protected void submitButton_Click(object sender, EventArgs e) { int userType = DropDownList1.SelectedIndex; if (userType != 0) // if user type is selected { String first = Text1.Value, last = Text2.Value, email = Text3.Value, username = Text4.Value, password = Text5.Value; SqlConnection con = new SqlConnection(Global.getConnectionString()); SqlCommand cmd = new SqlCommand("INSERT INTO pms_user ( username, password, first_name, last_name, email_address, type_id ) VALUES " + "(@username, @password, @first, @last, @email, @type);", con); cmd.Parameters.Add("@username", SqlDbType.VarChar).Value = username; cmd.Parameters.Add("@password", SqlDbType.VarChar).Value = password; cmd.Parameters.Add("@first", SqlDbType.VarChar).Value = first; cmd.Parameters.Add("@last", SqlDbType.VarChar).Value = last; cmd.Parameters.Add("@email", SqlDbType.VarChar).Value = email; cmd.Parameters.Add("@type", SqlDbType.Int).Value = userType; if (Global.isDebug) { Response.Write("first: " + first + "last: " + last + "email: " + email + "username: "******"password: "******"<br/>"); } try { con.Open(); if (Global.isDebug) { Response.Write(cmd.CommandText); } cmd.ExecuteNonQuery(); Global.logEventUser(Convert.ToInt32(Session["UserID"]), "Created user " + "\"" + username + "\" as a(n) " + DropDownList1.SelectedValue + "!", 0); outputLabel.Visible = true; } catch (Exception ex) { throw (ex); } finally { cmd.Dispose(); con.Dispose(); con.Close(); } } }
protected void submitButton_Click(object sender, EventArgs e) { string first = firstName.Value.ToString(); string last = lastName.Value.ToString(); string em = email.Value.ToString(); string whours = hours.Value.ToString(); string explevel = exp.SelectedValue.ToString(); string ind = industry.SelectedValue.ToString(); string rol = role.SelectedValue.ToString(); string stat = status.SelectedValue.ToString(); SqlConnection con = new SqlConnection(Global.getConnectionString()); SqlCommand cmd = new SqlCommand("INSERT INTO pms_resource (first_name, last_name, email_address, industry_id, role_id, status_id, work_hours, experience_level) VALUES (@first, @last, @email, @ind, @role, @status, @hours, @exp);", con); cmd.Parameters.Add("@first", SqlDbType.VarChar).Value = first; cmd.Parameters.Add("@last", SqlDbType.VarChar).Value = last; cmd.Parameters.Add("@email", SqlDbType.VarChar).Value = em; cmd.Parameters.Add("@ind", SqlDbType.Int).Value = ind; cmd.Parameters.Add("@role", SqlDbType.Int).Value = rol; cmd.Parameters.Add("@status", SqlDbType.Int).Value = stat; cmd.Parameters.Add("@hours", SqlDbType.Int).Value = whours; cmd.Parameters.Add("@exp", SqlDbType.Int).Value = explevel; try { con.Open(); cmd.ExecuteNonQuery(); Global.logEventUser(Convert.ToInt32(Session["UserID"]), "Added Resource " + "\"" + first + " " + last + "\"!", 0); } catch (Exception ex) { throw (ex); } finally { cmd.Dispose(); con.Dispose(); con.Close(); } outputLabel.Visible = true; }
protected void GridView1_RowUpdating1(object sender, GridViewUpdateEventArgs e) { int id = Convert.ToInt32(e.Keys[0]); GridViewRow row = GridView1.Rows[e.RowIndex]; string uUsername = ((TextBox)(row.Cells[0].Controls[0])).Text; string uPass = ((TextBox)(row.Cells[1].Controls[0])).Text; string uFirstName = ((TextBox)(row.Cells[2].Controls[0])).Text; string uLastName = ((TextBox)(row.Cells[3].Controls[0])).Text; string uEmail = ((TextBox)(row.Cells[4].Controls[0])).Text; string uType = ((TextBox)(row.Cells[5].Controls[0])).Text; if (uPass == "" || uUsername == "" || uFirstName == "" || uLastName == "" || uEmail == "" || uType == "") { LoadGrid("[Last_Name]", "ASC"); GridView1.EditIndex = -1; BindData(); } else { SqlConnection con = new SqlConnection(Global.getConnectionString()); SqlCommand cmd = new SqlCommand("UPDATE pms_user SET username=@username,password=@password, first_name=@firstname, last_name=@lastname, email_address=@email, type_id=@type WHERE id=@id;", con); cmd.Parameters.Add("@username", SqlDbType.VarChar).Value = uUsername; cmd.Parameters.Add("@password", SqlDbType.VarChar).Value = uPass; cmd.Parameters.Add("@firstname", SqlDbType.VarChar).Value = uFirstName; cmd.Parameters.Add("@lastname", SqlDbType.VarChar).Value = uLastName; cmd.Parameters.Add("@email", SqlDbType.VarChar).Value = uEmail; int tID = -1; if (uType.Equals("administrator")) { tID = Global.AdminUserType; cmd.Parameters.Add("@type", SqlDbType.VarChar).Value = tID; } else if (uType.Equals("manager")) { tID = Global.ManagerUserType; cmd.Parameters.Add("@type", SqlDbType.VarChar).Value = tID; } else { LoadGrid("[Last_Name]", "ASC"); GridView1.EditIndex = -1; BindData(); } if (tID != -1) { cmd.Parameters.Add("@id", SqlDbType.VarChar).Value = id; try { con.Open(); cmd.ExecuteNonQuery(); Global.logEventUser(Convert.ToInt32(Session["UserID"]), "Updated customer with ID=" + "\"" + id + "\"!", 0); } catch (Exception ex) { throw (ex); } finally { cmd.Dispose(); con.Dispose(); con.Close(); LoadGrid("[Last_Name]", "ASC"); GridView1.EditIndex = -1; BindData(); } } } }