using System; using System.Collections; using System.Configuration; using System.Data; using System.Linq; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.HtmlControls; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Net; using System.Web.Configuration; using System.Data.SqlClient; public partial class Order : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { if (Session["UserName"] == null) { Response.Redirect("~/Movies.aspx"); } else { message.Text = "Welcome " + Session["UserName"].ToString() + " please continue to download the film :))"; } } protected void BtnSubmit_Click(object sender, EventArgs e) { CardValidator CardValidator; bool test; test = CardValidator.Validate(Ddlcardtype.SelectedValue, Txtcardnumber.Text); if (test == true) { string con = WebConfigurationManager.ConnectionStrings["ConnectionStringMovies"].ConnectionString; SqlConnection connection = new SqlConnection(con); SqlCommand command = new SqlCommand("Download Film", connection); command.CommandType = CommandType.StoredProcedure; command.Parameters.Add(new SqlParameter("@FilmID", SqlDbType.Int, 4)); command.Parameters["@FilmID"].Value = Session["FilmID"]; SqlCommand commandDownload = new SqlCommand("Download Film Proccess", connection); commandDownload.CommandType = CommandType.StoredProcedure; commandDownload.Parameters.Add(new SqlParameter("@FilmID", SqlDbType.Int, 4)); commandDownload.Parameters["@FilmID"].Value = (int)Session["FilmID"]; commandDownload.Parameters.Add(new SqlParameter("@CustomerID", SqlDbType.Int, 4)); commandDownload.Parameters["@CustomerID"].Value = (int)Session["UserId"]; commandDownload.Parameters.Add(new SqlParameter("@CreditCard", SqlDbType.BigInt)); commandDownload.Parameters["@CreditCard"].Value = Convert.ToInt64(Txtcardnumber.Text); try { connection.Open(); message.Text = "Thanks for choosing our site your downloading will start in a few minutes"; commandDownload.ExecuteNonQuery(); SqlDataReader reader = command.ExecuteReader(); string Url, Title; reader.Read(); Url = (string)reader.GetValue(0); Title = (string)reader.GetValue(1); Response.ContentType = "application/x-unknown"; Response.AppendHeader("Content-Disposition", "attachment; filename=\"" + Title + "\""); Response.WriteFile(Url); reader.Close(); } catch { message.Text = "There is an Error try again.. "; } finally { connection.Close(); } } else { message.Text = "The card number is not valid try again..."; } } public class CardValidator { private CardValidator() { } public static bool Validate(string cardType, string CardNumber) { byte[] num = new byte[16]; // number to validate int len = 0; for (int i = 0; i < CardNumber.Length; i++) { if (char.IsDigit(CardNumber, i)) { if (len == 16) return false; // number has too many digits num[len++] = byte.Parse(CardNumber[i].ToString ()); } } // Validate based on card type switch (cardType) { case "MasterCard": if (len != 16) //tests length return false; if ((num[0] != 5) || (num[1] == 0) || (num[1] > 5)) //tests prefix return false; break; case "VISA": if (len != 16 && len != 13) return false; if (num[0] != 4) return false; break; case "AmericanExpress": if (len != 15) return false; if ((num[0] != 3) || (num[1] != 4) && (num[1] != 7)) return false; break; case "JCB": if ((len != 16) && (len != 15)) return false; if ((num[0] != 3) || (num[1] != 5)) return false; break; } //Use Luhn Algorithm to validate int sum = 0; for (int i = len - 1; i >= 0; i--) { if (i % 2 == len % 2) { int n = num[i] * 2; sum += (n / 10) + (n % 10); } else sum = sum + num[i]; } return (sum % 10 == 0); } } protected void Buttoncancel0_Click(object sender, EventArgs e) { Response.Redirect("~/Movies.aspx"); } }