using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using
System.Web.UI.WebControls;
using
System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Web.Mail;
using System.Data.SqlClient;
public partial class pgVerification : System.Web.UI.Page
{
DataAccess
data = new DataAccess();
string ans1 = "";
string ans2 = "";
string ans3 = "";
string ans4 = "";
string ans5 = "";
string email = "";
DateTime
dob;
string gender = "";
protected void Page_Load(object sender, EventArgs e)
{
txtUId.Text = Session["TranUid"].ToString();
data.DBReaderOpen("select * from security where uid=" + Convert.ToInt32(Session["TranUid"].ToString()));
if (data.dr.HasRows)
{
data.dr.Read();
txtQ1.Text = data.dr["SecQues1"].ToString();
txtQ2.Text = data.dr["SecQues2"].ToString();
txtQ3.Text = data.dr["SecQues3"].ToString();
txtQ4.Text = data.dr["SecQues4"].ToString();
txtQ5.Text = data.dr["SecQues5"].ToString();
ans1 = data.dr["SecAnswer1"].ToString();
ans2 = data.dr["SecAnswer2"].ToString();
ans3 = data.dr["SecAnswer3"].ToString();
ans4 = data.dr["SecAnswer4"].ToString();
ans5 = data.dr["SecAnswer5"].ToString();
email = data.dr["EMail"].ToString();
gender = data.dr["gender"].ToString();
dob = Convert.ToDateTime(data.dr["DOB"].ToString());
}
else
{
Response.Write("<script> alert('You Are Exceed The Credit
Limit')</script>");
}
data.DBReaderClose();
}
protected void btnSubmit_Click(object
sender, EventArgs e)
{
if (email == txtEmail.Text &&
gender == ddlGender.SelectedItem.Text && dob == Convert.ToDateTime(txtDOB.Text) && ans1 == txtAns1.Text
&& ans2 == txtAns2.Text && ans3 == txtAns3.Text && ans4
== txtAns4.Text && ans5 == txtAns5.Text)
{
if (Convert.ToInt32(Session["SumAmount"].ToString()) + Convert.ToInt32(Session["Amt"].ToString())
<= Convert.ToInt32(Session["creditLimit"].ToString()))
{
data.DBOpen();
data.cmd = new SqlCommand("Account_SP",
data.cn);
data.cmd.CommandType = CommandType.StoredProcedure;
data.cmd.Parameters.Add(new SqlParameter("@cardNo",
Session["CardNo"].ToString()));
data.cmd.Parameters.Add(new SqlParameter("@holderName",
Session["HolderName"].ToString()));
data.cmd.Parameters.Add(new SqlParameter("@HolderAddress",
Session["Address"].ToString()));
data.cmd.Parameters.Add(new SqlParameter("@ACNO",
Session["AccountNo"].ToString()));
data.cmd.Parameters.Add(new SqlParameter("@BankName",
Session["BankName"].ToString()));
data.cmd.Parameters.Add(new SqlParameter("@PlaceofTransaction",
Session["Place"].ToString()));
data.cmd.Parameters.Add(new SqlParameter("@PlaceId",
Convert.ToInt32(Session["PlaceId"].ToString())));
data.cmd.Parameters.Add(new SqlParameter("@Amount",
Convert.ToInt32(Session["Amt"].ToString())));
data.cmd.Parameters.Add(new SqlParameter("@DateTime",
DateTime.Now));
data.cmd.ExecuteNonQuery();
data.DBCmdClose();
Response.Redirect("pgTransaction.aspx");
}
}
else
{
Response.Write("<script> alert('One or Some Of Your Answer Was
Wrong So This Transaction Will Be Abort') </script>");
Response.Write("<script> alert('TO View Your Answers Login To
Your Account') </script>");
data.DBReaderOpen("Select email from UserInfo Where Uid=" +
Convert.ToInt32(Session["TranUid"].ToString()));
data.dr.Read();
string TOEmail = data.dr["Email"].ToString();
data.DBReaderClose();
SmtpMail.Send("jmsatheesh@gmail.com",TOEmail, "Unusal Transaction Made", "Unusal Transaction Made");
data.DBCmdOpen("exec fraudTran_SP '"+ Session["CardNo"].ToString()
+"','"+ Session["HolderName"].ToString()
+"','" + Session["Address"].ToString()+ "',' "+ Session["AccountNo"].ToString()
+"','"+Session["BankName"].ToString() +"','" +Session["Place"].ToString()+"',"+Convert.ToInt32(Session["PlaceId"].ToString())+","+Convert.ToInt32(Session["Amt"].ToString())+",'"+DateTime.Now+"'");
data.DBCmdClose();
}
}
}
No comments:
Post a Comment