConn myDB = new DBConn(); string mySql = "select PStock from Products where PID=" + Pid; SqlDataReader mydr = myDB.getDataReader(mySql); if (mydr.Read()) { int iPStock = Int32.Parse(mydr["PStock"].ToString()); if (iPStock < int.Parse(strNum)) { Response.Write("<script>"); Response.Write("alert('库存不足!!!现在库存还有[ " + iPStock.ToString() + " ]');"); Response.Write("</script>"); return; } } else { Response.Write("<script>"); Response.Write("alert('没有这个二手书!!!');"); Response.Write("</script>"); mydr.Close(); myDB.Close(); Response.Redirect("index.aspx"); return; } mydr.Close(); myDB.Close(); string tblUser = (String)Session["User"]; string sql = "insert into [tblBasket](tblUser,Pid,isN,isMoney) values ( '" + tblUser + "', '" + Pid + "', '" + strNum + "', " + lblCount.Text + ")"; DBConn myDB1 = new DBConn(); myDB1.ExecuteNonQuery(sql); myDB1.Close(); Response.Write("<script>alert('加入购物车成功 ~');</script>"); } else { Response.Write("<script>alert('未登陆无法收藏~');</script>"); } }
protected void Page_Load(object sender, System.EventArgs e) { if (!IsPostBack) { if (Request.QueryString["did"] != null) { string Pid = Request.QueryString["did"].ToString(); string sql = "delete from [tblBasket] where id=" + Pid; DBConn myDB = new DBConn(); myDB.ExecuteNonQuery(sql); myDB.Close(); } if (Session["User"] != null) { txtName.Enabled = false; txtName.Text = (string)Session["User"]; DBConn db1 = new DBConn(); TextBox1.Text = db1.LookUp("select 真实姓名 from tblUser where UserName='******'", "真实姓名"); lblTotalPric.Text = db1.LookUp("select sum(ismoney) as '1' from viwBasket where tblUser='******'", "1"); } else { Response.Write("<script>alert('未登陆禁止订购');window.close();</script>"); Response.End(); return; } getData(); string DBPath = ConfigurationSettings.AppSettings["DataBasePath"]; string connStr = (DBPath); SqlConnection con = new SqlConnection(connStr); con.Open(); string sql1 = "select * from tblMode"; SqlDataAdapter sda1 = new SqlDataAdapter(sql1, con); DataSet ds1 = new DataSet(); sda1.Fill(ds1, "tblMode"); foreach (DataRow row in ds1.Tables[0].Rows) { this.dplBm.Items.Add(row["名称"].ToString()); } } }
protected void Button1_Click(object sender, EventArgs e) { if (Session["User"] != null) { string Pid = Request.QueryString["id"].ToString(); string tblUser = (String)Session["User"]; string sql = "insert into [tblLeaveWord](UserName,Pid,isNote) values ( '" + tblUser + "', '" + Pid + "', '" + TextBox1.Text + "')"; DBConn myDB = new DBConn(); myDB.ExecuteNonQuery(sql); myDB.Close(); Response.Redirect("productDisplay.aspx?id=" + Request.QueryString["id"].ToString()); } else { Response.Write("<script>alert('未登陆无法评论~');</script>"); } }
protected void Page_Load(object sender, System.EventArgs e) { if (!IsPostBack) { if (Request.QueryString["did"] != null) { string Pid = Request.QueryString["did"].ToString(); string sql = "delete from [tblFav] where id=" + Pid; DBConn myDB = new DBConn(); myDB.ExecuteNonQuery(sql); myDB.Close(); } getData(); } }
protected void Page_Load(object sender, System.EventArgs e) { if (!IsPostBack) { if (Request.QueryString["did"] != null) { string Pid = Request.QueryString["did"].ToString(); string sql = "delete from [tblLeaveWord] where id=" + Pid; DBConn myDB = new DBConn(); myDB.ExecuteNonQuery(sql); myDB.Close(); } getData(); } }
protected void Button1_Click(object sender, EventArgs e) { if (Session["User"] != null) { string Pid = Request.QueryString["id"].ToString(); //检查库存 string strNum = DropDownList1.SelectedValue; DBConn myDB = new DBConn(); string mySql = "select PStock from Products where PID=" + Pid; SqlDataReader mydr = myDB.getDataReader(mySql); if (mydr.Read()) { int iPStock = Int32.Parse(mydr["PStock"].ToString()); if (iPStock < int.Parse(strNum)) { Response.Write("<script>"); Response.Write("alert('库存不足!!!现在库存还有[ " + iPStock.ToString() + " ]');"); Response.Write("</script>"); return; } } else { Response.Write("<script>"); Response.Write("alert('没有这个二手书!!!');"); Response.Write("</script>"); mydr.Close(); myDB.Close(); Response.Redirect("index.aspx"); return; } mydr.Close(); myDB.Close(); string tblUser = (String)Session["User"]; string sql = "insert into [tblBasket](tblUser,Pid,isN,isMoney) values ( '" + tblUser + "', '" + Pid + "', '" + strNum + "', " + lblCount.Text +")"; DBConn myDB1 = new DBConn(); myDB1.ExecuteNonQuery(sql); myDB1.Close(); Response.Write("<script>alert('加入购物车成功 ~');</script>"); } else { Response.Write("<script>alert('未登陆无法收藏~');</script>"); } }
protected void btnOK_Click(object sender, System.EventArgs e) { string strUName = txtUserName.Text.Trim(); string strUPhone = txtUserPhone.Text.Trim(); string strUEmail = txtEmail.Text.Trim(); string strMTitle = txtTitle.Text.Trim(); string strMContent = txtContent.Text.Trim(); if( strUEmail == String.Empty || strMTitle == String.Empty || strMContent == String.Empty ) { Response.Write("<script>"); Response.Write("alert('请把必填项添上!!!');"); Response.Write("</script>"); return; } if( strMContent.Length > 300 ) { Response.Write("<script>"); Response.Write("alert('内容太长了..(300字以内)!!!');"); Response.Write("</script>"); return; } //防止恶意刷信息 if( Session["messageCheck"] != null ) { DateTime myDTime = (DateTime)Session["messageCheck"]; if( myDTime.AddMilliseconds(30000) > DateTime.Now ) { Response.Write("<script>"); TimeSpan myTime = DateTime.Now - (DateTime)Session["messageCheck"]; Response.Write("alert('不能频繁提交,请在" + (30-myTime.Seconds) + "秒后继续!!!');"); Response.Write("</script>"); return; } } //过滤输入字符串 strUName = CleanString.htmlInputText( strUName ); strUPhone = CleanString.htmlInputText( strUPhone ); strUEmail = CleanString.htmlInputText( strUEmail ); strMTitle = CleanString.htmlInputText( strMTitle ); strMContent = CleanString.htmlInputText( strMContent ); string mySql = "insert into [message](UName,UPhone,UEmail,MTitle,MContent,Pubdate) values('" + strUName + "','" + strUPhone + "','" + strUEmail + "','" + strMTitle + "','" + strMContent + "','" + DateTime.Now + "')"; DBConn myDB = new DBConn(); myDB.ExecuteNonQuery( mySql ); myDB.Close(); Session["messageCheck"] = DateTime.Now; //防止恶意刷信息 记录提交时间 Response.Write("<script>"); Response.Write ("alert('成功提交!')"); Response.Write ("</script>"); txtUserName.Text = ""; txtUserPhone.Text = ""; txtEmail.Text = ""; txtTitle.Text = ""; txtContent.Text = ""; }
protected void Page_Load(object sender, System.EventArgs e) { if (!IsPostBack) { if (Session["myOrder"] == null) { Response.Redirect("index.aspx"); return; } //返回操作 if (Request.QueryString["key"] == null || Request.QueryString["key"].ToString() == String.Empty) { Response.Redirect("index.aspx"); return; } string strBack = Request.QueryString["key"].ToString(); strBack = Server.UrlDecode(strBack); lblBack.Text = "<a href='index.aspx'>返回</a>"; Order myOrder = (Order)Session["myOrder"]; string strOID = myOrder.OID; string strPID = myOrder.PID; string strPName = myOrder.PName; string strPNum = myOrder.PNum; string strPPrice = myOrder.PPrice; string strTotalPrice = myOrder.TotalPrice; string strTName = myOrder.TName; string strEmail = myOrder.Email; string strPhone = myOrder.Phone; string strPCPrice = myOrder.PCPrice;//成本 strOID = getNewOrderID(); //订单号 string sql = ""; DBConn myDB = new DBConn(); if (strPID == "0") { //没有ID 为批量购物的订单 //清空购物车,添加批量记录 strPName = "批量购买产品,请查看详情"; strPNum = "0"; strPPrice = "0"; sql = "select * from [viwBasket] where tblUser='******'order by ID desc"; DataSet ds1 = myDB.getDataSet(sql); foreach (DataRow row in ds1.Tables[0].Rows) { string sql1 = ""; string tblUser, Pid, isN, isMoney, OrderNo; tblUser = row["tblUser"].ToString(); isN = row["isN"].ToString(); isMoney = row["isMoney"].ToString(); OrderNo = strOID; Pid = row["Pid"].ToString(); sql1 = "Insert into tblP_Order(tblUser,Pid,isN,isMoney,OrderNo) values ( '" + tblUser + "', '" + Pid + "', '" + isN + "', " + isMoney + ", '" + OrderNo + "')"; myDB.ExecuteNonQuery(sql1); myDB.ExecuteNonQuery("Update Products Set PStock = PStock - " + isN + ",PSellNum = PSellNum + " + isN + " WHERE PID = " + Pid); } sql = "delete from [tblBasket] where tblUser='******'"; myDB.ExecuteNonQuery(sql);//删除购物车 sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" + strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" + DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "',0)"; } else { sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" + strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" + DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "'," + strPCPrice + ")"; myDB.ExecuteNonQuery("Update Products Set PStock = PStock - " + strPNum + ",PSellNum = PSellNum + " + strPNum + " WHERE PID = " + strPID); } myDB.ExecuteNonQuery(sql); myOrder.OID = strOID; Session["myOrder"] = myOrder; if (strPID == "0") { lblDetailP.Text = "<a href='P_OderInfo.aspx?id=" + strOID + "' target='_blank'>查看批量购买的产品详情</a>"; } lblOrderID.Text = strOID; lblPName.Text = strPName; lblPNum.Text = strPNum; lblPPrice.Text = strPPrice; lblTotalPrice.Text = strTotalPrice; lblTName.Text = strTName; lblEmail.Text = strEmail; lblPhone.Text = strPhone; Label1.Text = myDB.LookUp("select * from tbluser where UserName='******'", "真实姓名"); myDB.Close(); } }
protected void btnOK_Click(object sender, System.EventArgs e) { string strUName = txtUserName.Text.Trim(); string strUPhone = txtUserPhone.Text.Trim(); string strUEmail = txtEmail.Text.Trim(); string strMTitle = txtTitle.Text.Trim(); string strMContent = txtContent.Text.Trim(); if (strUEmail == String.Empty || strMTitle == String.Empty || strMContent == String.Empty) { Response.Write("<script>"); Response.Write("alert('请把必填项添上!!!');"); Response.Write("</script>"); return; } if (strMContent.Length > 300) { Response.Write("<script>"); Response.Write("alert('内容太长了..(300字以内)!!!');"); Response.Write("</script>"); return; } //防止恶意刷信息 if (Session["messageCheck"] != null) { DateTime myDTime = (DateTime)Session["messageCheck"]; if (myDTime.AddMilliseconds(30000) > DateTime.Now) { Response.Write("<script>"); TimeSpan myTime = DateTime.Now - (DateTime)Session["messageCheck"]; Response.Write("alert('不能频繁提交,请在" + (30 - myTime.Seconds) + "秒后继续!!!');"); Response.Write("</script>"); return; } } //过滤输入字符串 strUName = CleanString.htmlInputText(strUName); strUPhone = CleanString.htmlInputText(strUPhone); strUEmail = CleanString.htmlInputText(strUEmail); strMTitle = CleanString.htmlInputText(strMTitle); strMContent = CleanString.htmlInputText(strMContent); string mySql = "insert into [message](UName,UPhone,UEmail,MTitle,MContent,Pubdate) values('" + strUName + "','" + strUPhone + "','" + strUEmail + "','" + strMTitle + "','" + strMContent + "','" + DateTime.Now + "')"; DBConn myDB = new DBConn(); myDB.ExecuteNonQuery(mySql); myDB.Close(); Session["messageCheck"] = DateTime.Now; //防止恶意刷信息 记录提交时间 Response.Write("<script>"); Response.Write("alert('成功提交!')"); Response.Write("</script>"); txtUserName.Text = ""; txtUserPhone.Text = ""; txtEmail.Text = ""; txtTitle.Text = ""; txtContent.Text = ""; }
protected void Page_Load(object sender, System.EventArgs e) { if (!IsPostBack) { if (Session["myOrder"] == null) { Response.Redirect("index.aspx"); return; } //返回操作 if (Request.QueryString["key"] == null || Request.QueryString["key"].ToString() == String.Empty) { Response.Redirect("index.aspx"); return; } string strBack = Request.QueryString["key"].ToString(); strBack = Server.UrlDecode(strBack); lblBack.Text = "<a href='index.aspx'>返回</a>"; Order myOrder = (Order)Session["myOrder"]; string strOID = myOrder.OID; string strPID = myOrder.PID; string strPName = myOrder.PName; string strPNum = myOrder.PNum; string strPPrice = myOrder.PPrice; string strTotalPrice = myOrder.TotalPrice; string strTName = myOrder.TName; string strEmail = myOrder.Email; string strPhone = myOrder.Phone; string strPCPrice = myOrder.PCPrice;//成本 strOID = getNewOrderID(); //订单号 string sql = ""; DBConn myDB = new DBConn(); if (strPID == "0") { //没有ID 为批量购物的订单 //清空购物车,添加批量记录 strPName = "批量购买产品,请查看详情"; strPNum = "0"; strPPrice = "0"; sql = "select * from [viwBasket] where tblUser='******'order by ID desc"; DataSet ds1 = myDB.getDataSet(sql); foreach (DataRow row in ds1.Tables[0].Rows) { string sql1 = ""; string tblUser, Pid, isN, isMoney, OrderNo; tblUser = row["tblUser"].ToString(); isN = row["isN"].ToString(); isMoney = row["isMoney"].ToString(); OrderNo = strOID; Pid = row["Pid"].ToString(); sql1 = "Insert into tblP_Order(tblUser,Pid,isN,isMoney,OrderNo) values ( '" + tblUser + "', '" + Pid + "', '" + isN + "', " + isMoney + ", '" + OrderNo + "')"; myDB.ExecuteNonQuery(sql1); } sql = "delete from [tblBasket] where tblUser='******'"; myDB.ExecuteNonQuery(sql);//删除购物车 sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" + strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" + DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "',0)"; } else { sql = "insert into [Order](OID,PID,PName,PNum,PPrice,TotalPrice,Pubdate,TName,Email,Phone,PCPrice) values('" + strOID + "'," + strPID + ",'" + strPName + "'," + strPNum + "," + strPPrice + "," + strTotalPrice + ",'" + DateTime.Now + "','" + strTName + "','" + strEmail + "','" + strPhone + "'," + strPCPrice + ")"; } myDB.ExecuteNonQuery(sql); myOrder.OID = strOID; Session["myOrder"] = myOrder; if (strPID == "0") lblDetailP.Text = "<a href='P_OderInfo.aspx?id=" + strOID + "' target='_blank'>查看批量购买的产品详情</a>"; lblOrderID.Text = strOID; lblPName.Text = strPName; lblPNum.Text = strPNum; lblPPrice.Text = strPPrice; lblTotalPrice.Text = strTotalPrice; lblTName.Text = strTName; lblEmail.Text = strEmail; lblPhone.Text = strPhone; Label1.Text = myDB.LookUp("select * from tbluser where UserName='******'", "真实姓名"); myDB.Close(); } }