Exemple #1
0
    private bool addNewRole()
    {
        string Name        = Request.Form["roleName"];
        string Description = Request.Form["roleDescription"];
        string Selected    = Request.Form["selectedFunction"];
        string sqlCommand  = "INSERT INTO role(Name,Description) VALUES(@name,@description)";

        sqlOperation.AddParameterWithValue("@name", Name);
        sqlOperation.AddParameterWithValue("@description", Description);
        int success = sqlOperation.ExecuteNonQuery(sqlCommand);

        if (success > 0)
        {
            sqlCommand = "SELECT ID FROM role WHERE Name=@name";
            string id = sqlOperation.ExecuteScalar(sqlCommand);
            sqlOperation.AddParameterWithValue("@RID", id);
            string[] select = Selected.Split(' ');
            for (int i = 0; i < select.Length; i++)
            {
                if (select[i] != "")
                {
                    sqlCommand = "INSERT INTO function2role(Function_ID,Role_ID) VALUES(@FID,@RID)";
                    sqlOperation.AddParameterWithValue("@FID", select[i]);
                    sqlOperation.ExecuteNonQuery(sqlCommand);
                }
            }
            return(true);
        }
        return(false);
    }
Exemple #2
0
    public DataSet Select(string state, string item)
    {
        string sqlCommand = "SELECT * FROM Equipment";
        string addString  = "";

        if (state != "allEquipment")
        {
            int stateInt = int.Parse(state);
            addString += " WHERE State=@state";
            sqlOperation.AddParameterWithValue("@state", stateInt);
        }
        if (item != "allItem")
        {
            if (addString == "")
            {
                addString += " WHERE TreatmentItem=@item";
            }
            else
            {
                addString += " AND TreatmentItem=@item";
            }
            sqlOperation.AddParameterWithValue("@item", item);
        }

        DataSet myds = sqlOperation.ExecuteDataSet(sqlCommand + addString, "item");

        return(myds);
    }
Exemple #3
0
    /// <summary>
    /// 消息发布到数据库
    /// </summary>
    /// <returns></returns>
    private Boolean AddRi()
    {
        string Enterprise      = Request.Form["enterprise"];
        string Year            = Request.Form["year"];
        string TechDevelopCost = Request.Form["techDevelopCost"];
        string RdInvestment    = Request.Form["RdInvestment"];
        string RdOrgLevel      = Request.Form["RdOrgLevel"];
        string RderNum         = Request.Form["RderNum"];
        string RderSeniorNum   = Request.Form["RderSeniorNum"];
        string PatentFilingNum = Request.Form["patentFilingNum"];
        string PatentLicNum    = Request.Form["patentLicNum"];
        //将信息写入数据库,并返回是否成功
        string strSqlCommand = "INSERT INTO researchinvestment(enterprise,year,techDevelopCost,RdInvestment,RdOrgLevel,RderNum,RderSeniorNum,patentFilingNum,patentLicNum,Releasetime)" +
                               "VALUES(@Enterprise,@Year,@TechDevelopCost,@RdInvestment,@RdOrgLevel,@RderNum,@RderSeniorNum,@PatentFilingNum,@PatentLicNum,@Releasetime)";

        sqlOperation.AddParameterWithValue("@Enterprise", Enterprise);
        sqlOperation.AddParameterWithValue("@Year", Year);
        sqlOperation.AddParameterWithValue("@TechDevelopCost", TechDevelopCost);
        sqlOperation.AddParameterWithValue("@RdInvestment", RdInvestment);
        sqlOperation.AddParameterWithValue("@RdOrgLevel", RdOrgLevel);
        sqlOperation.AddParameterWithValue("@RderNum", RderNum);
        sqlOperation.AddParameterWithValue("@RderSeniorNum", RderSeniorNum);
        sqlOperation.AddParameterWithValue("@PatentFilingNum", PatentFilingNum);
        sqlOperation.AddParameterWithValue("@PatentLicNum", PatentLicNum);
        sqlOperation.AddParameterWithValue("@Releasetime", DateTime.Now);
        int intSuccess = sqlOperation.ExecuteNonQuery(strSqlCommand);

        return((intSuccess > 0) ? true : false);
    }
    public DataSet Select(string activate, string office)
    {
        string sqlCommand = "SELECT * FROM user,user2role";
        string addStr     = "";

        if (office != "allOffice")
        {
            addStr += " WHERE Office=@office";
            sqlOperation.AddParameterWithValue("@office", office);
        }
        if (activate != "allNumber")
        {
            if (addStr == "")
            {
                addStr += " WHERE Activate=@activate";
            }
            else
            {
                addStr += " AND Activate=@activate";
            }
            sqlOperation.AddParameterWithValue("@activate", int.Parse(activate));
        }
        if (addStr == "")
        {
            addStr += " WHERE user.ID=user2role.User_ID";
        }
        else
        {
            addStr += " AND user.ID=user2role.User_ID";
        }
        sqlCommand += addStr;
        DataSet myds = sqlOperation.ExecuteDataSet(sqlCommand, "user");

        return(myds);
    }
    /// <summary>
    /// 向数据库记录修改的角色。
    /// </summary>
    private void recordNewRole()
    {
        string newRoles = Request.Form["updateRoles"];

        string [] roles      = newRoles.Split(' ');
        string    Number     = Request.Form["userNumber"];
        string    sqlCommand = "DELETE FROM user2role WHERE User_ID=(SELECT ID FROM user WHERE user.Number=@number)";

        sqlOperation.AddParameterWithValue("@number", Number);
        sqlOperation.ExecuteNonQuery(sqlCommand);
        string userID = sqlOperation.ExecuteScalar("SELECT ID FROM user WHERE user.Number=@number");

        sqlOperation.AddParameterWithValue("@userID", userID);
        for (int i = 0; i < roles.Length; i++)
        {
            if (roles[i] != "")
            {
                sqlCommand = "SELECT ID FROM role WHERE Name=@name";
                sqlOperation.AddParameterWithValue("@name", roles[i]);
                string roleID = sqlOperation.ExecuteScalar(sqlCommand);
                sqlCommand = "INSERT INTO user2role(User_ID,Role_ID) VALUES(@userID,@roleID)";
                sqlOperation.AddParameterWithValue("@roleID", roleID);
                sqlOperation.ExecuteNonQuery(sqlCommand);
            }
        }
    }
    public void delete(String id)
    {
        sqlOperation.clearParameter();
        string sqlCommand = "DELETE FROM news WHERE ID=@id";

        sqlOperation.AddParameterWithValue("@id", id);
        sqlOperation.ExecuteNonQuery(sqlCommand);
    }
    public void Update(string id, string Description)
    {
        string sqlCommand = "UPDATE role SET Description=@description WHERE ID=@id";

        sqlOperation.AddParameterWithValue("@id", id);
        sqlOperation.AddParameterWithValue("@description", Description);
        sqlOperation.ExecuteNonQuery(sqlCommand);
    }
    private bool RecordPatientInformation()
    {
        string savePath  = "";
        string savepath1 = "";

        if (FileUpload.HasFile)
        {
            savePath = Server.MapPath("~/upload/FixRecord");//指定上传文件在服务器上的保存路径
            //检查服务器上是否存在这个物理路径,如果不存在则创建
            if (!System.IO.Directory.Exists(savePath))
            {
                System.IO.Directory.CreateDirectory(savePath);
            }
            savePath  = savePath + "\\" + DateTime.Now.ToString("yyyyMMdd") + FileUpload.FileName;
            savepath1 = "../upload/FixRecord/" + DateTime.Now.ToString("yyyyMMdd") + FileUpload.FileName;
            FileUpload.SaveAs(savePath);
        }
        string treatid = Request.Form["hidetreatID"];
        int    treatID = Convert.ToInt32(treatid);
        string fixedid = "select Fixed_ID from treatment where treatment.ID=@treatid";

        sqlOperation.AddParameterWithValue("@treatid", treatID);
        int FixedID = int.Parse(sqlOperation.ExecuteScalar(fixedid));
        //string userID = "1";
        string   userID        = Request.Form["userID"];
        int      userid        = Convert.ToInt32(userID);
        DateTime datetime      = DateTime.Now;
        bool     state         = false;
        string   strSqlCommand = "UPDATE  fixed  SET Pictures=@picture,BodyPositionDetail=@detail,AnnexDescription=@description,Remarks=@remarks,OperateTime=@datetime,Operate_User_ID=@userid where fixed.ID=@fixedID";

        //各参数赋予实际值
        sqlOperation.AddParameterWithValue("@fixedID", FixedID);
        sqlOperation.AddParameterWithValue("@detail", Request.Form["BodyPositionDetail"]);
        sqlOperation.AddParameterWithValue("@description", Request.Form["AnnexDescription"]);
        sqlOperation.AddParameterWithValue("@remarks", Request.Form["Remarks"]);
        sqlOperation.AddParameterWithValue("@datetime", datetime);
        sqlOperation.AddParameterWithValue("@userid", userid);
        sqlOperation.AddParameterWithValue("@picture", savepath1);
        string strSqlCommand1 = "UPDATE  appointment  SET State=@state where Treatment_ID=@treatid";

        sqlOperation.AddParameterWithValue("@state", state);
        sqlOperation.AddParameterWithValue("@treatid", treatID);
        int intSuccess = sqlOperation.ExecuteNonQuery(strSqlCommand);

        if (intSuccess > 0)
        {
            sqlOperation.ExecuteNonQuery(strSqlCommand1);
            return(true);
        }
        else
        {
            return(false);
        }
    }
    public void Delete(string ID)
    {
        string sqlCommand = "DELETE FROM function where ID=@id";

        sqlOperation.AddParameterWithValue("@id", ID);
        sqlOperation.ExecuteNonQuery(sqlCommand);
    }
Exemple #10
0
    /// <summary>
    /// 消息发布到数据库
    /// </summary>
    /// <returns></returns>
    private Boolean AddNews()
    {
        string Title   = Request.Form["title"];
        string Content = Request.Form["mainText"];
        string IsTop   = rb1.SelectedValue;
        //将信息写入数据库,并返回是否成功
        string strSqlCommand = "INSERT INTO news(Title,Content,Releasetime,IsTop) " +
                               "VALUES(@Title,@Content,@Releasetime,@IsTop)";

        sqlOperation.AddParameterWithValue("@Title", Title);
        sqlOperation.AddParameterWithValue("@Content", Content);
        sqlOperation.AddParameterWithValue("@Releasetime", DateTime.Now);
        sqlOperation.AddParameterWithValue("@IsTop", IsTop);
        int intSuccess = sqlOperation.ExecuteNonQuery(strSqlCommand);

        return((intSuccess > 0) ? true : false);
    }
Exemple #11
0
    /// <summary>
    /// 消息发布到数据库
    /// </summary>
    /// <returns></returns>
    private Boolean AddNews()
    {
        string Enterprise     = Request.Form["enterprise"];
        string DelphiMethod   = Request.Form["professional"];
        string ConsumerSurvey = Request.Form["consumer"];
        //将信息写入数据库,并返回是否成功
        string strSqlCommand = "INSERT INTO socialvaluation(Enterprise,DelphiMethod,ConsumerSurvey,Releasetime) " +
                               "VALUES(@Enterprise,@DelphiMethod,@ConsumerSurvey,@Releasetime)";

        sqlOperation.AddParameterWithValue("@Enterprise", Enterprise);
        sqlOperation.AddParameterWithValue("@DelphiMethod", DelphiMethod);
        sqlOperation.AddParameterWithValue("@ConsumerSurvey", ConsumerSurvey);
        sqlOperation.AddParameterWithValue("@Releasetime", DateTime.Now);
        int intSuccess = sqlOperation.ExecuteNonQuery(strSqlCommand);

        return((intSuccess > 0) ? true : false);
    }
 /// <summary>
 /// 给sql命令@number参数赋予对象
 /// </summary>
 private void addParam()
 {
     sqlOperation.clearParameter();//先清空防止多次赋予异常
     if (Request.Form["userID"] != "")
     {
         string userName = Request.QueryString["userID"];
         sqlOperation.AddParameterWithValue("@number", userName);
     }
 }
Exemple #13
0
    /// <summary>
    /// 消息发布到数据库
    /// </summary>
    /// <returns></returns>
    private Boolean AddNews()
    {
        //获取表单信息
        UserInformation loginUser       = (UserInformation)Session["loginUser"];
        int             Release_User_ID = loginUser.GetUserID();
        string          Title           = Request.Form["title"];
        string          Content         = Request.Form["mainText"];
        bool            Important       = (Request.Form["important"] == "1") ? true : false;
        string          Permission      = Request.Form["selectedRole"];

        //将信息写入数据库,并返回是否成功
        string strSqlCommand = "INSERT INTO news(Release_User_ID,Title,Content,Important,Permission,Releasetime) " +
                               "VALUES(@Release_User_ID,@Title,@Content,@Important,@Permission,@Releasetime)";

        sqlOperation.AddParameterWithValue("@Release_User_ID", Release_User_ID);
        sqlOperation.AddParameterWithValue("@Title", Title);
        sqlOperation.AddParameterWithValue("@Content", Content);
        sqlOperation.AddParameterWithValue("@Important", Important);
        sqlOperation.AddParameterWithValue("@Permission", Permission);
        sqlOperation.AddParameterWithValue("@Releasetime", DateTime.Now);

        int intSuccess = sqlOperation.ExecuteNonQuery(strSqlCommand);

        return((intSuccess > 0) ? true : false);
    }
Exemple #14
0
    private void recordNewFunction()
    {
        string selectedFunction = Request.Form["updateFunctions"];

        string[] selectArray = selectedFunction.Split(' ');
        string   roleID      = Request.Form["RoleID"];
        string   deleteAll   = "DELETE FROM function2role WHERE Role_ID=@id";

        sqlOperation.AddParameterWithValue("@id", roleID);
        sqlOperation.ExecuteNonQuery(deleteAll);
        string sqlCommand = "INSERT INTO function2role(Function_ID,Role_ID) VALUES(@fid,@rid)";

        sqlOperation.AddParameterWithValue("@rid", roleID);
        for (int i = 0; i < selectArray.Length; i++)
        {
            if (selectArray[i] != "")
            {
                sqlOperation.AddParameterWithValue("@fid", selectArray[i]);
                sqlOperation.ExecuteNonQuery(sqlCommand);
            }
        }
    }
    private DataLayer sqlOperation = new DataLayer("sqlhuaian");//数据库操作类
    protected void Page_Load(object sender, EventArgs e)
    {
        string id         = Request.QueryString["ID"];
        string sqlCommand = "SELECT Title,Content,Releasetime from industrynews where ID=@id";

        sqlOperation.AddParameterWithValue("@id", id);
        MySql.Data.MySqlClient.MySqlDataReader reader = sqlOperation.ExecuteReader(sqlCommand);

        if (reader.Read())
        {
            DateTime date = Convert.ToDateTime(reader["Releasetime"].ToString());
            string   day  = date.Year.ToString() + "-" + date.Month.ToString() + "-" + date.Day.ToString();
            this.Label3.Text = reader["Title"].ToString();
            this.Label2.Text = "发布时间:" + day + "&nbsp;&nbsp;&nbsp;&nbsp";
            this.Label1.Text = reader["Content"].ToString();
        }
    }
Exemple #16
0
    /// <summary>
    /// 检查用户名是否重复
    /// </summary>
    /// <returns>不重复返回true否则返回false</returns>
    private bool CheckDuplicateUserName()
    {
        string strSqlCommand      = "SELECT COUNT(ID) FROM user WHERE NUMBER=@InputUserNumber";
        string strInputUserNumber = Request.Form["userName"];

        //MessageBox.Message(strInputUserNumber);
        sqlOperation.AddParameterWithValue("@InputUserNumber", strInputUserNumber);
        int intUserNumberCount = int.Parse(sqlOperation.ExecuteScalar(strSqlCommand));

        if (intUserNumberCount > 0)
        {
            return(false);
        }
        return(true);
    }
    private DataLayer sqlOperation = new DataLayer("sqlStr");//数据库操作类
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["loginUser"] == null)
        {
            MessageBox.Message("请先登陆");
            Response.Write("<script language=javascript>window.location.replace('../Main/Login.aspx');</script>");
        }
        string id         = Request.QueryString["ID"];
        string sqlCommand = "SELECT Title,Content,Releasetime,user.Name RName FROM news,user WHERE news.ID=@id AND user.ID=news.Release_User_ID";

        sqlOperation.AddParameterWithValue("@id", id);
        MySql.Data.MySqlClient.MySqlDataReader reader = sqlOperation.ExecuteReader(sqlCommand);

        if (reader.Read())
        {
            DateTime date = Convert.ToDateTime(reader["Releasetime"].ToString());
            string   day  = date.Year.ToString() + "-" + date.Month.ToString() + "-" + date.Day.ToString();
            this.Label3.Text = reader["Title"].ToString();
            this.Label2.Text = "发布时间:" + day + "&nbsp;&nbsp;&nbsp;&nbsp" + "发布者:" + reader["RName"];
            this.Label1.Text = reader["Content"].ToString();
        }
    }
Exemple #18
0
    private Boolean AddNews()
    {
        string enterprise      = Request.Form["enterprise"];
        string totalassets     = Request.Form["totalAssets"];
        string area            = Request.Form["area"];
        string productoutput   = Request.Form["productOutput"];
        string employeesnumber = Request.Form["employeesNumber"];
        string year            = Request.Form["year"];
        string strSqlCommand   = "INSERT INTO size(enterprise,totalassets,area,productoutput,employeesnumber,year,releasetime)" +
                                 "VALUES(@enterprise,@totalassets,@area,@productoutput,@employeesnumber,@year,@releasetime)";

        sqlOperation.AddParameterWithValue("@enterprise", enterprise);
        sqlOperation.AddParameterWithValue("@totalassets", totalassets);
        sqlOperation.AddParameterWithValue("@area", area);
        sqlOperation.AddParameterWithValue("@productoutput", productoutput);
        sqlOperation.AddParameterWithValue("@employeesnumber", employeesnumber);
        sqlOperation.AddParameterWithValue("@year", year);
        sqlOperation.AddParameterWithValue("@Releasetime", DateTime.Now);
        int intSuccess = sqlOperation.ExecuteNonQuery(strSqlCommand);

        return((intSuccess > 0) ? true : false);
    }
Exemple #19
0
    /// <summary>
    /// 消息发布到数据库
    /// </summary>
    /// <returns></returns>
    private Boolean AddNews()
    {
        string Enterprise         = Request.Form["enterprise"];
        string PatentValue        = Request.Form["patent"];
        string BrandValue         = Request.Form["brand"];
        string InternationalAward = Request.Form["international"];
        string NationAward        = Request.Form["nation"];
        string ProvinceAward      = Request.Form["province"];
        //将信息写入数据库,并返回是否成功
        string strSqlCommand = "INSERT INTO intangibleassets(Enterprise,PatentValue,BrandValue,InternationalAward,NationAward,ProvinceAward,Releasetime) " +
                               "VALUES(@Enterprise,@PatentValue,@BrandValue,@InternationalAward,@NationAward,@ProvinceAward,@Releasetime)";

        sqlOperation.AddParameterWithValue("@Enterprise", Enterprise);
        sqlOperation.AddParameterWithValue("@PatentValue", PatentValue);
        sqlOperation.AddParameterWithValue("@BrandValue", BrandValue);
        sqlOperation.AddParameterWithValue("@InternationalAward", InternationalAward);
        sqlOperation.AddParameterWithValue("@NationAward", NationAward);
        sqlOperation.AddParameterWithValue("@ProvinceAward", ProvinceAward);
        sqlOperation.AddParameterWithValue("@Releasetime", DateTime.Now);
        int intSuccess = sqlOperation.ExecuteNonQuery(strSqlCommand);

        return((intSuccess > 0) ? true : false);
    }
Exemple #20
0
    /// <summary>
    /// 消息发布到数据库
    /// </summary>
    /// <returns></returns>
    private Boolean AddProduct()
    {
        string Enterprise = Request.Form["enterprise"];
        string Brand      = Request.Form["brand"];
        string Degree     = Request.Form["degree"];
        string Scent      = Request.Form["scent"];
        string Other      = Request.Form["other"];
        //将信息写入数据库,并返回是否成功
        string strSqlCommand = "INSERT INTO product(Enterprise,Brand,Degree,Scent,Other,Releasetime)" +
                               "VALUES(@Enterprise,@Brand,@Degree,@Scent,@Other,@Releasetime)";

        sqlOperation.AddParameterWithValue("@Enterprise", Enterprise);
        sqlOperation.AddParameterWithValue("@Brand", Brand);
        sqlOperation.AddParameterWithValue("@Degree", Degree);
        sqlOperation.AddParameterWithValue("@Scent", Scent);
        sqlOperation.AddParameterWithValue("@Other", Other);
        sqlOperation.AddParameterWithValue("@Releasetime", DateTime.Now);
        int intSuccess = sqlOperation.ExecuteNonQuery(strSqlCommand);

        return((intSuccess > 0) ? true : false);
    }
Exemple #21
0
    /// <summary>
    /// 获取前台传来的设备信息修改,更新数据库equipment
    /// </summary>
    private void Update()
    {
        //获取相应信息
        string equipmentID    = Request.Form["equipID"];
        string equipmentName  = Request.Form["equipmentName"];
        string equipmentState = Request.Form["equipmentState"];
        string onceTime       = Request.Form["onceTime"];
        string AMbeg          = Request.Form["AMbeg"];
        string AMEnd          = Request.Form["AMEnd"];
        string PMBeg          = Request.Form["PMBeg"];
        string PMEnd          = Request.Form["PMEnd"];
        string treatmentItem  = Request.Form["changeTreatmentItem"];
        //sql语句
        string sqlCommand = "UPDATE equipment SET Name=@Name,State=@State,Timelength=@Timelength," +
                            "BeginTimeAM=@BeginTimeAM,EndTimeAM=@EndTimeAM,BegTimePM=@BegTimePM," +
                            "EndTimeTPM=@EndTimeTPM,TreatmentItem=@TreatmentItem WHERE ID=@ID";

        //添加参数
        sqlOperation.AddParameterWithValue("@ID", Convert.ToInt32(equipmentID));
        sqlOperation.AddParameterWithValue("@Name", equipmentName);
        sqlOperation.AddParameterWithValue("@State", equipmentState);
        sqlOperation.AddParameterWithValue("@Timelength", Convert.ToInt32(onceTime));
        sqlOperation.AddParameterWithValue("@BeginTimeAM", TimeStringToInt(AMbeg));
        sqlOperation.AddParameterWithValue("@EndTimeAM", TimeStringToInt(AMEnd));
        sqlOperation.AddParameterWithValue("@BegTimePM", TimeStringToInt(PMBeg));
        sqlOperation.AddParameterWithValue("@EndTimeTPM", TimeStringToInt(PMEnd));
        sqlOperation.AddParameterWithValue("@TreatmentItem", treatmentItem);
        //执行
        sqlOperation.ExecuteNonQuery(sqlCommand);
        //成功提示
        MessageBox.Message("修改成功!");
    }
    private bool RecordtreatmentInformation()
    {
        string treatid    = Request.Form["hidetreatID"];
        string sqlcommand = "select max(id) from treatmentrecord where Treatment_ID=@treatid and TreatTime is NULL and TreatedDays is NULL";

        sqlOperation.AddParameterWithValue("@treatid", treatid);
        string id         = sqlOperation.ExecuteScalar(sqlcommand);
        int    intSuccess = 0;

        if (id.ToString() != "")
        {
            string sqlcommand2 = "select id from user where name=@name";
            sqlOperation.AddParameterWithValue("name", Request.Form["assistoperator1"]);
            string userid      = sqlOperation.ExecuteScalar(sqlcommand2);
            string sqlcommand1 = "update  treatmentrecord set Treatment_ID=@treatid,TreatTime=@treattime,TreatedDays=@TreatedDays,TreatedTimes=@TreatedTimes,Treat_User_ID=@Treat_User_ID,Check_User_ID=1,IlluminatedNumber=@IlluminatedNumber,MachineNumbe=@MachineNumbe,Assist_User_ID=@Assist_User_ID,Singlenumber=@Singlenumber,X_System=@X_System,Y_System=@Y_System,Z_System=@Z_System where ID=@id";
            sqlOperation.AddParameterWithValue("@id", Convert.ToInt32(id));
            sqlOperation.AddParameterWithValue("@Z_System", Convert.ToInt32(Request.Form["SIcount1"]));
            sqlOperation.AddParameterWithValue("@Y_System", Convert.ToInt32(Request.Form["APcount1"]));
            sqlOperation.AddParameterWithValue("@X_System", Convert.ToInt32(Request.Form["RLcount1"]));
            sqlOperation.AddParameterWithValue("@Singlenumber", Convert.ToInt32(Request.Form["Number5"]));
            sqlOperation.AddParameterWithValue("@Assist_User_ID", Convert.ToInt32(userid));
            sqlOperation.AddParameterWithValue("@Treat_User_ID", Convert.ToInt32(Request.Form["userID"]));
            sqlOperation.AddParameterWithValue("@IlluminatedNumber", Convert.ToInt32(Request.Form["Number3"]));
            sqlOperation.AddParameterWithValue("@MachineNumbe", Convert.ToInt32(Request.Form["Number4"]));
            sqlOperation.AddParameterWithValue("@TreatedDays", Convert.ToInt32(Request.Form["treateddays1"]));
            sqlOperation.AddParameterWithValue("@treattime", DateTime.Now);
            sqlOperation.AddParameterWithValue("@TreatedTimes", Convert.ToInt32(Request.Form["treatdatetime1"]));
            intSuccess = sqlOperation.ExecuteNonQuery(sqlcommand1);
            string sqlcommand3 = "insert into igrt(Tool,Algorithm,IGRTRange,Operate_User_ID,OperateTime,TreatmentRecord_ID) values(@Tool,@Algorithm,@Range,@Operate_User_ID,@OperateTime,@id)";
            sqlOperation.AddParameterWithValue("@Tool", Request.Form["equip"]);
            sqlOperation.AddParameterWithValue("@Algorithm", Request.Form["peizhun"]);
            sqlOperation.AddParameterWithValue("@Range", Request.Form["range"]);
            sqlOperation.AddParameterWithValue("@Operate_User_ID", Convert.ToInt32(Request.Form["userID"]));
            sqlOperation.AddParameterWithValue("@OperateTime", DateTime.Now);
            int      success = sqlOperation.ExecuteNonQuery(sqlcommand3);
            string   x       = Request.Form["live"];
            string[] group   = x.Split(new Char[] { ',' });
            int      k       = 1;
            for (; k <= group.Length - 1; k++)
            {
                string temp           = group[k];
                string xvalue         = Request.Form["Number" + temp + "1"];
                string yvalue         = Request.Form["Number" + temp + "2"];
                string zvalue         = Request.Form["Number" + temp + "3"];
                string sqlcommandtemp = "insert into locaterecord(X,Y,Z,TreatmentRecord_ID) values(@X,@Y,@Z,@TreatmentRecord_ID)";
                sqlOperation.AddParameterWithValue("@X", Convert.ToDouble(xvalue));
                sqlOperation.AddParameterWithValue("@Y", Convert.ToDouble(yvalue));
                sqlOperation.AddParameterWithValue("@Z", Convert.ToDouble(zvalue));
                sqlOperation.AddParameterWithValue("@TreatmentRecord_ID", Convert.ToInt32(id));
                sqlOperation.ExecuteNonQuery(sqlcommandtemp);
            }
        }

        else
        {
            string sqlcommand2 = "select id from user where name=@name";
            sqlOperation.AddParameterWithValue("name", Request.Form["assistoperator1"]);
            string userid = sqlOperation.ExecuteScalar(sqlcommand2);
            string insert = "insert into treatmentrecord(Treatment_ID,TreatTime,TreatedDays,TreatedTimes,Treat_User_ID,Check_User_ID,IlluminatedNumber,MachineNumbe,Assist_User_ID,Singlenumber,X_System,Y_System,Z_System) values(@treatid,@treattime,@TreatedDays,@TreatedTimes,@Treat_User_ID,1,@IlluminatedNumber,@MachineNumbe,@Assist_User_ID,@Singlenumber,@X_System,@Y_System,@Z_System)";
            sqlOperation.AddParameterWithValue("@Z_System", Request.Form["SIcount1"]);
            sqlOperation.AddParameterWithValue("@Y_System", Request.Form["APcount1"]);
            sqlOperation.AddParameterWithValue("@X_System", Request.Form["RLcount1"]);
            sqlOperation.AddParameterWithValue("@Singlenumber", Request.Form["Number5"]);
            sqlOperation.AddParameterWithValue("@Assist_User_ID", Convert.ToInt32(userid));
            sqlOperation.AddParameterWithValue("@Treat_User_ID", Convert.ToInt32(Request.Form["userID"]));
            sqlOperation.AddParameterWithValue("@IlluminatedNumber", Convert.ToInt32(Request.Form["Number3"]));
            sqlOperation.AddParameterWithValue("@MachineNumbe", Convert.ToInt32(Request.Form["Number4"]));
            sqlOperation.AddParameterWithValue("@TreatedDays", Convert.ToInt32(Request.Form["treateddays1"]));
            sqlOperation.AddParameterWithValue("@treattime", DateTime.Now);
            sqlOperation.AddParameterWithValue("@TreatedTimes", Convert.ToInt32(Request.Form["treatdatetime1"]));
            intSuccess = sqlOperation.ExecuteNonQuery(insert);
            string command     = "select max(id) from treatmentrecord where Treatment_ID=@treatid and TreatedDays=@TreatedDays";
            string treatrecord = sqlOperation.ExecuteScalar(command);
            string sqlcommand3 = "insert into igrt(Tool,Algorithm,IGRTRange,Operate_User_ID,OperateTime,TreatmentRecord_ID) values(@Tool,@Algorithm,@Range,@Operate_User_ID,@OperateTime,@id)";
            sqlOperation.AddParameterWithValue("@Tool", Request.Form["equip"]);
            sqlOperation.AddParameterWithValue("@Algorithm", Request.Form["peizhun"]);
            sqlOperation.AddParameterWithValue("@Range", Request.Form["range"]);
            sqlOperation.AddParameterWithValue("@Operate_User_ID", Convert.ToInt32(Request.Form["userID"]));
            sqlOperation.AddParameterWithValue("@OperateTime", DateTime.Now);
            sqlOperation.AddParameterWithValue("@id", Convert.ToInt32(treatrecord));
            int      success = sqlOperation.ExecuteNonQuery(sqlcommand3);
            string   x       = Request.Form["live"];
            string[] group   = x.Split(new Char[] { ',' });
            int      k       = 1;
            for (; k <= group.Length - 1; k++)
            {
                string temp           = group[k];
                string xvalue         = Request.Form["Number" + temp + "1"];
                string yvalue         = Request.Form["Number" + temp + "2"];
                string zvalue         = Request.Form["Number" + temp + "3"];
                string sqlcommandtemp = "insert into locaterecord(X,Y,Z,TreatmentRecord_ID) values(@X,@Y,@Z,@TreatmentRecord_ID)";
                sqlOperation.AddParameterWithValue("@X", Convert.ToDouble(xvalue));
                sqlOperation.AddParameterWithValue("@Y", Convert.ToDouble(yvalue));
                sqlOperation.AddParameterWithValue("@Z", Convert.ToDouble(zvalue));
                sqlOperation.AddParameterWithValue("@TreatmentRecord_ID", Convert.ToInt32(treatrecord));
                sqlOperation.ExecuteNonQuery(sqlcommandtemp);
            }
        }
        if (Request.Form["complete"] == "1")
        {
            string strSqlCommand3 = "UPDATE  treatment  SET Progress=16 where Treatment.ID=@tr";
            sqlOperation.AddParameterWithValue("@tr", treatid);
            int intSuccess3 = sqlOperation.ExecuteNonQuery(strSqlCommand3);
            if (intSuccess > 0 && intSuccess3 > 0)
            {
                return(true);
            }
            else
            {
                return(false);
            }
        }
        else
        {
            if (intSuccess > 0)
            {
                return(true);
            }
            else
            {
                return(false);
            }
        }
    }
Exemple #23
0
    /*将数据传入数据库*/
    private Boolean AddNews()
    {
        string enterprise    = Request.Form["enterprise"];
        string buildtime     = Request.Form["buildTime"];
        string usedname      = Request.Form["usedName"];
        string nowname       = Request.Form["nowName"];
        string changetime    = Request.Form["changeTime"];
        string usedname2     = Request.Form["usedName2"];
        string nowname2      = Request.Form["nowName2"];
        string changetime2   = Request.Form["changeTime2"];
        string usedname3     = Request.Form["usedName3"];
        string nowname3      = Request.Form["nowName3"];
        string changetime3   = Request.Form["changeTime3"];
        string remains       = Request.Form["remains"];
        string product       = Request.Form["product"];
        string strsqlCommand = "INSERT INTO history(enterprise,buildtime,usedname,nowname,changetime,usedname2,nowname2,changetime2,usedname3,nowname3,changetime3,remains,product,releasetime)" +
                               "VALUES(@enterprise,@buildtime,@usedname,@nowname,@changetime,@usedname2,@nowname2,@changetime2,@usedname3,@nowname3,@changetime3,remains,@product,@releasetime)";

        sqlOperation.AddParameterWithValue("@enterprise", enterprise);
        sqlOperation.AddParameterWithValue("@buildtime", buildtime);
        sqlOperation.AddParameterWithValue("@usedname", usedname);
        sqlOperation.AddParameterWithValue("@nowname", nowname);
        sqlOperation.AddParameterWithValue("@changetime", changetime);
        sqlOperation.AddParameterWithValue("@usedname2", usedname2);
        sqlOperation.AddParameterWithValue("@nowname2", nowname2);
        sqlOperation.AddParameterWithValue("@changetime2", changetime2);
        sqlOperation.AddParameterWithValue("@usedname3", usedname3);
        sqlOperation.AddParameterWithValue("@nowname3", nowname3);
        sqlOperation.AddParameterWithValue("@changetime3", changetime3);
        sqlOperation.AddParameterWithValue("@remains", remains);
        sqlOperation.AddParameterWithValue("@product", product);
        sqlOperation.AddParameterWithValue("@releasetime", DateTime.Now);
        int intSuccess = sqlOperation.ExecuteNonQuery(strsqlCommand);

        return((intSuccess > 0) ? true : false);
    }
    private bool RecordPatientInformation()
    {
        string savePath  = "";
        string savepath1 = "";

        if (FileUpload.HasFile)
        {
            savePath = Server.MapPath("~/upload/Patient");//指定上传文件在服务器上的保存路径
            //检查服务器上是否存在这个物理路径,如果不存在则创建
            if (!System.IO.Directory.Exists(savePath))
            {
                System.IO.Directory.CreateDirectory(savePath);
            }
            savePath  = savePath + "\\" + DateTime.Now.ToString("yyyyMMdd") + FileUpload.FileName;
            savepath1 = "../upload/Patient/" + DateTime.Now.ToString("yyyyMMdd") + FileUpload.FileName;
            FileUpload.SaveAs(savePath);
        }
        string maxnumber = "select Max(ID) from patient";
        string count     = sqlOperation.ExecuteScalar(maxnumber);
        int    max;

        if (count == "")
        {
            max = 1;
        }
        else
        {
            max = int.Parse(count) + 1;
        }
        string treatid       = DateTime.Now.Year.ToString() + Request.Form["SickPart"] + max;
        string strSqlCommand = "INSERT INTO patient(ID,IdentificationNumber,Hospital,RecordNumber,Picture,Name,Gender,Age,Birthday,Nation,Address,Contact1,Contact2,Height,Weight) VALUES("
                               + "@ID,@IdentificationNumber,@Hospital,@RecordNumber,@Picture,@Name,@Gender,@Age,@Birthday,@Nation,@Address,@Contact1,@Contact2,@Height,@Weight)";

        //各参数赋予实际值
        sqlOperation.AddParameterWithValue("@ID", max);
        sqlOperation.AddParameterWithValue("@IdentificationNumber", Request.Form["IDcardNumber"]);
        sqlOperation.AddParameterWithValue("@Hospital", Request.Form["Hospital"]);
        sqlOperation.AddParameterWithValue("@RecordNumber", Request.Form["RecordNumber"]);
        sqlOperation.AddParameterWithValue("@Picture", savepath1);
        sqlOperation.AddParameterWithValue("@Name", Request.Form["userName"]);
        sqlOperation.AddParameterWithValue("@Gender", Request.Form["sex"]);
        sqlOperation.AddParameterWithValue("@Birthday", Request.Form["Birthday"]);
        sqlOperation.AddParameterWithValue("@Age", Convert.ToInt32(DateTime.Now.Year.ToString()) - Convert.ToInt32(Request.Form["Birthday"].Substring(0, 4)));
        sqlOperation.AddParameterWithValue("@Nation", Request.Form["Nation"]);
        sqlOperation.AddParameterWithValue("@Address", Request.Form["Address"]);
        sqlOperation.AddParameterWithValue("@Contact1", Request.Form["Number1"]);
        sqlOperation.AddParameterWithValue("@Contact2", Request.Form["Number2"]);
        sqlOperation.AddParameterWithValue("@Height", Request.Form["height"]);
        sqlOperation.AddParameterWithValue("@Weight", Request.Form["weight"]);
        int intSuccess  = sqlOperation.ExecuteNonQuery(strSqlCommand);
        int intSuccess2 = 0;

        if (intSuccess > 0)
        {
            string treatinsert = "insert into treatment(ID,Patient_ID) values(@ID,@PID)";
            sqlOperation.AddParameterWithValue("@ID", treatid);
            sqlOperation.AddParameterWithValue("@PID", max);
            intSuccess2 = sqlOperation.ExecuteNonQuery(treatinsert);
        }
        if (intSuccess2 > 0)
        {
            return(true);
        }
        else
        {
            return(false);
        }
    }