public List <ProgramReport> SP_Event_GetReport_Web(int EventID, DateTime FromDate, DateTime ToDate, out int TotalRow)
{
TotalRow = 0;
try
{
var pars = new SqlParameter[4];
pars[0] = new SqlParameter("@EventID", EventID);
pars[1] = new SqlParameter("@FromDate", FromDate);
pars[2] = new SqlParameter("@ToDate", ToDate);
pars[3] = new SqlParameter("@TotalRow", SqlDbType.Int)
{
Direction = ParameterDirection.Output
};
var list = new DBHelper(Config.Site1400ConnectionString).GetListSP <ProgramReport>("SP_Event_GetReport_Web", pars);
if (list != null || list.Count >= 0)
{
TotalRow = Convert.ToInt32(pars[3].Value);
}
return(list);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new List <ProgramReport>());
}
}
/// <summary>
/// Lấy danh sách UserLog
/// </summary>
/// <param name="fromDate"></param>
/// <param name="toDate"></param>
/// <param name="userId"></param>
/// <param name="functionId"></param>
/// <param name="pageNumber"></param>
/// <param name="pageSize"></param>
/// <returns></returns>
public List <UsersLog> GetListUsersLog(string fromDate, string toDate, int userId, int functionId)
{
try
{
var pars = new SqlParameter[4];
pars[0] = !string.IsNullOrEmpty(fromDate)
? new SqlParameter("@_Fromdate", fromDate)
: new SqlParameter("@_Fromdate", DBNull.Value);
pars[1] = !string.IsNullOrEmpty(toDate)
? new SqlParameter("@_Todate", toDate)
: new SqlParameter("@_Todate", DBNull.Value);
pars[2] = new SqlParameter("@_UserID", userId);
pars[3] = new SqlParameter("@_FunctionID", functionId);
var list_result = new DBHelper(Config.Site1400ConnectionString).GetListSP <UsersLog>("SP_UserLogs_GetPages", pars);
if (list_result == null || list_result.Count <= 0)
{
return(new List <UsersLog>());
}
return(list_result);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new List <UsersLog>());
}
}
private void SetCookieUserInfo(int UserId, string UserName, bool IsAdministrator, string SessionID)
{
string CookieValue = "";
CookieValue += UserId;
CookieValue += "|" + UserName;
CookieValue += "|" + IsAdministrator;
CookieValue += "|" + SessionID;
CookieValue += "|" + Config.GetIP();
CookieValue += "|" + DateTime.Now.AddMinutes(_LifeTime);
//if (System.Web.HttpContext.Current.Request.Cookies[_CookieUserInfo] != null)
// System.Web.HttpContext.Current.Response.Cookies.Set(System.Web.HttpContext.Current.Request.Cookies[_CookieUserInfo]);
//else
// System.Web.HttpContext.Current.Response.Cookies.Set(new HttpCookie(_CookieUserInfo, ""));
//System.Web.HttpContext.Current.Response.Cookies[_CookieUserInfo].Value = rijndaelKey.Encrypt(CookieValue);
//if (!_SSODomain.Equals(""))
//{
// System.Web.HttpContext.Current.Response.Cookies[_CookieUserInfo].Path = "/";
// System.Web.HttpContext.Current.Response.Cookies[_CookieUserInfo].Domain = _SSODomain;
//}
//System.Web.HttpContext.Current.Response.Cookies[_CookieUserInfo].Expires = DateTime.Now.AddMinutes(_LifeTime);
//System.Web.HttpContext.Current.Response.Cookies[_CookieUserInfo].HttpOnly = true;
NLogLogger.LogInfo("CookieValue : " + CookieValue);
FormsAuthentication.SetAuthCookie(rijndaelKey.Encrypt(CookieValue), false);
}
public int SP_Menu_INUP_CMS(Menu menu)
{
try
{
var pars = new SqlParameter[9];
pars[0] = new SqlParameter("@MenuID", menu.MenuID);
pars[1] = new SqlParameter("@MenuName", menu.MenuName);
pars[2] = new SqlParameter("@MenuDesc", menu.MenuDesc);
pars[3] = new SqlParameter("@FatherID", menu.FatherID);
pars[4] = new SqlParameter("@Url", menu.Url);
pars[5] = new SqlParameter("@UrlRedirect", menu.UrlRedirect);
pars[6] = new SqlParameter("@Status", menu.Status);
pars[7] = new SqlParameter("@CreateUser", menu.CreateUser);
pars[8] = new SqlParameter("@ResponseStatus", DbType.Int32)
{
Direction = ParameterDirection.Output
};
new DBHelper(Config.Site1400ConnectionString).ExecuteNonQuerySP("SP_Menu_INUP_CMS", pars);
return(Convert.ToInt32(pars[8].Value));
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(-99);
}
}
/// Thêm quyền người dùng
/// <param name="RoleFunction"></param>
/// <returns></returns>
public int UserFunctionInsert(UserFunction RoleFunction)
{
try
{
var pars = new SqlParameter[8];
pars[0] = new SqlParameter("@_UserID", RoleFunction.UserID);
pars[1] = new SqlParameter("@_FunctionID", RoleFunction.FunctionID);
pars[2] = new SqlParameter("@_IsGrant", RoleFunction.IsGrant);
pars[3] = new SqlParameter("@_IsInsert", RoleFunction.IsInsert);
pars[4] = new SqlParameter("@_IsUpdate", RoleFunction.IsUpdate);
pars[5] = new SqlParameter("@_IsDelete", RoleFunction.IsDelete);
pars[6] = new SqlParameter("@_CreatedUserID", RoleFunction.CreatedUserID);
pars[7] = new SqlParameter("@_ResponseCode", SqlDbType.Int)
{
Direction = ParameterDirection.Output
};
new DBHelper(Config.Site1400ConnectionString).ExecuteNonQuerySP("SP_UserFunction_InsertOne", pars);
return(Convert.ToInt32(pars[7].Value));
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(-99);
}
}
public int SP_EventReport_INUP_CMS(EventReport x)
{
try
{
var pars = new SqlParameter[17];
pars[0] = new SqlParameter("@LogID", x.LogID);
pars[1] = new SqlParameter("@EventID", x.EventID);
pars[2] = new SqlParameter("@Vender", x.Vender);
pars[3] = new SqlParameter("@DataControl", x.DataControl);
pars[4] = new SqlParameter("@Pay1400", x.Pay1400);
pars[5] = new SqlParameter("@PayCharit", x.PayCharit);
pars[6] = new SqlParameter("@Note", x.Note);
pars[7] = new SqlParameter("@DataReviewTime", x.DataReviewTime);
pars[8] = new SqlParameter("@Pay14ReviewTime", x.Pay14ReviewTime);
pars[9] = new SqlParameter("@PayCharReviewTime", x.PayCharReviewTime);
pars[10] = new SqlParameter("@TimeAnswer", x.TimeAnswer);
pars[11] = new SqlParameter("@TimeSignRecord", x.TimeSignRecord);
pars[12] = new SqlParameter("@TimehsPay", x.TimehsPay);
pars[13] = new SqlParameter("@TimeTelcoPay", x.TimeTelcoPay);
pars[14] = new SqlParameter("@TimePay", x.TimePay);
pars[15] = new SqlParameter("@CreateUser", x.CreateUser);
pars[16] = new SqlParameter("@ResponseStatus", DbType.Int32)
{
Direction = ParameterDirection.Output
};
new DBHelper(Config.Site1400ConnectionString).ExecuteNonQuerySP("SP_EventReport_INUP_CMS", pars);
return(Convert.ToInt32(pars[16].Value));
}
catch (Exception ex)
{
NLogLogger.LogInfo("Error: " + ex.ToString());
return(-99);
}
}
public List <EventReport> SP_EventReport_GetList_CMS(int LogID, int EventID, string Vender, DateTime?FromDate, DateTime?ToDate, int Page, int PageSize, out int TotalRow)
{
try
{
var pars = new SqlParameter[8];
pars[0] = new SqlParameter("@LogID", LogID);
pars[1] = new SqlParameter("@EventID", EventID);
pars[2] = new SqlParameter("@Vender", Vender);
pars[3] = new SqlParameter("@FromDate", FromDate);
pars[4] = new SqlParameter("@ToDate", ToDate);
pars[5] = new SqlParameter("@Page", Page);
pars[6] = new SqlParameter("@PageSize", PageSize);
pars[7] = new SqlParameter("@TotalRow", SqlDbType.Int)
{
Direction = ParameterDirection.Output
};
var list = new DBHelper(Config.Site1400ConnectionString).GetListSP <EventReport>("SP_EventReport_GetList_CMS", pars);
TotalRow = Convert.ToInt32(pars[7].Value);
return(list);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
TotalRow = 0;
return(new List <EventReport>());
}
}
public List <Suggest> SP_Suggestion_List_CMS(int SuggestionID, string Mobile, string Email, DateTime?FromDate, DateTime?ToDate, int Status, int Page, int PageSize, out int TotalRow)
{
try
{
var pars = new SqlParameter[9];
pars[0] = new SqlParameter("@SuggestionID", SuggestionID);
pars[1] = new SqlParameter("@Mobile", Mobile);
pars[2] = new SqlParameter("@Email", Email);
pars[3] = new SqlParameter("@Status", Status);
pars[4] = new SqlParameter("@FromDate", FromDate);
pars[5] = new SqlParameter("@ToDate", ToDate);
pars[6] = new SqlParameter("@Page", Page);
pars[7] = new SqlParameter("@PageSize", PageSize);
pars[8] = new SqlParameter("@TotalRow", SqlDbType.Int)
{
Direction = ParameterDirection.Output
};
var list = new DBHelper(Config.Site1400ConnectionString).GetListSP <Suggest>("SP_Suggestion_List_CMS", pars);
TotalRow = Convert.ToInt32(pars[8].Value);
return(list);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
TotalRow = 0;
return(new List <Suggest>());
}
}
private string[] GetCookieUserInfo()
{
string[] CookieValue = new string[0];
CookieValue = "|||||".Split(new char[] { '|' });
try
{
if (System.Web.HttpContext.Current.Request.Cookies[_CookieUserInfo] != null)
{
//CookieValue = rijndaelKey.Decrypt(System.Web.HttpContext.Current.Request.Cookies[_CookieUserInfo].Value.ToString()).Split(new char[] { '|' });
return(CookieValue);
}
//else
// CookieValue = "|||||".Split(new char[] { '|' });
var current = new object();
var isLogin = HttpContext.Current.User.Identity.Name;
if (string.IsNullOrEmpty(isLogin))
{
return(CookieValue);
}
current = isLogin;
if (current == null)
{
return(CookieValue);
}
CookieValue = rijndaelKey.Decrypt(current.ToString()).Split(new char[] { '|' });
}
catch (Exception ex)
{
NLogLogger.LogInfo("_CookieUserInfo Exception null");
CookieValue = "|||||".Split(new char[] { '|' });
NLogLogger.PublishException(ex);
}
return(CookieValue);
}
public ActionResult MessageHistoryPartial(string Keyword, int CurrentPage)
{
int RecordPerPage = 5;
int Total = 0;
DateTime start = DateTime.Now;
var list = AbstractDAOFactory.Instance().CreateMessageDAO().SP_Get_MO(Keyword, CurrentPage, RecordPerPage, out Total);
DateTime end = DateTime.Now;
TimeSpan t = end - start;
int s = t.Seconds;
NLogLogger.LogInfo("thoi gian call db =" + s.ToString());
ViewBag.TotalRecord = Total;
ViewBag.currentPage = CurrentPage;
int totalPage = 1;
if (Total % RecordPerPage == 0)
{
totalPage = (int)(Total / RecordPerPage);
}
else
{
totalPage = (int)(Total / RecordPerPage + 1);
}
ViewBag.TotalPage = totalPage;
return(PartialView(list));
}
public int SP_Article_INUP_CMS(Article article)
{
try
{
var pars = new SqlParameter[16];
pars[0] = new SqlParameter("@ArticleID", article.ArticleID);
pars[1] = new SqlParameter("@Title", article.Title);
pars[2] = new SqlParameter("@MenuID", article.MenuID);
pars[3] = new SqlParameter("@Description", article.Description);
pars[4] = new SqlParameter("@Detail", article.Detail);
pars[5] = new SqlParameter("@Image", article.Image);
pars[6] = new SqlParameter("@ImageDetail", article.ImageDetail);
pars[7] = new SqlParameter("@ImageHot", article.ImageHot);
pars[8] = new SqlParameter("@MetaData", article.MetaData);
pars[9] = new SqlParameter("@BottomDesc", article.BottomDesc);
pars[10] = new SqlParameter("@Tags", article.Tags);
pars[11] = new SqlParameter("@PublishDate", article.PublishDate);
pars[12] = new SqlParameter("@isHot", article.isHot);
pars[13] = new SqlParameter("@Author", article.Author);
pars[14] = new SqlParameter("@CreateUser", article.CreateUser);
pars[15] = new SqlParameter("@ResponseStatus", DbType.Int32)
{
Direction = ParameterDirection.Output
};
new DBHelper(Config.Site1400ConnectionString).ExecuteNonQuerySP("SP_Article_INUP_CMS", pars);
return(Convert.ToInt32(pars[15].Value));
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(-99);
}
}
public List <DBMessage> SP_Get_MO(string Keyword, int CurrPage, int RecordPerPage, out int TotalRecord)
{
TotalRecord = 0;
try
{
var pars = new SqlParameter[4];
pars[0] = new SqlParameter("@Keyword", Keyword);
pars[1] = new SqlParameter("@CurrPage", CurrPage);
pars[2] = new SqlParameter("@RecordPerPage", RecordPerPage);
pars[3] = new SqlParameter("@TotalRecord", SqlDbType.Int)
{
Direction = ParameterDirection.Output
};
var list = new DBHelper(Config.Site1400MessConnectionString).GetListSP <DBMessage>("SP_Get_MO", pars);
if (list != null || list.Count >= 0)
{
TotalRecord = Convert.ToInt32(pars[3].Value);
}
return(list);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new List <DBMessage>());
}
}
public List <Menu> SP_Menu_GetList(string MenuIDs, Int16 GetChild, Int16 Status, out int TotalRow)
{
TotalRow = 0;
try
{
var pars = new SqlParameter[4];
pars[0] = new SqlParameter("@MenuIDs", MenuIDs);
pars[1] = new SqlParameter("@GetChild", GetChild);
pars[2] = new SqlParameter("@Status", Status);
pars[3] = new SqlParameter("@TotalRow", SqlDbType.Int)
{
Direction = ParameterDirection.Output
};
var list = new DBHelper(Config.Site1400ConnectionString).GetListSP <Menu>("SP_Menu_GetList", pars);
if (list != null || list.Count >= 0)
{
TotalRow = Convert.ToInt32(pars[3].Value);
}
return(list);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new List <Menu>());
}
}
/// <summary>
/// Insert Fucntion
/// </summary>
/// <param name="functions"></param>
/// <returns> >0 : thanh cong
/// -1: da ton tai
/// -99: loi he thong
/// </returns>
public int InsertUpdateFunction(Functions functions)
{
try
{
var pars = new SqlParameter[10];
pars[0] = new SqlParameter("@_FunctionID", functions.FunctionID);
pars[1] = new SqlParameter("@_FunctionName", functions.FunctionName);
pars[2] = new SqlParameter("@_Url", functions.Url);
pars[3] = new SqlParameter("@_IsDisplay", functions.IsDisplay);
pars[4] = new SqlParameter("@_IsActive", functions.IsActive);
pars[5] = new SqlParameter("@_ParentID", functions.ParentID);
pars[6] = new SqlParameter("@_Order", functions.Order);
pars[7] = new SqlParameter("@_CssIcon", functions.CssIcon);
pars[8] = new SqlParameter("@_ActionName", functions.ActionName);
pars[9] = new SqlParameter("@_ResponseCode", SqlDbType.Int)
{
Direction = ParameterDirection.Output
};
new DBHelper(Config.Site1400ConnectionString).ExecuteNonQuerySP("SP_Functions_Update", pars);
return(Convert.ToInt32(pars[9].Value));
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(-99);
}
}
public List <Article> SP_Article_GetListSameMenu_Web(int TopRow, int ArticleID, int Page, int PageSize, out int TotalRow)
{
TotalRow = 0;
try
{
var pars = new SqlParameter[5];
pars[0] = new SqlParameter("@TopRow", TopRow);
pars[1] = new SqlParameter("@ArticleID", ArticleID);
pars[2] = new SqlParameter("@Page", Page);
pars[3] = new SqlParameter("@PageSize", PageSize);
pars[4] = new SqlParameter("@TotalRow", SqlDbType.Int)
{
Direction = ParameterDirection.Output
};
var list = new DBHelper(Config.Site1400ConnectionString).GetListSP <Article>("SP_Article_GetListSameMenu_Web", pars);
if (list != null || list.Count >= 0)
{
TotalRow = Convert.ToInt32(pars[4].Value);
}
return(list);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new List <Article>());
}
}
public List <Event> SP_Event_GetDetail_CMS(int EventID, int ServiceID, int Page, int PageSize, out int TotalRow)
{
try
{
var pars = new SqlParameter[5];
pars[0] = new SqlParameter("@EventID", EventID);
pars[1] = new SqlParameter("@ServiceID", ServiceID);
pars[2] = new SqlParameter("@Page", Page);
pars[3] = new SqlParameter("@PageSize", PageSize);
pars[4] = new SqlParameter("@TotalRow", DbType.Int32)
{
Direction = ParameterDirection.Output
};
var list = new DBHelper(Config.Site1400ConnectionString).GetListSP <Event>("SP_Event_GetDetail_CMS", pars);
TotalRow = Convert.ToInt32(pars[4].Value);
return(list);
}
catch (Exception ex)
{
NLogLogger.LogInfo("Error: " + ex.ToString());
TotalRow = 0;
return(new List <Event>());
}
}
public List <ArticleImage> SP_ArticleImage_GetList(int TopRow, int ImageID, int ArticleID, int Status, int Page, int PageSize, out int TotalRow)
{
try
{
var pars = new SqlParameter[7];
pars[0] = new SqlParameter("@TopRow", TopRow);
pars[1] = new SqlParameter("@ImageID", ImageID);
pars[2] = new SqlParameter("@ArticleID", ArticleID);
pars[3] = new SqlParameter("@Status", Status);
pars[4] = new SqlParameter("@Page", Page);
pars[5] = new SqlParameter("@PageSize", PageSize);
pars[6] = new SqlParameter("@TotalRow", SqlDbType.Int)
{
Direction = ParameterDirection.Output
};
var list = new DBHelper(Config.Site1400ConnectionString).GetListSP <ArticleImage>("SP_ArticleImage_GetList", pars);
TotalRow = Convert.ToInt32(pars[6].Value);
return(list);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
TotalRow = 0;
return(new List <ArticleImage>());
}
}
public List <Program> SP_Event_GetList_Web(int EventID, string EventName, int IsSetted, int Page, int PageSize, out int TotalRow)
{
TotalRow = 0;
try
{
var pars = new SqlParameter[6];
pars[0] = new SqlParameter("@EventID", EventID);
pars[1] = new SqlParameter("@EventName", EventName);
if (IsSetted == -1)
{
pars[2] = new SqlParameter("@IsSetted", DBNull.Value);
}
else if (IsSetted == 1)
{
pars[2] = new SqlParameter("@IsSetted", true);
}
pars[3] = new SqlParameter("@Page", Page);
pars[4] = new SqlParameter("@PageSize", PageSize);
pars[5] = new SqlParameter("@TotalRow", SqlDbType.Int)
{
Direction = ParameterDirection.Output
};
var list = new DBHelper(Config.Site1400ConnectionString).GetListSP <Program>("SP_Event_GetList_Web", pars);
if (list != null || list.Count >= 0)
{
TotalRow = Convert.ToInt32(pars[5].Value);
}
return(list);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new List <Program>());
}
}
public JsonResult Login(string Username, string Password)
{
try
{
NLogLogger.LogInfo("Login-->Username:"******"Dữ liệu không được bỏ trống" }));
}
var password = Encrypt.Md5(Password.Trim());
int checkLogin = AbstractDAOFactory.Instance().CreateUsersDAO().Authentication(Username.Trim(), password);
if (checkLogin == -49)
{
return(Json(new { success = false, statusCode = -102, msg = "Tài khoản của bạn đã bị block" }));
}
else if (checkLogin == -50)
{
return(Json(new { success = false, statusCode = -102, msg = "Tài khoản của bạn chưa được cấp quyền" }));
}
else if (checkLogin == -53)
{
return(Json(new { success = false, statusCode = -102, msg = "Mật khẩu không chính xác" }));
}
else if (checkLogin > 0)
{
var m_Users = AbstractDAOFactory.Instance().CreateUsersDAO().GetByUsername(Username);
if (m_Users != null && m_Users.UserID > 0)
{
var Log = new UsersLog();
Log.ClientIP = Config.GetIP();
Log.FunctionID = 9999;
Log.UserID = m_Users.UserID;
Log.LogType = 1;
Log.FunctionName = "Đăng Nhập Hệ Thống";
Log.Description = "Tài khoản " + m_Users.Username + " Đăng nhập hệ thống";
var insertLog = AbstractDAOFactory.Instance().CreateUsersLogDAO().InsertUsersLog(Log);
if (m_Users.Status)
{
Session["LoginType"] = 1;
string SessionID = Session.SessionID;
m_UserValidation.SignIn(m_Users.UserID, m_Users.Username, m_Users.IsAdministrator, SessionID);
var UrlRedirect = Config.UrlRoot; // Session["Redirect_Uri"] == null ? Config.UrlRoot : Server.UrlDecode(Session["Redirect_Uri"].ToString());
NLogLogger.LogInfo("UrlRedirect : " + UrlRedirect);
return(Json(new { success = true, statusCode = 1, msg = "Đăng Nhập Thành Công", url = UrlRedirect }));
}
return(Json(new { success = false, statusCode = -102, msg = "Tài khoản của bạn đã bị block" }));
}
}
return(Json(new { success = false, statusCode = -1, msg = "Username hoặc Password không đúng" }));
}
catch (Exception ex)
{
NLogLogger.PublishException(ex);
return(Json(new { success = false, statusCode = -99, msg = "Hệ thống bận vui lòng quay lại sau" }));
}
}
protected void Page_Init(object sender, EventArgs e)
{
try
{
var account = new VTCeBank.SSO.Utils.Account(Request);
NLogLogger.LogInfo("account.AccountName: " + account.AccountName);
if (string.IsNullOrEmpty(account.AccountName))
{
// Response.Redirect(SSOMAIL.SsoHelper.URLLoginMail);
}
else
{
var pos = account.AccountName.IndexOf("@");
if (pos > 0)
{
account.AccountName = account.AccountName.Substring(0, pos);
}
var m_Users = AbstractDAOFactory.Instance().CreateUsersDAO().GetByUsername(account.AccountName);
if (m_Users != null && m_Users.UserID > 0)
{
var Log = new UsersLog();
Log.FunctionID = 9999;
Log.ClientIP = Config.GetIP();
Log.UserID = m_Users.UserID;
Log.LogType = 1;
Log.FunctionName = "Đăng Nhập Hệ Thống";
Log.Description = "Tài khoản " + m_Users.Username + " Đăng nhập hệ thống";
var insertLog = AbstractDAOFactory.Instance().CreateUsersLogDAO().InsertUsersLog(Log);
if (m_Users.Status)
{
//Session[SessionsManager.SESSION_USERID] = m_Users.UserID;
//Session[SessionsManager.SESSION_USERNAME] = m_Users.Username;
//Session["LoginType"] = 0;
string SessionID = Session.SessionID;
m_UserValidation.SignIn(m_Users.UserID, m_Users.Username, m_Users.IsAdministrator, SessionID);
Url = Session["Redirect_Uri"] == null ? UrlRoot : Server.UrlDecode(Session["Redirect_Uri"].ToString());
Response.Redirect(Url);
}
Response.Redirect("Common/ErrorPermission");
}
Response.Redirect("Common/ErrorPermission");
}
}
catch (Exception ex)
{
NLogLogger.PublishException(ex);
}
finally
{
Response.End();
}
}
/// <summary>
/// Lấy một Function theo FunctionID
/// </summary>
/// <param name="functionId"></param>
/// <returns></returns>
public Functions GetFunctionByActionName(string ActionName)
{
try
{
return(new DBHelper(Config.Site1400ConnectionString).GetInstanceSP <Functions>("SP_Functions_GetByActionName",
new SqlParameter("@_ActionName", ActionName)));
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new Functions());
}
}
/// <summary>
/// Kiểm tra quyền theo chức năng truy cập -> nếu có quyền ? lưu session permission : return error
/// </summary>
/// <param name="fid"></param>
/// <returns></returns>
public bool CheckPermissionUser(string Action, int UserId, bool IsAdmin = false)
{
try
{
if (string.IsNullOrEmpty(Action))
{
return(false);
}
var m_function = AbstractDAOFactory.Instance().CreateFunctionDAO().
GetFunctionByActionName(Action);
if (m_function == null || m_function.FunctionID <= 0)
{
return(false);
}
var permission = new UserFunction();
//Nếu user là admin -> full quyền
if (IsAdmin)
{
permission.FunctionID = m_function.FunctionID;
permission.FunctionName = m_function.FunctionName;
permission.ActionName = Action;
permission.UserID = UserId;
permission.IsGrant = true;
permission.IsInsert = true;
permission.IsUpdate = true;
permission.IsDelete = true;
}
else //Lấy quyền của user khi truy cập chức năng
{
permission = AbstractDAOFactory.Instance().CreateUserRoleDAO().
CheckPermission(UserId, Action);
}
if (permission == null || permission.FunctionID == 0)
{
HttpContext.Current.Session.Abandon();
return(false);
}
HttpContext.Current.Session[SessionsManager.SESSION_PERMISSION] = permission;
HttpContext.Current.Session[SessionsManager.SESSION_HISTORY] = permission.FunctionID;
return(true);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(false);
}
}
/// <summary>
/// Lấy FunctionID theo tên funtion
/// </summary>
/// <param name="functionname"></param>
/// <returns></returns>
public int GetFunctionID(string functionname)
{
try
{
var functionlist = (List <Functions>)System.Web.HttpContext.Current.Session[SessionsManager.SESSION_FUNCTIONS];
var fun = functionlist.Find(f => f.Url.ToLower().LastIndexOf("/" + functionname.ToLower()) > 0);
return(fun != null ? fun.FunctionID : 0);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(-99);
}
}
/// <summary>
/// Lấy danh sách funtion theo UserID
/// </summary>
/// <param name="userId"></param>
/// <returns></returns>
public List <Functions> GetListFunctionByUserID(int userId, int grant)
{
try
{
var pars = new SqlParameter[2];
pars[0] = new SqlParameter("@_UserID", userId);
pars[1] = new SqlParameter("@_GetGrant", grant < 0 ? DBNull.Value : (object)grant);
return(new DBHelper(Config.Site1400ConnectionString).GetListSP <Functions>("SP_Function_GetByUserID", pars));
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new List <Functions>());
}
}
/// <summary>
/// Lấy danh sách ErrorLog từ ngày x đến ngày y
/// </summary>
/// <param name="fromDate"></param>
/// <param name="toDate"></param>
/// <param name="pagenumber"></param>
/// <param name="pagesize"></param>
/// <returns></returns>
public List <ErrorLog> GetErrorLog(string fromDate, string toDate)
{
try
{
var pars = new SqlParameter[2];
pars[0] = new SqlParameter("@FromDate", fromDate);
pars[1] = new SqlParameter("@ToDate", toDate);
return(new DBHelper(Config.Site1400ConnectionString).GetListSP <ErrorLog>("SP_ErrorLog_GetPage", pars));
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new List <ErrorLog>());
}
}
public ActionResult Detail(int id)
{
try
{
int result = AbstractDAOFactory.Instance().CreateArticleDAO().SP_Article_AddView_Web(id);//Tăng view
int Total = 0;
var lst = AbstractDAOFactory.Instance().CreateArticleDAO().SP_Article_GetList_Web(1, id, "", 0, "", "", -1, 1, 1, out Total);
//truong hop la album anh
if (lst[0].MenuID == 10)
{
int TotalImg = 0;
var listimg = AbstractDAOFactory.Instance().CreateCmsDAO().SP_ArticleImage_GetList(1000, 0, id, 1, 1, 1000, out TotalImg);
ViewBag.listimg = listimg;
}
//end
ViewBag.Id = id;
ViewBag.Title = "";
ViewBag.Image = "";
ViewBag.Summary = "";
ViewBag.Keyword = "";
if (lst != null && lst.Count > 0)
{
ViewBag.Title = lst[0].Title;
ViewBag.Image = lst[0].Image ?? "";
ViewBag.Summary = lst[0].Description;
ViewBag.Keyword = lst[0].Description;
if (!String.IsNullOrEmpty(lst[0].Detail))
{
lst[0].Detail = lst[0].Detail.Replace("<img ", "<img class=\"img-responsive\"");
}
return(View(lst[0]));
}
else
{
return(RedirectToAction("Index", "Home"));
}
}
catch (Exception ex)
{
NLogLogger.LogInfo("ERROR in Article/Detail = " + ex.ToString());
return(RedirectToAction("Index", "Home"));
}
}
public Menu SP_Menu_GetDetail(int MenuID)
{
try
{
var pars = new SqlParameter[1];
pars[0] = new SqlParameter("@MenuID", MenuID);
var list = new DBHelper(Config.Site1400ConnectionString).GetInstanceSP <Menu>("SP_Menu_GetDetail", pars);
return(list);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new Menu());
}
}
public int UpdateOrder(int FunctionID, int ParentID, int Order)
{
try
{
var pars = new SqlParameter[3];
pars[0] = new SqlParameter("@_FunctionID", FunctionID);
pars[1] = new SqlParameter("@_ParentID", ParentID);
pars[2] = new SqlParameter("@_Order", Order);
new DBHelper(Config.Site1400ConnectionString).ExecuteNonQuerySP("SP_Functions_UpdateOrder", pars);
return(Convert.ToInt32(pars[9].Value));
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(-99);
}
}
public List <Functions> GetListFunctionsByFather(int FatherID)
{
try
{
var list = new DBHelper(Config.Site1400ConnectionString).GetListSP <Functions>("SP_Functions_GetParent",
new SqlParameter("@_ParentID", FatherID));
if (list == null || list.Count <= 0)
{
return(new List <Functions>());
}
return(list);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new List <Functions>());
}
}
public List <Functions> SelectAllFunctionID(int fatherID, string name, int isactive, int isdisplay)
{
try
{
var pars = new SqlParameter[4];
pars[0] = new SqlParameter("@_ParentID", fatherID);
pars[1] = new SqlParameter("@_FunctionName", name);
pars[2] = new SqlParameter("@_IsActive", isactive);
pars[3] = new SqlParameter("@_IsDisplay", isdisplay);
var result = new DBHelper(Config.Site1400ConnectionString).GetListSP <Functions>("SP_Functions_SelectByCondition", pars);
return(result);
}
catch (Exception ex)
{
NLogLogger.LogInfo(ex.ToString());
return(new List <Functions>());
}
}
