protected void lb_ok_Click(object sender, EventArgs e)
{
string mErr = "";
string mg_pass, mg_pass1;
// 載入公用函數
Common_Func cfc = new Common_Func();
mg_pass = tb_mg_pass.Text.Trim();
mg_pass1 = tb_mg_pass1.Text.Trim();
if (mg_pass == "")
mErr = mErr + "「新登入密碼」沒有輸入!\\n";
else
if (cfc.CheckSQL(mg_pass))
mErr = mErr + "「新登入密碼」請勿使用特殊符號!\\n";
else if (mg_pass.Length > 12 || mg_pass.Length < 4)
mErr = mErr + "「新登入密碼」長度為4~12個字!\\n";
if (mg_pass != mg_pass1)
mErr = mErr + "「新登入密碼」與「新密碼確認」不相同!\\n";
if (mErr == "")
{
using (SqlConnection Sql_conn = new SqlConnection(WebConfigurationManager.ConnectionStrings["AppSysConnectionString"].ConnectionString))
{
string SqlString = "";
Decoder decoder = new Decoder();
Sql_conn.Open();
// 建立 SQL 修改資料的語法
SqlString = "Update Manager Set mg_pass = @mg_pass";
SqlString = SqlString + " Where mg_sid = @mg_sid";
using (SqlCommand Sql_Command = new SqlCommand(SqlString, Sql_conn))
{
Sql_Command.Parameters.AddWithValue("@mg_pass", decoder.EnCode(mg_pass));
Sql_Command.Parameters.AddWithValue("@mg_sid", lb_pg_mg_sid.Text);
Sql_Command.ExecuteNonQuery();
}
}
}
if (mErr == "")
{
mErr = "alert('密碼變更完成,新密碼該員於下次登入時生效!\\n');location.replace('10051.aspx" + lb_page.Text + "');";
}
else
mErr = "alert('" + mErr + "')";
lt_show.Text = "<script language=javascript>" + mErr + "</script>";
}
protected void Page_Load(object sender, EventArgs e)
{
Decoder dcode = new Decoder();
if (!IsPostBack)
{
// 檢查使用者權限並存入登入紀錄
//Check_Power("3002", true);
if (Request["fl_url"] != null)
{
lb_fl_url.Text = dcode.DeCode(Request["fl_url"].Trim());
lb_fl_url_encode.Text = Server.UrlEncode(dcode.EnCode(lb_fl_url.Text));
lb_path.Text = Server.MapPath(lb_fl_url.Text);
if (lb_fl_url.Text == Album.Root)
{
lb_show_path.Text = "根目錄";
}
else
{
// 僅顯示 Album.Root 以後的目錄名稱
lb_show_path.Text = lb_fl_url.Text.Replace(Album.Root, "");
// 檢查目錄是否存在
if (! Directory.Exists(lb_path.Text))
lt_show.Text = "<script language=javascript>alert(\"找不到指定的路徑\\n\");location.replace(\"3002.aspx\");</script>";
}
}
else
{
lb_fl_url.Text = Album.Root;
lb_fl_url_encode.Text = Server.UrlEncode(dcode.EnCode(lb_fl_url.Text));
lb_path.Text = Server.MapPath(lb_fl_url.Text);
lb_show_path.Text = "根目錄";
}
}
}
// 建立子目錄
protected void bn_mkdir_ok_Click(object sender, EventArgs e)
{
Decoder dcode = new Decoder();
string smkdir = "", mErr = "", fpath = "";
smkdir = tb_al_name.Text.Trim();
if (smkdir == "")
mErr = "請輸入子目錄的名稱!\\n";
else
{
fpath = Server.MapPath(lb_fl_url.Text);
if (Directory.Exists(fpath))
{
fpath = fpath + "\\" + smkdir + "\\";
if (Directory.Exists(fpath))
mErr = "這個子目錄名稱已經存在!\\n";
else
{
try
{
Directory.CreateDirectory(fpath);
if (!Directory.Exists(fpath))
mErr = "目錄建立失敗!\\n";
else
{
#region 建立縮圖目錄
fpath = fpath + "_thumb\\";
Directory.CreateDirectory(fpath);
#endregion
}
}
catch (Exception ex)
{
mErr = ex.ToString() + "\\n";
}
}
}
else
mErr = "找不到現在的目錄!\\n";
}
if (mErr == "")
lt_show.Text = "<script language=\"javascript\">alert(\"目錄建立完成!\\n\");parent.tree_reload('" + Server.UrlEncode(dcode.EnCode(lb_fl_url.Text)) + "');parent.clean_win();</script>";
else
lt_show.Text = "<script language=\"javascript\">alert(\"" + mErr + "\");parent.clean_win();</script>";
}
// 刪除目錄
protected void bn_rddir_ok_Click(object sender, EventArgs e)
{
Decoder dcode = new Decoder();
string mErr = "", pPath = "";
if (Directory.Exists(lb_path.Text))
{
// 取得上層目錄
DirectoryInfo pDir = Directory.GetParent(lb_path.Text);
pPath = pDir.FullName.ToString();
if (pPath.Substring(pPath.Length - 1, 1) != "\\")
pPath += "\\";
pPath = Album.Root + pPath.Replace(Server.MapPath(Album.Root), "").Replace("\\", "/");
try
{
// 刪除縮圖目錄
Directory.Delete(lb_path.Text + "\\_thumb");
Directory.Delete(lb_path.Text);
if (Directory.Exists(lb_path.Text))
mErr = "目錄無法刪除!\\n";
}
catch
{
mErr = "目錄無法刪除!\\n可能還有子目錄或檔案\\n";
}
}
else
mErr = "目錄已經不存在!\\n";
if (mErr == "")
{
lt_show.Text = "<script language=\"javascript\">alert(\"目錄「" + lb_al_name.Text + "]」已經刪除!\\n\");parent.location.replace(\"3002.aspx?fl_url=" + Server.UrlEncode(dcode.EnCode(pPath)) + "\");</script>";
}
else
lt_show.Text = "<script language=\"javascript\">alert(\"" + mErr + "\\n\");parent.clean_win();</script>";
}
protected void bn_rndir_ok_Click(object sender, EventArgs e)
{
Decoder dcode = new Decoder();
string smkdir = "", mErr = "", sPath = "";
smkdir = tb_al_name.Text.Trim();
if (smkdir == "")
mErr = "請輸入子目錄的名稱!\\n";
{
smkdir = lb_ppath.Text + "\\" + tb_al_name.Text.Trim();
// 檢查是否有同名的目錄
if (Directory.Exists(smkdir))
mErr = "已有相同名稱的目錄!\\n";
else
{
sPath = Album.Root + smkdir.Replace(Server.MapPath(Album.Root), "").Replace("\\", "/");
try
{
Directory.Move(lb_path.Text, smkdir);
if (!Directory.Exists(smkdir))
mErr = "目錄更名失敗!\\n";
}
catch
{
mErr = "目錄無法更名!\\n";
}
}
}
if (mErr == "")
lt_show.Text = "<script language=\"javascript\">alert(\"目錄完成變更!\\n\");parent.location.replace(\"3002.aspx?fl_url=" + Server.UrlEncode(dcode.EnCode(sPath)) + "\");</script>";
else
lt_show.Text = "<script language=\"javascript\">resize();alert(\"" + mErr + "\");parent.clean_win();</script>";
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
Decoder dcode = new Decoder();
string fl_name = "", fl_url = "", fpath = "";
int rownum = 1;
string mErr = "";
// 檢查使用者權限,但不存登入紀錄
//Check_Power("3002", false);
#region 檢查傳入參數
if (Request["fl_url"] == null || Request["fl_name"] == null || Request["rownum"] == null)
mErr = "參數傳送錯誤!\\n";
else
{
if (!int.TryParse(Request["rownum"], out rownum))
rownum = 1;
fl_name = Request["fl_name"].Trim().ToLower();
fl_url = dcode.DeCode(Request["fl_url"].Trim());
if (fl_name == "" || fl_url == "")
mErr = "參數傳送錯誤!\\n";
}
#endregion
if (mErr == "")
{
#region 取得相片資訊
if (mErr == "")
{
fpath = Server.MapPath(fl_url);
if (fpath.Substring(fpath.Length - 1, 1) != "\\")
fpath += "\\";
string[] mFiles = Directory.GetFiles(fpath, fl_name);
if (mFiles.Length > 0)
{
FileInfo fi_obj = new FileInfo(mFiles[0].ToString());
lb_path.Text = fpath;
lb_rownum.Text = rownum.ToString();
lb_fl_url_encode.Text = Server.UrlEncode(dcode.EnCode(fl_url));
lb_ac_name.Text = fl_name;
lb_ac_size.Text = fi_obj.Length.ToString("N0");
lb_init_time.Text = fi_obj.LastWriteTime.ToString("yyyy/MM/dd HH:mm:ss");
lb_ac_type.Text = fi_obj.Extension.ToLower();
#region 讀取圖檔資料
using (System.Drawing.Image img_obj = System.Drawing.Image.FromFile(fpath + fl_name))
{
lb_ac_wh.Text = img_obj.Width.ToString() + " × " + img_obj.Height.ToString();
}
#endregion
}
else
mErr = "找不到指定的相片!\\n";
mFiles = null;
}
#endregion
}
if (mErr != "")
lt_show.Text = "<script language=javascript>alert(\"" + mErr + "\");parent.close_all();parent.clean_win();</script>";
}
}
protected void lb_ok_Click(object sender, EventArgs e)
{
string mErr = "";
int mg_sid = -1;
// 載入字串函數
String_Func sfc = new String_Func();
// 載入公用函數
Common_Func cfc = new Common_Func();
if (tb_mg_id.Text.Trim() == "")
mErr += "「登入帳號」沒有輸入!\\n";
else
if (cfc.CheckSQL(tb_mg_id.Text.Trim()))
mErr += "「登入帳號」請勿使用特殊符號!\\n";
if (tb_mg_pass.Text.Trim() == "")
mErr += "「登入密碼」沒有輸入!\\n";
else
if (cfc.CheckSQL(tb_mg_pass.Text.Trim()))
mErr += "「登入密碼」請勿使用特殊符號!\\n";
else if (tb_mg_pass.Text.Trim().Length > 12 || tb_mg_pass.Text.Trim().Length < 4)
mErr += "「登入密碼」長度為4~12個字!!\\n";
if (tb_mg_pass.Text != tb_mg_pass1.Text)
mErr += "「登入密碼」與「密碼確認」不相同!\\n";
if (tb_mg_name.Text.Trim() == "")
mErr += "「姓名」沒有輸入!\\n";
if (tb_mg_nike.Text.Trim() == "")
mErr += "「暱稱」沒有輸入!\\n";
if (tb_mg_unit.Text.Trim() == "")
mErr += "「單位」沒有輸入!\\n";
if (mErr == "")
{
using (SqlConnection Sql_conn = new SqlConnection(WebConfigurationManager.ConnectionStrings["AppSysConnectionString"].ConnectionString))
{
string SqlString = "";
Decoder decoder = new Decoder();
// 建立 SQL 的語法
SqlString = "Insert Into Manager (mg_name, mg_nike, mg_id, mg_pass, mg_unit, mg_desc)";
SqlString += " Values (@mg_name, @mg_nike, @mg_id, @mg_pass, @mg_unit, @mg_desc);";
SqlString += "Select @mg_sid = Scope_Identity()";
using (SqlCommand Sql_Command = new SqlCommand())
{
Sql_Command.Connection = Sql_conn;
Sql_Command.CommandText = SqlString;
// 擷取字串到資料庫所規範的大小 sfc.Left(string mdata, int leng)
Sql_Command.Parameters.AddWithValue("@mg_name", sfc.Left(tb_mg_name.Text, 12));
Sql_Command.Parameters.AddWithValue("@mg_nike", sfc.Left(tb_mg_nike.Text, 12));
Sql_Command.Parameters.AddWithValue("@mg_id", sfc.Left(tb_mg_id.Text, 12));
Sql_Command.Parameters.AddWithValue("@mg_pass", decoder.EnCode(sfc.Left(tb_mg_pass.Text, 12)));
Sql_Command.Parameters.AddWithValue("@mg_unit", sfc.Left(tb_mg_unit.Text, 50));
Sql_Command.Parameters.AddWithValue("@mg_desc", sfc.Left(tb_mg_desc.Text, 1000));
SqlParameter spt_mg_sid = Sql_Command.Parameters.Add("@mg_sid", SqlDbType.Int);
spt_mg_sid.Direction = ParameterDirection.Output;
Sql_conn.Open();
Sql_Command.ExecuteNonQuery();
// 取得新增資料的主鍵值
mg_sid = (int)spt_mg_sid.Value;
}
}
}
if (mErr == "")
{
mErr = "alert('存檔完成!\\n請繼續設定該員的權限.....\\n');location.replace('10051.aspx" + lb_page.Text + "&sid=" + mg_sid.ToString() + "');";
}
else
mErr = "alert('" + mErr + "')";
lt_show.Text = "<script language=javascript>" + mErr + "</script>";
}
protected void bn_encode_Click(object sender, EventArgs e)
{
Decoder dcode = new Decoder();
lb_encrypt.Text = dcode.EnCode(tb_source.Text);
}
// 取得路徑內的子目錄及檔案清單,並指派給 lt_data 。
private void Get_PathFile()
{
Decoder dcoder = new Decoder();
string fname = "", fpath = "", subpath = "";
lt_data.Text = "<table width='95%' border='1' cellpadding='4' cellspacing='0'>\n";
lt_data.Text = lt_data.Text + "<tr align='center' bgcolor='#FF6A04' height=24>\n";
lt_data.Text = lt_data.Text + "<td><font color=#FFFFFF>檔案名稱</font></td>\n";
lt_data.Text = lt_data.Text + "<td><font color=#FFFFFF>檔案大小</font></td>\n";
lt_data.Text = lt_data.Text + "<td><font color=#FFFFFF>副檔名</font></td>\n";
lt_data.Text = lt_data.Text + "<td style=\"width:120pt\"><font color=#FFFFFF>建立時間</font></td>\n";
lt_data.Text = lt_data.Text + "<td style=\"width:50pt\"><font color=#FFFFFF>更名</font></td>\n";
lt_data.Text = lt_data.Text + "<td style=\"width:50pt\"><font color=#FFFFFF>刪除</font></td>\n";
lt_data.Text = lt_data.Text + "</tr>\n";
#region 若非最頂層,則產生回到上一層目錄
if (lb_url.Text != lb_fl_url.Text)
{
// 取得上一層目錄
subpath = Server.UrlEncode(dcoder.EnCode((My.Computer.FileSystem.GetParentPath(lb_url.Text) + "\\").Replace("\\", "/")));
lt_data.Text = lt_data.Text + "<tr align=center>\n";
lt_data.Text = lt_data.Text + "<td align=left>" + "<a href=\"2003.aspx?fl_url=" + subpath + "\">回上一層..</a>" + "</td>\n";
lt_data.Text = lt_data.Text + "<td>...</td>\n";
lt_data.Text = lt_data.Text + "<td><DIR></td>\n";
lt_data.Text = lt_data.Text + "<td> </td>\n";
lt_data.Text = lt_data.Text + "<td> </td>\n";
lt_data.Text = lt_data.Text + "<td> </td>\n";
lt_data.Text = lt_data.Text + "</tr>\n";
}
#endregion
#region 找尋子目錄
foreach (string mpath in My.Computer.FileSystem.GetDirectories(lb_path.Text))
{
fpath = My.Computer.FileSystem.GetDirectoryInfo(mpath).Name;
subpath = Server.UrlEncode(dcoder.EnCode(lb_url.Text + fpath + "/"));
lt_data.Text = lt_data.Text + "<tr align=center>\n";
lt_data.Text = lt_data.Text + "<td align=left>" + "<a href=\"2003.aspx?fl_url=" + subpath + "\">\\" + fpath + "</a>" + "</td>\n";
lt_data.Text = lt_data.Text + "<td>...</td>\n";
lt_data.Text = lt_data.Text + "<td><DIR></td>\n";
lt_data.Text = lt_data.Text + "<td>" + My.Computer.FileSystem.GetDirectoryInfo(mpath).CreationTime.ToString("yyyy/MM/dd HH:mm:ss") + "</td>\n";
lt_data.Text = lt_data.Text + "<td><a href=\"javascript:renpath('" + fpath + "')\" class=\"abtn\"> 更名 </a></td>\n";
lt_data.Text = lt_data.Text + "<td><a href=\"javascript:delpath('" + fpath + "')\" class=\"abtn\"> 刪除 </a></td>\n";
lt_data.Text = lt_data.Text + "</tr>\n";
}
#endregion
#region 找尋檔案
foreach (string mfile in My.Computer.FileSystem.GetFiles(lb_path.Text))
{
fname = My.Computer.FileSystem.GetFileInfo(mfile).Name;
lt_data.Text = lt_data.Text + "<tr align=center>\n";
lt_data.Text = lt_data.Text + "<td align=left>" + "<a href=\"" + lb_url.Text + fname + "\" target=\"_blank\">" + fname + "</a>" + "</td>\n";
lt_data.Text = lt_data.Text + "<td align=right>" + My.Computer.FileSystem.GetFileInfo(mfile).Length.ToString("N0") + " </td>\n";
lt_data.Text = lt_data.Text + "<td>" + My.Computer.FileSystem.GetFileInfo(mfile).Extension.ToUpper().Replace(".", "") + "</td>\n";
lt_data.Text = lt_data.Text + "<td>" + My.Computer.FileSystem.GetFileInfo(mfile).CreationTime.ToString("yyyy/MM/dd HH:mm:ss") + "</td>\n";
lt_data.Text = lt_data.Text + "<td><a href=\"javascript:renfile('" + fname + "')\" class=\"abtn\"> 更名 </a></td>\n";
lt_data.Text = lt_data.Text + "<td><a href=\"javascript:delfile('" + fname + "')\" class=\"abtn\"> 刪除 </a></td>\n";
lt_data.Text = lt_data.Text + "</tr>\n";
}
#endregion
// 沒有任何資料
if (fname == "" && fpath == "")
lt_data.Text = lt_data.Text + "<tr align=center><td colspan=6>沒有任何檔案或子目錄</td></tr>\n";
lt_data.Text = lt_data.Text + "</table>\n";
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
Decoder dcode = new Decoder();
string mErr = "", fl_url = "";
// 檢查使用者權限並存入登入紀錄
//Check_Power("2003", true);
#region 取得所屬的實體位置
using (SqlConnection Sql_conn = new SqlConnection(WebConfigurationManager.ConnectionStrings["AppSysConnectionString"].ConnectionString))
{
using (SqlCommand Sql_Command = new SqlCommand())
{
string SqlString = "";
SqlString = "Select Top 1 fl_url From Fi_Location Where fl_no = 3";
Sql_Command.Connection = Sql_conn;
Sql_Command.CommandText = SqlString;
Sql_conn.Open();
using (SqlDataReader Sql_Reader = Sql_Command.ExecuteReader())
{
if (Sql_Reader.Read())
{
lb_fl_url.Text = Sql_Reader["fl_url"].ToString().Trim();
bn_go_root.ToolTip = "回到 " + lb_fl_url.Text + " ";
}
else
mErr = "找不到指定的路徑\\n";
Sql_Reader.Close();
}
}
#endregion
}
if (mErr == "")
{
#region 判斷是否有傳入值
if (Request["fl_url"] == null)
lb_url.Text = lb_fl_url.Text;
else if (Request["fl_url"].Trim() == "")
lb_url.Text = lb_fl_url.Text;
else
{
fl_url = dcode.DeCode(Request["fl_url"].Trim());
// 檢查是否有人使用入侵方式進入
if (fl_url.Length < lb_fl_url.Text.Length)
lb_url.Text = lb_fl_url.Text;
else if (fl_url.Substring(0, lb_fl_url.Text.Length) == lb_fl_url.Text)
lb_url.Text = fl_url;
else
lb_url.Text = lb_fl_url.Text;
}
lb_path.Text = Server.MapPath(lb_url.Text);
// 加密編碼,傳送時以防入侵
lb_url_encode.Text = Server.UrlEncode(dcode.EnCode(lb_url.Text));
lb_fl_url_encode.Text = Server.UrlEncode(dcode.EnCode(lb_fl_url.Text));
#endregion
// 取得路徑內的子目錄及檔案清單
Get_PathFile();
}
// 顯示錯誤訊息
if (mErr != "")
lt_show.Text = "<script language=javascript>alert(\"" + mErr + "\");</script>";
}
}
protected void Page_Load(object sender, EventArgs e)
{
Decoder dcode = new Decoder();
string mErr = "", fpath = "", fext = "", fname = "";
string file_ext = ".jpg.gif.png.bmp.wmf"; // 允許使用的檔案副檔名
int ckint = -1, iCnt = 0, rCnt = 0;
if (!IsPostBack)
{
// 檢查使用者權限,但不存登入紀錄
//Check_Power("3002", false);
// 上下一筆時處理用的指標
if (Request["rownum"] != null)
{
if (int.TryParse(Request["rownum"], out ckint))
rownum = ckint;
else
rownum = 1;
}
else
rownum = 1;
// 顯示效果
if (Request["effect"] != null)
if (int.TryParse(Request["effect"], out ckint))
show_effect = ckint;
else
show_effect = 0;
else
show_effect = 0;
if (Request["fl_url"] != null)
{
fl_url = dcode.DeCode(Request["fl_url"].Trim());
if (fl_url.Substring(fl_url.Length - 1, 1) != "/")
fl_url += "/";
fpath = Server.MapPath(fl_url);
if (fpath.Substring(fpath.Length - 1, 1) != "\\")
fpath = fpath + "\\";
if (Directory.Exists(fpath))
fl_url_encode = Server.UrlEncode(dcode.EnCode(fl_url));
else
mErr = "找不到這個目錄!\\n";
}
else
mErr = "參數傳送錯誤!\\n";
if (mErr == "") {
#region 處理圖形資料
string[] mFiles = Directory.GetFiles(fpath, "*");
if (mFiles.Length > 0)
{
Array.Sort(mFiles);
maxrow = 0;
rCnt = 0;
for (iCnt = 0; iCnt < mFiles.Length; iCnt++)
{
fname = mFiles[iCnt].Replace(fpath, "").Replace("\\", "").ToLower();
fext = Path.GetExtension(fname).ToString().ToLower();
if (file_ext.Contains(fext))
{
maxrow++;
if (rownum == maxrow)
{
rCnt = maxrow;
ac_pic = fl_url + fname;
fl_name = fname;
}
else if (maxrow == 1)
{
ac_pic = fl_url + fname;
fl_name = fname;
}
}
}
if (maxrow == 0)
mErr = "這個目錄已經沒有相片檔案了!\\n";
else
{
#region 找不到指定順序的圖形
if (rCnt == 0)
rCnt = 1;
#endregion
rownum = rCnt;
}
}
else
mErr = "這個目錄已經沒有相片了!\\n";
#endregion
}
if (mErr != "")
lt_show.Text = "<script language=javascript>alert(\"" + mErr + "\");window.close();</script>";
}
}
protected void bn_ok_Click(object sender, EventArgs e)
{
Common_Func cfc = new Common_Func();
string mErr = "", mg_npass = "";
mg_npass = tb_npass.Text.Trim();
if (tb_spass.Text.Trim() == "")
mErr = mErr + "請輸入「原登入密碼」!\\n";
if (mg_npass == "")
mErr = mErr + "請輸入「新登入密碼」!\\n";
else if (cfc.CheckSQL(mg_npass))
mErr = mErr + "「新登入密碼」請勿使用特殊符號!\\n";
else if (mg_npass.Length > 12 || mg_npass.Length < 4)
mErr = mErr + "「新登入密碼」長度為4~12個字!\\n";
if (mg_npass != tb_rpass.Text.Trim())
mErr = mErr + "「新登入密碼」與「新密碼確認」輸入的資料不同!\\n";
else
{
if (tb_spass.Text.Trim() == tb_npass.Text.Trim())
mErr = mErr + "「原登入密碼」與「新登入密碼」不可相同!\\n";
}
if (mErr == "")
{
string mg_pass = "", mg_id = "";
string SqlString = "";
SqlConnection Sql_conn;
SqlCommand Sql_command;
SqlDataReader Sql_reader;
Decoder dcd = new Decoder();
SqlString = "Select Top 1 mg_id, mg_pass From Manager Where mg_sid = @mg_sid";
Sql_conn = new SqlConnection(WebConfigurationManager.ConnectionStrings["AppSysConnectionString"].ConnectionString);
Sql_conn.Open();
Sql_command = new SqlCommand(SqlString, Sql_conn);
Sql_command.Parameters.AddWithValue("@mg_sid", Session["mg_sid"].ToString());
Sql_reader = Sql_command.ExecuteReader();
if (Sql_reader.Read())
{
mg_id = Sql_reader["mg_id"].ToString().Trim();
// 取得登入者於 mg_pass 欄位中的密碼並加以解密。
mg_pass = dcd.DeCode(Sql_reader["mg_pass"].ToString().Trim());
}
Sql_reader.Close();
// 比對資料表中的帳號和密碼是否與使用者所輸入者相符。
if (mg_id == tb_id.Text.Trim() && mg_pass == tb_spass.Text.Trim())
{
// 加密使用者所輸入的新密碼。
mg_pass = dcd.EnCode(tb_npass.Text.Trim());
// 更新密碼。
SqlString = "Update Manager Set mg_pass = @mg_pass Where mg_sid = @mg_sid and mg_id = @mg_id";
Sql_command.Parameters.Clear();
Sql_command = new SqlCommand(SqlString, Sql_conn);
Sql_command.Parameters.AddWithValue("@mg_sid", Session["mg_sid"].ToString());
Sql_command.Parameters.AddWithValue("@mg_id", mg_id);
Sql_command.Parameters.AddWithValue("@mg_pass", mg_pass);
Sql_command.ExecuteNonQuery();
mErr = "密碼已更新完成,會在下一次登入時生效!\\n";
}
else
{
// 為避免有駭客入侵,不可明確表示是那個欄位輸入錯誤的訊息。
mErr = mErr + "「使用者帳號」或「原登入密碼」輸入錯誤!\\n";
}
Sql_command.Dispose();
Sql_conn.Close();
}
Literal txtMsg = new Literal();
// 傳送錯誤訊息
txtMsg.Text = "<script language=javascript>alert('" + mErr + "');</script>";
// 利用 javascript 傳送錯誤訊息或進入功能頁面
Page.Controls.Add(txtMsg);
}