protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { if (Session["AdminName"] == null || Session["AdminName"].ToString().Trim() == "") { Response.Write("<script>alert('对不起,您没有登录!');parent.location.href='Login.aspx'</script>"); return; } else { Cms.DAL.Admin dal = new DAL.Admin(); Cms.Model.Admin model = new Cms.Model.Admin(); model = dal.GetModelByName(Session["AdminName"].ToString()); if (model != null) { if (model.RealName.Length <= 6) { lblSignIn.Text = model.RealName; } else { lblSignIn.Text = model.RealName.Substring(0, 5) + "..."; } } } } }
//添加管理员 protected void btnSave_Click(object sender, EventArgs e) { Cms.Model.Admin model = new Cms.Model.Admin(); Cms.DAL.Admin dal = new Cms.DAL.Admin(); string userName = txtUserName.Text.Trim(); string userPwd = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(this.txtUserPwd.Text.ToString(), "MD5"); //检测用户名是否存在 if (dal.Exists(userName)) { MessageBox.Show(this, "该用户名已经存在!"); return; } model.UserName = userName; model.UserPwd = userPwd; model.RealName = txtRealName.Text; model.Telephone = txtTelephone.Text; model.Address = txtAddress.Text; dal.Add(model); //保存日志 MessageBox.Show(this, "添加管理员成功!"); }
private void ShowInfo(int editID) { Cms.DAL.Admin dal = new Cms.DAL.Admin(); Cms.Model.Admin model = new Cms.Model.Admin(); model = dal.GetModelByID(editID); txtUserName.Text = model.UserName; txtRealName.Text = model.RealName; txtTelephone.Text = model.Telephone; txtAddress.Text = model.Address; }
/// <summary> /// 删除一条数据 /// </summary> public bool Delete(int Id) { Cms.Model.Admin model = GetModelByID(Id); if (model == null) { return(false); } StringBuilder strSql = new StringBuilder(); strSql.Append("delete from UserInfo "); strSql.Append(" where userid=@userid"); SqlParameter[] parametersUser = { new SqlParameter("@userid", SqlDbType.Int, 4) }; parametersUser[0].Value = Id; int rows = DbHelperSQL.ExecuteSql(strSql.ToString(), parametersUser); if (rows > 0) { } else { return(false); } strSql = new StringBuilder(); strSql.Append("delete from Staff "); strSql.Append(" where StaffId=@StaffId"); SqlParameter[] parameters = { new SqlParameter("@StaffId", SqlDbType.Int, 4) }; parameters[0].Value = model.StaffID; rows = DbHelperSQL.ExecuteSql(strSql.ToString(), parameters); if (rows > 0) { return(true); } else { return(false); } }
protected void btnSave_Click(object sender, EventArgs e) { Cms.DAL.Admin dal = new Cms.DAL.Admin(); Cms.Model.Admin model = dal.GetModelByID(this.Id); string UserPwd = this.txtUserPwd.Text.ToString(); if (UserPwd != null && UserPwd != "") { model.UserPwd = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(UserPwd, "MD5");; } model.RealName = txtRealName.Text; model.Telephone = txtTelephone.Text; model.Address = txtAddress.Text; dal.Update(model); //保存日志 MessageBox.Show(this, "管理员修改成功!"); }
protected void Page_Load(object sender, EventArgs e) { if (!IsPostBack) { if (Session["AdminName"] == null || Session["AdminName"].ToString().Trim() == "") { Response.Write("<script>alert('对不起,您没有登录!');parent.location.href='Login.aspx'</script>"); return; } else { Cms.DAL.Admin dal = new DAL.Admin(); Cms.Model.Admin model = new Cms.Model.Admin(); model = dal.GetModelByName(Session["AdminName"].ToString()); if (model != null) { if (model.RealName.Length <= 6) lblSignIn.Text = model.RealName; else lblSignIn.Text = model.RealName.Substring(0, 5) + "..."; } } } }
protected void logindl_Click(object sender, ImageClickEventArgs e) { if ((Session["CheckCode"] != null) && (Session["CheckCode"].ToString() != "")) { #region 记录登录次数 if (Session["AdminLoginSun"] == null) { Session["AdminLoginSun"] = 1; } else { Session["AdminLoginSun"] = Convert.ToInt32(Session["AdminLoginSun"]) + 1; } //判断登录 if (Session["AdminLoginSun"] != null && Convert.ToInt32(Session["AdminLoginSun"]) > 3) { this.logindl.Enabled = false; this.txtCode.Text = ""; this.txtName.Enabled = false; this.txtPwd.Enabled = false; MessageBox.Show(this, "对不起,你错误登录了三次,系统登录锁定!"); } #endregion string UserName = txtName.Text.Trim(); string UserPwd = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(this.txtPwd.Text.ToString(), "MD5"); if (UserName.Equals("") || UserPwd.Equals("")) { MessageBox.Show(this, "请输入您要登录用户名或密码!"); } else { if (Session["CheckCode"].ToString().ToLower() != this.txtCode.Text.ToLower()) { MessageBox.Show(this, "您输入的验证码不正确,请重新输入!"); this.txtCode.Text = ""; Session["CheckCode"] = null; return; } else { Session["CheckCode"] = null; } if (dal.chkAdminLogin(UserName, UserPwd)) { Cms.Model.Admin model = new Cms.Model.Admin(); model = dal.GetModelByName(UserName); Session["AdminNo"] = model.Id; Session["AdminName"] = model.UserName; //设置超时时间 Session.Timeout = 120; Session["AdminLoginSun"] = null; Response.Redirect("Frame.aspx"); } else { MessageBox.Show(this, "您输入的用户名或密码不正确,请重新输入!"); //保存日志 new Web.UI.ManagePage().SaveLogs(UserName, "[用户登录] 状态:登录失败!"); } } } else { MessageBox.Show(this, "请输入验证码!"); } }
/// <summary> /// 根据用户名取得一行数据给Model /// </summary> /// <param name="userName"></param> /// <returns></returns> public Cms.Model.Admin GetModelByName(string UserName) { StringBuilder strSql = new StringBuilder(); strSql.Append("select top 1 userid,username,password,realname2,departmentId,roleid,StaffId,userbh from UserInfo "); strSql.Append(" where UserName=@UserName "); SqlParameter[] parameters = { new SqlParameter("@UserName", SqlDbType.NVarChar,30) }; parameters[0].Value = UserName; Cms.Model.Admin model = new Cms.Model.Admin(); DataSet ds = DbHelperSQL.Query(strSql.ToString(), parameters); if (ds.Tables[0].Rows.Count > 0) { if (ds.Tables[0].Rows[0]["userid"] != null && ds.Tables[0].Rows[0]["userid"].ToString() != "") { model.Id = int.Parse(ds.Tables[0].Rows[0]["userid"].ToString()); } if (ds.Tables[0].Rows[0]["username"] != null && ds.Tables[0].Rows[0]["username"].ToString() != "") { model.UserName = ds.Tables[0].Rows[0]["username"].ToString(); } if (ds.Tables[0].Rows[0]["password"] != null && ds.Tables[0].Rows[0]["password"].ToString() != "") { model.UserPwd = ds.Tables[0].Rows[0]["password"].ToString(); } if (ds.Tables[0].Rows[0]["realname2"] != null && ds.Tables[0].Rows[0]["realname2"].ToString() != "") { model.RealName = ds.Tables[0].Rows[0]["realname2"].ToString(); } if (ds.Tables[0].Rows[0]["departmentId"] != null && ds.Tables[0].Rows[0]["departmentId"].ToString() != "") { model.DepartID = int.Parse(ds.Tables[0].Rows[0]["departmentId"].ToString()); } if (ds.Tables[0].Rows[0]["roleid"] != null && ds.Tables[0].Rows[0]["roleid"].ToString() != "") { model.RoleID = int.Parse(ds.Tables[0].Rows[0]["roleid"].ToString()); } if (ds.Tables[0].Rows[0]["StaffId"] != null && ds.Tables[0].Rows[0]["StaffId"].ToString() != "") { model.StaffID = int.Parse(ds.Tables[0].Rows[0]["StaffId"].ToString()); } if (ds.Tables[0].Rows[0]["userbh"] != null && ds.Tables[0].Rows[0]["userbh"].ToString() != "") { model.UserBH = ds.Tables[0].Rows[0]["userbh"].ToString(); } strSql = new StringBuilder(); strSql.Append("select top 1 StaffName,StaffTel,StaffAddres from Staff "); strSql.Append(" where StaffId=@StaffId "); SqlParameter[] parametersStaff = { new SqlParameter("@StaffId", SqlDbType.Int,4)}; parametersStaff[0].Value = model.StaffID; DataSet dsStaff = DbHelperSQL.Query(strSql.ToString(), parametersStaff); if (dsStaff.Tables[0].Rows.Count > 0) { if (dsStaff.Tables[0].Rows[0]["StaffTel"] != null && dsStaff.Tables[0].Rows[0]["StaffTel"].ToString() != "") { model.Telephone = dsStaff.Tables[0].Rows[0]["StaffTel"].ToString(); } if (dsStaff.Tables[0].Rows[0]["StaffAddres"] != null && dsStaff.Tables[0].Rows[0]["StaffAddres"].ToString() != "") { model.Address = dsStaff.Tables[0].Rows[0]["StaffAddres"].ToString(); } return model; } else { return null; } } else { return null; } }
/// <summary> /// 增加一条数据 /// </summary> public int Add(Cms.Model.Admin model) { StringBuilder strSql = new StringBuilder(); strSql.Append("insert into Staff("); strSql.Append("StaffName,StaffTel,StaffAddres)"); strSql.Append(" values ("); strSql.Append("@StaffName,@StaffTel,@StaffAddres)"); strSql.Append(";select @@IDENTITY"); SqlParameter[] parameters = { new SqlParameter("@StaffName", SqlDbType.VarChar, 50), new SqlParameter("@StaffTel", SqlDbType.VarChar, 50), new SqlParameter("@StaffAddres", SqlDbType.VarChar, 50) }; parameters[0].Value = model.RealName; parameters[1].Value = model.Telephone; parameters[2].Value = model.Address; object obj = DbHelperSQL.GetSingle(strSql.ToString(), parameters); if (obj == null) { return(0); } else { model.StaffID = Convert.ToInt32(obj); } strSql = new StringBuilder(); strSql.Append("insert into UserInfo("); strSql.Append("username,password,realname2,departmentId,roleid,StaffId,userbh)"); strSql.Append(" values ("); strSql.Append("@username,@password,@realname2,@departmentId,@roleid,@StaffId,@userbh)"); strSql.Append(";select @@IDENTITY"); SqlParameter[] parametersUser = { new SqlParameter("@username", SqlDbType.NVarChar, 50), new SqlParameter("@password", SqlDbType.Char, 32), new SqlParameter("@realname2", SqlDbType.NVarChar, 50), new SqlParameter("@departmentId", SqlDbType.Int, 4), new SqlParameter("@roleid", SqlDbType.Int, 4), new SqlParameter("@StaffId", SqlDbType.Int, 4), new SqlParameter("@userbh", SqlDbType.NVarChar, 50) }; parametersUser[0].Value = model.UserName; parametersUser[1].Value = model.UserPwd; parametersUser[2].Value = model.RealName; parametersUser[3].Value = model.DepartID; parametersUser[4].Value = model.RoleID; parametersUser[5].Value = model.StaffID; parametersUser[6].Value = model.UserBH; obj = DbHelperSQL.GetSingle(strSql.ToString(), parametersUser); if (obj == null) { return(0); } else { return(Convert.ToInt32(obj)); } }
/// <summary> /// 根据用户ID取得一行数据给Model /// </summary> /// <param name="userName"></param> /// <returns></returns> public Cms.Model.Admin GetModelByID(int ID) { StringBuilder strSql = new StringBuilder(); strSql.Append("select top 1 userid,username,password,realname2,departmentId,roleid,StaffId,userbh from UserInfo "); strSql.Append(" where userid=@userid "); SqlParameter[] parameters = { new SqlParameter("@userid", SqlDbType.Int, 30) }; parameters[0].Value = ID; Cms.Model.Admin model = new Cms.Model.Admin(); DataSet ds = DbHelperSQL.Query(strSql.ToString(), parameters); if (ds.Tables[0].Rows.Count > 0) { if (ds.Tables[0].Rows[0]["userid"] != null && ds.Tables[0].Rows[0]["userid"].ToString() != "") { model.Id = int.Parse(ds.Tables[0].Rows[0]["userid"].ToString()); } if (ds.Tables[0].Rows[0]["username"] != null && ds.Tables[0].Rows[0]["username"].ToString() != "") { model.UserName = ds.Tables[0].Rows[0]["username"].ToString(); } if (ds.Tables[0].Rows[0]["password"] != null && ds.Tables[0].Rows[0]["password"].ToString() != "") { model.UserPwd = ds.Tables[0].Rows[0]["password"].ToString(); } if (ds.Tables[0].Rows[0]["realname2"] != null && ds.Tables[0].Rows[0]["realname2"].ToString() != "") { model.RealName = ds.Tables[0].Rows[0]["realname2"].ToString(); } if (ds.Tables[0].Rows[0]["departmentId"] != null && ds.Tables[0].Rows[0]["departmentId"].ToString() != "") { model.DepartID = int.Parse(ds.Tables[0].Rows[0]["departmentId"].ToString()); } if (ds.Tables[0].Rows[0]["roleid"] != null && ds.Tables[0].Rows[0]["roleid"].ToString() != "") { model.RoleID = int.Parse(ds.Tables[0].Rows[0]["roleid"].ToString()); } if (ds.Tables[0].Rows[0]["StaffId"] != null && ds.Tables[0].Rows[0]["StaffId"].ToString() != "") { model.StaffID = int.Parse(ds.Tables[0].Rows[0]["StaffId"].ToString()); } if (ds.Tables[0].Rows[0]["userbh"] != null && ds.Tables[0].Rows[0]["userbh"].ToString() != "") { model.UserBH = ds.Tables[0].Rows[0]["userbh"].ToString(); } strSql = new StringBuilder(); strSql.Append("select top 1 StaffName,StaffTel,StaffAddres from Staff "); strSql.Append(" where StaffId=@StaffId "); SqlParameter[] parametersStaff = { new SqlParameter("@StaffId", SqlDbType.Int, 4) }; parametersStaff[0].Value = model.StaffID; DataSet dsStaff = DbHelperSQL.Query(strSql.ToString(), parametersStaff); if (dsStaff.Tables[0].Rows.Count > 0) { if (dsStaff.Tables[0].Rows[0]["StaffTel"] != null && dsStaff.Tables[0].Rows[0]["StaffTel"].ToString() != "") { model.Telephone = dsStaff.Tables[0].Rows[0]["StaffTel"].ToString(); } if (dsStaff.Tables[0].Rows[0]["StaffAddres"] != null && dsStaff.Tables[0].Rows[0]["StaffAddres"].ToString() != "") { model.Address = dsStaff.Tables[0].Rows[0]["StaffAddres"].ToString(); } return(model); } else { return(null); } } else { return(null); } }
/// <summary> /// 更新一条数据 /// </summary> public bool Update(Cms.Model.Admin model) { StringBuilder strSql = new StringBuilder(); strSql.Append("update Staff set "); strSql.Append("StaffName=@StaffName,"); strSql.Append("StaffTel=@StaffTel,"); strSql.Append("StaffAddres=@StaffAddres"); strSql.Append(" where StaffId=@StaffId"); SqlParameter[] parameters = { new SqlParameter("@StaffName", SqlDbType.VarChar, 50), new SqlParameter("@StaffTel", SqlDbType.VarChar, 50), new SqlParameter("@StaffAddres", SqlDbType.VarChar, 50), new SqlParameter("@StaffId", SqlDbType.Int, 4), }; parameters[0].Value = model.RealName; parameters[1].Value = model.Telephone; parameters[2].Value = model.Address; parameters[3].Value = model.StaffID; int rows = DbHelperSQL.ExecuteSql(strSql.ToString(), parameters); if (rows > 0) { } else { return(false); } strSql = new StringBuilder(); strSql.Append("update UserInfo set "); strSql.Append("username=@username,"); strSql.Append("password=@password,"); strSql.Append("realname2=@realname2,"); strSql.Append("departmentId=@departmentId,"); strSql.Append("roleid=@roleid,"); strSql.Append("StaffId=@StaffId,"); strSql.Append("userbh=@userbh"); strSql.Append(" where userid=@userid"); SqlParameter[] parametersUser = { new SqlParameter("@username", SqlDbType.NVarChar, 50), new SqlParameter("@password", SqlDbType.Char, 32), new SqlParameter("@realname2", SqlDbType.NVarChar, 50), new SqlParameter("@departmentId", SqlDbType.Int, 4), new SqlParameter("@roleid", SqlDbType.Int, 4), new SqlParameter("@StaffId", SqlDbType.Int, 4), new SqlParameter("@userbh", SqlDbType.NVarChar, 50), new SqlParameter("@userid", SqlDbType.Int, 4) }; parametersUser[0].Value = model.UserName; parametersUser[1].Value = model.UserPwd; parametersUser[2].Value = model.RealName; parametersUser[3].Value = model.DepartID; parametersUser[4].Value = model.RoleID; parametersUser[5].Value = model.StaffID; parametersUser[6].Value = model.UserBH; parametersUser[7].Value = model.Id; rows = DbHelperSQL.ExecuteSql(strSql.ToString(), parametersUser); if (rows > 0) { return(true); } else { return(false); } }