/// <summary>
/// �����û���Ϣ���û���Ȩ����Ϣ
/// </summary>
/// <param name="userInfo"></param>
/// <param name="_strRoleCodes"></param>
/// <param name="_isRoleUpdate">True���£�false������Ȩ��</param>
/// <returns></returns>
public static bool UpdateUserInfo(TbUserInfoInfo userInfo, string _strRoleCodes, bool _isRoleUpdate)
{
string strLogName = HttpContext.Current.Server.HtmlEncode(userInfo.User_logname);
string strPwd = HttpContext.Current.Server.HtmlEncode(userInfo.PSD);
string strName = HttpContext.Current.Server.HtmlEncode(userInfo.Use_Name);
string strEmail = HttpContext.Current.Server.HtmlEncode(userInfo.User_Email);
string strNumber = HttpContext.Current.Server.HtmlEncode(userInfo.User_Number);
string strTel = HttpContext.Current.Server.HtmlEncode(userInfo.User_Tel);
SqlParameter[] parms;
using (SqlConnection conn = SqlDbAccess.GetSqlConnection())
{
conn.Open();//�������ݿ����Ӳ���
using (SqlTransaction trans = conn.BeginTransaction())//ʹ������
{
try
{
//�ж��Ƿ�Ҫ����Ȩ����
if (true == _isRoleUpdate)
{
//2.ɾ����ǰ���е�Ȩ������
string sqlDelRoleRight = "Delete TbUserRole Where User_logname=@UserName";
parms = new SqlParameter[1]{
new System.Data.SqlClient.SqlParameter("@UserName", SqlDbType.NVarChar, 20)};
parms[0].Value = strLogName;
SqlDbAccess.ExecNoQuery(trans, CommandType.Text, sqlDelRoleRight, parms);
//3.����������µ�Ȩ������ ����û���ɫ��ϵ
string sqlAddRole = "Insert Into TbUserRole values(@User_logname,@RoleCode)";
string[] roles = _strRoleCodes.Split(";".ToCharArray()[0]);
foreach (string r in roles)
{
parms = new SqlParameter[2]{
new System.Data.SqlClient.SqlParameter("@User_logname", SqlDbType.NVarChar, 10),
new System.Data.SqlClient.SqlParameter("@RoleCode", SqlDbType.NVarChar, 4)};
parms[0].Value = strLogName;
parms[1].Value = r.Trim();
SqlDbAccess.ExecNoQuery(trans, CommandType.Text, sqlAddRole, parms);
}
}
string updateManager;
if (string.IsNullOrEmpty(strPwd))//��ûд���룬��������
{
updateManager = "update TbUserInfo SET User_Email=@User_Email,Use_Name=@Use_Name,User_Number=@User_Number,User_Tel=@User_Tel where User_logname=@User_logname ";
parms = new SqlParameter[5]{
new SqlParameter("@User_logname",strLogName),
new SqlParameter("@User_Tel",strTel),
new SqlParameter("@User_Email",strEmail),
new SqlParameter("@Use_Name",strName),
new SqlParameter("@User_Number",strNumber)
};
}
else//�������룬�����
{
updateManager = "update TbUserInfo SET PSD=@PSD , User_Email=@User_Email,Use_Name=@Use_Name,User_Number=@User_Number,User_Tel=@User_Tel where User_logname=@User_logname ";
parms = new SqlParameter[6]{
new SqlParameter("@User_logname",strLogName),
new SqlParameter("@User_Tel",strTel),
new SqlParameter("@User_Email",strEmail),
new SqlParameter("@Use_Name",strName),
new SqlParameter("@User_Number",strNumber),
new SqlParameter("@PSD",strPwd)
};
}
//�����û���Ϣ
SqlDbAccess.ExecNoQuery(trans, CommandType.Text, updateManager, parms);
trans.Commit();
}
catch (Exception ex)
{
trans.Rollback();
throw new Exception("�������ݿ�ʧ��,�����Ѿ��ع�", ex);
}
};
};
return true;
}
/// <summary>
/// ע���û�������add by lidonglei/2010/04/15��
/// </summary>
/// <param name="userInfo"></param>
/// <param name="strRoleCodes">��ɫ����</param>
/// <returns></returns>
public static bool RegisterUser(TbUserInfoInfo userInfo, string strRoleCodes)
{
string strLogName = HttpContext.Current.Server.HtmlEncode(userInfo.User_logname);
string strPwd = HttpContext.Current.Server.HtmlEncode(userInfo.PSD);
string strName = HttpContext.Current.Server.HtmlEncode(userInfo.Use_Name);
string strEmail = HttpContext.Current.Server.HtmlEncode(userInfo.User_Email);
string strNumber = HttpContext.Current.Server.HtmlEncode(userInfo.User_Number);
string strTel = HttpContext.Current.Server.HtmlEncode(userInfo.User_Tel);
SqlParameter[] parms;
string[] roles = strRoleCodes.Split(";".ToCharArray()[0]);
using (SqlConnection conn = SqlDbAccess.GetSqlConnection())
{
conn.Open();//������
//ʹ������֤һ����
using (SqlTransaction trans = conn.BeginTransaction())
{
try
{
////���ݽ�ɫ��������RoleCode
//string sqlSelectRoleCode = "select RoleCode from TbRole where RoleName = @RoleName";
//parms = new SqlParameter[1]{
// new SqlParameter("@RoleName",strRoleName)};
//string strRoleCode = SqlDbAccess.ExecuteScalar(CommandType.Text, sqlSelectRoleCode, parms).ToString();
//����û���ɫ��ϵ
string sqlAddRole = "Insert Into TbUserRole values(@User_logname,@RoleCode)";
foreach (string r in roles)
{
parms = new SqlParameter[2]{
new System.Data.SqlClient.SqlParameter("@User_logname", SqlDbType.NVarChar, 10),
new System.Data.SqlClient.SqlParameter("@RoleCode", SqlDbType.NVarChar, 4)};
parms[0].Value = strLogName;
parms[1].Value = r.Trim();
SqlDbAccess.ExecNoQuery(trans, CommandType.Text, sqlAddRole, parms);
}
//����û�
//����û�sql���
string addManager = "Insert Into TbUserInfo(User_logname,PSD,Use_Name,User_Number,User_Email,User_Tel) "
+ "VALUES (@User_logname,@PSD,@Use_Name,@User_Number,@User_Email,@User_Tel)";
parms = new SqlParameter[6]{
new SqlParameter("@User_logname",strLogName),
new SqlParameter("@PSD",strPwd),
new SqlParameter("@Use_Name",strName),
new SqlParameter("@User_Number",strNumber),
new SqlParameter("@User_Email",strEmail),
new SqlParameter("@User_Tel",strTel)
};
SqlDbAccess.ExecNoQuery(trans, CommandType.Text, addManager, parms);
trans.Commit();
}
catch (Exception ex)
{
trans.Rollback();
throw new Exception("�������ݿ�ʧ��,�����Ѿ��ع�", ex);
}
};
};
return true;
}
/// <summary>
/// �����û���Ϣ
/// </summary>
/// <param name="userInfo"></param>
/// <returns></returns>
public static bool UpdateUserInfo(TbUserInfoInfo userInfo)
{
string strLogName = HttpContext.Current.Server.HtmlEncode(userInfo.User_logname);
string strPwd = HttpContext.Current.Server.HtmlEncode(userInfo.PSD);
string strName = HttpContext.Current.Server.HtmlEncode(userInfo.Use_Name);
string strEmail = HttpContext.Current.Server.HtmlEncode(userInfo.User_Email);
string strNumber = HttpContext.Current.Server.HtmlEncode(userInfo.User_Number);
string strTel = HttpContext.Current.Server.HtmlEncode(userInfo.User_Tel);
string strPro = HttpContext.Current.Server.HtmlEncode(userInfo.Province);
string strCity = HttpContext.Current.Server.HtmlEncode(userInfo.City);
string strCounty = HttpContext.Current.Server.HtmlEncode(userInfo.County);
string strQQ = HttpContext.Current.Server.HtmlEncode(userInfo.QQ);
string strCompany = HttpContext.Current.Server.HtmlEncode(userInfo.Company);
string strSex = HttpContext.Current.Server.HtmlEncode(userInfo.Sex);
string strPost = HttpContext.Current.Server.HtmlEncode(userInfo.Post);
string strBussiness = HttpContext.Current.Server.HtmlEncode(userInfo.Bussiness);
string strMoney = HttpContext.Current.Server.HtmlEncode(userInfo.Money.ToString());
using (SqlConnection conn = SqlDbAccess.GetSqlConnection())
{
conn.Open();//�������ݿ����Ӳ���
using (SqlTransaction trans = conn.BeginTransaction())//ʹ������
{
try
{
SqlParameter[] parms;
string updateManager;
if (string.IsNullOrEmpty(strPwd))//��ûд���룬��������
{
updateManager = " update TbUserInfo SET User_Email=@User_Email,Use_Name=@Use_Name,User_Number=@User_Number,User_Tel=@User_Tel, "
+ " Province=@Province,City=@User_City,County=@User_County,User_QQ=@User_QQ,User_Post=@User_Post,"
+ " Sex=@User_Sex,Company=@User_Company,Bussiness=@User_Bussiness,Money=@Money "
+ " where User_logname=@User_logname ";
parms = new SqlParameter[] {
new SqlParameter("@User_logname",strLogName),
new SqlParameter("@User_Tel",strTel),
new SqlParameter("@User_Email",strEmail),
new SqlParameter("@Use_Name",strName),
new SqlParameter("@User_Number",strNumber),
new SqlParameter("@Province",strPro),
new SqlParameter("@User_City",strCity),
new SqlParameter("@User_County",strCounty),
new SqlParameter("@User_QQ",strQQ),
new SqlParameter("@User_Post",strPost),
new SqlParameter("@User_Sex",strSex),
new SqlParameter("@User_Company",strCompany),
new SqlParameter("@User_Bussiness",strBussiness),
new SqlParameter("@Money",strMoney)
};
}
else//�������룬�����
{
updateManager = "update TbUserInfo SET PSD=@PSD , User_Email=@User_Email,Use_Name=@Use_Name,User_Number=@User_Number,User_Tel=@User_Tel, "
+ " Province=@Province,City=@User_City,County=@User_County,User_QQ=@User_QQ,User_Post=@User_Post,"
+ " Sex=@User_Sex,Company=@User_Company,Bussiness=@User_Bussiness,Money=@Money "
+ " where User_logname=@User_logname ";
parms = new SqlParameter[] {
new SqlParameter("@User_logname",strLogName),
new SqlParameter("@User_Tel",strTel),
new SqlParameter("@User_Email",strEmail),
new SqlParameter("@Use_Name",strName),
new SqlParameter("@User_Number",strNumber),
new SqlParameter("@PSD",strPwd),
new SqlParameter("@Province",strPro),
new SqlParameter("@User_City",strCity),
new SqlParameter("@User_County",strCounty),
new SqlParameter("@User_QQ",strQQ),
new SqlParameter("@User_Post",strPost),
new SqlParameter("@User_Sex",strSex),
new SqlParameter("@User_Company",strCompany),
new SqlParameter("@User_Bussiness",strBussiness),
new SqlParameter("@Money",strMoney)
};
}
//�����û���Ϣ
SqlDbAccess.ExecNoQuery(trans, CommandType.Text, updateManager, parms);
trans.Commit();
}
catch (Exception ex)
{
trans.Rollback();
throw new Exception("�������ݿ�ʧ��,�����Ѿ��ع�", ex);
}
};
};
return true;
}
/// <summary>
/// ���ݵ�¼������û���Ϣ
/// </summary>
/// <param name="strLogName"></param>
/// <returns></returns>
public static TbUserInfoInfo GetUserInfoByLogName(string strLogName)
{
strLogName = HttpContext.Current.Server.HtmlEncode(strLogName);
//ƴsql���
string strSql = "select * from TbUserInfo where User_logname = @UserName";
//����
SqlParameter parms = new SqlParameter("@UserName", strLogName);
//ִ�в�������ݱ�
DataTable dt = SqlDbAccess.GetDataTable(CommandType.Text, strSql, parms);
//��������䵽ʵ����
TbUserInfoInfo userInfo = new TbUserInfoInfo();
if (dt.Rows != null && dt.Rows.Count > 0)
{
int nID;
bool bRes = int.TryParse(dt.Rows[0]["ID"].ToString(), out nID);
if (bRes)
{
userInfo.ID = nID;
userInfo.User_logname = dt.Rows[0]["User_logname"].ToString();
userInfo.PSD = dt.Rows[0]["PSD"].ToString();
userInfo.Use_Name = dt.Rows[0]["Use_Name"].ToString();
userInfo.User_Number = dt.Rows[0]["User_Number"].ToString();
userInfo.User_Email = dt.Rows[0]["User_Email"].ToString();
userInfo.User_Tel = dt.Rows[0]["User_Tel"].ToString();
}
}
return userInfo;
}