// GET: UserMaster public ActionResult ShowUsers() { UserViewModel userViewModel = new UserViewModel(); userViewModel.Users = new List <User>(); ClsDB db = new ClsDB(); try { _SbQry = new StringBuilder("Select * From UserMaster"); db.Connect(); DataTable dt = db.GetDataTable(_SbQry.ToString()); foreach (DataRow row in dt.Rows) { userViewModel.Users.Add(new User { Id = row["UserId"].ToString(), Name = row["Name"].ToString() }); } return(View(userViewModel)); } catch (Exception ex) { ModelState.AddModelError("ErrorMessage", ex.Message); ViewBag.ErrorMessage = ex.Message; return(View(userViewModel.Users)); } finally { db.DisConnect(); db = null; } }
public void update(string ID, string update_user_id) { if (ID == "") { return; } string err = check_error(); if (err != "") { throw new Exception(err); } string disable = (this.disabled == "") ? "" : "disabled = " + ClsDB.sqlEncode(this.disabled); this._strQuery = "UPDATE [User] SET " + "First_Name = " + ClsDB.sqlEncode(this.first_name) + ", " + "Last_Name = " + ClsDB.sqlEncode(this.last_name) + ", " + "Email = " + ClsDB.sqlEncode(this.email) + ", " + "Note = " + ClsDB.sqlEncode(this.note) + ", " + "gid = " + ClsDB.sqlEncode(this.gid) + ", " + "last_update_user_id = " + ClsDB.sqlEncode(update_user_id) + ", " + "last_update_datetime = " + ClsDB.sqlEncode(DateTime.Now.ToString()) + ", " + disable + " WHERE ID = " + ClsDB.sqlEncode(ID); ; new ClsDB().ExecuteNonQuery(this._strQuery); }
public JsonResult EditUser(string Id) { ClsDB db = new ClsDB(); User user = new User(); try { _SbQry = new StringBuilder("Select * From UserMaster Where UserId='" + Id + "'"); db.Connect(); DataTable dt = db.GetDataTable(_SbQry.ToString()); foreach (DataRow row in dt.Rows) { user.Id = row["UserId"].ToString(); user.Name = row["Name"].ToString(); } user.Response = "Y"; } catch (Exception ex) { ModelState.AddModelError("ErrorMessage", ex.Message); ViewBag.ErrorMessage = ex.Message; user.Response = "N"; user.ErrorMessage = "Error : " + ex.Message; } finally { db.DisConnect(); db = null; } return(Json(user, JsonRequestBehavior.AllowGet)); }
protected void Page_Load(object sender, EventArgs e) { if (this.IsPostBack) { this.form1.Text = ""; try { this.client.retrieveRequest(this.IsPostBack, Request); this.client.insert(Session["userid"].ToString()); this.msg.Text = "<font color='green'>The new client has been added.</font> <br/><br/><a href='client_new.aspx'>Add Another New Client</a>"; if (ClsDB.DEBUG()) { this.msg.Text += "<br/>" + this.client.strQuery(); } } catch (Exception ex) { this.msg.Text = "<p><font color='red'>" + ex.Message + "</font></p>"; this.form1.Text = ShowNewForm(); } } else { this.msg.Text = ""; this.client.Case_Id = this.getNextCaseId().ToString(); this.form1.Text = ShowNewForm(); } }
// Note this is complicated by password, so needs special handling. void insert() { string s = this.check_error(); if (s != "") { throw new Exception(s); } string strQuery = @"INSERT INTO [User] (first_name, last_name, email, login, passwd, note, gid, disabled, [create_user_id], [create_datetime]) VALUES (" + ClsDB.sqlEncode(this.user.first_name) + ", " + ClsDB.sqlEncode(this.user.last_name) + ", " + ClsDB.sqlEncode(this.user.email) + ", " + ClsDB.sqlEncode(this.user.login) + ", " + "HASHBYTES('MD5', " + ClsDB.sqlEncode(Request["txtPwd"]) + "), " + ClsDB.sqlEncode(this.user.note) + ", " + ClsDB.sqlEncode(this.user.gid) + ", " + ClsDB.sqlEncode(this.user.disabled) + ", " + ClsDB.sqlEncode(Session["userid"].ToString()) + ", " + ClsDB.sqlEncode(DateTime.Now.ToString()) + ")"; if (ClsDB.DEBUG()) { Response.Write(strQuery); } new ClsDB().ExecuteNonQuery(strQuery); }
public void cydaPortalAnalysis(PageContentEntity entity) { try { string pContent = entity.PContent; Utilities util = new Utilities(); SqlBuild sqlBuild = new SqlBuild(); SqlPara sqlPara = new SqlPara(); ClsDB clsDB = new ClsDB(); RegFunc rf = new RegFunc(); ArrayList arrayList = rf.GetStrArr(pContent, "\"boatid\":", ","); for (int i = 0; i < arrayList.Count; i++) { string nexurl = "http://t.cjcyw.com:8081/Boat/getBoatById.aspx?userid=" + getuser().token + "&id=" + arrayList[i].ToString() + ""; clsPageUrl.AddPageUrl(entity.ProgramName, entity.KeyWord, entity.PID, "cydaDetail", entity.SiteUrl, entity.Url, nexurl, "GET", "", entity.EnCode, arrayList[i].ToString(), entity.CookieContent, entity.AContent, entity.TrySpiderTimes, entity.Depth + 1); } } catch (Exception ex) { ClsLog clsLog = new ClsLog(); clsLog.AddLog(DateTime.Now.ToString(), "分析数据失败" + ex.ToString()); clsLog.AddLog(DateTime.Now.ToString(), entity.SType + ";" + entity.Url + ";"); UrlContorl urlContorl = new UrlContorl(); } }
public void cyPortalAnalysis(PageContentEntity entity) { try { string pContent = entity.PContent; Utilities util = new Utilities(); SqlBuild sqlBuild = new SqlBuild(); SqlPara sqlPara = new SqlPara(); ClsDB clsDB = new ClsDB(); RegFunc rf = new RegFunc(); ArrayList arrayList = rf.GetStrArr(pContent, "\"aid\":", ","); for (int i = 0; i < 1; i++) { string nexurl = "http://t.cjcyw.com:8081/ship/detail"; clsPageUrl.AddPageUrl(entity.ProgramName, entity.KeyWord, entity.PID, "cyDetail", entity.SiteUrl, entity.Url, nexurl, "POST", "aid=" + arrayList[i].ToString(), entity.EnCode, "aid=" + arrayList[i].ToString(), getuser().cookieContainer, entity.AContent, entity.TrySpiderTimes, entity.Depth + 1); } } catch (Exception ex) { ClsLog clsLog = new ClsLog(); clsLog.AddLog(DateTime.Now.ToString(), "分析数据失败" + ex.ToString()); clsLog.AddLog(DateTime.Now.ToString(), entity.SType + ";" + entity.Url + ";"); } }
public ActionResult EditUser(string Id) { ClsDB db = new ClsDB(); User user = new User(); try { _SbQry = new StringBuilder("Select * From UserMaster Where UserId='" + Id + "'"); db.Connect(); DataTable dt = db.GetDataTable(_SbQry.ToString()); foreach (DataRow row in dt.Rows) { user.Id = row["UserId"].ToString(); user.Name = row["Name"].ToString(); } return(PartialView(user)); } catch (Exception ex) { ModelState.AddModelError("ErrorMessage", ex.Message); user.ErrorMessage = ex.Message; return(PartialView(user)); } finally { db.DisConnect(); db = null; } }
public string download_pdf_all() { string strQuery = @"select * from [V_Client]"; DataSet ds = new ClsDB().ExecuteDataSet(strQuery); if (ds.Tables.Count == 0 || ds.Tables[0].Rows.Count == 0) { return("<font color='red'>Case not found.</font>"); } string Case_ID = ds.Tables[0].Rows[0]["Case_Id"].ToString(); String Client_Type = ds.Tables[0].Rows[0]["Client_Type"].ToString(); //Response.Write("Client_Type: " + ds1.Tables[0].Rows[0]["Client_Type"]); //return; ReportDocument myReportDocument = new ReportDocument(); string report_source = "../client/CrystalReport_all.rpt"; myReportDocument.Load(HttpContext.Current.Server.MapPath(report_source)); myReportDocument.SetDataSource(ds.Tables[0]); myReportDocument.ExportToHttpResponse (CrystalDecisions.Shared.ExportFormatType.PortableDocFormat, HttpContext.Current.Response, true, "Case_All"); //myReportDocument.ExportToHttpResponse // (CrystalDecisions.Shared.ExportFormatType.ExcelRecord, Response, true, "Client_Details_" + Case_ID); //myReportDocument.ExportToHttpResponse // (CrystalDecisions.Shared.ExportFormatType.WordForWindows, Response, true, "Client_Details_" + Case_ID); myReportDocument.Close(); myReportDocument.Dispose(); return(""); }
void ShowClientList() { string strQuery = @"SELECT C.ID, C.Case_Id, C.Client_Type, T.name As Client_Type_Name, C.First_Name, C.Last_Name, A.name AS Attorney, P.name AS Paralegal, C.Date_Of_Injury FROM Client C LEFT OUTER JOIN ClientType T ON C.Client_Type = T.ID LEFT OUTER JOIN Attorney A ON C.Attorney = A.ID LEFT OUTER JOIN Paralegal P ON C.Paralegal = P.ID WHERE C.disabled = 0"; string initial = ClsUtil.getStrVal(Request["ini"]); strQuery += " AND Last_Name like '" + initial + "%'"; strQuery += " ORDER BY C.ID ASC"; string s = ""; DataSet ds = new ClsDB().ExecuteDataSet(strQuery); if (ds.Tables.Count > 0) { DataTable dt = ds.Tables[0]; if (dt.Rows.Count > 0) { for (int i = 0; i < dt.Rows.Count; ++i) { string color = ((i % 2 == 0) ? " bgcolor='#ffffff'" : ""); s += addRow(dt.Rows[i], color); } } s = "<table class='T2'>" + this.addHdr() + s + "</table>"; } ClientList.Text = s; }
public List <string> GetClientCaseIdList(string UserName, string Password) { List <string> list = new List <string>(); try { if (!UserAuth(UserName, Password)) { throw new Exception("Unauthorized user"); } string query = "SELECT Case_Id FROM Client WHERE disabled = '0'"; DataTable dt = new ClsDB().ExecuteDataTable(query); for (int i = 0; i < dt.Rows.Count; ++i) { list.Add(dt.Rows[i][0].ToString()); } } catch (Exception ex) { list.Clear(); list.Add(ex.Message); } return(list); }
public bool UserAuth(string UserName, string Password) { bool ok = false; try { string strConn = new ClsDB().strConn(); using (SqlConnection conn = new SqlConnection(strConn)) { string strQuery = "SELECT COUNT(ID) FROM [User] WHERE login = @login AND passwd=HASHBYTES('MD5', @pwd) AND disabled = '0'"; SqlCommand comm = new SqlCommand(strQuery, conn); comm.Parameters.Add("@login", SqlDbType.VarChar, 50).Value = UserName; comm.Parameters.Add("@pwd", SqlDbType.VarChar, 50).Value = Password; conn.Open(); using (SqlDataReader sdr = comm.ExecuteReader()) { if (sdr.Read()) { int ct = sdr.GetInt32(0); ok = (ct == 1); } } } } catch (Exception ex) { } return(ok); }
public UserService_Client GetClient(string UserName, string Password, string CaseId) { if (!UserAuth(UserName, Password)) { return(null); } try { string query = "SELECT * FROM Client WHERE disabled = '0' AND Case_Id = " + ClsDB.sqlEncode(CaseId); DataTable dt = new ClsDB().ExecuteDataTable(query); if (dt.Rows.Count == 1) { DataRow r = dt.Rows[0]; UserService_Client c = new UserService_Client(); c.Case_Id = ClsUtil.getStrVal(r["Case_Id"]); c.Client_Type = ClsClient.getClientType(ClsUtil.getStrVal((r["Client_Type"]))); c.First_Name = ClsUtil.getStrVal(r["First_Name"]); c.Last_Name = ClsUtil.getStrVal(r["Last_Name"]); return(c); } } catch (Exception ex) { } return(null); }
public List <UserService_Client> GetClientList(string UserName, string Password) { if (!UserAuth(UserName, Password)) { return(null); } List <UserService_Client> list = new List <UserService_Client>(); try { string query = "SELECT * FROM Client WHERE disabled = '0'"; DataTable dt = new ClsDB().ExecuteDataTable(query); for (int i = 0; i < dt.Rows.Count; ++i) { UserService_Client c = new UserService_Client(); c.Case_Id = ClsUtil.getStrVal(dt.Rows[i]["Case_Id"]); c.Client_Type = ClsClient.getClientType(ClsUtil.getStrVal((dt.Rows[i]["Client_Type"]))); c.First_Name = ClsUtil.getStrVal(dt.Rows[i]["First_Name"]); c.Last_Name = ClsUtil.getStrVal(dt.Rows[i]["Last_Name"]); list.Add(c); } } catch (Exception ex) { list.Clear(); } return(list); }
public JsonResult DeleteUser(string Id) { ClsDB db = new ClsDB(); User user = new User(); try { _SbQry = new StringBuilder("Delete From UserMaster Where UserId='" + Id + "'"); db.Connect(); int Count = db.ExecuteNonQuery(_SbQry.ToString()); if (Count > 0) { user.Response = "Y"; } else { user.Response = "N"; user.ErrorMessage = "User could not be deleted"; } } catch (Exception ex) { ModelState.AddModelError("ErrorMessage", ex.Message); ViewBag.ErrorMessage = ex.Message; user.Response = "N"; user.ErrorMessage = "Error : " + ex.Message; } finally { db.DisConnect(); db = null; } return(Json(user, JsonRequestBehavior.AllowGet)); }
void ShowList() { string strQuery = @"SELECT U.ID, U.First_Name, U.Last_Name, U.email, U.login, U.passwd, U.note, U.gid, G.name As UserType, U.disabled FROM [User] U LEFT OUTER JOIN UserGroup G ON U.gid = G.ID ORDER BY U.ID ASC"; string s = ""; DataSet ds = new ClsDB().ExecuteDataSet(strQuery); if (ds.Tables.Count > 0) { DataTable dt = ds.Tables[0]; if (dt.Rows.Count > 0) { for (int i = 0; i < dt.Rows.Count; ++i) { string color = ((i % 2 == 0) ? " bgcolor='#ffffff'" : ""); s += addRow(dt.Rows[i], color); } } s = "<table class='T1'>" + this.addHdr() + s + "</table>"; } ClientList.Text = s; /* * Get same result as above code. * * ClsUtil u = ClsUtil.Instance(); * string ret = ""; * string strConn = u.strConn(); * SqlConnection conn = new SqlConnection(strConn); * SqlCommand comm = new SqlCommand(strQuery, conn); * SqlDataReader sdr = null; * * try * { * conn.Open(); * sdr = comm.ExecuteReader(); * * int ct = 0; * while (sdr.Read()) { ++ct; * string color = ((ct % 2 == 0) ? " bgcolor='#eeeeee'" : ""); * ret += addRow(sdr, color); * } * ret = "<table border='1' cellpadding='2' cellspacing='2'>" + this.addHdr() + ret + "</table>"; * } * catch (Exception ex) { * throw new Exception(ex.Message); * } * finally { * if (sdr != null) sdr.Close(); * conn.Close(); * } * * ClientList.Text = ret; */ }
private void retrieveDB(string ID) { string sql = "SELECT passwd FROM [User] WHERE ID = " + ClsDB.sqlEncode(ID); //Response.Write(sql); byte[] b = new ClsDB().ExecuteVarbinary(sql); this.db_old_pwd_hash = BitConverter.ToString(b).Replace("-", string.Empty); //System.Text.Encoding.ASCII.GetString( b ); }
public JsonResult AddNewUser(User user) { ClsDB db = new ClsDB(); try { if (ModelState.IsValid) { _SbQry = new StringBuilder("Insert Into UserMaster(UserId,Name) Values('" + user.Id + "','" + user.Name + "')"); db.Connect(); int Count = db.ExecuteNonQuery(_SbQry.ToString()); if (Count > 0) { user.Response = "Y"; } else { user.Response = "N"; user.ErrorMessage = "User could not be added"; } } else { foreach (var Key in ModelState.Keys) { if (ModelState[Key].Errors.Count > 0) { user.Response = "N"; user.ErrorMessage = ModelState[Key].Errors[0].ErrorMessage; return(Json(user, JsonRequestBehavior.AllowGet)); } } } } catch (Exception ex) { ModelState.AddModelError("ErrorMessage", ex.Message); ViewBag.ErrorMessage = ex.Message; user.Response = "N"; user.ErrorMessage = "Error : " + ex.Message; } finally { db.DisConnect(); db = null; } return(Json(user, JsonRequestBehavior.AllowGet)); }
public void HousePortalAnalysis(PageContentEntity entity) { try { string pContent = entity.PContent; ClsPageUrl clsPageUrl = new ClsPageUrl(); Utilities util = new Utilities(); SqlBuild sqlBuild = new SqlBuild(); SqlPara sqlPara = new SqlPara(); ClsDB clsDB = new ClsDB(); RegFunc rf = new RegFunc(); ArrayList arrayList = rf.GetStrArr(pContent, "\"id\":", ","); for (int k = 0; k < arrayList.Count; k++) { } string KeyWord = entity.KeyWord; decimal num; DateTime dt; string postDataStr = ""; pContent = rf.GetStr(pContent, "/共有", "页"); if (pContent != "") { for (int i = 1; i <= Convert.ToInt32(pContent); i++) //for (int i = 1; i <= 1; i++) { // clsPageUrl.AddPageUrl(entity.ProgramName, entity.KeyWord, entity.PID, "Batch", entity.SiteUrl, entity.Url, "http://218.14.207.76/xxgs/xmlpzs/webissue.asp?page=" + i, //"GET", "", entity.EnCode, i.ToString(), entity.CookieContent, entity.AContent, entity.TrySpiderTimes, entity.Depth + 1); } } else { throw new Exception("分析数据失败:页面没有数据"); } } catch (Exception ex) { ClsLog clsLog = new ClsLog(); clsLog.AddLog(DateTime.Now.ToString(), "分析数据失败" + ex.ToString()); clsLog.AddLog(DateTime.Now.ToString(), entity.SType + ";" + entity.Url + ";"); UrlContorl urlContorl = new UrlContorl(); urlContorl.SaveUrl(entity, ex.ToString()); } }
void update(string ID) { if (ID == "") { return; } string strQuery = "UPDATE [User] SET passwd = HASHBYTES('MD5', " + ClsDB.sqlEncode(this.new_pwd) + ") WHERE ID = " + ID; if (ClsDB.DEBUG()) { Response.Write(strQuery); } new ClsDB().ExecuteNonQuery(strQuery); }
private void button3_Click(object sender, EventArgs e) { ClsDB db = new ClsDB(); try { db.Connect(); db.GetDataTable_Proc("Prc_User"); MessageBox.Show("Saved"); } catch (Exception ex) { MessageBox.Show(ex.Message); Log.Error(ex, "Error Occured"); } finally { db.DisConnect(); db = null; } }
public void retrieveDB(string ID) { this.clear(); try { string strConn = new ClsDB().strConn(); using (SqlConnection conn = new SqlConnection(strConn)) { this._strQuery = "SELECT * FROM Client WHERE ID = " + ClsDB.sqlEncode(ID); SqlCommand comm = new SqlCommand(this._strQuery, conn); conn.Open(); using (SqlDataReader sdr = comm.ExecuteReader()) { if (sdr.Read()) { this.Case_Id = ClsUtil.getStrVal(sdr["Case_Id"]); this.Client_Type = ClsUtil.getStrVal(sdr["Client_Type"]); this.First_Name = ClsUtil.getStrVal(sdr["First_Name"]); this.Last_Name = ClsUtil.getStrVal(sdr["Last_Name"]); this.Attorney = ClsUtil.getStrVal(sdr["Attorney"]); this.Paralegal = ClsUtil.getStrVal(sdr["Paralegal"]); this.Date_Of_Injury = ClsUtil.formatDate(sdr["Date_Of_Injury"].ToString()); this.Statute_Of_Limitation = ClsUtil.getStrVal(sdr["Statute_Of_Limitation"]); this.Phone_Number = ClsUtil.getStrVal(sdr["Phone_Number"]); this.Address = ClsUtil.getStrVal(sdr["Address"]); this.Date_Of_Birth = ClsUtil.formatDate(sdr["Date_Of_Birth"].ToString()); this.Social_Security_Number = ClsUtil.getStrVal(sdr["Social_Security_Number"]); this.Case_Type = ClsUtil.getStrVal(sdr["Case_Type"]); this.At_Fault_Party = ClsUtil.getStrVal(sdr["At_Fault_Party"]); this.Settlement_Type = ClsUtil.getStrVal(sdr["Settlement_Type"]); this.Settlement_Amount = ClsUtil.getStrVal(sdr["Settlement_Amount"]); this.Disposition = ClsUtil.getStrVal(sdr["Disposition"]); this.Case_Notes = ClsUtil.getStrVal(sdr["Case_Notes"]); this.Date_For_Perspective_Client = ClsUtil.formatDate(sdr["Date_For_Perspective_Client"].ToString()); } } } } catch (Exception ex) { throw new Exception(ex.Message); } }
protected void Page_Load(object sender, EventArgs e) { if (Request["ID"] == null) { this.msg.Text = "No valid ID is provided."; this.form1.Text = ""; } else { this.client.retrieveDB(Request["ID"]); this.msg.Text = ""; if (ClsDB.DEBUG()) { this.msg.Text += this.client.strQuery(); } this.form1.Text = ShowViewForm(); } }
private void btnInsert_Click(object sender, EventArgs e) { ClsDB db = new ClsDB(); try { string qry = $"Exec Prc_User {txtId.Text},'{txtName.Text}'"; db.Connect(); db.GetDataTable(qry); MessageBox.Show("Saved"); } catch (Exception ex) { MessageBox.Show(ex.Message); Log.Error(ex, "Error Occured"); } finally { db.DisConnect(); db = null; } }
/// <summary> /// Use data reader, read the first row. Don't check whether there are extra rows. /// </summary> /// <param name="UserName"></param> /// <param name="Password"></param> /// <returns></returns> private bool doLogin(string UserName, string Password) { bool ok = false; try { string strConn = new ClsDB().strConn(); using (SqlConnection conn = new SqlConnection(strConn)) { string strQuery = "SELECT ID, login, gid, email FROM [User] WHERE login = @login AND passwd=HASHBYTES('MD5', @pwd) AND disabled = '0'"; SqlCommand comm = new SqlCommand(strQuery, conn); comm.Parameters.Add("@login", SqlDbType.VarChar, 50).Value = UserName; comm.Parameters.Add("@pwd", SqlDbType.VarChar, 50).Value = Password; if (ClsDB.DEBUG()) { Response.Write("query: " + strQuery); } conn.Open(); using (SqlDataReader sdr = comm.ExecuteReader()) { if (sdr.Read()) { Session["userid"] = sdr["ID"].ToString(); Session["username"] = sdr["login"].ToString(); Session["role"] = getUserRole(sdr["gid"].ToString()); Session["email"] = sdr["email"].ToString(); ok = true; } } } } catch (Exception ex) { if (ClsUtil.DEBUG()) { Response.Write("Error: " + ex.Message); } } return(ok); }
public void insert(string update_user_id) { string err = this.check_error(); if (err != "") { throw new Exception(err); } this._strQuery = @"INSERT INTO Client (Case_Id, Client_Type, First_Name, Last_Name, Attorney, Paralegal, Date_Of_Injury, Statute_Of_Limitation, Phone_Number, Address, Date_Of_Birth, Social_Security_Number, Case_Type, At_Fault_Party, Settlement_Type, Settlement_Amount, Disposition, Case_Notes, Date_For_Perspective_Client, [create_user_id], [create_datetime], [disabled]) VALUES (" + ClsDB.sqlEncode(this.Case_Id) + ", " + ClsDB.sqlEncode(this.Client_Type) + ", " + ClsDB.sqlEncode(this.First_Name) + ", " + ClsDB.sqlEncode(this.Last_Name) + ", " + ClsDB.sqlEncode(this.Attorney) + ", " + ClsDB.sqlEncode(this.Paralegal) + ", " + ClsDB.sqlEncode(this.Date_Of_Injury) + ", " + ClsDB.sqlEncode(this.Statute_Of_Limitation) + ", " + ClsDB.sqlEncode(this.Phone_Number) + ", " + ClsDB.sqlEncode(this.Address) + ", " + ClsDB.sqlEncode(this.Date_Of_Birth) + ", " + ClsDB.sqlEncode(this.Social_Security_Number) + ", " + ClsDB.sqlEncode(this.Case_Type) + ", " + ClsDB.sqlEncode(this.At_Fault_Party) + ", " + ClsDB.sqlEncode(this.Settlement_Type) + ", " + ClsDB.sqlEncode(this.Settlement_Amount) + ", " + ClsDB.sqlEncode(this.Disposition) + ", " + ClsDB.sqlEncode(this.Case_Notes) + ", " + ClsDB.sqlEncode(this.Date_For_Perspective_Client) + ", " + ClsDB.sqlEncode(update_user_id) + ", " + ClsDB.sqlEncode(DateTime.Now.ToString()) + ", " + "0 " + ")"; new ClsDB().ExecuteNonQuery(this._strQuery); }
protected void Page_Load(object sender, EventArgs e) { ClsAuth.check_auth_admin(); string ID = ClsUtil.getStrVal(Request["id"]); if (ID == "") { this.msg.Text = "Not a valid user."; this.form1.Text = ""; return; } if (this.IsPostBack) { this.form1.Text = ""; try { this.user.retrieveRequest(this.IsPostBack, Request); this.user.update(ID, Session["userid"].ToString()); this.msg.Text = "<p><font color='green'>This profile has been updated.</font> </p>"; if (ClsDB.DEBUG()) { Response.Write(this.user.strQuery()); } } catch (Exception ex) { this.msg.Text = "<p><font color='red'>" + ex.Message + "</font></p>"; } this.user.retrieveDB(ID); this.form1.Text = ShowEditForm(); } else { this.user.retrieveDB(ID); this.msg.Text = ""; this.form1.Text = ShowEditForm(); } }
public void update(string ID, string update_user_id) { if (ID == "") { return; } string err = this.check_error(); if (err != "") { throw new Exception(err); } this._strQuery = "UPDATE Client SET " + "Case_ID = " + ClsDB.sqlEncode(this.Case_Id) + ", " + "Client_Type = " + ClsDB.sqlEncode(this.Client_Type) + ", " + "First_Name = " + ClsDB.sqlEncode(this.First_Name) + ", " + "Last_Name = " + ClsDB.sqlEncode(this.Last_Name) + ", " + "Attorney = " + ClsDB.sqlEncode(this.Attorney) + ", " + "Paralegal = " + ClsDB.sqlEncode(this.Paralegal) + ", " + "Date_Of_Injury = " + ClsDB.sqlEncode(this.Date_Of_Injury) + ", " + "Statute_Of_Limitation = " + ClsDB.sqlEncode(this.Statute_Of_Limitation) + ", " + "Phone_Number = " + ClsDB.sqlEncode(this.Phone_Number) + ", " + "Address = " + ClsDB.sqlEncode(this.Address) + ", " + "Date_Of_Birth = " + ClsDB.sqlEncode(this.Date_Of_Birth) + ", " + "Social_Security_Number = " + ClsDB.sqlEncode(this.Social_Security_Number) + ", " + "Case_Type = " + ClsDB.sqlEncode(this.Case_Type) + ", " + "At_Fault_Party = " + ClsDB.sqlEncode(this.At_Fault_Party) + ", " + "Settlement_Type = " + ClsDB.sqlEncode(this.Settlement_Type) + ", " + "Settlement_Amount = " + ClsDB.sqlEncode(this.Settlement_Amount) + ", " + "Disposition = " + ClsDB.sqlEncode(this.Disposition) + ", " + "Case_Notes = " + ClsDB.sqlEncode(this.Case_Notes) + ", " + "Date_For_Perspective_Client = " + ClsDB.sqlEncode(this.Date_For_Perspective_Client) + ", " + "last_update_user_id = " + ClsDB.sqlEncode(update_user_id) + ", " + "last_update_datetime = " + ClsDB.sqlEncode(DateTime.Now.ToString()) + " WHERE ID = " + ClsDB.sqlEncode(ID); ; new ClsDB().ExecuteNonQuery(this._strQuery); }
private void button4_Click(object sender, EventArgs e) { ClsDB db = new ClsDB(); try { db.Connect(); Dictionary <string, string> DicProcParameter = new Dictionary <string, string>(); DicProcParameter.Add("@Id", txtId.Text); DicProcParameter.Add("@Name", txtName.Text); db.GetDataTable_Proc("Prc_User", DicProcParameter); MessageBox.Show("Saved"); } catch (Exception ex) { MessageBox.Show(ex.Message); Log.Error(ex, "Error Occured"); } finally { db.DisConnect(); db = null; } }
// This also works and is secure. private bool doLogin_bak(string UserName, string Password) { bool ok = false; try { string strConn = new ClsDB().strConn(); using (SqlConnection conn = new SqlConnection(strConn)) { string strQuery = "SELECT ID, login, gid, email FROM [User] WHERE login="******" AND passwd=HASHBYTES('MD5', " + ClsDB.sqlEncode(Password) + ") AND disabled = '0'"; SqlCommand comm = new SqlCommand(strQuery, conn); if (ClsDB.DEBUG()) { Response.Write("query: " + strQuery); } conn.Open(); using (SqlDataReader sdr = comm.ExecuteReader()) { if (sdr.Read()) { Session["userid"] = ClsUtil.getStrVal(sdr["ID"]); Session["username"] = ClsUtil.getStrVal(sdr["login"]); Session["role"] = getUserRole(ClsUtil.getStrVal(sdr["gid"])); Session["email"] = ClsUtil.getStrVal(sdr["email"]); ok = true; } } } } catch (Exception ex) { if (ClsUtil.DEBUG()) { Response.Write("Error: " + ex.Message); } } return(ok); }