plz don't mine check out : here is my code behind.
<pre lang="c#">using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Configuration;
using MySql.Data.MySqlClient;
namespace Online_Billing_System
{
public partial class Admin : System.Web.UI.Page
{
String ConnectionString = WebConfigurationManager.ConnectionStrings["myConnectionString"].ToString();
protected void Page_Load(object sender, EventArgs e)
{
string s = Request.QueryString["UserName"];
String x = Request.QueryString["Password"];
}
protected void btnok_Click(object sender, EventArgs e)
{
using (MySqlConnection con = new MySqlConnection(ConnectionString))
{
String query = "insert into admin(member_id,card_id,name,date_of_membership,opening_balance,phone_number,address,password,confirm_password) values(@memberid,@cardid,@name,@date,@balance,@phone,@address,@pwd,@confirmpwd)";
MySqlCommand command = new MySqlCommand(query,con);
command.Parameters.AddWithValue("@memberid", txtmemid.Text);
command.Parameters.AddWithValue("@cardid", txtcardid.Text);
command.Parameters.AddWithValue("@name", txtname.Text);
command.Parameters.AddWithValue("@date", txtdate.Text);
command.Parameters.AddWithValue("@balance", txtopenbal.Text);
command.Parameters.AddWithValue("@phone", txtphone.Text);
command.Parameters.AddWithValue("@address", txtaddress.Text);
command.Parameters.AddWithValue("@pwd", txtpwd.Text);
command.Parameters.AddWithValue("@confirmpwd", txtconfirmpwd.Text);
con.Open();
command.ExecuteNonQuery();
}
txtmemid.Text = "";
txtcardid.Text = "";
txtname.Text = "";
txtdate.Text = "";
txtopenbal.Text = "";
txtphone.Text = "";
txtaddress.Text = "";
}
protected void btneok_Click(object sender, EventArgs e)
{
if (txtememid.Text != "" || txtecardid.Text != "")
Response.Redirect("~/EditUser.aspx?memberid=" + txtememid.Text.Replace("&", "%26") +
"&cardid=" + txtecardid.Text.Replace("&", "%26"));
else
{
Response.Write("<script type='text/javascript'>");
Response.Write("alert('PLEASE ENTER EITHER MEMBER ID or CARD ID');");
Response.Write("</script>");
}
}
protected void btndok_Click(object sender, EventArgs e)
{
if (txtdmemid.Text != "" || txtdcardid.Text != "")
{
using (MySqlConnection con = new MySqlConnection(ConnectionString))
{
String query = "delete from admin where member_id=@memid OR card_id=@card";
MySqlCommand command = new MySqlCommand(query, con);
command.Parameters.AddWithValue("@memid",txtdmemid.Text);
command.Parameters.AddWithValue("@card", txtdcardid.Text);
con.Open();
command.ExecuteNonQuery();
}
}
}
protected void btndcancel_Click(object sender, EventArgs e)
{
}
protected void btnecancel_Click(object sender, EventArgs e)
{
}
protected void btnvok_Click(object sender, EventArgs e)
{
if (txtvmemid.Text != "" || txtvcardid.Text != "")
{
Response.Redirect("~/View.aspx?memberid=" + txtememid.Text.Replace("&", "%26") +
"&cardid=" + txtecardid.Text.Replace("&", "%26"));
}
else {
Response.Write("<script type='text/javascript'>");
Response.Write("alert('PLEASE ENTER EITHER MEMBER ID or CARD ID');");
Response.Write("</script>");
}
}
protected void btnsettingsok_Click(object sender, EventArgs e)
{
using (MySqlConnection con = new MySqlConnection(ConnectionString))
{
String query = "select password from admin";
MySqlCommand command = new MySqlCommand(query,con);
con.Open();
using (MySqlDataReader rdr = command.ExecuteReader())
{
while (rdr.Read())
{
String currentpwd = txtcupwd.Text;
String dbpwd = rdr["password"].ToString();
if (currentpwd.Equals(dbpwd))
{
String query2 = "update admin set password=@pwd";
MySqlCommand com = new MySqlCommand(query2, con);
com.Parameters.AddWithValue("@pwd", txtcupwd.Text);
com.ExecuteNonQuery();
}
else {
Response.Write("<script type='text/javascript'>");
Response.Write("alert('Please Enter Correct Password');");
Response.Write("</script>");
}
}
}
}
}
}
}