Scribd
Upload
7 views30 pages

Code

This document is a C# Windows Forms application code for managing a clothing store's staff, products, customers, and orders. It includes functionalities for connecting to a SQL database, displaying data, creating, editing, deleting, and searching for products, customers, and orders. The application handles database connections, executes SQL commands, and updates the user interface accordingly.

Uploaded by

Pham Qui Luc (BTEC HN)
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views30 pages

Code

This document is a C# Windows Forms application code for managing a clothing store's staff, products, customers, and orders. It includes functionalities for connecting to a SQL database, displaying data, creating, editing, deleting, and searching for products, customers, and orders. The application handles database connections, executes SQL commands, and updates the user interface accordingly.

Uploaded by

Pham Qui Luc (BTEC HN)
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 30

using System;

using System.Collections.Generic;

using System.ComponentModel;

using System.Data;

using System.Drawing;

using System.Linq;

using System.Text;

using System.Threading.Tasks;

using System.Windows.Forms;

using System.Data.SqlClient;

using System.Globalization;

using System.IO;

using System.Net.NetworkInformation;

namespace Quanlibanquanao

public partial class staff : Form

SqlConnection conn;

public staff()

InitializeComponent();

createConnection();

}
private void createConnection()

try

String stringConnection = "Server=DESKTOP-TMCDUUR\\LUCKDAT;Database=ASM2;


Integrated Security = true";

conn = new SqlConnection(stringConnection);

MessageBox.Show(" Connection Successful");

catch (Exception ex)

MessageBox.Show(" Erorr createconnection " + ex.Message);

// Toàn bộ code của phần Prorduct bao gồm ( Search).

private void DisplayDataProduct()

try

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

string sql = "select * from product";

cmd.CommandText = sql;
cmd.ExecuteNonQuery();

DataTable data = new DataTable();

SqlDataAdapter da = new SqlDataAdapter(cmd);

da.Fill(data);

dgvproduct.DataSource = data;

MessageBox.Show("Successful");

conn.Close();

catch (Exception ex)

MessageBox.Show("Erorr DisplayData Product" + ex.Message);

finally

if (conn.State == ConnectionState.Open)

conn.Close();

private void product_Click(object sender, EventArgs e)

DisplayDataProduct();
}

private void SearchProduct(string productId)

try

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

string sql = "SELECT productId, productName, category, size, color, price, stockQuantity,
description, imageData FROM product WHERE productId = @productId";

cmd.CommandText = sql;

cmd.Parameters.Add("@productId", SqlDbType.Int);

cmd.Parameters["@productId"].Value = productId;

SqlDataReader reader = cmd.ExecuteReader();

if (reader.Read())

string productIdResult = reader["productId"].ToString();

string productNameResult = reader["productName"].ToString();

string categoryResult = reader["category"].ToString();

string sizeResult = reader["size"].ToString();

string colorResult = reader["color"].ToString();

string priceResult = reader["price"].ToString();

string stockQuantityResult = reader["stockQuantity"].ToString();

string descriptionResult = reader["description"].ToString();


byte[] imageData = (byte[])reader["imageData"];

using (MemoryStream ms = new MemoryStream(imageData))

pictureBoxProduct.Image = Image.FromStream(ms);

MessageBox.Show("Product Id: " + productIdResult + "\n" +

"Product Name: " + productNameResult + "\n" +

"Category: " + categoryResult + "\n" +

"Size: " + sizeResult + "\n" +

"Color: " + colorResult + "\n" +

"Price: " + priceResult + "\n" +

"Stock Quantity: " + stockQuantityResult + "\n" +

"Description: " + descriptionResult);

else

MessageBox.Show("No product found with this product Id.");

conn.Close();

catch (Exception ex)

MessageBox.Show("Lỗi khi lấy thông tin Product theo ProductId: " + ex.Message);
}

private void btnsearchProduct_Click(object sender, EventArgs e)

string productId = txtproductId.Text;

SearchProduct(productId);

DisplayDataProduct();

private DataTable GetFilteredProducts(string category, decimal? minPrice, decimal? maxPrice)

if (conn.State == ConnectionState.Closed)

conn.Open();

StringBuilder query = new StringBuilder("SELECT * FROM product WHERE 1 = 1");

if (!string.IsNullOrEmpty(category))

query.Append(" AND category LIKE @category");

if (minPrice.HasValue)

query.Append(" AND price >= @minPrice");

if (maxPrice.HasValue)

{
query.Append(" AND price <= @maxPrice");

using (SqlCommand command = new SqlCommand(query.ToString(), conn))

if (!string.IsNullOrEmpty(category))

command.Parameters.Add(new SqlParameter("@category", SqlDbType.VarChar) { Value = "%"


+ category + "%" });

if (minPrice.HasValue)

command.Parameters.Add(new SqlParameter("@minPrice", SqlDbType.Decimal) { Value =


minPrice.Value });

if (maxPrice.HasValue)

command.Parameters.Add(new SqlParameter("@maxPrice", SqlDbType.Decimal) { Value =


maxPrice.Value });

DataTable dt = new DataTable();

try

SqlDataAdapter adapter = new SqlDataAdapter(command);

adapter.Fill(dt);

}
catch (Exception ex)

MessageBox.Show("Lỗi khi truy vấn dữ liệu: " + ex.Message);

finally

conn.Close();

return dt;

private void btnfilter_Click(object sender, EventArgs e)

string categoryFilter = txtcategory1.Text.Trim();

string minPriceText = txtminPrice.Text.Trim();

string maxPriceText = txtmaxPrice.Text.Trim();

decimal? minPrice = string.IsNullOrWhiteSpace(minPriceText) ? (decimal?)null :


Convert.ToDecimal(minPriceText);

decimal? maxPrice = string.IsNullOrWhiteSpace(maxPriceText) ? (decimal?)null :


Convert.ToDecimal(maxPriceText);

DataTable filteredProducts = GetFilteredProducts(categoryFilter, minPrice, maxPrice);

if (filteredProducts.Rows.Count == 0)

MessageBox.Show("Không tìm thấy sản phẩm nào phù hợp với tiêu chí lọc.");
dgvproduct.DataSource = null;

else

dgvproduct.DataSource = filteredProducts;

private void btnexitProduct_Click(object sender, EventArgs e)

DialogResult result = MessageBox.Show("Exit ?", "Ok", MessageBoxButtons.YesNo,


MessageBoxIcon.Question);

if (result == DialogResult.Yes)

Application.Exit();

else

return;

// Toàn bộ code của phần customer bao gồm (Create , Edit, Delete, Search).

private void DisplayDataCustomer()

try
{

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

string sql = "select * from customer";

cmd.CommandText = sql;

cmd.ExecuteNonQuery();

DataTable data = new DataTable();

SqlDataAdapter da = new SqlDataAdapter(cmd);

da.Fill(data);

dgvcustomer.DataSource = data;

MessageBox.Show("Successful");

conn.Close();

catch (Exception ex)

MessageBox.Show(" Erorr DisplayData Customer" + ex.Message);

finally

if (conn.State == ConnectionState.Open)

conn.Close();
}

private void customer_Click_1(object sender, EventArgs e)

DisplayDataCustomer();

private void CreateCustomer()

try

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

String sql = " INSERT INTO customer (fullName, email, phoneNumber, address) VALUES
(@fullName, @email, @phoneNumber, @address)";

cmd.Parameters.Add("@fullName", SqlDbType.VarChar);

cmd.Parameters["@fullName"].Value = txtfullNamec.Text.ToString();

cmd.Parameters.Add("@email", SqlDbType.VarChar);

cmd.Parameters["@email"].Value = txtemailc.Text.ToString();

cmd.Parameters.Add("@phoneNumber", SqlDbType.VarChar);

cmd.Parameters["@phoneNumber"].Value = txtphoneNumberc.Text.ToString();

cmd.Parameters.Add("@address", SqlDbType.Text);

cmd.Parameters["@address"].Value = txtaddressc.Text;
cmd.CommandText = sql;

cmd.ExecuteNonQuery();

MessageBox.Show(" Successful Create Customer");

conn.Close();

catch (Exception ex)

MessageBox.Show(" Erorr Create Customer " + ex.Message);

private void btncreateCustomer_Click_1(object sender, EventArgs e)

DisplayDataCustomer();

CreateCustomer();

private void DeleteCustomer()

try

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

String sql = " DELETE FROM customer WHERE customerId = @customerId";


cmd.Parameters.Add("@customerId", SqlDbType.Int);

cmd.Parameters["@CustomerId"].Value = Convert.ToInt32(txtcustomerId.Text.ToString());

cmd.CommandText = sql;

cmd.ExecuteNonQuery();

MessageBox.Show(" Successful Delete");

conn.Close();

catch (Exception ex)

MessageBox.Show(" Erorr Delete Customer " + ex.Message);

private void btndeleteCustomer_Click_1(object sender, EventArgs e)

String customerId = btndeleteCustomer.Text.ToString();

DialogResult re = MessageBox.Show(" Delete " + customerId, "Ok",


MessageBoxButtons.YesNo, MessageBoxIcon.Question);

if (re == DialogResult.Yes)

DisplayDataCustomer();

DeleteCustomer();

DisplayDataCustomer();

DeleteCustomer();
}

private void EditCustomer()

try

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

string sql = "UPDATE customer SET fullName = @fullName, email = @email, phoneNumber =
@phoneNumber, address = @address WHERE customerId = @customerId";

cmd.Parameters.Add("@customerId", SqlDbType.Int);

cmd.Parameters["@customerId"].Value = Convert.ToInt32(txtcustomerId.Text.ToString());

cmd.Parameters.Add("@fullName", SqlDbType.VarChar);

cmd.Parameters["@fullName"].Value = txtfullNamec.Text.ToString();

cmd.Parameters.Add("@email", SqlDbType.VarChar);

cmd.Parameters["@email"].Value = txtemailc.Text.ToString();

cmd.Parameters.Add("@phoneNumber", SqlDbType.VarChar);

cmd.Parameters["@phoneNumber"].Value = txtphoneNumberc.Text.ToString();

cmd.Parameters.Add("@address", SqlDbType.Text);

cmd.Parameters["@address"].Value = txtaddressc.Text;

cmd.CommandText = sql;

cmd.ExecuteNonQuery();

MessageBox.Show(" Successfu Edit ");

conn.Close();
}

catch (Exception ex)

MessageBox.Show(" Erorr Edit");

private void btneditCustomer_Click_1(object sender, EventArgs e)

DisplayDataCustomer();

EditCustomer();

private void SearchCustomer(string customerId)

try

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

string sql = "SELECT customerId, fullName, email, phoneNumber, address FROM customer
WHERE customerId = @customerId";

cmd.CommandText = sql;

cmd.Parameters.Add("@customerId", SqlDbType.Int);

cmd.Parameters["@customerId"].Value = customerId;

SqlDataReader reader = cmd.ExecuteReader();


if (reader.Read())

string customerIdResult = reader["customerId"].ToString();

string fullNameResult = reader["fullName"].ToString();

string emailResult = reader["email"].ToString();

string phoneNumberResult = reader["phoneNumber"].ToString();

string addressResult = reader["address"].ToString();

MessageBox.Show("Customer Id: " + customerIdResult + "\n" +

"Full Name: " + fullNameResult + "\n" +

"Email: " + emailResult + "\n" +

"Phone Number: " + phoneNumberResult + "\n" +

"Address: " + addressResult);

else

MessageBox.Show("Successful Search");

conn.Close();

catch (Exception ex)

MessageBox.Show("Erorr Search: " + ex.Message);

}
}

private void btnsearchCustomer_Click_1(object sender, EventArgs e)

string customerId = txtcustomerId.Text;

SearchCustomer(customerId);

DisplayDataCustomer();

private void btnexitCustomer_Click(object sender, EventArgs e)

DialogResult result = MessageBox.Show("Exit ?", "Ok", MessageBoxButtons.YesNo,


MessageBoxIcon.Question);

if (result == DialogResult.Yes)

Application.Exit();

else

return;

private void btnexitOrder_Click(object sender, EventArgs e)

DialogResult result = MessageBox.Show("Exit ?", "Ok", MessageBoxButtons.YesNo,


MessageBoxIcon.Question);
if (result == DialogResult.Yes)

Application.Exit();

else

return;

private void DisplayDataOrder()

try

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

string sql = "select * from orders";

cmd.CommandText = sql;

cmd.ExecuteNonQuery();

DataTable data = new DataTable();

SqlDataAdapter da = new SqlDataAdapter(cmd);

da.Fill(data);

dgvorder.DataSource = data;
MessageBox.Show("Successfull");

conn.Close();

catch (Exception ex)

MessageBox.Show(" Erorr DisplayData Order" + ex.Message);

finally

if (conn.State == ConnectionState.Open)

conn.Close();

private void order_Click_1(object sender, EventArgs e)

DisplayDataOrder();

private void CreateOrder()

try

{
conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

string sql = "INSERT INTO orders (orderDate,customerId, staffId, totalAmount) VALUES


(@orderDate, @customerId, @staffId, @totalAmount)";

if (DateTime.TryParse(txtorderDate.Text, out DateTime orderDate))

cmd.Parameters.Add("@orderDate", SqlDbType.Date);

cmd.Parameters["@orderDate"].Value = orderDate;

else

throw new Exception(" Erorr Order Date");

cmd.Parameters.Add("@totalAmount", SqlDbType.Decimal);

cmd.Parameters["@totalAmount"].Value = txttotalAmount.Text.ToString();

cmd.Parameters.Add("@staffId", SqlDbType.Int);

cmd.Parameters["@staffId"].Value = Convert.ToInt32(txtstaffIdo.Text.ToString());

cmd.Parameters.Add("@customerId", SqlDbType.Int);

cmd.Parameters["@customerId"].Value = Convert.ToInt32(txtcustomerIdo.Text.ToString());

cmd.CommandText = sql;

cmd.ExecuteNonQuery();

MessageBox.Show("Successful Create");

}
catch (Exception ex)

MessageBox.Show("Erorr Create: " + ex.Message);

finally

if (conn.State == System.Data.ConnectionState.Open)

conn.Close();

private void btncreateOrder_Click(object sender, EventArgs e)

DisplayDataOrder();

CreateOrder();

private void DeleteOrder()

try

conn.Open();

SqlCommand cmd = conn.CreateCommand();


cmd.CommandType = System.Data.CommandType.Text;

String sql = " DELETE FROM orders WHERE orderId = @orderId";

cmd.Parameters.Add("@orderId", SqlDbType.Int);

cmd.Parameters["@orderId"].Value = Convert.ToInt32(txtorderId.Text.ToString());

cmd.CommandText = sql;

cmd.ExecuteNonQuery();

MessageBox.Show(" Successful Delete");

conn.Close();

catch (Exception ex)

MessageBox.Show(" Erorr Delete Order " + ex.Message);

private void btndeleteOrder_Click(object sender, EventArgs e)

String orderId = btndeleteOrder.Text.ToString();

DialogResult re = MessageBox.Show(" Delete" + orderId, "Ok", MessageBoxButtons.YesNo,


MessageBoxIcon.Question);

if (re == DialogResult.Yes)

DisplayDataOrder();

DeleteOrder();

}
DisplayDataOrder();

DeleteOrder();

private void EditOrder()

try

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

string sql = "UPDATE orders SET orderdate = @orderdate, customerId = @customerId, staffId
= @staffId, totalAmount = @totalAmount WHERE orderId = @orderId";

cmd.Parameters.Add("@orderId", SqlDbType.Int);

cmd.Parameters["@orderId"].Value = Convert.ToInt32(txtorderId.Text.ToString());

if (DateTime.TryParse(txtorderDate.Text, out DateTime orderDate))

cmd.Parameters.Add("@orderDate", SqlDbType.Date);

cmd.Parameters["@orderDate"].Value = orderDate;

else

throw new Exception(" Erorr Order Date");

cmd.Parameters.Add("@totalAmount", SqlDbType.Decimal);
cmd.Parameters["@totalAmount"].Value = txttotalAmount.Text.ToString();

cmd.Parameters.Add("@staffId", SqlDbType.Int);

cmd.Parameters["@staffId"].Value = Convert.ToInt32(txtstaffIdo.Text.ToString());

cmd.Parameters.Add("@customerId", SqlDbType.Int);

cmd.Parameters["@customerId"].Value = Convert.ToInt32(txtcustomerIdo.Text.ToString());

cmd.CommandText = sql;

cmd.ExecuteNonQuery();

MessageBox.Show("Successful Edit ");

conn.Close();

catch (Exception ex)

MessageBox.Show("Erorr Edit");

private void btneditOrder_Click(object sender, EventArgs e)

DisplayDataOrder();

EditOrder();

private void SearchOrder(string orderId)

try
{

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

string sql = "SELECT orderId, orderDate, customerId, staffId, totalAmount FROM orders
WHERE orderId = @orderId";

cmd.CommandText = sql;

cmd.Parameters.Add("@orderId", SqlDbType.Int);

cmd.Parameters["@orderId"].Value = orderId;

SqlDataReader reader = cmd.ExecuteReader();

if (reader.Read())

string orderIdResult = reader["orderId"].ToString();

string orderdateResult = reader["orderDate"].ToString();

string customerIdResult = reader["customerId"].ToString();

string staffIdResult = reader["staffId"].ToString();

string totalmountResult = reader["totalmount"].ToString();

MessageBox.Show("Order Id: " + orderIdResult + "\n" +

"Order Date: " + orderdateResult + "\n" +

"Customer Id: " + customerIdResult + "\n" +

"Staff Id: " + staffIdResult + "\n" +

"Ttal Amount: " + totalmountResult);

else
{

MessageBox.Show("Successful Search.");

conn.Close();

catch (Exception ex)

MessageBox.Show("Erorr Search: " + ex.Message);

private void btnsearchOrder_Click(object sender, EventArgs e)

string orderId = txtorderId.Text;

SearchCustomer(orderId);

DisplayDataCustomer();

private void DisplayDataOrderDetail()

try

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;
string sql = "select * from orderDetails";

cmd.CommandText = sql;

cmd.ExecuteNonQuery();

DataTable data = new DataTable();

SqlDataAdapter da = new SqlDataAdapter(cmd);

da.Fill(data);

dgvorderDetails.DataSource = data;

MessageBox.Show("Successful");

conn.Close();

catch (Exception ex)

MessageBox.Show(" Erorr DisplayData Order Details" + ex.Message);

finally

if (conn.State == ConnectionState.Open)

conn.Close();

private void orderDetails_Click(object sender, EventArgs e)


{

DisplayDataOrderDetail();

private void SearchOrderDetail(string orderDetailsId)

try

conn.Open();

SqlCommand cmd = conn.CreateCommand();

cmd.CommandType = System.Data.CommandType.Text;

string sql = "SELECT orderDetailsId, orderId, productId, quantity, price FROM orders WHERE
orderDetailsId = @orderDetailsId";

cmd.CommandText = sql;

cmd.Parameters.Add("@orderDetailsId", SqlDbType.Int);

cmd.Parameters["@orderDetailsId"].Value = orderDetailsId;

SqlDataReader reader = cmd.ExecuteReader();

if (reader.Read())

string orderDetailsIdResult = reader["orderDetailsId"].ToString();

string orderIdResult = reader["orderId"].ToString();

string productIdResult = reader["productId"].ToString();

string quantityResult = reader["quantity"].ToString();

string priceResult = reader["price"].ToString();

MessageBox.Show("Order Details Id: " + orderDetailsIdResult + "\n" +


"Order Id: " + orderIdResult + "\n" +

"Product Id: " + productIdResult + "\n" +

"Quantity: " + quantityResult + "\n" +

"Price: " + priceResult);

else

MessageBox.Show("Successful Search");

conn.Close();

catch (Exception ex)

MessageBox.Show("Erorr Search orderDetalsId: " + ex.Message);

private void btnsearchOrderDetailId_Click(object sender, EventArgs e)

string orderDetailsId = txtorderDetailId.Text;

SearchCustomer(orderDetailsId);

DisplayDataCustomer();

private void btnexitOrderDetails_Click(object sender, EventArgs e)


{

DialogResult result = MessageBox.Show("Exit ?", "Ok", MessageBoxButtons.YesNo,


MessageBoxIcon.Question);

if (result == DialogResult.Yes)

Application.Exit();

else

return;

tại sao khi search product và customer thì đúng, mà search orders và orderDetails thì lại ra thông
tin của customer là sao phải ra thông tin của orders và orderDetails chứ

You might also like