Beispiel #1
0
 protected void Page_Init(object sender, EventArgs e)
 {
     if (string.IsNullOrEmpty(Request.QueryString["id"]))
     {
         if (me.checkUserGroupRight(CUSTOMRP.Model.APPModuleID.usergroupright_company, "Add", me.LoginID) == false)
         {
             Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.accesserror, "company.aspx");
             Response.End();
         }
         this.Button2.Visible = false;
     }
     else
     {
         if (me.checkUserGroupRight(CUSTOMRP.Model.APPModuleID.usergroupright_company, "Modify", me.LoginID) == false)
         {
             Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.accesserror, "company.aspx");
             Response.End();
         }
         int id = Int32.Parse(Request.QueryString["id"]);
         myCompany = WebHelper.bllCompany.GetModel(me.ID, id);
         if (myCompany == null)
         {
             Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.parameter_error, "company.aspx");
             Response.End();
         }
     }
 }
Beispiel #2
0
        /// <summary>
        /// 增加一条数据
        /// </summary>
        public int Add(CUSTOMRP.Model.DATABASE model)
        {
            if (String.IsNullOrEmpty(model.HASHKEY))
            {
                model.HASHKEY = "com";
            }

            StringBuilder strSql = new StringBuilder();

            strSql.Append("insert into [DATABASE](");
            strSql.Append("APPLICATIONID,NAME,[DESC],STATUS,LASTMODIFYDATE,LASTMODIFYUSER,AUDOTIME,HASHKEY)");
            strSql.Append(" values (");
            strSql.Append("@APPLICATIONID,@NAME,@DESC,@STATUS,@LASTMODIFYDATE,@LASTMODIFYUSER,@AUDOTIME,@HASHKEY)");
            strSql.Append(";select @@IDENTITY");
            SqlParameter[] parameters =
            {
                new SqlParameter("@APPLICATIONID",  SqlDbType.Int,          4),
                new SqlParameter("@NAME",           SqlDbType.NVarChar,    50),
                new SqlParameter("@DESC",           SqlDbType.NVarChar,  2000),
                new SqlParameter("@STATUS",         SqlDbType.Int,          4),
                new SqlParameter("@LASTMODIFYDATE", SqlDbType.DateTime),
                new SqlParameter("@LASTMODIFYUSER", SqlDbType.Int,          4),
                new SqlParameter("@AUDOTIME",       SqlDbType.DateTime),
                new SqlParameter("@HASHKEY",        SqlDbType.NVarChar, 50)
            };
            parameters[0].Value = model.APPLICATIONID;
            parameters[1].Value = model.NAME;
            parameters[2].Value = model.DESC;
            parameters[3].Value = model.STATUS;
            parameters[4].Value = model.LASTMODIFYDATE;
            parameters[5].Value = model.LASTMODIFYUSER;
            parameters[6].Value = model.AUDOTIME;
            parameters[7].Value = model.HASHKEY;

            object obj = DbHelperSQL.GetSingle(model.LASTMODIFYUSER, strSql.ToString(), parameters);

            if (obj == null)
            {
                return(0);
            }
            else
            {
                model.ID = Convert.ToInt32(obj);

                Model.AUDITLOG auditobj = model.GetAuditLogObject(null);
                auditobj.UserID      = model.LASTMODIFYUSER;
                auditobj.CreateDate  = DateTime.Now;
                auditobj.MessageType = Model.AUDITLOG.Severity.Audit;
                auditobj.ModuleName  = "DAL.DATABASE.Add";
                auditobj.Message     = String.Format(AppNum.AuditMessage.DatabaseInsertSuccess, model.ID);

                AUDITLOG.Add(auditobj);

                return(model.ID);
            }
        }
Beispiel #3
0
 /// <summary>
 /// 得到一个对象实体
 /// </summary>
 public CUSTOMRP.Model.DATABASE DataRowToModel(DataRow row)
 {
     CUSTOMRP.Model.DATABASE model = new CUSTOMRP.Model.DATABASE();
     if (row != null)
     {
         if (row["ID"] != null && row["ID"].ToString() != "")
         {
             model.ID = Int32.Parse(row["ID"].ToString());
         }
         if (row["APPLICATIONID"] != null && row["APPLICATIONID"].ToString() != "")
         {
             model.APPLICATIONID = Int32.Parse(row["APPLICATIONID"].ToString());
         }
         if (row["NAME"] != null)
         {
             model.NAME = row["NAME"].ToString();
         }
         if (row["DESC"] != null)
         {
             model.DESC = row["DESC"].ToString();
         }
         if (row["STATUS"] != null && row["STATUS"].ToString() != "")
         {
             model.STATUS = Int32.Parse(row["STATUS"].ToString());
         }
         if (row["LASTMODIFYDATE"] != null && row["LASTMODIFYDATE"].ToString() != "")
         {
             model.LASTMODIFYDATE = DateTime.Parse(row["LASTMODIFYDATE"].ToString());
         }
         if (row["LASTMODIFYUSER"] != null && row["LASTMODIFYUSER"].ToString() != "")
         {
             model.LASTMODIFYUSER = Int32.Parse(row["LASTMODIFYUSER"].ToString());
         }
         if (row["AUDOTIME"] != null && row["AUDOTIME"].ToString() != "")
         {
             model.AUDOTIME = DateTime.Parse(row["AUDOTIME"].ToString());
         }
         if (row["HASHKEY"] != null)
         {
             model.HASHKEY = row["HASHKEY"].ToString();
         }
     }
     return(model);
 }
Beispiel #4
0
        protected void Button1_Click(object sender, EventArgs e)
        {
            string name          = this.TextBox1.Text.Trim();
            string description   = this.TextBox2.Text.Trim();
            int    applicationid = Int32.Parse(this.DDLSTATUS.SelectedValue);

            if (myCompany == null)
            {
                if (WebHelper.bllCompany.GetList(me.ID, "NAME='" + name + "'").Tables[0].Rows.Count > 0)
                {
                    //Common.JScript.Alert(AppNum.Commonexits);
                    //Common.JScript.GoHistory(-1);
                    Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.Commonexits, "Company.aspx");
                    Response.End();
                }

                CUSTOMRP.Model.DATABASE _database = new CUSTOMRP.Model.DATABASE();
                _database.NAME           = name;
                _database.DESC           = description;
                _database.APPLICATIONID  = me.APPLICATIONID;
                _database.STATUS         = applicationid;
                _database.LASTMODIFYDATE = DateTime.Now;
                _database.AUDOTIME       = DateTime.Now;
                WebHelper.bllCompany.Add(_database);
            }
            else
            {
                myCompany.DESC   = description;
                myCompany.NAME   = name;
                myCompany.STATUS = Int32.Parse(this.DDLSTATUS.SelectedValue);

                WebHelper.bllCompany.Update(myCompany);
            }

            Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.success, "company.aspx");
            Response.End();
        }
Beispiel #5
0
        /// <summary>
        /// 得到一个对象实体
        /// </summary>
        public CUSTOMRP.Model.DATABASE GetModel(int UserID, int ID)
        {
            StringBuilder strSql = new StringBuilder();

            strSql.Append("select  top 1 ID,APPLICATIONID,NAME,[DESC],STATUS,LASTMODIFYDATE,LASTMODIFYUSER,AUDOTIME,CONNECTIONSTRING,HASHKEY from [DATABASE] ");
            strSql.Append(" where ID=@ID");
            SqlParameter[] parameters =
            {
                new SqlParameter("@ID", SqlDbType.Int, 4)
            };
            parameters[0].Value = ID;

            CUSTOMRP.Model.DATABASE model = new CUSTOMRP.Model.DATABASE();
            DataSet ds = DbHelperSQL.Query(UserID, strSql.ToString(), parameters);

            if (ds.Tables[0].Rows.Count > 0)
            {
                return(DataRowToModel(ds.Tables[0].Rows[0]));
            }
            else
            {
                return(null);
            }
        }
Beispiel #6
0
        /// <summary>
        /// 更新一条数据
        /// </summary>
        public bool Update(CUSTOMRP.Model.DATABASE model)
        {
            if (String.IsNullOrEmpty(model.HASHKEY))
            {
                model.HASHKEY = "com";
            }

            StringBuilder strSql = new StringBuilder();

            strSql.Append("update [DATABASE] set ");
            strSql.Append("APPLICATIONID=@APPLICATIONID,");
            strSql.Append("NAME=@NAME,");
            strSql.Append("[DESC]=@DESC,");
            strSql.Append("STATUS=@STATUS,");
            strSql.Append("LASTMODIFYDATE=@LASTMODIFYDATE,");
            strSql.Append("LASTMODIFYUSER=@LASTMODIFYUSER,");
            strSql.Append("AUDOTIME=@AUDOTIME,");
            strSql.Append("HASHKEY=@HASHKEY");
            strSql.Append(" where ID=@ID");
            SqlParameter[] parameters =
            {
                new SqlParameter("@APPLICATIONID",  SqlDbType.Int,          4),
                new SqlParameter("@NAME",           SqlDbType.NVarChar,    50),
                new SqlParameter("@DESC",           SqlDbType.NVarChar,  2000),
                new SqlParameter("@STATUS",         SqlDbType.Int,          4),
                new SqlParameter("@LASTMODIFYDATE", SqlDbType.DateTime),
                new SqlParameter("@LASTMODIFYUSER", SqlDbType.Int,          4),
                new SqlParameter("@AUDOTIME",       SqlDbType.DateTime),
                new SqlParameter("@HASHKEY",        SqlDbType.NVarChar,    50),
                new SqlParameter("@ID",             SqlDbType.Int, 4)
            };
            parameters[0].Value = model.APPLICATIONID;
            parameters[1].Value = model.NAME;
            parameters[2].Value = model.DESC;
            parameters[3].Value = model.STATUS;
            parameters[4].Value = model.LASTMODIFYDATE;
            parameters[5].Value = model.LASTMODIFYUSER;
            parameters[6].Value = model.AUDOTIME;
            parameters[7].Value = model.HASHKEY;
            parameters[8].Value = model.ID;

            int rows = DbHelperSQL.ExecuteSql(model.LASTMODIFYUSER, strSql.ToString(), parameters);

            if (rows > 0)
            {
                Model.AUDITLOG auditobj = model.GetAuditLogObject(null);
                auditobj.UserID      = model.LASTMODIFYUSER;
                auditobj.CreateDate  = DateTime.Now;
                auditobj.MessageType = Model.AUDITLOG.Severity.Audit;
                auditobj.ModuleName  = "DAL.DATABASE.Update";
                auditobj.Message     = String.Format(AppNum.AuditMessage.DatabaseUpdateSuccess, model.ID);

                AUDITLOG.Add(auditobj);

                return(true);
            }
            else
            {
                return(false);
            }
        }
Beispiel #7
0
        protected void login(string uid, string password, string DATABASE, int loginType)
        {
            CUSTOMRP.Model.USER myUser;

            if (loginType == 1)
            {
                myUser = WebHelper.bllUSER.GetModel(-1, uid, Int32.Parse(DATABASE), Common.Utils.MD5NET(password));
            }
            else
            {
                //v1.1.0 - Cheong - 2016/05/18 - Make hashkey configurable
                CUSTOMRP.Model.DATABASE mydb = WebHelper.bllCompany.GetModel(-1, Int32.Parse(DATABASE));
                string salt = (mydb != null) ? mydb.HASHKEY : "com";

                //string hash = Common.Utils.MD5NET(uid + DateTime.Now.ToString("yyyyMMdd") + "com");
                string hash = Common.Utils.MD5NET(uid + DateTime.Now.ToString("yyyyMMdd") + salt);

                if (mydb == null)
                {
                    Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.FailedToConnectQueryReportDatabase, "#");
                    return;
                }

                if (hash == password)
                {
                    myUser = WebHelper.bllUSER.GetModel(-1, uid, mydb.ID);
                }
                else
                {
                    myUser = null;
                }
            }


            if (myUser != null)
            {
                //store user's information to cookie,

                CUSTOMRP.Model.DATABASE mydb = WebHelper.bllCompany.GetModel(-1, Int32.Parse(DATABASE));

                HttpContext.Current.Session[AppNum.str_var_UserCookie_uid]           = uid;
                HttpContext.Current.Session[AppNum.str_var_UserCookie_logintime]     = DateTime.Now.ToString("yyyyMMddhhmm");
                HttpContext.Current.Session[AppNum.str_var_UserCookie_Databaseid]    = mydb.ID;
                HttpContext.Current.Session[AppNum.str_var_UserCookie_DatabaseName]  = mydb.NAME;
                HttpContext.Current.Session[AppNum.str_var_UserCookie_APPLICATIONID] = mydb.APPLICATIONID;

                HttpContext.Current.Session[AppNum.str_var_UserSessionName] = myUser;

                #region Perform redirect if mode = embedded

                if (Request.Params["mode"] == "embedded")
                {
                    //v1.0.0 - Cheong - 2015/07/21 - Modify SignIn.aspx to allow embedded mode relay to relay for "action"
                    //Response.Redirect("~/Report/rpEmbedded.aspx?rpid=" + Request.Params["rpid"] + "rptType=" + (Request.Params["rptType"] ?? "1"), true);
                    List <string> pList = new List <string>();

                    if (Request.Params["action"] != null)
                    {
                        pList.Add(String.Format("action={0}", Request.Params["action"]));
                        if (Request.Params["rpid"] != null)
                        {
                            pList.Add(String.Format("rpid={0}", Request.Params["rpid"]));
                        }
                        if (Request.Params["type"] != null)
                        {
                            pList.Add(String.Format("type={0}", Request.Params["type"]));
                        }
                    }
                    else
                    {
                        if (Request.Params["rpid"] != null)
                        {
                            pList.Add(String.Format("rpid={0}&rptType={1}", Request.Params["rpid"], (Request.Params["rptType"] ?? "1")));
                        }
                    }

                    //v1.2.0 - Cheong - 2016/07/15 - Add relay on parameter rpgrp
                    if (Request.Params["rpgrp"] != null)
                    {
                        pList.Add(String.Format("rpgrp={0}", Request.Params["rpgrp"]));
                    }

                    Response.Redirect("~/Report/rpEmbedded.aspx?" + String.Join("&", pList), true);
                }

                #endregion

                Response.Redirect("~/Report/rpList.aspx");
            }
            else
            {
                Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.loginerror, "#");
            }
        }