public static bool AddProceed(int userid, string[] arrSubProducts, string[] arrSubPoints, int quantity) { bool result = false; try { string Sql = ""; for (int i = 0; i < arrSubPoints.Length; i++) { int calPoints = 0; int points = 0; string Sqlex = ""; Sqlex = "select Points from lh_programs where User_Id=" + userid + " and program=" + arrSubProducts[i]; try { SqlConnection con = new SqlConnection(Login.GetConnectionString()); con.Open(); SqlCommand cmd = new SqlCommand(Sqlex, con); cmd.CommandType = CommandType.Text; points = (Int32)cmd.ExecuteScalar(); con.Close(); } catch (System.Data.SqlClient.SqlException ex) { string msg = "Insert Error:"; msg += ex.Message; result = false; throw new Exception(msg); } if (arrSubProducts[i].Length > 0 && arrSubPoints[i].Length > 0) { if (points == -1) { points = 0; } if (String.IsNullOrEmpty(arrSubPoints[i])) { arrSubPoints[i] = "0"; } int npointa = points; int npointb = Convert.ToInt32(arrSubPoints[i]); calPoints = npointa - npointb; if (i == 0) { Sql = " update LH_Programs set Points=" + calPoints + ", Update_Date=getDate() where User_Id=" + userid + " AND program=" + arrSubProducts[i] + "; "; Sql += " insert into LH_Order(Product_ID,UseID,Quantity,Shipment_status,CreateDate,Updatedate) values(" + arrSubProducts[i] + ", " + userid + "," + quantity + ",0,getdate(),getdate())"; } else { Sql += " update LH_Programs set Points=" + calPoints + ", Update_Date=getDate() where User_Id=" + userid + " AND program=" + arrSubProducts[i] + "; "; Sql += " insert into LH_Order(Product_ID,UseID,Quantity,Shipment_status,CreateDate,Updatedate) values(" + arrSubProducts[i] + ", " + userid + "," + quantity + ",0,getdate(),getdate())"; } } } if (userid.ToString().Length > 0) { SqlConnection con = new SqlConnection(Login.GetConnectionString()); con.Open(); SqlCommand cmd = new SqlCommand(Sql, con); cmd.CommandType = CommandType.Text; cmd.ExecuteNonQuery(); con.Close(); result = true; } } catch (System.Data.SqlClient.SqlException ex) { string msg = "Insert Error:"; msg += ex.Message; result = false; throw new Exception(msg); } return(result); }
protected void Page_Load(object sender, EventArgs e) { if (Session["login"] != null) { string username = null; if (Session["id"] != null) { int.TryParse(clsRidjindalEncryption.Decrypt(Session["id"].ToString(), "P@ssword", "123", "SHA1", 2, "%1234567890@#$%^", 256), out userID); } if (Session["userName"] != null) { username = clsRidjindalEncryption.Decrypt(Session["userName"].ToString(), "P@ssword", "123", "SHA1", 2, "%1234567890@#$%^", 256); } string email = null; if (Session["email"] != null) { email = clsRidjindalEncryption.Decrypt(Session["email"].ToString(), "P@ssword", "123", "SHA1", 2, "%1234567890@#$%^", 256); } string pwd = null; if (Session["pwd"] != null) { pwd = clsRidjindalEncryption.Decrypt(Session["pwd"].ToString(), "P@ssword", "123", "SHA1", 2, "%1234567890@#$%^", 256); } if (Login.checkLogin(username, email, pwd, clsRidjindalEncryption.Decrypt(Session["login"].ToString(), "P@ssword", "123", "SHA1", 2, "%1234567890@#$%^", 256) == "1") == null || userID == -1) { Response.Redirect("Login.aspx"); } int productID; if (Request.QueryString["id"] == null || !int.TryParse(Request.QueryString["id"], out productID)) { Response.Redirect("Products.aspx"); } else { lhptxt.InnerText = (Login.UserLHP(userID) + Login.getProgramsCount(userID)).ToString(); usernametxt.InnerText = username; hdfuserid.Value = userID.ToString(); wishListTxt.InnerText = Login.countWishList(userID).ToString(); cartTxt.InnerText = Login.countCart(userID).ToString(); title_label.InnerText = productID.ToString(); SqlConnection con = new SqlConnection(Login.GetConnectionString()); SqlConnection con1 = new SqlConnection(Login.GetConnectionString()); string strsql = "select * from LH_product join LH_category on LH_product.category = LH_category.id where LH_product.id =@productID"; con.Open(); SqlCommand cmd = new SqlCommand(strsql, con); cmd.Parameters.AddWithValue("@productID", productID); SqlDataReader dr = cmd.ExecuteReader(); while (dr.Read()) { title_label.InnerText = dr["title"].ToString(); titleTxt.InnerText = dr["title"].ToString(); categoryLink.HRef = "products.aspx?id=" + dr["id"].ToString(); categoryLink.InnerText = dr["category_name"].ToString(); wishList.Attributes["onclick"] = "javascript: fnAddWishIcon(" + productID + ");"; price.InnerText = dr["price"].ToString(); strsql = "select * from LH_product_image where product_id =@productID"; con1.Open(); cmd = new SqlCommand(strsql, con1); cmd.Parameters.AddWithValue("@productID", productID); SqlDataReader dr1 = cmd.ExecuteReader(); bool firstImageFlag = true; while (dr1.Read()) { HtmlGenericControl li = new HtmlGenericControl("li"); if (firstImageFlag) { li.Attributes["class"] = "active"; firstImageFlag = false; firstImage.Src = dr1["image"].ToString(); } HtmlGenericControl img = new HtmlGenericControl("img"); img.Attributes["src"] = dr1["image"].ToString(); li.Controls.Add(img); productImage.Controls.Add(li); } } SqlConnection conn = new SqlConnection(Login.GetConnectionString()); string strsql1 = "select * from LH_Programs join LH_Rates on LH_Programs.program = LH_Rates.Program_ID join LH_programs_list on LH_Programs.program = LH_programs_list.ID where LH_Rates.Approved = 1 and LH_Programs.User_Id = @userID"; conn.Open(); SqlCommand cmd1 = new SqlCommand(strsql1, conn); cmd1.Parameters.AddWithValue("@userID", hdfuserid.Value); SqlDataReader dr2 = cmd1.ExecuteReader(); int i = 0; while (dr2.Read()) { i++; Createprogram(int.Parse(dr2[1].ToString()), dr2[10].ToString(), dr2["logo"].ToString(), dr2["name"].ToString(), dr2["points"].ToString(), dr2["program"].ToString(), i); // wishlistbar(dr2[16].ToString()); } conn.Close(); } } else { Response.Redirect("logout.aspx"); } }