order_info.aspx.cs

B2B网上商城

using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

using System.Data.SqlClient;
public partial class Order_info : System.Web.UI.Page
{
        //卖家

        //public string way;
        //public SqlCommand command;
        //public SqlConnection conn;
    public string ProductID;
    public string ProductName;//产品名称
    public string ProductPicture;//图片
    public string ProductPrice;//当前价格
    public string ProductQuantity;//库数量
    public string Quantity;//购买数量
    public string ProductPost;//平邮
    public string ProductFax;//快递
    public string PostPrice;//送货价格
    public string PostType;//送货类别
    public string UserName;//买家
    public string ProductTotal;//产品总价
    public string Payment;//应付金额
    public string VMoney1;//虚拟钱(买家)
    public string VMoney2;//虚拟钱(卖家)
    public string Qnum;//卖家最终库存量
    public string checkcode;//验证码
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!Page.IsPostBack)
        {
            if (Request.QueryString["id"] == null)
                return;

            ProductID = Request.QueryString["id"].ToString();
            if (Session["username"] == null)
            {
                Response.Redirect("User_login.aspx?msg=" + Server.UrlEncode("Order_info.aspx?id=" + ProductID));
            }

            SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["ConnStr"]);
            string sql = "select * from Products where ProductState=0 and ProductId=" + ProductID;	//数据库连接字符串
            SqlCommand command = new SqlCommand(sql, connection);//构件执行数据命令
            connection.Open();
            SqlDataReader dr = command.ExecuteReader();//保存从数据库里面返回的一条记录
            if (dr.Read())
            {
                productImg.ImageUrl = "showProductPicture.aspx?id=" + dr["ProductId"].ToString();
                ProductName = dr["ProductName"].ToString();
                ProductPicture = dr["ProductPicture"].ToString();
                ProductPrice = dr["ProductPrice"].ToString();
                ProductQuantity = dr["ProductQuantity"].ToString();
                UserName = dr["UserName"].ToString();
                ProductPost = dr["ProductPost"].ToString();
                ProductFax = dr["ProductFax"].ToString();
            }
            productid.Text = ProductName;
            productprice.Text = ProductPrice;
            context.Text = ProductQuantity;
            salesid.Text = UserName;
            RadioButton1.Text = ProductPost;
            RadioButton2.Text = ProductFax;

        }
    }

    protected void Button1_ServerClick(object sender, EventArgs e)
    {
        //获取需要的信息并验证
        ProductID = Request.QueryString["id"].ToString();
        SqlConnection connection = new SqlConnection(ConfigurationManager.AppSettings["ConnStr"]);
        string sql = "select * from Products where ProductState=0 and ProductId=" + ProductID;	//数据库连接字符串
        SqlCommand command = new SqlCommand(sql, connection);//构件执行数据命令
        connection.Open();
        SqlDataReader dr = command.ExecuteReader();//保存从数据库里面返回的一条记录
        if (dr.Read())
        {
            ProductQuantity = dr["ProductQuantity"].ToString();
        }
        if (Convert.ToInt32(quantity.Text) <= Convert.ToInt32(ProductQuantity))
        {
            Quantity = quantity.Text;
        }
        else
        {
            Response.Write("<script language='JavaScript'>");
            Response.Write("alert('不正确数值或库存量不足!!')");
            Response.Write("</script>");
        }
    
        checkcode = vaidatecode.Text;
        if (Session["CheckCode"].ToString() != checkcode)
        {
            Response.Write("<script language='JavaScript'>");
            Response.Write("alert('输入的验证码有误！请重新输入！')");
            Response.Write("</script>");
            return;
        }

        if (RadioButton1.Checked == true)
        {
            PostPrice = RadioButton1.Text;
            PostType = "平邮";
        }
        else
        {
            PostPrice = RadioButton2.Text;
            PostType = "快递";
        }

        ProductTotal = Convert.ToString(Convert.ToDouble(productprice.Text) * Convert.ToDouble(Quantity));
        Payment = Convert.ToString(Convert.ToDouble(ProductTotal) + Convert.ToDouble(PostPrice));

        dr.Close();
        connection.Close();

        //--虚拟币交易
        //买家扣钱
        SqlConnection connection1 = new SqlConnection(ConfigurationManager.AppSettings["ConnStr"]);
        string sql1 = "select * from Users where UserName='" + Session["username"].ToString() + "'";	//数据库连接字符串
        SqlCommand command1 = new SqlCommand(sql1, connection1);//构件执行数据命令
        connection1.Open();
        SqlDataReader dr1 = command1.ExecuteReader();//保存从数据库里面返回的一条记录
        if (dr1.Read())
        {
            VMoney1 = dr1["VMoney"].ToString();
        }
        if (Convert.ToDouble(VMoney1) >= Convert.ToDouble(Payment))
        {
            VMoney1 = Convert.ToString(Convert.ToDouble(VMoney1) - Convert.ToDouble(Payment));
        }
        else
        {
            Response.Write("<script language='JavaScript'>");
            Response.Write("alert('您的虚拟币不足!!！')");
            Response.Write("</script>");
            return;
        }
        dr1.Close();
        string sql2 = "update Users set VMoney='" + VMoney1 + "' where UserName='" + Session["username"].ToString() + "'";
        command1 = new SqlCommand(sql2, connection1);//构件执行数据命令
        command1.ExecuteNonQuery();

        connection1.Close();

        //卖家加钱
        SqlConnection connection2 = new SqlConnection(ConfigurationManager.AppSettings["ConnStr"]);
        string sql3 = "select * from Users where UserName=(select UserName from Products where ProductId='" + ProductID + "')";//数据库连接字符串
        SqlCommand command2 = new SqlCommand(sql3, connection2);//构件执行数据命令
        connection2.Open();
        SqlDataReader dr2 = command2.ExecuteReader();//保存从数据库里面返回的一条记录
        if (dr2.Read())
        {
            VMoney2 = dr2["VMoney"].ToString();
        }
        dr2.Close();
        VMoney2 = Convert.ToString(Convert.ToDouble(VMoney2) + Convert.ToDouble(Payment));
        string sql4 = "update Users set VMoney='" + VMoney2 + "' where UserName=(select UserName from Products where ProductId='" + ProductID + "')";
        command2 = new SqlCommand(sql4, connection2);
        command2.ExecuteNonQuery();

        //卖家库存量扣除
        Qnum = Convert.ToString(Convert.ToInt32(context.Text) - Convert.ToInt32(Quantity));
        string sql5 = "update Products set ProductQuantity='" + Qnum + "' where ProductId=" + ProductID;	//数据库连接字符串
        SqlCommand command3 = new SqlCommand(sql, connection);//构件执行数据命令
        command3 = new SqlCommand(sql5, connection2);
        command3.ExecuteNonQuery();
        connection2.Close();


        //最终形成定单
        SqlConnection conn = new SqlConnection(ConfigurationManager.AppSettings["ConnStr"]);
        string strsql = "INSERT INTO Orders(Store,SalesId,BuyerId,ProductId,Quantity,PostType,PostPrice,ConsigneeName,MobilePhone,Telephone,ConsigneeAdress,ConsigneePost,ProductPrice,ProductTotal,Payment) values('" + productid.Text + "','" + salesid.Text + "','" + Session["username"].ToString() + "'," + ProductID + ",'" + Quantity + "','" + PostType + "','" + PostPrice + "','" + buyername.Text + "','" + mobileTele.Text + "','" + telephone.Text + "','" + address.Text + "','" + postalcode.Text + "','" + productprice.Text + "','" + ProductTotal + "','" + Payment + "')";
        command = new SqlCommand(strsql, conn);
        conn.Open();
        command.ExecuteNonQuery();
        conn.Close();

        Response.Redirect("Order_Detail.aspx");
    }

}