Torna al Thread
protected void btnAdmin_OnClick(object sender, EventArgs e)
{
string strRole = "Admin";
string ip = "" + Request.ServerVariables["REMOTE_ADDR"].ToString() + "";
Random rnd = new Random();
string keystring = rnd.Next(0, 99999).ToString();
string strPathPic = "http://";
string strTitle = "Admin";
OdbcConnection objConn = new OdbcConnection(connectionString);
objConn.Open();
string strsql = "SELECT * FROM users where " +
"email='" + txtEmail.Text + "' and nick='" + txtFullname.Text + "'";
OdbcCommand command = new OdbcCommand(strsql, objConn);
// Execute the DataReader and access the data.
OdbcDataReader reader = command.ExecuteReader();
while (reader.Read())
{
if (txtEmail.Text != reader["email"].ToString() && txtFullname.Text != reader["nick"].ToString())
{
lblMsg.Text ="Nientè da fare";
}else{
string strSQL2 = null;
strSQL2 = "INSERT INTO users (nome,";
strSQL2 = strSQL2 + "cognome,";
strSQL2 = strSQL2 + "location,";
strSQL2 = strSQL2 + "birthday,";
strSQL2 = strSQL2 + "sex,";
strSQL2 = strSQL2 + "nick,";
strSQL2 = strSQL2 + "passwords,";
strSQL2 = strSQL2 + "email,";
strSQL2 = strSQL2 + "SecretQuestion,";
strSQL2 = strSQL2 + "SecretAnswer,";
strSQL2 = strSQL2 + "info,";
strSQL2 = strSQL2 + "url_pic,";
strSQL2 = strSQL2 + "title,";
strSQL2 = strSQL2 + "role,";
strSQL2 = strSQL2 + "levels,";
strSQL2 = strSQL2 + "ip,";
strSQL2 = strSQL2 + "dir,";
strSQL2 = strSQL2 + "keysign,";
strSQL2 = strSQL2 + "register)";
strSQL2 = strSQL2 + "VALUES('" + txtLastname.Text + "',";
strSQL2 = strSQL2 + "'" + txtFirstname.Text + "',";
strSQL2 = strSQL2 + "'" + txtCity.Text + "',";
strSQL2 = strSQL2 + "'" + txtbirthday.Text + "/" + txtbirthMonth.Text + "/" + txtbirthYear.Text + "',";
strSQL2 = strSQL2 + "'" + txtSex.Text + "',";
strSQL2 = strSQL2 + "'" + txtFullname.Text + "',";
strSQL2 = strSQL2 + "'" + txtPassword.Text + "',";
strSQL2 = strSQL2 + "'" + txtEmail.Text + "',";
strSQL2 = strSQL2 + "'" + txtSecretQuestion.Text + "',";
strSQL2 = strSQL2 + "'" + txtSecretAnswer.Text + "',";
strSQL2 = strSQL2 + "'" + txtInfo.Text + "',";
strSQL2 = strSQL2 + "'" + strPathPic + "',";
strSQL2 = strSQL2 + "'" + strTitle + "',";
strSQL2 = strSQL2 + "'" + strRole + "',";
strSQL2 = strSQL2 + "1,";
strSQL2 = strSQL2 + "'" + ip + "',";
strSQL2 = strSQL2 + "'" + "/public/" + txtFirstname.Text + "-" + txtLastname.Text + "/dir/" + "',";
strSQL2 = strSQL2 + "'" + keystring + "',";
strSQL2 = strSQL2 + "'" + DateTime.Now + "');";
OdbcCommand addUser = new OdbcCommand(strSQL2, objConn);
addUser.ExecuteNonQuery();
Response.Redirect("login.aspx");
}
}
objConn.Close();
}