public static DataTable Query登入(string Username, string Password)
{
//宣告SQL的連線
SqlConnection Conn = new SqlConnection();
Conn.ConnectionString = ConfigurationManager.ConnectionStrings["sqlString"].ConnectionString;
DataTable dt = new DataTable();
try
{
string CmdString = @"select * from Employee where Username=@Username and Password=@Password ";
SqlCommand cmd = new SqlCommand(CmdString, Conn);
cmd.Parameters.AddWithValue("Username", Username);
string des_Password = DB_fountion.EncryptDES(Password);//加密
cmd.Parameters.AddWithValue("Password", des_Password);
Conn.Open();
SqlDataReader dr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
dt.Load(dr);
return(dt);
}
catch (Exception ex)
{
log("Query登入:", ex.ToString());
return(null);
}
finally
{
Conn.Close();
}
}
protected void upimgmult_Click(object sender, EventArgs e)
{
if (this.FileUpload1.HasFile)
{
if (!Directory.Exists(HttpContext.Current.Server.MapPath("/") + @"/sqlimages/Album/" + id.Value))
{
//新增資料夾
Directory.CreateDirectory(HttpContext.Current.Server.MapPath("/") + @"/sqlimages/Album/" + id.Value);
}
if (!Directory.Exists(HttpContext.Current.Server.MapPath("/") + @"/sqlimages/min_Album/" + id.Value))
{
//新增資料夾
Directory.CreateDirectory(HttpContext.Current.Server.MapPath("/") + @"/sqlimages/min_Album/" + id.Value);
}
foreach (HttpPostedFile file in FileUpload1.PostedFiles)
{
string ext = System.IO.Path.GetExtension(file.FileName);
String FileName = DateTime.Now.ToString("yyyyMMddHHmmss.fff") + ext;
String SavePath = Server.MapPath("/") + @"/sqlimages/Album/" + id.Value + "/" + FileName;
String SavePath_min = Server.MapPath("~/sqlimages/min_Album/" + id.Value);
DB_fountion.GenerateThumbnailImage(FileName, file.InputStream, SavePath_min, "", 100, 63);
file.SaveAs(SavePath);
}
}
DBinit();
}
protected void Grid_News_RowDataBound(object sender, GridViewRowEventArgs e)
{
int index = 0;
index = DB_fountion.tablenametoindex(Grid_News, e, "是否置頂");
if (e.Row.RowType == DataControlRowType.DataRow)
{
switch (e.Row.Cells[index].Text)
{
case "1":
e.Row.Cells[index].Text = "是";
break;
case "0":
e.Row.Cells[index].Text = "否";
break;
case " ":
break;
default:
break;
}
}
}
//判斷帳號的舊密碼是否輸入正確
protected string checkpwd()
{
string result;
SqlConnection ConnSel = new SqlConnection();
ConnSel.ConnectionString = ConfigurationManager.ConnectionStrings["sqlString"].ConnectionString;
DataTable dt = new DataTable();
string SelCmdString = @"";
SelCmdString = @"select 'x' from Employee where Username=@Username and Password=@pwd";
SqlCommand Selcmd = new SqlCommand(SelCmdString, ConnSel);
string des_Password = DB_fountion.EncryptDES(pwd.Value);//加密
Selcmd.Parameters.AddWithValue("Username", Session["Username"].ToString());
Selcmd.Parameters.AddWithValue("pwd", des_Password);
ConnSel.Open();
SqlDataReader dr = Selcmd.ExecuteReader(CommandBehavior.CloseConnection);
dt.Load(dr);
if (dt != null && dt.Rows.Count > 0)
{
result = "OK";
}
else
{
result = "舊密碼錯誤";
}
ConnSel.Close();
return(result);
}
protected void pwd_save_Click()
{
SqlConnection Conn = new SqlConnection();
Conn.ConnectionString = ConfigurationManager.ConnectionStrings["sqlString"].ConnectionString;
Conn.Open();
SqlTransaction tran = Conn.BeginTransaction();
DataTable dt = new DataTable();
try
{
string CmdString = @"";
CmdString = @"update Employee set Password=@pwd where Username=@Username ";
SqlCommand cmd = new SqlCommand(CmdString, Conn, tran);
cmd.Parameters.AddWithValue("Username", Session["Username"].ToString());
string des_Password = DB_fountion.EncryptDES(npwd.Value);//加密
cmd.Parameters.AddWithValue("pwd", des_Password);
cmd.ExecuteNonQuery();
tran.Commit();
ScriptManager.RegisterStartupScript(Page, GetType(), "alert_success", "<script>swal('修改成功')</script>", false);
}
catch (Exception ex)
{
tran.Rollback();
DB_string.log("Account:", ex.ToString());
}
finally
{
Conn.Close();
}
}
protected void save_Click()
{
SqlConnection Conn = new SqlConnection();
Conn.ConnectionString = ConfigurationManager.ConnectionStrings["sqlString"].ConnectionString;
Conn.Open();
DataTable dt = new DataTable();
try
{
string CmdString = @"";
CmdString = @"insert into Employee (Username,Password,Auth) values (@Username,@Password,@Auth)";
SqlCommand cmd = new SqlCommand(CmdString, Conn);
cmd.Parameters.AddWithValue("id", id.Value);
cmd.Parameters.AddWithValue("Username", Username.Value);
string des_Password = DB_fountion.EncryptDES(Password.Value);//加密
cmd.Parameters.AddWithValue("Password", des_Password);
cmd.Parameters.AddWithValue("Auth", Auth.SelectedValue);
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
DB_string.log("Employee_ins:", ex.ToString());
}
finally
{
Conn.Close();
Response.Redirect("Employee.aspx?type=basic");
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
if (Session["Username"] == null)
{
Response.Redirect("../../login.aspx");
}
else
{
DB_fountion.GetNo("G_no", "Group");
DataTable dt = Auth();
Grid_Auth.DataSource = dt;
Grid_Auth.DataBind();
}
}
}
protected void save_Click()
{
SqlConnection Conn = new SqlConnection();
Conn.ConnectionString = ConfigurationManager.ConnectionStrings["sqlString"].ConnectionString;
Conn.Open();
DataTable dt = new DataTable();
DataTable serial = new DataTable();
try
{
string CmdString = @"";
CmdString = @"insert into News (Newsno,Title,Info,Context,Inday,Img,Priority)
values (@Newsno,@Title,@Info,@Context,@Inday,@Img,@Priority)";
serial = DB_fountion.GetNo("Newsno", "News");
Update_img(DateTime.Now.ToString("yyyyMMdd") + serial.Rows[0]["sno"].ToString());//新增圖片
SqlCommand cmd = new SqlCommand(CmdString, Conn);
cmd.Parameters.AddWithValue("Newsno", DateTime.Now.ToString("yyyyMMdd") + serial.Rows[0]["sno"].ToString());
cmd.Parameters.AddWithValue("Title", Title_.Value);
cmd.Parameters.AddWithValue("Info", Info.Value);
cmd.Parameters.AddWithValue("Context", Context_.Value);
cmd.Parameters.AddWithValue("Inday", Inday_.Value);
cmd.Parameters.AddWithValue("Img", img_temp.Value);
cmd.Parameters.AddWithValue("Priority", Priority.SelectedValue);
cmd.ExecuteNonQuery();
}
catch (Exception ex)
{
DB_string.log("News_ins:", ex.ToString());
}
finally
{
Conn.Close();
//Response.Redirect("News.aspx?type=news");
Response.Redirect("News_edit.aspx?type=news&id=" + DateTime.Now.ToString("yyyyMMdd") + serial.Rows[0]["sno"].ToString());
//ScriptManager.RegisterStartupScript(Page, GetType(), "success", @"<script> swal({title: '新增成功',text: '跳向編輯頁',},function() {document.location.href = 'News_edit.aspx?type=news&id="+ DateTime.Now.ToString("yyyyMMdd") + serial.Rows[0]["sno"].ToString()+"';});</script>", false);
}
}
protected void save_Click()
{
SqlConnection Conn = new SqlConnection();
Conn.ConnectionString = ConfigurationManager.ConnectionStrings["sqlString"].ConnectionString;
Conn.Open();
SqlTransaction tran = Conn.BeginTransaction();
try
{
string CmdString = @"";
CmdString = @"insert into Yachts (Yachtsno,Modal, Modal_n, Overview, Layout, Specification, Isnew)
values (@Yachtsno,@Modal, @Modal_n, @Overview, @Layout, @Specification, @Isnew)";
DataTable serial = new DataTable();
serial = DB_fountion.GetNo("Yachtsno", "Yachts");
SqlCommand cmd = new SqlCommand(CmdString, Conn, tran);
cmd.Parameters.AddWithValue("Yachtsno", DateTime.Now.ToString("yyyyMMdd") + serial.Rows[0]["sno"].ToString());
cmd.Parameters.AddWithValue("Modal", Modal.Value);
cmd.Parameters.AddWithValue("Modal_n", Modal_n.Value);
cmd.Parameters.AddWithValue("Overview", Overview.Value);
cmd.Parameters.AddWithValue("Layout", Layout.Value);
cmd.Parameters.AddWithValue("Specification", Specification.Value);
cmd.Parameters.AddWithValue("Isnew", Isnew.SelectedValue);
cmd.ExecuteNonQuery();
tran.Commit();
}
catch (Exception ex)
{
tran.Rollback();
DB_string.log("Yachts_ins:", ex.ToString());
}
finally
{
Conn.Close();
}
}
protected void Update_img(string Yachtsno)
{
if (FileUploadimg.HasFile)
{
if (!Directory.Exists(HttpContext.Current.Server.MapPath("~") + @"/sqlimages/Yachts/" + Yachtsno))
{
Directory.CreateDirectory(HttpContext.Current.Server.MapPath("~") + @"/sqlimages/Yachts/" + Yachtsno);
}
FileUpload test = FileUploadimg;
string ext = System.IO.Path.GetExtension(test.FileName);
String filename = "Img" + ext;
String SavePath = "";
String SavePath_min = "";
img_temp.Value = filename;//存回資料庫
SavePath = Server.MapPath("~/sqlimages/Yachts/" + Yachtsno + "/" + filename);
SavePath_min = Server.MapPath("~/sqlimages/Yachts/" + Yachtsno);
img.ImageUrl = "~/sqimages/Yachts/" + Yachtsno + "/" + filename;
DB_fountion.GenerateThumbnailImage(filename, FileUploadimg.FileContent, SavePath_min, "min_", 240, 120);
FileUploadimg.SaveAs(SavePath);
}
}
protected void Enter_Click(object sender, EventArgs e)
{
DataTable dt = new DataTable();
SqlConnection Conn = new SqlConnection();
Conn.ConnectionString = ConfigurationManager.ConnectionStrings["sqlString"].ConnectionString;
Conn.Open();
SqlTransaction tran = Conn.BeginTransaction();
DataTable serial = new DataTable();
serial = DB_fountion.GetNo("G_no", "Group");
try
{
string InsCmdString = @"";
InsCmdString = @"INSERT INTO [Group]( G_no, Group_name, Group_value )
SELECT @G_no,@Group_name,isnull(max(Group_value),0)+1 FROM [Group]";
SqlCommand Inscmd = new SqlCommand(InsCmdString, Conn, tran);
Inscmd.Parameters.AddWithValue("G_no", DateTime.Now.ToString("yyyyMMdd") + serial.Rows[0]["sno"].ToString());
Inscmd.Parameters.AddWithValue("Group_name", Group_name.Value);
Inscmd.ExecuteNonQuery();
tran.Commit();
}
catch (Exception ex)
{
tran.Rollback();
DB_string.log("Auth_Enter_Click:", ex.ToString());
}
finally
{
Conn.Close();
}
ScriptManager.RegisterStartupScript(Page, Page.GetType(), "closepup", "$('#modal-ins').modal('hide');", true);
//刷新
dt = Auth();
Grid_Auth.DataSource = dt;
Grid_Auth.DataBind();
}
protected void save_Click()
{
SqlConnection Conn = new SqlConnection();
Conn.ConnectionString = ConfigurationManager.ConnectionStrings["sqlString"].ConnectionString;
Conn.Open();
SqlTransaction tran = Conn.BeginTransaction();
try
{
string CmdString = @"";
DataTable serial = new DataTable();
serial = DB_fountion.GetNo("R_no", "DealersR");
id.Value = DateTime.Now.ToString("yyyyMMdd") + serial.Rows[0]["sno"].ToString();
CmdString = @"insert DealersR (R_no,Region)
values (@R_no,@Region)";
SqlCommand cmd = new SqlCommand(CmdString, Conn, tran);
cmd.Parameters.AddWithValue("R_no", DateTime.Now.ToString("yyyyMMdd") + serial.Rows[0]["sno"].ToString());
cmd.Parameters.AddWithValue("Region", Region.Value);
cmd.ExecuteNonQuery();
DataTable dtD = new DataTable();
dtD = (DataTable)ViewState["Detail"];
if (detailtype.Value == "true")
{
//foreach (DataRow rw in dtD.Rows)
//{
// string InsString = @"";
// InsString = @"insert into DealersC (R_no, Country)
// values (@R_no,@Country)";
// SqlCommand inscmd = new SqlCommand(InsString, Conn, tran);
// inscmd.Parameters.AddWithValue("R_no", id.Value);
// inscmd.Parameters.AddWithValue("Country", rw["Country"].ToString());
// inscmd.ExecuteNonQuery();
//}
string InsString = @"";
int serial_ins = 0;
//拼字串
foreach (DataRow rw in dtD.Rows)
{
InsString += @"insert into DealersC (R_no, Country)
values (@R_no,@Country" + serial + @");
";
serial_ins++;
}
SqlCommand inscmd = new SqlCommand(InsString, Conn, tran);
//丟參數
serial_ins = 0;
foreach (DataRow rw in dtD.Rows)
{
inscmd.Parameters.AddWithValue("Country" + serial, rw["Country"].ToString());
serial_ins++;
}
inscmd.Parameters.AddWithValue("R_no", id.Value);
//inscmd.Parameters.AddWithValue("C_no", rw["C_no"].ToString());
if (InsString == null)
{
inscmd.ExecuteNonQuery();
}
}
tran.Commit();
}
catch (Exception ex)
{
tran.Rollback();
DB_string.log("Dealers_ins:", ex.ToString());
}
finally
{
Conn.Close();
}
}