IMPLEMENTING THE BUSINESS LOGIC |
Chapter 21 |
495 |
|
|
|
|
|
sqlConnection1.Close();
foreach (DataRow myRow in dataSet11.Tables[“UserList”].Rows)
{
if (myRow[0].ToString().Trim().ToLower()==username.ToLower())
{
userexists=true;
}
}
if (userexists==false)
{
lblMessage.Text=”The user does not exist”; return;
}
sqlDataAdapter1.DeleteCommand.Parameters[0].Value=username; sqlConnection1.Open(); sqlDataAdapter1.DeleteCommand.ExecuteNonQuery(); sqlConnection1.Close();
lblMessage.Text=”User disabled successfully”; txtDelUserName.Text=””;
}
}
The ManageDatabases.aspx Form
The ManageDatabases.aspx form is used for moving data between the dtReser-
vations and dtDepartedFlights tables. It is also used to update the dtPassen-
gerDetails table for the frequent fliers program.
For updating the dtDepartedFlights and dtPassengerDetails tables,I have created stored procedures in SQL Server. These procedures are called from the SkyShark Airlines application so that the data can be updated directly at the back end. There are several advantages of using a stored procedure in this scenario:
Since the data is not required in the application, it does not need to be retrieved from the application and then posted back again.This saves a lot of unnecessary network congestion and improves the performance of the application and the database.
IMPLEMENTING THE BUSINESS LOGIC |
Chapter 21 |
497 |
|
|
|
|
|
To write the code for executing the UpdateReservations stored procedure from the SkyShark Airlines application,drag the Update Reservations stored procedure form Ser ver Explorer to the design view of the form. Visual Studio .NET automatically creates the sqlDataAdapter1 and sqlCommand1 controls. To run the stored procedure when a user clicks on the Archive button, write the following code for the Click event of the Archive button:
private void BtnArchive_Click(object sender, System.EventArgs e)
{
lblMessage.Text=””; sqlConnection1.Open();
sqlCommand1.Parameters[1].Value=DateTime.Today.Date.ToShortDateString(); sqlCommand1.ExecuteNonQuery();
sqlConnection1.Close(); lblMessage.Text=”Done.”;
}
To move data between the dtDepartedFlights and dtPassengerDetails tables, I
have created the FrequentFlier stored procedure.The definition of this procedure is given as follows:
CREATE PROCEDURE FrequentFlier
AS
DELETE dtFrequentFliers
INSERT INTO dtPassengerDetails
SELECT EMail, Sum(Fare), Count(EMail) from dtDepartedFlights where EMAIL!=’NotSpecified’ group by EMail
GO
To run this procedure, specify the following code in the Click event of the Update button:
private void btnUpdate_Click(object sender, System.EventArgs e)
{
lblMessage.Text=””; sqlConnection1.Open(); sqlCommand2.ExecuteNonQuery(); sqlConnection1.Close(); lblMessage.Text=”Done.”;
}
IMPLEMENTING THE BUSINESS LOGIC |
Chapter 21 |
499 |
|
|
|
|
|
The SkyShark Airlines application enforces this constraint by using Session variables. The role of the user is queried from these variables in the Load event of all forms. When the role of the user matches with the intended audience of the form, the user is allowed to load the Web form. If the user should not be allowed to access the page, the user is redirected to the default.aspx page.The code that controls access to Web pages in the Load event of forms for network administrators is given as follows:
private void Page_Load(object sender, System.EventArgs e)
{
if (Session[“usrRole”]==null)
{
Response.Redirect(“..\\default.aspx”);
}
if (!(Session[“usrRole”].ToString()==”Admin”))
{
Response.Redirect(“..\\default.aspx”);
}
else
{
txtUser.Text=”Changing password for “+ Session[“usrName”].ToString();
}
}
NOTE
You need to add the code given here in the Load event of all forms. The only precaution you need to take is that you should change the value to check in the if clause ((!(Session[“usrRole”].ToString()==”Admin”))) to “BA” for business managers and “LOB” for LOB executives.