I am using paypal express checkout and I'm trying to get the total value that is in the shopping cart when the user decides to checkout. My shipping rate is going to be based on the total price and although I have the shipping calculations filled out in my paypal account settings, the shipping cost is not showing up in the checkout screen. How would I grab the total shopping cart price right upon checkout so that I can add the shipping cost? What I have so far is only the values after the user has checked out and they are returned back to my website but at this point it is too late to add shipping.
Dim authToken As String = "sdf5414FdsfDFS5eEF52s336DFLLJUhhbuzek64"
Dim txToken As String = Request.QueryString("tx")
txToken = "4GGSES84eEWSS"
Dim strRequest As String = "cmd=_notify-synch&tx=" & txToken & "&at=" & authToken
'Dim Payerinfo As New PayerInfo
'Dim trans As New Transaction
'Dim tra As New PayPal.PayPalAPIInterfaceService.Model.GetTransactionDetailsReq
'post back to either sandbox or live
Dim strSandbox As String = "https://www.sandbox.paypal.com/cgi-bin/webscr"
Dim strLive As String = "https://www.paypal.com/cgi-bin/webscr"
Dim req As HttpWebRequest = CType(WebRequest.Create(strSandbox), HttpWebRequest)
'req.Headers = valHeader
'Set values for the request back
req.Method = "POST"
req.ContentType = "application/x-www-form-urlencoded"
req.ContentLength = strRequest.Length
'Send the request to PayPal and get the response
Dim streamOut As StreamWriter = New StreamWriter(req.GetRequestStream(), Encoding.ASCII)
streamOut.Write(strRequest)
streamOut.Close()
Dim streamIn As StreamReader = New StreamReader(req.GetResponse().GetResponseStream())
Dim strResponse As String = streamIn.ReadToEnd()
streamIn.Close()
If Not String.IsNullOrEmpty(strResponse) Then
Dim results As New Dictionary(Of String, String)
Dim reader As New StringReader(strResponse)
Dim line As String = reader.ReadLine()
If line = "SUCCESS" Then
'FormView1.Visible = False
While True
Dim aLine As String
aLine = reader.ReadLine
If aLine IsNot Nothing Then
Dim strArr() As String
strArr = aLine.Split("=")
results.Add(strArr(0), strArr(1))
Else
Exit While
End If
End While
' Displays all the keys for results, helps to see what the keys are named for writing to text file
For Each kvp As KeyValuePair(Of String, String) In results
Dim v1 As String = kvp.Key
Dim v2 As String = kvp.Value
Response.Write(v1.ToString _
+ ": " + v2 + "<br /> ")
Next
End If
I have also been trying to declare a session variable and add to it every time the add to cart button is clicked but I see a problem in this because I don't know how long the items will stay in the paypal cart and if the session variable session runs out of time and is cleared, they will then receive free shipping since the shipping amount clears out. Is their any way to make this work?
Protected Sub AddToCartBtn_Click(sender As Object, e As EventArgs)
Session("CartAmount")
Dim itemNumber As String = str2
Dim itemAmount As String = price
Dim currencyCode As String = "USD"
Dim addItem As Integer = 1
Dim ppHref As StringBuilder = New StringBuilder()
ppHref.Append("https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_cart")
ppHref.Append("&business=" + business)
ppHref.Append("&item_name=" + itemName)
ppHref.Append("&item_number=" + itemNumber)
ppHref.Append("&amount=" + itemAmount)
ppHref.Append("¤cy_code=" + currencyCode)
Session("CartAmount") = (cartTotal + Session("CartAmount"))
End Sub
You can pass shopping cart values in the provided variable from the following url reference,
https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/Appx_websitestandard_htmlvariables/#id08A6HF080O3
Related
I can programmatically create a meeting request that is sent to the user through code and appears in Outlook mail where the user can accept the request and if accepted the appointment shows on their Outlook calendar. but am having trouble figuring out how to programmatically cancel the same event.
The below code is what I am using to send the meeting invitation. It works as should and sends the request to the recipient and they can accept or decline. If accepted the appointment goes on their calendar.
Dim smtpServer As String = ConfigurationManager.AppSettings("MailServer").ToString()
Dim credentials As New NetworkCredential(ConfigurationManager.AppSettings("SMTPUser").ToString(), ConfigurationManager.AppSettings("SMTPPassword").ToString())
Dim startTime1 As String = Convert.ToDateTime("10/30/2015 11:00 AM").ToString("yyyyMMddTHHmmss")
Dim endTime1 As String = Convert.ToDateTime("10/30/2015 01:00 PM").ToString("yyyyMMddTHHmmss")
Dim smtp As New SmtpClient(smtpServer)
smtp.Credentials = credentials
Dim msg As New MailMessage()
Dim emailFrom As String = ConfigurationManager.AppSettings("EmailFrom").ToString()
Dim emailTo As String = "jd#dom.com"
msg.From = New MailAddress(emailFrom, "Scheduling System")
msg.[To].Add(New MailAddress(emailTo))
msg.Subject = "JD"
Dim strBody As New StringBuilder()
strBody.AppendLine("Appointment Confirmation")
strBody.AppendLine("Subject: JD")
strBody.AppendLine("1599")
strBody.AppendLine("Location: Exam 1")
strBody.AppendLine("Date: 10/30/2015")
strBody.AppendLine("Time: 11:00AM - 1:00PM")
msg.Body = strBody.ToString()
Dim str As New StringBuilder()
str.AppendLine("BEGIN:VCALENDAR")
'PRODID: identifier for the product that created the Calendar object
str.AppendLine("PRODID:-//CARS//Outlook MIMEDIR//EN")
str.AppendLine("VERSION:2.0")
str.AppendLine("METHOD:REQUEST")
str.AppendLine("BEGIN:VEVENT")
str.AppendLine(String.Format("DTSTART:{0:yyyyMMddTHHmmss}", startTime1))
'TimeZoneInfo.ConvertTimeToUtc("BeginTime").ToString("yyyyMMddTHHmmssZ")));
str.AppendLine(String.Format("DTSTAMP:{0:yyyyMMddTHHmmss}", DateTime.Now))
str.AppendLine(String.Format("DTEND:{0:yyyyMMddTHHmmss}", endTime1))
'TimeZoneInfo.ConvertTimeToUtc("EndTime").ToString("yyyyMMddTHHmmssZ")));
str.AppendLine(String.Format("LOCATION:{0}", "Exam 1"))
' UID should be unique.
str.AppendLine(String.Format("UID:{0}", "jd101"))
str.AppendLine(String.Format("DESCRIPTION:{0}", msg.Body))
str.AppendLine(String.Format("X-ALT-DESC;FMTTYPE=text/html:{0}", msg.Body))
str.AppendLine(String.Format("SUMMARY:{0}", msg.Subject))
str.AppendLine("STATUS:CONFIRMED")
str.AppendLine("BEGIN:VALARM")
str.AppendLine("TRIGGER:-PT15M")
str.AppendLine("ACTION:Accept")
str.AppendLine("DESCRIPTION:Reminder")
str.AppendLine("X-MICROSOFT-CDO-BUSYSTATUS:BUSY")
str.AppendLine("END:VALARM")
str.AppendLine("END:VEVENT")
str.AppendLine(String.Format("ORGANIZER:MAILTO:{0}", msg.From.Address))
str.AppendLine(String.Format("ATTENDEE;CN=""{0}"";RSVP=TRUE:mailto:{1}", msg.[To](0).DisplayName, msg.[To](0).Address))
str.AppendLine("END:VCALENDAR")
Dim ct As New System.Net.Mime.ContentType("text/calendar")
ct.Parameters.Add("method", "REQUEST")
ct.Parameters.Add("name", "meeting.ics")
Dim avCal As AlternateView = AlternateView.CreateAlternateViewFromString(str.ToString(), ct)
msg.AlternateViews.Add(avCal)
smtp.Send(msg)
The below code is what I have to CANCEL an existing meeting. It sends the notice out just like the above code does, but it does not cancel/delete/remove the meeting. Can someone point me in the right direction please. I would just like the event to be removed from the Outlook calendar when this part of the code is ran. Thanks for any help.
Dim smtpServer As String = ConfigurationManager.AppSettings("MailServer").ToString()
Dim credentials As New NetworkCredential(ConfigurationManager.AppSettings("SMTPUser").ToString(), ConfigurationManager.AppSettings("SMTPPassword").ToString())
Dim startTime1 As String = Convert.ToDateTime("10/30/2015 11:00 AM").ToString("yyyyMMddTHHmmss")
Dim endTime1 As String = Convert.ToDateTime("10/30/2015 01:00 PM").ToString("yyyyMMddTHHmmss")
Dim smtp As New SmtpClient(smtpServer)
smtp.Credentials = credentials
Dim msg As New MailMessage()
Dim emailFrom As String = ConfigurationManager.AppSettings("EmailFrom").ToString()
Dim emailTo As String = "jd#dom.com"
msg.From = New MailAddress(emailFrom, "Scheduling System")
msg.[To].Add(New MailAddress(emailTo))
msg.Subject = "JD"
Dim strBody As New StringBuilder()
strBody.AppendLine("Appointment Confirmation")
strBody.AppendLine("Subject: JD")
strBody.AppendLine("HRPO#: 1599")
strBody.AppendLine("Location: Exam 1")
strBody.AppendLine("Date: 10/30/2015")
strBody.AppendLine("Time: 11:00AM - 1:00PM")
msg.Body = strBody.ToString()
Dim str As New StringBuilder()
str.AppendLine("BEGIN:VCALENDAR")
'PRODID: identifier for the product that created the Calendar object
str.AppendLine("PRODID:-//CARS//Outlook MIMEDIR//EN")
str.AppendLine("VERSION:2.0")
str.AppendLine("METHOD:REQUEST")
str.AppendLine("BEGIN:VEVENT")
str.AppendLine(String.Format("DTSTART:{0:yyyyMMddTHHmmss}", startTime1))
'TimeZoneInfo.ConvertTimeToUtc("BeginTime").ToString("yyyyMMddTHHmmssZ")));
str.AppendLine(String.Format("DTSTAMP:{0:yyyyMMddTHHmmss}", DateTime.Now))
str.AppendLine(String.Format("DTEND:{0:yyyyMMddTHHmmss}", endTime1))
'TimeZoneInfo.ConvertTimeToUtc("EndTime").ToString("yyyyMMddTHHmmssZ")));
str.AppendLine(String.Format("LOCATION:{0}", "Exam 1"))
' UID should be unique.
str.AppendLine(String.Format("UID:{0}", "jd101"))
str.AppendLine(String.Format("DESCRIPTION:{0}", msg.Body))
str.AppendLine(String.Format("X-ALT-DESC;FMTTYPE=text/html:{0}", msg.Body))
str.AppendLine(String.Format("SUMMARY:{0}", msg.Subject))
str.AppendLine("STATUS:CANCELLED")
str.AppendLine("BEGIN:VALARM")
str.AppendLine("TRIGGER:-PT15M")
str.AppendLine("ACTION:Accept")
str.AppendLine("DESCRIPTION:Reminder")
str.AppendLine("X-MICROSOFT-CDO-BUSYSTATUS:BUSY")
str.AppendLine("END:VALARM")
str.AppendLine("END:VEVENT")
str.AppendLine(String.Format("ORGANIZER:MAILTO:{0}", msg.From.Address))
str.AppendLine(String.Format("ATTENDEE;CN=""{0}"";RSVP=TRUE:mailto:{1}", msg.[To](0).DisplayName, msg.[To](0).Address))
str.AppendLine("END:VCALENDAR")
Dim ct As New System.Net.Mime.ContentType("text/calendar")
ct.Parameters.Add("method", "CANCEL")
ct.Parameters.Add("name", "meeting.ics")
Dim avCal As AlternateView = AlternateView.CreateAlternateViewFromString(str.ToString(), ct)
msg.AlternateViews.Add(avCal)
smtp.Send(msg)
ANSWERED
To cancel the meeting and have it removed from the outlook calendar you need to change the Method from "REQUEST" to "CANCEL" for the event that sends the cancellation request.
msg.Body = strBody.ToString()
Dim str As New StringBuilder()
str.AppendLine("BEGIN:VCALENDAR")
'PRODID: identifier for the product that created the Calendar object
str.AppendLine("PRODID:-//CARS//Outlook MIMEDIR//EN")
str.AppendLine("VERSION:2.0")
'''ORIGINAL-CHANGE TO CANCEL'''
'str.AppendLine("METHOD:REQUEST")
'''NEW - CHANGE TO CANCEL'''
str.AppendLine("METHOD:CANCEL")
'''Everything else remains the same. Will work and remove meeting from calendar.'''
Currently i am using this code to send meeting to outlook..
StringBuilder OutlookBody = new StringBuilder();
string textvs = #"BEGIN:VCALENDAR
PRODID:-//Microsoft Corporation//Outlook 10.0 MIMEDIR//EN
VERSION:1.0
BEGIN:VEVENT
LOCATION:" + Location + #"
DTSTART:" + string.Format("DTSTART:{0:yyyyMMddTHHmmssZ}", start) + #"
DTEND:" + string.Format("DTEND:{0:yyyyMMddTHHmmssZ}", end) + #"
DESCRIPTION;ENCODING=QUOTED-PRINTABLE:=
" + OutlookBody + #"=0D=0A
SUMMARY:" + AppoitmentName + #"
PRIORITY:3
END:VEVENT
END:VCALENDAR";
And it is working fine..
How can i use the same code to cancel / remove appointment from outlook.
I'm developing in vb.net and as of right now I am not using any API's to receive transaction details I have only been using IPN and PDT variables to get my details however I began to notice that, when using Paypal Sandbox to test, after I go through the process of check out, I do receive all the variables of the details but in my test account, there are no transactions shown.
Do I need to be using the REST API in order to actually approve and execute the payment for the transaction in order to complete a transaction? I had assumed that the entire transaction had been completed successful since I was getting all of the details back but now that I noticed there aren't any transactions showing in my account I'm not so sure whats going on?
Here is the code I have been using to view transaction details
Dim authToken As String = "c37yqZU7UdVWesSoipRHFOwB3fFLv1CfOKWz10hqp0ULz6dYKrlCNuxp9d0"
Dim txToken As String = Request.QueryString("tx")
txToken = "2F816064M1280054A" '"6AX4295820157674V" '"5PD1935338742763G" ' '"70Y83841KE749971T" '"74C31896AA9005743""2RY90202U2008611C" '"0F824628H9566062P" '"5ET57654YS955312K" '
Dim strRequest As String = "cmd=_notify-synch&tx=" & txToken & "&at=" & authToken
'Dim Payerinfo As New PayerInfo
'Dim trans As New Transaction
'Dim tra As New PayPal.PayPalAPIInterfaceService.Model.GetTransactionDetailsReq
'post back to either sandbox or live
Dim strSandbox As String = "https://www.sandbox.paypal.com/cgi-bin/webscr"
Dim strLive As String = "https://www.paypal.com/cgi-bin/webscr"
Dim req As HttpWebRequest = CType(WebRequest.Create(strSandbox), HttpWebRequest)
'req.Headers = valHeader
'Set values for the request back
req.Method = "POST"
req.ContentType = "application/x-www-form-urlencoded"
req.ContentLength = strRequest.Length
'Send the request to PayPal and get the response
Dim streamOut As StreamWriter = New StreamWriter(req.GetRequestStream(), Encoding.ASCII)
streamOut.Write(strRequest)
streamOut.Close()
Dim streamIn As StreamReader = New StreamReader(req.GetResponse().GetResponseStream())
Dim strResponse As String = streamIn.ReadToEnd()
streamIn.Close()
If Not String.IsNullOrEmpty(strResponse) Then
Dim results As New Dictionary(Of String, String)
Dim reader As New StringReader(strResponse)
Dim line As String = reader.ReadLine()
If line = "SUCCESS" Then
'FormView1.Visible = False
While True
Dim aLine As String
aLine = reader.ReadLine
If aLine IsNot Nothing Then
Dim strArr() As String
strArr = aLine.Split("=")
results.Add(strArr(0), strArr(1))
Else
Exit While
End If
End While
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'when code below is uncommented remove these two end if's below
Response.Write("<li> " + results("payer_id") + "</li>")
Response.Write("<li> " + results("txn_id") + "</li>")
' Displays all the keys for results, helps to see what the keys are named for writing to text file
For Each kvp As KeyValuePair(Of String, String) In results
Dim v1 As String = kvp.Key
Dim v2 As String = kvp.Value
Response.Write(v1.ToString _
+ ": " + v2 + "<br /> ")
Next
End If
I have redirected my website to Paypal on Buy Now button, but where should i place my code when the transaction has been successfully done.
Can someone help please? I need to change my status in my biding to paid.
Dim temp As String = Request.QueryString("user").ToString
Dim temp1 As Integer = Convert.ToInt32(temp)
Dim LastName As String
Dim WinningPrice As String
Dim email As String
Dim country As String
Dim Name As String
Dim FirstName As String
Using con1 As New SqlConnection(_start)
'Build your SQL String'
Dim sql1 As String = "SELECT Item.Name, BID.WinningPrice, Member.LastName, Member.FirstName,Member.Email, Member.Country FROM Item INNER JOIN Seller ON Item.SellerID = Seller.SellerID INNER JOIN Auction ON Item.ItemID = Auction.ItemID INNER JOIN BID ON Auction.AuctionID = BID.AuctionID INNER JOIN Member ON Seller.MemberID = Member.MemberID WHERE (Member.Status = 'Available') AND (Seller.SellerStatus = 'Available') AND (BID.Status = 'Won') AND (Auction.Status = 'Expired') and BID.BidID=#bidid"
'Open your connection'
con1.Open()
'Build your Command to execute'
Dim myCommand1 As New SqlCommand(sql1, con1)
'Grab your parameter'
'Add your parameter'
myCommand1.Parameters.Add("#bidid", SqlDbType.Int).Value = temp1
Dim reader As SqlDataReader = myCommand1.ExecuteReader()
If reader.HasRows Then
If reader.Read() Then
' etc
Name = reader.GetString(0)
WinningPrice = Convert.ToString(reader.GetDouble(1))
LastName = reader.GetString(2)
FirstName = reader.GetString(3)
email = reader.GetString(4)
country = reader.GetString(5)
Dim price As Object
'Converting String Money Value Into Decimal
price = Convert.ToDouble(WinningPrice)
'declaring empty String
Dim returnURL As String = ""
returnURL += "https://www.paypal.com/xclick/business=" + email
'Passing Item Name as dynamic
returnURL += Convert.ToString("&item_name=") & Name
'Assigning Name as Statically to Parameter
returnURL += Convert.ToString("&first_name") & FirstName
'Assigning Name as Statically to Parameter
returnURL += Convert.ToString("&last_name") & LastName
'Assigning City as Statically to Parameter
returnURL += Convert.ToString("&country") & country
'Passing Amount as Dynamic
returnURL += "&amount=" + price.ToString
'Passing Currency as your
returnURL += "¤cy=USD"
'If transactioin has been successfully performed, redirect SuccessURL page- this page will be designed by developer
returnURL += "&return=" + ConfigurationManager.AppSettings("SuccessURL").ToString()
'retturn Url if Customer Wants To Cancel the Transaction
'If transactioin has been failed, redirect FailedURL page- this page will be designed by developer
returnURL += "&cancel_return=" + ConfigurationManager.AppSettings("FailedURL").ToString()
Response.Redirect(returnURL)
End If
End If
End Using
You are passing in a SuccessUrl parameter; when paypal completes it is going to send a notification to that page - so you should put code in the Page_Load event of your SuccessUrl to parse the query parms returned, and do whatever local processing you need to do there.
How do I get a UserID from one database table (Users) to be inserted into another table (Ticket)? Both columns in each table has the same datatype (int). Please take a look:
Users
UserID
UserName
Password
FirstName
LastName
Email
Updated
Deleted
Ticket
TicketID
DateCreated
UserIDNum FK
FullName
Email
Subject
Message
Deleted
These are all of the codes involved:
Partial Public Class mysupport
Inherits System.Web.UI.Page
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
If Page.IsPostBack Then
MaintainScrollPositionOnPostBack = True
SetFocus(helpTopicDDL)
Else
SetFocus(fullNameTXTBOX)
End If
Dim sConnection As New SqlConnection(ConfigurationManager.ConnectionStrings("TrackTicketsConnectionString2").ConnectionString)
sConnection.Open()
If Session("Ticket") Is Nothing Then
Response.Redirect("SignIn.aspx")
Else
Dim cmdS As String = "Select * from Users Where Deleted='N' AND Username=#Username"
Dim cmdCheckEmail As New SqlCommand(cmdS, sConnection)
Dim cmd As New Data.SqlClient.SqlParameter("#Username", Data.SqlDbType.VarChar)
cmdCheckEmail.Parameters.Add("#Username", SqlDbType.VarChar)
cmdCheckEmail.Parameters.Item("#Username").Value = Session("Ticket")
Dim obj As Object = cmdCheckEmail.ExecuteScalar()
If obj IsNot Nothing Then
mailLBL.Text = Convert.ToString(obj)
End If
End If
sConnection.Close()
End Sub
Protected Sub submitBTN_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles submitBTN.Click
Dim sdConnection As String = ConfigurationManager.AppSettings("TrackTicketsConnectionString2")
Dim iRowCount As Integer
Dim cmdInsertTicket As New Data.SqlClient.SqlCommand
Dim conticket As New Data.SqlClient.SqlConnection
conticket.ConnectionString = sdConnection
cmdInsertTicket.Connection = conticket
cmdInsertTicket.CommandText = "Insert Into Ticket " _
& "( DateCreated, FullName, Email, TicketType, Subject, Message, Deleted)" _
& "Values( #DateCreated, #FullName, #Email, #TicketType, #Subject, #Message, #Deleted)"
'Dim appUserName As New Data.SqlClient.SqlParameter("#UserName", Data.SqlDbType.NVarChar)
'cmdInsertTicket.Parameters.Add(appUserName)
'cmdInsertTicket.Parameters.Item("#UserName").Value = User.Identity.Name
Dim appDateCreated As New Data.SqlClient.SqlParameter("#DateCreated", Data.SqlDbType.DateTime)
cmdInsertTicket.Parameters.Add(appDateCreated)
cmdInsertTicket.Parameters.Item("#DateCreated").Value = Now()
Dim appFullName As New Data.SqlClient.SqlParameter("#FullName", Data.SqlDbType.VarChar)
cmdInsertTicket.Parameters.Add(appFullName)
cmdInsertTicket.Parameters.Item("#FullName").Value = fullNameTXTBOX.Text
Dim appEmail As New Data.SqlClient.SqlParameter("#Email", Data.SqlDbType.VarChar)
cmdInsertTicket.Parameters.Add(appEmail)
cmdInsertTicket.Parameters.Item("#Email").Value = emailAddTXTBOX.Text
Dim appTicketType As New Data.SqlClient.SqlParameter("#TicketType", Data.SqlDbType.VarChar)
cmdInsertTicket.Parameters.Add(appTicketType)
cmdInsertTicket.Parameters.Item("#TicketType").Value = helpTopicDDL.SelectedValue
Dim appSubject As New Data.SqlClient.SqlParameter("#Subject", Data.SqlDbType.VarChar)
cmdInsertTicket.Parameters.Add(appSubject)
cmdInsertTicket.Parameters.Item("#Subject").Value = subjectTXTBOX.Text
Dim appMessage As New Data.SqlClient.SqlParameter("#Message", Data.SqlDbType.VarChar)
cmdInsertTicket.Parameters.Add(appMessage)
cmdInsertTicket.Parameters.Item("#Message").Value = messageTXTBOX.Text
Dim appDeleted As New Data.SqlClient.SqlParameter("#Deleted", Data.SqlDbType.Char)
cmdInsertTicket.Parameters.Add(appDeleted)
cmdInsertTicket.Parameters.Item("#Deleted").Value = "N"
conticket.Open()
Try
iRowCount = cmdInsertTicket.ExecuteScalar()
statusLBL.Text = "Ticket has been submitted successfully."
Catch
statusLBL.Text = "Ticket has not been submitted. Please try again."
End Try
conticket.Close()
End Sub
What I really wanted is for a person's UserID to be stored in Ticket table after he has logged in to fill out a form and submitted it. I'm at a loss in how to pull the data from Users table to insert into Ticket table. Any help is much appreciated as I'm still learning.
EDIT:
Inserting the UserID into the Tickets table when adding a record first requires that you have access to the UserID value. You then need to pass this value in your INSERT statement.
Looks like we first need to retrieve the UserId. Since you are using FormsAuthentication we can retrieve the UserName from the User.Identity.Name object and use that as the value in our first query to retrieve the UserId.
Dim cmdS As String = "Select [UserID] from Users Where Deleted='N' AND UserName=#UserName"
Dim cmdGetUserId As New SqlCommand(cmdS, sConnection)
Dim cmd As New Data.SqlClient.SqlParameter("#UserName", Data.SqlDbType.VarChar)
cmdGetUserId.Parameters.Add("#UserName", SqlDbType.VarChar)
cmdGetUserId.Parameters.Item("#UserName").Value = User.Identity.Name
Dim obj As Object = cmdGetUserId.ExecuteScalar
Dim myUserId As Integer = Integer.Parse(obj)
Now that we have the UserId value for our current user we can modify our INSERT statement and parameters.
cmdInsertTicket.Connection = conticket
cmdInsertTicket.CommandText = "INSERT INTO Ticket " _
& "(UserID, DateCreated, FullName, Email, TicketType, Subject, Message, Deleted)" _
& "Values(#UserID, #DateCreated, #FullName, #Email, #TicketType, #Subject, #Message, #Deleted)"
Dim appUserId As New Data.SqlClient.SqlParameter("#UserID", Data.SqlDbType.Int)
cmdInsertTicket.Parameters.Add(appUserId)
cmdInsertTicket.Parameters.Item("#UserID").Value = myUserId
Dim appDateCreated As New Data.SqlClient.SqlParameter("#DateCreated", Data.SqlDbType.DateTime)
cmdInsertTicket.Parameters.Add(appDateCreated)
cmdInsertTicket.Parameters.Item("#DateCreated").Value = Now()
...
Dim appDeleted As New Data.SqlClient.SqlParameter("#Deleted", Data.SqlDbType.Char)
cmdInsertTicket.Parameters.Add(appDeleted)
cmdInsertTicket.Parameters.Item("#Deleted").Value = "N"
You can access authentication information through the User.Identity object once the user has been authenticated. Might also want to think about implementing a custom IIdentity class to store the UserID if you will need access to it often. Here's a good MSDN article about Custom Authentication: http://msdn.microsoft.com/en-us/library/ms172766(v=vs.80).aspx
UPDATE:
In regards to the comment below, you are retrieving the UserID because the SqlCommand is being executed with the ExecuteScalar method which returns the value of the first column of the first row. I would recommend taking a closer look at the SqlCommand object: http://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlcommand.aspx and this ADO.NET primer on MSDN: http://msdn.microsoft.com/en-us/library/e80y5yhx(v=vs.80).aspx
I currently have a problem attepting to update a record within my database. I have a webpage that displays in text boxes a users details, these details are taken from the session upon login. The aim is to update the details when the user overwrites the current text in the text boxes.
I have a function that runs when the user clicks the 'Save Details' button and it appears to work, as i have tested for number of rows affected and it outputs 1. However, when checking the database, the record has not been updated and I am unsure as to why.
I've have checked the SQL statement that is being processed by displaying it as a label and it looks as so:
UPDATE [users]
SET [email] = #email,
[firstname] = #firstname,
[lastname] = #lastname,
[promo] = #promo
WHERE [users].[user_id] = 16
The function and other relevant code is:
Sub Page_Load(sender As Object, e As EventArgs)
usernameLabel.text = session.contents.item("UserName")
if usernameLabel.text = "" then
logoutButton.Visible = False
loggedInAsLabel.Visible = False
else
labelGuest.Visible = False
linkLogin.Visible = False
linkRegister.Visible = False
end if
emailBox.text = session.contents.item("Email")
firstBox.text = session.contents.item("FirstName")
lastBox.text = session.contents.item("LastName")
promoBox.text = session.contents.item("Promo")
End Sub
Sub Button1_Click(sender As Object, e As EventArgs)
changeDetails(emailBox.text, firstBox.text, lastBox.text, promoBox.text)
End Sub
Function changeDetails(ByVal email As String, ByVal firstname As String, ByVal lastname As String, ByVal promo As String) As Integer
Dim connectionString As String = "Provider=Microsoft.Jet.OLEDB.4.0; Ole DB Services=-4; Data Source=C:\Documents an"& _
"d Settings\Paul Jarratt\My Documents\ticketoffice\datab\ticketoffice.mdb"
Dim dbConnection As System.Data.IDbConnection = New System.Data.OleDb.OleDbConnection(connectionString)
Dim queryString As String = "UPDATE [users] SET [email]=#email, [firstname]=#firstname, [lastname]=#lastname, "& _
"[promo]=#promo WHERE ([users].[user_id] = " + session.contents.item("ID") + ")"
Dim dbCommand As System.Data.IDbCommand = New System.Data.OleDb.OleDbCommand
dbCommand.CommandText = queryString
dbCommand.Connection = dbConnection
Dim dbParam_email As System.Data.IDataParameter = New System.Data.OleDb.OleDbParameter
dbParam_email.ParameterName = "#email"
dbParam_email.Value = email
dbParam_email.DbType = System.Data.DbType.[String]
dbCommand.Parameters.Add(dbParam_email)
Dim dbParam_firstname As System.Data.IDataParameter = New System.Data.OleDb.OleDbParameter
dbParam_firstname.ParameterName = "#firstname"
dbParam_firstname.Value = firstname
dbParam_firstname.DbType = System.Data.DbType.[String]
dbCommand.Parameters.Add(dbParam_firstname)
Dim dbParam_lastname As System.Data.IDataParameter = New System.Data.OleDb.OleDbParameter
dbParam_lastname.ParameterName = "#lastname"
dbParam_lastname.Value = lastname
dbParam_lastname.DbType = System.Data.DbType.[String]
dbCommand.Parameters.Add(dbParam_lastname)
Dim dbParam_promo As System.Data.IDataParameter = New System.Data.OleDb.OleDbParameter
dbParam_promo.ParameterName = "#promo"
dbParam_promo.Value = promo
dbParam_promo.DbType = System.Data.DbType.[String]
dbCommand.Parameters.Add(dbParam_promo)
Dim rowsAffected As Integer = 0
dbConnection.Open
Try
rowsAffected = dbCommand.ExecuteNonQuery
Finally
dbConnection.Close
End Try
labelTest.text = rowsAffected.ToString()
if rowsAffected = 1 then
labelSuccess.text = "* Your details have been updated and saved"
else
labelError.text = "* Your details could not be updated"
end if
End Function
Any help would be greatly appreciated.
Does your page have a RequiresTransaction property? If so, check that there are no exceptions thrown elsewhere during the request which might cause the transaction to roll back - leaving the data unchanged.
Are you sure that you're updating the database you think you're updating? I don't like the look of that connection string at all (and, frankly, I doubt Paul Jarratt would be too happy to see it posted here).