public void SetUserByID(DBLib dbLib, string strID)
{
//DBLib dbLib = new DBLib();
string strSQL = "Select * From Users Where UserID=" + strID;
DataSet dsUser = dbLib.GetDataSet(strSQL);
if (dsUser.Tables[0].Rows.Count > 0)
{
m_strID = dsUser.Tables[0].Rows[0]["UserName"].ToString();
m_strRights = dsUser.Tables[0].Rows[0]["Rights"].ToString();
m_strRole = dsUser.Tables[0].Rows[0]["Role"].ToString();
}
}
private bool IsUserExist(DBLib dbLib)
{
bool bIsExist = false;
//DBLib dbLib = new DBLib();
string strSQL = "Select * From Users Where UserName='******'";
DataSet dsUser = dbLib.GetDataSet(strSQL);
if (dsUser.Tables[0].Rows.Count > 0)
{
bIsExist = true;
}
return(bIsExist);
}
/// <summary>
/// 检查用户登陆
/// </summary>
/// <returns></returns>
public bool CheckUser(DBLib dbLib)
{
bool bLogin = false;
if (m_strID.Contains("&") || m_strID.Contains("$") || m_strID.Contains("'"))
{
return(bLogin);
}
string strPsw;
strPsw = FormsAuthentication.HashPasswordForStoringInConfigFile(m_strPsw, "md5");
string strSQL = "Select * From Users Where UserName='******' and Password='******'";
DataSet dsUser = dbLib.GetDataSet(strSQL);
if (dsUser.Tables[0].Rows.Count > 0)
{
bLogin = true;
}
return(bLogin);
}