Torna al Thread

    protected void btnAdmin_OnClick(object sender, EventArgs e)
    {

        string strRole = "Admin";
        string ip = "" + Request.ServerVariables["REMOTE_ADDR"].ToString() + "";
        Random rnd = new Random();
        string keystring = rnd.Next(0, 99999).ToString();
        string strPathPic = "http://";
        string strTitle = "Admin";
        OdbcConnection objConn = new OdbcConnection(connectionString);
        objConn.Open();
        string strsql = "SELECT * FROM users where " +
            "email='" + txtEmail.Text + "' and nick='" + txtFullname.Text + "'";
        OdbcCommand command = new OdbcCommand(strsql, objConn);

        
        // Execute the DataReader and access the data.
        OdbcDataReader reader = command.ExecuteReader();
        while (reader.Read())
        {
            if (txtEmail.Text != reader["email"].ToString() && txtFullname.Text != reader["nick"].ToString())
            {
                lblMsg.Text ="Nientè da fare";
            
            }else{


                string strSQL2 = null;

                strSQL2 = "INSERT INTO users (nome,";
                strSQL2 = strSQL2 + "cognome,";
                strSQL2 = strSQL2 + "location,";
                strSQL2 = strSQL2 + "birthday,";
                strSQL2 = strSQL2 + "sex,";
                strSQL2 = strSQL2 + "nick,";
                strSQL2 = strSQL2 + "passwords,";
                strSQL2 = strSQL2 + "email,";
                strSQL2 = strSQL2 + "SecretQuestion,";
                strSQL2 = strSQL2 + "SecretAnswer,";
                strSQL2 = strSQL2 + "info,";
                strSQL2 = strSQL2 + "url_pic,";
                strSQL2 = strSQL2 + "title,";
                strSQL2 = strSQL2 + "role,";
                strSQL2 = strSQL2 + "levels,";
                strSQL2 = strSQL2 + "ip,";
                strSQL2 = strSQL2 + "dir,";
                strSQL2 = strSQL2 + "keysign,";
                strSQL2 = strSQL2 + "register)";

                strSQL2 = strSQL2 + "VALUES('" + txtLastname.Text + "',";
                strSQL2 = strSQL2 + "'" + txtFirstname.Text + "',";
                strSQL2 = strSQL2 + "'" + txtCity.Text + "',";
                strSQL2 = strSQL2 + "'" + txtbirthday.Text + "/" + txtbirthMonth.Text + "/" + txtbirthYear.Text + "',";
                strSQL2 = strSQL2 + "'" + txtSex.Text + "',";
                strSQL2 = strSQL2 + "'" + txtFullname.Text + "',";
                strSQL2 = strSQL2 + "'" + txtPassword.Text + "',";
                strSQL2 = strSQL2 + "'" + txtEmail.Text + "',";
                strSQL2 = strSQL2 + "'" + txtSecretQuestion.Text + "',";
                strSQL2 = strSQL2 + "'" + txtSecretAnswer.Text + "',";
                strSQL2 = strSQL2 + "'" + txtInfo.Text + "',";
                strSQL2 = strSQL2 + "'" + strPathPic + "',";
                strSQL2 = strSQL2 + "'" + strTitle + "',";
                strSQL2 = strSQL2 + "'" + strRole + "',";
                strSQL2 = strSQL2 + "1,";
                strSQL2 = strSQL2 + "'" + ip + "',";
                strSQL2 = strSQL2 + "'" + "/public/" + txtFirstname.Text + "-" + txtLastname.Text + "/dir/" + "',";
                strSQL2 = strSQL2 + "'" + keystring + "',";
                strSQL2 = strSQL2 + "'" + DateTime.Now + "');";

                OdbcCommand addUser = new OdbcCommand(strSQL2, objConn);
                addUser.ExecuteNonQuery();

                Response.Redirect("login.aspx");
            }
            

        }
            objConn.Close();
       
        }
Copyright © dotNetHell.it 2002-2024
Running on Windows Server 2008 R2 Standard, SQL Server 2012 & ASP.NET 3.5