using System;
using System.Data;
using System.Collections.Generic;
using System.Collections;
using System.Data.SqlClient;
using System.Web;
using System.Web.Services;
using System.Web.Services.Protocols;
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
public class AdminService : System.Web.Services.WebService
{
public AdminService()
{ //Uncomment the following line if using designed components
//InitializeComponent();
}
public static SqlConnection SQLConn = new SqlConnection("Data Source=.\\SQLEXPRESS;AttachDbFilename=|DataDirectory|\\Database1.mdf;Integrated Security=True;User Instance=True");
public static SqlDataAdapter SQLAdp = new SqlDataAdapter("select * from users", SQLConn);
public static DataSet DataS = new DataSet();
[WebMethod]
public DataSet Query_DB(string table, string column, string wordsearch)
{
DataS.Clear();
if (SQLConn.State == ConnectionState.Closed)
SQLConn.Open();
SQLAdp.SelectCommand.CommandText = "select * from [" + table + "] where " + column + " like (`" + wordsearch + "`)";
SQLAdp.Fill(DataS, "" + table + "");
return DataS;
}
[WebMethod]
public DataSet dataset(string name)
{
if (SQLConn.State == ConnectionState.Closed)
SQLConn.Open();
DataS.Clear();
SQLAdp.SelectCommand.CommandText = "SELECT * FROM [" + name + "]";
SQLAdp.Fill(DataS, "" + name + "");
return DataS;
}
[WebMethod]
public DataSet delete_DB(string table, string column, string wordsearch)
{
DataS.Clear();
if (SQLConn.State == ConnectionState.Closed)
SQLConn.Open();
SqlCommand Mycomd = new SqlCommand("Delete From [" + table + "] where [" + column + " ] = @wordsearch", SQLConn);
Mycomd.Parameters.Add(new SqlParameter("@wordsearch", wordsearch));
Mycomd.ExecuteNonQuery();
// SQLAdp.SelectCommand.CommandText = "delete from [" + table + "] where " + column + " like (`" + wordsearch + "`)";
SQLAdp.Fill(DataS, "" + table + "");
return DataS;
}
[WebMethod]
public string insert_Colorie(string name, string types, int calories)
{
DataS.Clear();
if (SQLConn.State == ConnectionState.Closed)
SQLConn.Open();
SQLAdp.SelectCommand.CommandText = "select name from colorie where name=`" + name + "`";
int r = SQLAdp.Fill(DataS, "colorie");
if (r > 0)
{
return "User Name Already Registered";
}
else
{
//SQLAdp.SelectCommand.CommandText = "insert into colorie values(`" + name + "`,`" + types + "`," + calories + ")";
//SQLAdp.Fill(DataS, "colorie");
SqlCommand insert = new SqlCommand();
insert.Connection = SQLConn;
insert.CommandText = "INSERT INTO colorie (Name, Type, Calories ) VALUES(@Name, @types, @Calories)";
insert.Parameters.Add(new SqlParameter("@name", name));
insert.Parameters.Add(new SqlParameter("@types", types));
insert.Parameters.Add(new SqlParameter("@Calories", calories));
insert.Parameters[0].Value = name;
insert.Parameters[1].Value = types;
insert.Parameters[2].Value = Convert.ToInt32(calories);
insert.ExecuteNonQuery();
return "Sucessfull Insert";
}
}
[WebMethod]
public string insert_doctors(string name, string user_name, string password, string mobile, string Email)
{
DataS.Clear();
if (SQLConn.State == ConnectionState.Closed)
SQLConn.Open();
SQLAdp.SelectCommand.CommandText = "select User_name from doctors where user_name=`" + user_name + "`";
int r = SQLAdp.Fill(DataS, "doctors");
if (r > 0)
{
return "User Name Already Registered";
}
else
{
// SQLAdp.SelectCommand.CommandText = "insert into doctors values(`" + name + "`,`" +user_name+ "`,`"+password+"`,`"+mobile+"`,`"+Email+"`)";
// SQLAdp.Fill(DataS, "doctors");
SqlCommand insert = new SqlCommand();
insert.Connection = SQLConn;
insert.CommandText = "INSERT INTO doctors (Name, User_Name, Password, Mobile , Email ) VALUES(@Name,@User_Name, @Password, @Mobile , @Email)";
insert.Parameters.Add(new SqlParameter("@name", name));
insert.Parameters.Add(new SqlParameter("@user_Name", user_name));
insert.Parameters.Add(new SqlParameter("@password", password));
insert.Parameters.Add(new SqlParameter("@mobile", mobile));
insert.Parameters.Add(new SqlParameter("@Email", Email));
insert.Parameters[0].Value = name;
insert.Parameters[1].Value = user_name;
insert.Parameters[2].Value = password;
insert.Parameters[3].Value = Convert.ToInt32(mobile);
insert.Parameters[4].Value = Email;
insert.ExecuteNonQuery();
return "Sucessfull Insert";
}
}
[WebMethod]
public string insert_Diet(string user_name, string Day, string breakfast, string lunch, string Dinner, string Exercises)
{
DataS.Clear();
if (SQLConn.State == ConnectionState.Closed)
SQLConn.Open();
string c = "select User_name from Diet where user_name=`" + user_name + "`";
SQLAdp.SelectCommand.CommandText = c;
int r = SQLAdp.Fill(DataS, "Diet");
if (r > 0)
{
return "User Name Already Registered";
}
else
{
//SQLAdp.SelectCommand.CommandText = "insert into Diet values(`" + user_name + "`,`" + Day + "`,`" + breakfast + "`,`" + lunch + "`,`" + Dinner + "`,`" + Exercises + "`,`" + System.DateTime.Now + "`)";
//SQLAdp.Fill(DataS, "Diet");
string Date = System.DateTime.Now.ToString();
SqlCommand insert = new SqlCommand();
insert.Connection = SQLConn;
insert.CommandText = "INSERT INTO Diet (User_Name, Day, Breakfast, Lunch, Dinner, Exercises, Date) VALUES (@user_name, @Day,@breakfast, @lunch, @Dinner, @Exercises, @Date)";
insert.Parameters.Add(new SqlParameter("@user_name", user_name));
insert.Parameters.Add(new SqlParameter("@Day", Day));
insert.Parameters.Add(new SqlParameter("@breakfast", breakfast));
insert.Parameters.Add(new SqlParameter("@lunch", lunch));
insert.Parameters.Add(new SqlParameter("@Dinner", Dinner));
insert.Parameters.Add(new SqlParameter("@Exercises", Exercises));
insert.Parameters.Add(new SqlParameter("@Date", System.Data.SqlDbType.DateTime, 0, "Date"));
insert.Parameters[0].Value = user_name;
insert.Parameters[1].Value = Day;
insert.Parameters[2].Value = breakfast;
insert.Parameters[3].Value = lunch;
insert.Parameters[4].Value = Dinner;
insert.Parameters[5].Value = Exercises;
insert.Parameters[6].Value = DateTime.Now.ToString();
insert.ExecuteNonQuery();
return "Sucessfull Insert";
}
}
[WebMethod]
public string insert_Users(string User_Name, string Password, string Name, int Age, string Sex, string Email, int Mobile, float BMI, string Health_Condition, float Hight, float Weight, float Active, float High_Risk, float Option)
{
//public string Update_Users(string colum, string wordsearch, string user_name, string password, string name, int age, string sex, string Email, int Mobile, float bmi, string helth_conn, float hight, float weight, float active, float high_risk, float Option)
DataS.Clear();
if (SQLConn.State == ConnectionState.Closed)
SQLConn.Open();
string High_Risk_DATE = System.DateTime.Now.ToString();
string Last_Enter = System.DateTime.Now.ToString();
string c = "select User_name from users where user_name=`" + User_Name + "`";
SQLAdp.SelectCommand.CommandText = c;
int r = SQLAdp.Fill(DataS, "users");
if (r > 0)
{
return "User Name Already Registered";
}
else
{
//SQLAdp.SelectCommand.CommandText = "insert into users values(`" + user_name + "`,`" + password + "`,`" + name + "`," + age + ",`" + sex + "`,`" + Email + "`," + Mobile + ",`" + System.DateTime.Now + "`," + bmi + ",`" + helth_conn+ "`," + hight + "," + weight + "," + active + "," + high_risk + ",`" + System.DateTime.Now + "`," + Option + ")";
//SQLAdp.Fill(DataS, "users");
SqlCommand insert = new SqlCommand();
insert.Connection = SQLConn;
insert.CommandText = "INSERT INTO users (User_Name, Password, Name, Age, Sex, Email, Mobile, Last_Enter, BMI, Health_Condition, Hight, Weight, Active, High_Risk, High_Risk_DATE, [Option]) VALUES(@User_Name, @Password, @Name, @Age, @Sex, @Email, @Mobile, @Last_Enter, @BMI, @Health_Condition, @Hight, @Weight, @Active, @High_Risk, @High_Risk_DATE, @Option)";
insert.Parameters.Add(new SqlParameter("@User_Name", System.Data.SqlDbType.VarChar, 0, "User_Name"));
insert.Parameters.Add(new SqlParameter("@Password", System.Data.SqlDbType.VarChar, 0, "Password"));
insert.Parameters.Add(new SqlParameter("@Name", System.Data.SqlDbType.VarChar, 0, "Name"));
insert.Parameters.Add(new SqlParameter("@Age", System.Data.SqlDbType.Int, 0, "Age"));
insert.Parameters.Add(new SqlParameter("@Sex", System.Data.SqlDbType.VarChar, 0, "Sex"));
insert.Parameters.Add(new SqlParameter("@Email", System.Data.SqlDbType.VarChar, 0, "Email"));
insert.Parameters.Add(new SqlParameter("@Mobile", System.Data.SqlDbType.VarChar, 0, "Mobile"));
insert.Parameters.Add(new SqlParameter("@Last_Enter", System.Data.SqlDbType.DateTime, 0, "Last_Enter"));
insert.Parameters.Add(new SqlParameter("@BMI", System.Data.SqlDbType.Float, 0, "BMI"));
insert.Parameters.Add(new SqlParameter("@Health_Condition", System.Data.SqlDbType.VarChar, 0, "Health_Condition"));
insert.Parameters.Add(new SqlParameter("@Hight", System.Data.SqlDbType.Float, 0, "Hight"));
insert.Parameters.Add(new SqlParameter("@Weight", System.Data.SqlDbType.Float, 0, "Weight"));
insert.Parameters.Add(new SqlParameter("@Active", System.Data.SqlDbType.Float, 0, "Active"));
insert.Parameters.Add(new SqlParameter("@High_Risk", System.Data.SqlDbType.Int, 0, "High_Risk"));
insert.Parameters.Add(new SqlParameter("@High_Risk_DATE", System.Data.SqlDbType.DateTime, 0, "High_Risk_DATE"));
insert.Parameters.Add(new SqlParameter("@Option", System.Data.SqlDbType.Int, 0, "Option"));
insert.Parameters[0].Value = User_Name;
insert.Parameters[1].Value = Password;
insert.Parameters[2].Value = Name;
insert.Parameters[3].Value = Convert.ToInt32(Age);
insert.Parameters[4].Value = Sex;
insert.Parameters[5].Value = Email;
insert.Parameters[6].Value = Mobile;
insert.Parameters[7].Value = DateTime.Now.ToString();
insert.Parameters[8].Value = Convert.ToDouble(BMI);
insert.Parameters[9].Value = Health_Condition;
insert.Parameters[10].Value = Convert.ToDouble(Hight);
insert.Parameters[11].Value = Convert.ToDouble(Weight);
insert.Parameters[12].Value = Convert.ToDouble(Active);
insert.Parameters[13].Value = Convert.ToInt32(High_Risk);
insert.Parameters[14].Value = DateTime.Now.ToString();
insert.Parameters[15].Value = Convert.ToInt32(Option);
insert.ExecuteNonQuery();
return "Sucessfull Insert";
}
}
[WebMethod]
public string Update_Colorie(string colum, string wordsearch, string name, string types, int calories)
{
DataS.Clear();
if (SQLConn.State == ConnectionState.Closed)
SQLConn.Open();
string c = "select * from colorie where " + colum + "=`" + wordsearch + "`";
SQLAdp.SelectCommand.CommandText = c;
int r = SQLAdp.Fill(DataS, "colorie");
if (r > 0)
{
// SQLAdp.SelectCommand.CommandText = "update colorie set name=`"+name+"`,type=`"+types+"`,calories="+calories+" where "+colum+"=`"+wordsearch+"`";
// SQLAdp.Fill(DataS, "colorie");
SqlCommand update = new SqlCommand();
update.Connection = SQLConn;
update.CommandText = "update colorie Set Name=@name, Type=@types, Calories=@calories WHERE (" + colum + "= `" + wordsearch + "`)";
update.Parameters.Add(new SqlParameter("@name", name));
update.Parameters.Add(new SqlParameter("@types", types));
update.Parameters.Add(new SqlParameter("@Calories", calories));
update.Parameters[0].Value = name;
update.Parameters[1].Value = types;
update.Parameters[2].Value = Convert.ToInt32(calories);
update.ExecuteNonQuery();
return "Sucessfull update";
}
else
{
return "Please , Search agine";
}
}
[WebMethod]
public string Update_doctors(string colum, string wordsearch, string name, string user_name, string password, string mobile, string Email)
{
DataS.Clear();
if (SQLConn.State == ConnectionState.Closed)
SQLConn.Open();
string c = "select * from doctors where " + colum + "=`" + wordsearch + "`";
SQLAdp.SelectCommand.CommandText = c;
int r = SQLAdp.Fill(DataS, "doctors");
if (r > 0)
{
//SQLAdp.SelectCommand.CommandText = "update doctors set name=`" + name + "`,user_name=`" +user_name+ "`,password=`" +password+ "`,Mobile=`" +mobile+ "`,Email=`" +Email+ "` where " + colum + "=`" + wordsearch + "`";
//SQLAdp.Fill(DataS, "doctors");
SqlCommand update = new SqlCommand();
update.Connection = SQLConn;
update.CommandText = "UPDATE doctors SET Name=@name, User_Name=@user_name, Password=@password, Mobile=@mobile , Email=@Email WHERE (" + colum + "= `" + wordsearch + "`)";
update.Parameters.Add(new SqlParameter("@name", name));
update.Parameters.Add(new SqlParameter("@user_Name", user_name));
update.Parameters.Add(new SqlParameter("@password", password));
update.Parameters.Add(new SqlParameter("@mobile", mobile));
update.Parameters.Add(new SqlParameter("@Email", Email));
update.Parameters[0].Value = name;
update.Parameters[1].Value = user_name;
update.Parameters[2].Value = password;
update.Parameters[3].Value = Convert.ToInt32(mobile);
update.Parameters[4].Value = Email;
update.ExecuteNonQuery();
return "Update Succefully";
}
else
{
return "Please , Search agine";
}
}
[WebMethod]
public string Update_Diet(string colum, string wordsearch, string user_name, string Day, string breakfast, string lunch, string Dinner, string Exercises)
{
DataS.Clear();
if (SQLConn.State == ConnectionState.Closed)
SQLConn.Open();
string c = "select * from Diet where " + colum + "=`" + wordsearch + "`";
SQLAdp.SelectCommand.CommandText = c;
int r = SQLAdp.Fill(DataS, "Diet");
if (r > 0)
{
// SQLAdp.SelectCommand.CommandText = "update Diet set user_name=`" + user_name + "`,Day=`" + Day + "`,Breakfast=`" + breakfast + "`,Lunch=`" + lunch + "`,Dinner=`" + Dinner + "`,Exercises=`" + Exercises + "`,Date=`" + System.DateTime.Now+ "` where " + colum + "=`" + wordsearch + "`";
//SQLAdp.Fill(DataS, "Diet");
string Date = System.DateTime.Now.ToString();
SqlCommand update = new SqlCommand();
update.Connection = SQLConn;
update.CommandText = "update Diet set User_Name=@user_name, Day=@Day, Breakfast=@breakfast, Lunch= @lunch, Dinner= @Dinner, Exercises= @Exercises, Date=@Date where(" + colum + "= `" + wordsearch + "`) ";
update.Parameters.Add(new SqlParameter("@user_name", user_name));
update.Parameters.Add(new SqlParameter("@Day", Day));
update.Parameters.Add(new SqlParameter("@breakfast", breakfast));
update.Parameters.Add(new SqlParameter("@lunch", lunch));
update.Parameters.Add(new SqlParameter("@Dinner", Dinner));
update.Parameters.Add(new SqlParameter("@Exercises", Exercises));
update.Parameters.Add(new SqlParameter("@Date", System.Data.SqlDbType.DateTime, 0, "Date"));
update.Parameters[0].Value = user_name;
update.Parameters[1].Value = Day;
update.Parameters[2].Value = breakfast;
update.Parameters[3].Value = lunch;
update.Parameters[4].Value = Dinner;
update.Parameters[5].Value = Exercises;
update.Parameters[6].Value = DateTime.Now.ToString();
update.ExecuteNonQuery();
return "Sucessfull update";
}
else
{
return "Please , Search agine";
}
}
[WebMethod]
public string Update_Users(string colum, string wordsearch, string user_name, string password, string name, int age, string sex, string Email, int Mobile, float bmi, string helth_conn, float hight, float weight, float active, float high_risk, float Option)
{
DataS.Clear();
if (SQLConn.State == ConnectionState.Closed)
SQLConn.Open();
string High_Risk_DATE = System.DateTime.Now.ToString();
string Last_Enter = System.DateTime.Now.ToString();
string c = "select * from users where " + colum + "=`" + wordsearch + "`";
SQLAdp.SelectCommand.CommandText = c;
int r = SQLAdp.Fill(DataS, "users");
if (r > 0)
{
// SQLAdp.SelectCommand.CommandText = "update users set User_Name=`" + user_name + "`,Password=`" + password + "`,Name=`" + name + "`,Age=" + age + ",Sex=`" + sex + "`,Email=`" + Email + "`,Mobile= " + Mobile + ",Last_Enter=`" + System.DateTime.Now + "`,BMI=" + bmi + ",Health_Condition =`" + helth_conn + "`,Hight=" + hight + ",Weight=" + weight + ",Active=" + active + ",High_Risk=" + high_risk + ",High_Risk_DATE=`" + System.DateTime.Now + "`,option1=" +Option+ " where " + colum+ "=`" +wordsearch+ "`";
//SQLAdp.Fill(DataS, "users");
SqlCommand Update = new SqlCommand();
Update.Connection = SQLConn;
Update.CommandText = "Update users set User_Name=@user_name, Password=@password, Name=@name, Age=@age, Sex=@sex, Email=@Email, Mobile=@Mobile, Last_Enter=@Last_Enter, BMI=@bmi, Health_Condition=@helth_conn, Hight=@hight, Weight=@weight, Active=@active, High_Risk=@high_risk, High_Risk_DATE=@High_Risk_DATE, [Option]=@Option where " + colum + "=`" + wordsearch + "`";
Update.Parameters.Add(new SqlParameter("@user_name", System.Data.SqlDbType.VarChar, 0, "user_name"));
Update.Parameters.Add(new SqlParameter("@password", System.Data.SqlDbType.VarChar, 0, "password"));
Update.Parameters.Add(new SqlParameter("@name", System.Data.SqlDbType.VarChar, 0, "name"));
Update.Parameters.Add(new SqlParameter("@age", System.Data.SqlDbType.Int, 0, "age"));
Update.Parameters.Add(new SqlParameter("@sex", System.Data.SqlDbType.VarChar, 0, "sex"));
Update.Parameters.Add(new SqlParameter("@Email", System.Data.SqlDbType.VarChar, 0, "Email"));
Update.Parameters.Add(new SqlParameter("@Mobile", System.Data.SqlDbType.VarChar, 0, "Mobile"));
Update.Parameters.Add(new SqlParameter("@Last_Enter", System.Data.SqlDbType.DateTime, 0, "Last_Enter"));
Update.Parameters.Add(new SqlParameter("@bmi", System.Data.SqlDbType.Float, 0, "bmi"));
Update.Parameters.Add(new SqlParameter("@helth_conn", System.Data.SqlDbType.VarChar, 0, "helth_conn"));
Update.Parameters.Add(new SqlParameter("@hight", System.Data.SqlDbType.Float, 0, "hight"));
Update.Parameters.Add(new SqlParameter("@weight", System.Data.SqlDbType.Float, 0, "weight"));
Update.Parameters.Add(new SqlParameter("@active", System.Data.SqlDbType.Float, 0, "active"));
Update.Parameters.Add(new SqlParameter("@high_risk", System.Data.SqlDbType.Int, 0, "high_risk"));
Update.Parameters.Add(new SqlParameter("@High_Risk_DATE", System.Data.SqlDbType.DateTime, 0, "High_Risk_DATE"));
Update.Parameters.Add(new SqlParameter("@Option", System.Data.SqlDbType.Int, 0, "Option"));
Update.Parameters[0].Value = user_name;
Update.Parameters[1].Value = password;
Update.Parameters[2].Value = name;
Update.Parameters[3].Value = Convert.ToInt32(age);
Update.Parameters[4].Value = sex;
Update.Parameters[5].Value = Email;
Update.Parameters[6].Value = Mobile;
Update.Parameters[7].Value = DateTime.Now.ToString();
Update.Parameters[8].Value = Convert.ToDouble(bmi);
Update.Parameters[9].Value = helth_conn;
Update.Parameters[10].Value = Convert.ToDouble(hight);
Update.Parameters[11].Value = Convert.ToDouble(weight);
Update.Parameters[12].Value = Convert.ToDouble(active);
Update.Parameters[13].Value = Convert.ToInt32(high_risk);
Update.Parameters[14].Value = DateTime.Now.ToString();
Update.Parameters[15].Value = Convert.ToInt32(Option);
Update.ExecuteNonQuery();
return "Sucessfull Update";
}
else
{
return "Please , Search agine";
}
}
}