UserRegistration.aspx.vb Code
Code:
Imports System.Data
Imports System.Data.SqlClient
Partial Class UserRegistration
Inherits System.Web.UI.Page
Protected Sub btnRegister_Click(sender As Object, e As EventArgs)
Try
' Validate inputs
If String.IsNullOrWhiteSpace(txtName.Text) OrElse
String.IsNullOrWhiteSpace(txtEmail.Text) OrElse
String.IsNullOrWhiteSpace(txtPhone.Text) OrElse
String.IsNullOrWhiteSpace(txtAddress.Text) OrElse
String.IsNullOrWhiteSpace(txtDOB.Text) Then
Response.Write("")
Return
End If
Dim name As String = txtName.Text.Trim()
Dim email As String = txtEmail.Text.Trim()
Dim phone As String = txtPhone.Text.Trim()
Dim address As String = txtAddress.Text.Trim()
Dim gender As String = ddlGender.SelectedValue
Dim dob As Date
' Validate and parse date
If Not Date.TryParse(txtDOB.Text, dob) Then
Response.Write("")
Return
End If
' Direct connection string
Dim conStr As String = "Data Source=DESKTOP-TQTJRA3;Initial Catalog=Hussain_Food_Manager;Integrated Security=True"
Using con As New SqlConnection(conStr)
Dim query As String = "INSERT INTO Users (Name, Email, Phone, Address, Gender, DOB)" &
" VALUES (@Name, @Email, @Phone, @Address, @Gender, @DOB)"
Using cmd As New SqlCommand(query, con)
cmd.Parameters.Add("@Name", SqlDbType.NVarChar).Value = name
cmd.Parameters.Add("@Email", SqlDbType.NVarChar).Value = email
cmd.Parameters.Add("@Phone", SqlDbType.NVarChar).Value = phone
cmd.Parameters.Add("@Address", SqlDbType.NVarChar).Value = address
cmd.Parameters.Add("@Gender", SqlDbType.NVarChar).Value = gender
cmd.Parameters.Add("@DOB", SqlDbType.Date).Value = dob
con.Open()
cmd.ExecuteNonQuery()
con.Close()
Response.Write("")
End Using
End Using
' Clear form fields
txtName.Text = ""
txtEmail.Text = ""
txtPhone.Text = ""
txtAddress.Text = ""
txtDOB.Text = ""
ddlGender.SelectedIndex = 0
Catch ex As Exception
' Log error and show user-friendly message
Response.Write("")
End Try
End Sub
End Class
ProductSearch.aspx.vb Code
Code:
Imports System.Data
Imports System.Data.SqlClient
Partial Class ProductSearch
Inherits System.Web.UI.Page
Protected Sub btnSearch_Click(sender As Object, e As EventArgs)
Try
Dim productID As String = txtProductID.Text.Trim()
Dim productName As String = txtProductName.Text.Trim()
Dim description As String = txtDescription.Text.Trim()
' Update the connection string with the actual database name
Dim conStr As String = "workstation id=HussainDatabse.mssql.somee.com;packet size=4096;user id=hussain123_SQLLogin_1;pwd=ss7xmwadf2;data source=HussainDatabse.mssql.somee.com;persist security info=False;initial catalog=HussainDatabse;TrustServerCertificate=True"
Using con As New SqlConnection(conStr)
Dim query As String = "SELECT Product_ID, Product_Name, Product_Description, Price " &
"FROM Product " &
"WHERE (@ProductID = '' OR Product_ID = @ProductID) " &
"AND (@ProductName = '' OR Product_Name LIKE '%' + @ProductName + '%') " &
"AND (@Description = '' OR Product_Description LIKE '%' + @Description + '%')"
Using cmd As New SqlCommand(query, con)
' Use strongly-typed parameters
cmd.Parameters.Add("@ProductID", SqlDbType.NVarChar).Value = productID
cmd.Parameters.Add("@ProductName", SqlDbType.NVarChar).Value = productName
cmd.Parameters.Add("@Description", SqlDbType.NVarChar).Value = description
Using adapter As New SqlDataAdapter(cmd)
Dim dt As New DataTable()
adapter.Fill(dt)
If dt.Rows.Count > 0 Then
GridView1.DataSource = dt
GridView1.DataBind()
Else
' Clear GridView and show a message if no results are found
GridView1.DataSource = Nothing
GridView1.DataBind()
Response.Write("")
End If
End Using
End Using
End Using
Catch ex As Exception
' Log error and show user-friendly message
Response.Write("")
End Try
End Sub
End Class