//需改为枚举,0:未审核,-1离职,1:正常
public bool UpdateStatus(string ids, int status)
{
SafeSC.CheckDataEx(ids);
string sql = "Update " + TbName + " Set Status=" + status + " Where UserID in(" + ids + ")";
return(SqlHelper.ExecuteSql(sql));
}
public DataTable SelByIds(string ids, int islock = -1)
{
SafeSC.CheckDataEx(ids);
string where = "AdminID IN (" + ids + ")";
where += islock > -1 ? " AND IsLock=" + islock : "";
return(DBCenter.Sel(tbName, where, "CDATE DESC"));
}
public bool DeleteModel(string TableName, string where)
{
SafeSC.CheckDataEx(TableName);
string sqlstr = "";
sqlstr = "delete from " + TableName + " where " + where;
return(SqlHelper.ExecuteSql(sqlstr, null));
}
public bool UpdateByField(int id, string fname, string fvalue)
{
SafeSC.CheckDataEx(fname);
SqlParameter[] sp = new SqlParameter[] { new SqlParameter("fvalue", fvalue) };
string sql = "Update " + TbName + " Set " + fname + " =@fvalue Where ID=" + id;
return(SqlHelper.ExecuteSql(sql, sp));
}
public DataTable GetByUserinfo(string datefiles, string datavalue)
{
SafeSC.CheckDataEx(datefiles);
string sql = "select * from ZL_PageTemplate where " + datefiles + "=@TemplateID and ParentID=0 order by orderid desc";
SqlParameter[] sp = new SqlParameter[] { new SqlParameter("TemplateID", datavalue) };
return(SqlHelper.ExecuteTable(CommandType.Text, sql, sp));
}
public DataTable SelByField(string field, string value)
{
SafeSC.CheckDataEx(field);
string sql = "Select * From " + strTableName + " Where " + field + " =@value";
SqlParameter[] sp = new SqlParameter[] { new SqlParameter("value", value) };
return(SqlHelper.ExecuteTable(CommandType.Text, sql, sp));
}
public bool UpdateByField(string fieldName, string value, int id)
{
SafeSC.CheckDataEx(fieldName);
string sql = "Update " + TbName + " Set " + fieldName + " =@value Where [id] =" + id;
SqlParameter[] sp = new SqlParameter[] { new SqlParameter("value", value) };
SqlHelper.ExecuteNonQuery(CommandType.Text, sql, sp);
return(true);
}
public DataTable SelByIDS(string ids)
{
ids = StrHelper.PureIDSForDB(ids);
if (string.IsNullOrEmpty(ids))
{
return(null);
}
SafeSC.CheckDataEx(ids);
return(SqlHelper.ExecuteTable("SELECT * FROM " + TbName + " WHERE c_id IN(" + ids + ")"));
}
public DataTable GetSpecContent(int SpecID, string Order, string Conditions)
{
SafeSC.CheckDataEx(Order, Conditions);
string strSql = string.Format("select a.* from ZL_CommonModel a where a.SpecialID Like @SpecID order by {0} {1}", Order, Conditions);
SqlParameter[] sp = new SqlParameter[] {
new SqlParameter("@SpecID", "%," + SpecID + ",%")
};
return(SqlHelper.ExecuteTable(CommandType.Text, strSql, sp));
}
public void UpdateByField(string field, string value, string ids)
{
SafeSC.CheckDataEx(field);
SafeSC.CheckIDSEx(ids);
List <SqlParameter> sp = new List <SqlParameter>()
{
new SqlParameter("value", value)
};
DBCenter.UpdateSQL(strTableName, field + " = @value", PK + " IN (" + ids + ")", sp);
}
/// <summary>
/// 根据用户角色IDS,返回用户的权限表
/// </summary>
/// <param name="rids"></param>
/// <returns></returns>
public DataTable SelAuthByRoles(string rids)
{
rids = rids.Trim(',').Replace(",,", ",");
if (string.IsNullOrEmpty(rids))
{
return(null);
}
SafeSC.CheckDataEx(rids);
string sql = "SELECT * FROM " + TbName + " WHERE ID IN (" + rids + ")";
return(SqlHelper.ExecuteTable(CommandType.Text, sql));
}
public static PageSetting SelPage(int cpage, int psize, F_PubInfo filter)
{
string where = "1=1 ";
List <SqlParameter> sp = new List <SqlParameter>();
if (string.IsNullOrEmpty(filter.tbname))
{
throw new Exception("未指定信息表名");
}
filter.tbname = filter.tbname.Replace(" ", "");
SafeSC.CheckDataEx(filter.tbname);
if (!string.IsNullOrEmpty(filter.uids))
{
SafeSC.CheckIDSEx(filter.uids);
where += " AND PubUserID IN (" + filter.uids + ")";
}
if (filter.pid != -100)
{
where += " AND ParentID=" + filter.pid;
}
if (!string.IsNullOrEmpty(filter.uname))
{
sp.Add(new SqlParameter("uname", "%" + filter.uname + "%"));
where += " AND PubUserName LIKE @uname";
}
if (!string.IsNullOrEmpty(filter.skey))
{
sp.Add(new SqlParameter("skey", "%" + filter.skey + "%"));
if (!string.IsNullOrEmpty(filter.skey_field))
{
DataTable dt = DBCenter.Sel(filter.tbname, "1=2");
if (!dt.Columns.Contains(filter.skey_field))
{
throw new Exception("字段[" + filter.skey_field + "]不存在");
}
where += " AND " + filter.skey_field + " LIKE @skey";
}
else
{
where += " AND PubTitle LIKE @skey";
}
}
if (filter.status != -100)
{
where += " AND PubStart=" + filter.status;
}
PageSetting setting = PageSetting.Single(cpage, psize, filter.tbname, "ID", where, filter.order, sp);
DBCenter.SelPage(setting);
return(setting);
}
/// <summary>
/// 获取当前登录用户在节点中所拥有的权限列表,(ZL_NodeRole)RID:角色,NID:节点,look:查看
/// </summary>
/// <returns></returns>
public DataTable GetNodeAuthList(M_AdminInfo m, string auth = "")
{
SafeSC.CheckDataEx(auth);
if (m == null || m.AdminId < 1 || string.IsNullOrEmpty(m.RoleList.Replace(",", "")))
{
return(null);
}
string where = "Rid in (" + m.RoleList.Trim(',') + ")";
if (!string.IsNullOrEmpty(auth))
{
where += " And " + auth + " =1";
}
return(DBCenter.Sel("ZL_NodeRole", where));
}
/// <summary>
/// 插入关联信息
/// </summary>
public bool Zone_Add(string zoneIds, int ADId)
{
if (string.IsNullOrEmpty(zoneIds))
{
return(false);
}
SafeSC.CheckDataEx(zoneIds);
string[] zoneIdArr = zoneIds.Split(",".ToCharArray(), StringSplitOptions.RemoveEmptyEntries);
foreach (string zoneId in zoneIdArr)
{
string strinsert = "INSERT " + BindTbName + " VALUES(" + zoneId + "," + ADId + ")";
SqlHelper.ExecuteNonQuery(CommandType.Text, strinsert);
}
return(true);
}
public bool InsertModel(SqlParameter[] sqlpara, string TableName)
{
SafeSC.CheckDataEx(TableName);
if (sqlpara.Length > 0 && TableName != "")
{
string filename = "";
string filevalue = "";
string sqlstr = "";
foreach (SqlParameter para in sqlpara)
{
if (para.ParameterName != "PubID")
{
if (filename == "")
{
filename = para.ParameterName;
}
else
{
filename = filename + "," + para.ParameterName;
}
if (filevalue == "")
{
filevalue = "@" + para.ParameterName;
}
else
{
filevalue = filevalue + ",@" + para.ParameterName;
}
}
}
sqlstr = "Insert into " + TableName + " (" + filename + ") values (" + filevalue + ")";
return(SqlHelper.ExecuteSql(sqlstr, sqlpara));
}
else
{
return(false);
}
}
public bool UpdateModel(SqlParameter[] sqlpara, string TableName, string where)
{
SafeSC.CheckDataEx(TableName);
if (sqlpara.Length > 0 && TableName != "" && where != "")
{
string filename = "";
string filevalue = "";
string sqlstr = "";
foreach (SqlParameter para in sqlpara)
{
if (filename == "")
{
filename = para.ParameterName;
}
else
{
filename = filename + "," + para.ParameterName;
}
if (filevalue == "")
{
filevalue = para.ParameterName + "=@" + para.ParameterName;
}
else
{
filevalue = filevalue + "," + para.ParameterName + "=" + "@" + para.ParameterName;
}
}
sqlstr = "update " + TableName + " set " + filevalue + " where " + where;
return(SqlHelper.ExecuteSql(sqlstr, sqlpara));
}
else
{
return(false);
}
}
