private void InitData() { CheckUser(); string loginName = Session["userID"].ToString(); Users user = new Users(); user.LoadData(loginName); //LabelTree.Text = "ÄúºÃ:" + user.UserName + "<hr>"; string sql = "Select * from ReportTreeMenu Where [Duty] in ("; foreach (string duty in user.Duties) { sql += SQLString.GetQuotedString(duty) + ","; } sql += "'#')"; DataBase db = new DataBase(); DataTable dt = db.GetDataTable(sql); Tree2 tree = new Tree2("------------ Kypera Report Lists ------------"); LabelTree.Text += tree.CreateTree2(dt); }
private void InitData() { CheckUser(); string loginName = Session["userID"].ToString(); Users user = new Users(); user.LoadData(loginName); //LabelTree.Text = "ÄúºÃ:" + user.UserName + "<hr>"; string sql = "Select * from [TreeMenu] Where [Duty] in ("; foreach (string duty in user.Duties) { sql += SQLString.GetQuotedString(duty) + ","; } sql += "'#')"; sql += "order by nodeid asc "; DataBase db = new DataBase(); DataTable dt = db.GetDataTable(sql); Tree tree = new Tree("====== Menu ======"); LabelTree.Text += tree.CreateTree(dt); }
public void Delete(string ID) { string sql = "delete from [column] where columnID=" + SQLString.GetQuotedString(ID); Database db = new Database(); db.ExecuteSQL(sql); }
private void SendExp(int docID) { int i = 0; foreach (ListItem item in CheckBoxList1.Items) { if (item.Selected == true) { i++; } } if (i != 3) { Response.Write("<Script Language=JavaScript>alert(\"请选择三位专家评审!\")</Script>"); } else { string[] arr = new string[CheckBoxList1.Items.Count]; for (int j = 0; j < CheckBoxList1.Items.Count; j++) { if (CheckBoxList1.Items[j].Selected == true) { arr[i] = CheckBoxList1.Items[j].Value; Hashtable ht = new Hashtable(); ht.Add("expertID", SQLString.GetQuotedString(arr[i])); ht.Add("docID", SQLString.GetQuotedString(Convert.ToString(docID))); Assess ass = new Assess(); ass.AsignExp(ht); } } } }
protected void Bt_add_Click(object sender, EventArgs e) { if (Page.IsValid) { Editor ed = new Editor(); ed.LoadInfo(Request.Cookies["userID"].Value.ToString()); string column = ed.editorColumn; Hashtable ht = new Hashtable(); ht.Add("expertID", SQLString.GetQuotedString(txtID.Text)); ht.Add("expertPwd", SQLString.GetQuotedString(txtID.Text));//51(aspx) ht.Add("expertName", SQLString.GetQuotedString(txtName.Text)); ht.Add("expertColumn", SQLString.GetQuotedString(column)); Expert ep = new Expert(); if (ep.Add(ht)) { Response.Write("<script>alert('添加成功!');window.location=window.location;</script>"); } else { Response.Write("<script>alert('添加失败!');window.location=window.location;</script>"); } txtID.Text = ""; txtName.Text = ""; } }
public void Delete(string expertID) { string sql = "delete from expert where expertID=" + SQLString.GetQuotedString(expertID); Database db = new Database(); db.ExecuteSQL(sql); }
protected void Bt_send_Click(object sender, EventArgs e) { if (IsValid) { Hashtable ht = new Hashtable(); ht.Add("messageFrom", SQLString.GetQuotedString(Request.Cookies["userID"].Value.ToString())); //ht.Add("messageFrom", SQLString.GetQuotedString("abse10")); ht.Add("messageTo", SQLString.GetQuotedString(ddlColumn.SelectedValue)); ht.Add("messageTime", SQLString.GetQuotedString(DateTime.Now.ToString())); ht.Add("messageTitle", SQLString.GetQuotedString(txtTitle.Text)); ht.Add("messageContent", SQLString.GetQuotedString(txtContent.Text));//5_1_a_s_p_x ht.Add("messageState", SQLString.GetQuotedString("0")); Message msg = new Message(); if (msg.NewMesg(ht)) { Response.Write("<Script Language=JavaScript>alert(\"发送成功!\")</Script>"); } else { Response.Write("<Script Language=JavaScript>alert(\"发送失败!\")</Script>"); } txtContent.Text = ""; txtTitle.Text = ""; } }
protected void Bt_send_Click(object sender, EventArgs e) { if (IsValid) { Expert expert = new Expert(); expert.LoadInfo(Request.Cookies["userID"].Value.ToString()); string msgTo = expert.expertColumn; Hashtable ht = new Hashtable(); ht.Add("messageFrom", SQLString.GetQuotedString(Request.Cookies["userID"].Value.ToString())); ht.Add("messageTo", SQLString.GetQuotedString(msgTo)); ht.Add("messageTime", SQLString.GetQuotedString(DateTime.Now.ToString())); ht.Add("messageTitle", SQLString.GetQuotedString(txtTitle.Text)); ht.Add("messageContent", SQLString.GetQuotedString(txtContent.Text)); ht.Add("messageState", SQLString.GetQuotedString("0")); Message msg = new Message(); if (msg.NewMesg(ht)) { Response.Write("<Script Language=JavaScript>alert(\"发送成功!\")</Script>"); } else { Response.Write("<Script Language=JavaScript>alert(\"发送失败!\")</Script>"); } txtContent.Text = ""; txtTitle.Text = ""; } }
public void Delete(int docID) { string sql = "delete from assess where docID=" + SQLString.GetQuotedString(Convert.ToString(docID)); Database db = new Database(); db.ExecuteSQL(sql); }
protected void Bt_register_Click(object sender, EventArgs e) { if (Page.IsValid) { Hashtable ht = new Hashtable(); ht.Add("authorID", SQLString.GetQuotedString(txtID.Text)); ht.Add("authorPwd", SQLString.GetQuotedString(txtPwd.Text)); ht.Add("authorName", SQLString.GetQuotedString(txtName.Text)); ht.Add("authorSex", SQLString.GetQuotedString(rblSex.SelectedValue)); ht.Add("authorBirth", SQLString.GetQuotedString(txtBirth.Text)); ht.Add("authorRegion", SQLString.GetQuotedString(txtRegion.Text)); ht.Add("authorPost", SQLString.GetQuotedString(TxtPostcode.Text)); ht.Add("authorMail", SQLString.GetQuotedString(txtMail.Text)); ht.Add("authorDegree", SQLString.GetQuotedString(dddlDegree.SelectedValue)); ht.Add("authorMajor", SQLString.GetQuotedString(txtMajor.Text)); ht.Add("authorTitle", SQLString.GetQuotedString(txtTitle.Text)); ht.Add("authorJob", SQLString.GetQuotedString(txtJob.Text)); ht.Add("authorCompany", SQLString.GetQuotedString(txtCompany.Text)); ht.Add("authorPhone", SQLString.GetQuotedString(txtPhone.Text)); ht.Add("authorAddress", SQLString.GetQuotedString(txtAddress.Text)); ht.Add("authorInfo", SQLString.GetQuotedString(txtInfo.Text)); Author author = new Author(); if (author.Add(ht)) { Response.Write("<script>alert('注册成功!');window.location='login.aspx';</script>"); } else { Response.Write("<Script Language=JavaScript>alert(\"注册失败!\")</Script>"); } } }
public void Delete_msg(int messageID) //删除消息 { string sql = "delete from message where messageID=" + SQLString.GetQuotedString(Convert.ToString(messageID)); Database db = new Database(); db.ExecuteSQL(sql); }
protected void Bt_ok_Click(object sender, EventArgs e) { string where = " where docID=" + SQLString.GetQuotedString(Request.QueryString["docID"]); string state = ddlState.SelectedValue; Hashtable ht = new Hashtable(); ht.Add("docState", SQLString.GetQuotedString(state)); ht.Add("docReason", SQLString.GetQuotedString(txtdocReason.Text)); Doc dc = new Doc(); if (dc.Update(ht, where)) { Hashtable board = new Hashtable(); board.Add("docID", SQLString.GetQuotedString(Request.QueryString["docID"])); board.Add("boardState", SQLString.GetQuotedString("未缴费")); Board bd = new Board(); bd.Add(board); Response.Write("<script>alert('审核完毕!');window.location='doclist.aspx';</script>"); } else { Response.Write("<script>alert('审核失败!');window.location='doclist.aspx';</script>"); } }
public string Get_msgCount(string user) //计算未读消息条数 { string sql = "select count(*) from message where messageState=" + SQLString.GetQuotedString("0") + "and messageTo=" + SQLString.GetQuotedString(user); Database db = new Database(); return(db.GetScalar(sql)); }
protected void Bt_update_Click(object sender, EventArgs e) { string userID = Request.Cookies["userID"].Value.ToString(); string where = " where authorID=" + SQLString.GetQuotedString(userID); Hashtable ht = new Hashtable(); ht.Add("authorName", SQLString.GetQuotedString(txtName.Text)); ht.Add("authorSex", SQLString.GetQuotedString(rblSex.SelectedValue)); ht.Add("authorBirth", SQLString.GetQuotedString(txtBirth.Text)); ht.Add("authorRegion", SQLString.GetQuotedString(txtRegion.Text)); ht.Add("authorMail", SQLString.GetQuotedString(txtMail.Text)); ht.Add("authorPost", SQLString.GetQuotedString(TxtPostcode.Text)); ht.Add("authorDegree", SQLString.GetQuotedString(ddlDegree.SelectedValue)); ht.Add("authorMajor", SQLString.GetQuotedString(txtMajor.Text)); ht.Add("authorTitle", SQLString.GetQuotedString(txtTitle.Text)); ht.Add("authorJob", SQLString.GetQuotedString(txtJob.Text)); ht.Add("authorCompany", SQLString.GetQuotedString(txtCompany.Text)); ht.Add("authorPhone", SQLString.GetQuotedString(txtPhone.Text)); ht.Add("authorAddress", SQLString.GetQuotedString(txtAddress.Text)); ht.Add("authorInfo", SQLString.GetQuotedString(txtInfo.Text)); Author author = new Author(); if (author.Update(ht, where)) { Response.Write("<Script Language=JavaScript>alert(\"修改成功!\")</Script>"); } }
public void Update_state(int messageID) //打开消息后改变状态 { string sql = "update message set messageState=" + SQLString.GetQuotedString("1") + "where messageID=" + SQLString.GetQuotedString(Convert.ToString(messageID)); Database db = new Database(); db.ExecuteSQL(sql); }
public void LoadInfo(string authorID) { string sql = "select * from author where authorID=" + SQLString.GetQuotedString(authorID); Database db = new Database(); DataRow dr = db.GetDataRow(sql); if (dr != null) { this._authorID = GetSafeData.ValidateDataRow_S(dr, "authorID"); this._authorPwd = GetSafeData.ValidateDataRow_S(dr, "authorPwd"); this._authorName = GetSafeData.ValidateDataRow_S(dr, "authorName"); this._authorSex = GetSafeData.ValidateDataRow_S(dr, "authorSex"); this._authorBirth = GetSafeData.ValidateDataRow_S(dr, "authorBirth"); this._authorRegion = GetSafeData.ValidateDataRow_S(dr, "authorRegion"); this._authorPost = GetSafeData.ValidateDataRow_S(dr, "authorPost"); this._authorMail = GetSafeData.ValidateDataRow_S(dr, "authorMail"); this._authorDegree = GetSafeData.ValidateDataRow_S(dr, "authorDegree"); this._authorMajor = GetSafeData.ValidateDataRow_S(dr, "authorMajor"); this._authorTitle = GetSafeData.ValidateDataRow_S(dr, "authorTitle"); this._authorJob = GetSafeData.ValidateDataRow_S(dr, "authorJob"); this._authorCompany = GetSafeData.ValidateDataRow_S(dr, "authorCompany"); this._authorPhone = GetSafeData.ValidateDataRow_S(dr, "authorPhone"); this._authorAddress = GetSafeData.ValidateDataRow_S(dr, "authorAddress"); this._authorInfo = GetSafeData.ValidateDataRow_S(dr, "authorInfo"); this._exist = true; } else { this._exist = false; } }
public void Update_attach(int docID, string state) //上传返修稿件后更改状态 { string sql = "update document set docState=" + SQLString.GetQuotedString(state) + "where docID=" + SQLString.GetQuotedString(Convert.ToString(docID)); Database db = new Database(); db.ExecuteSQL(sql); }
protected void Bt_Update_Click(object sender, EventArgs e) { if (Page.IsValid) { Admin admin = new Admin(); admin.LoadInfo(Request.Cookies["userID"].Value.ToString()); if (txtPwdold.Text == admin.adminPwd) { string xwhere = "where adminID=" + SQLString.GetQuotedString(Request.Cookies["userID"].Value.ToString()); Hashtable ht = new Hashtable(); ht.Add("adminPwd", SQLString.GetQuotedString(txtPwdnew.Text)); if (admin.Update(ht, xwhere)) { Response.Write("<Script Language=JavaScript>alert(\"密码修改成功!\")</Script>"); } else { Response.Write("<Script Language=JavaScript>alert(\"密码修改失败!\")</Script>"); } } else { Response.Write("<Script Language=JavaScript>alert(\"旧密码错误!\")</Script>"); } } }
public DataRow GetRow(int docID) { string sql = "select * from attach where docID=" + SQLString.GetQuotedString(Convert.ToString(docID)); Database db = new Database(); DataRow dr = db.GetDataRow(sql); return(dr); }
public DataRow viewassess(string expert, int docID) //查看专家审稿意见 { string sql = "select assessment from assess where docID=" + SQLString.GetQuotedString(Convert.ToString(docID)) + "and expertID=" + SQLString.GetQuotedString(expert); Database db = new Database(); DataRow dr = db.GetDataRow(sql); return(dr); }
public DataSet LoadMsg(string user) //加载消息 { string sql = "select * from message where messageTo=" + SQLString.GetQuotedString(user) + "order by messageState asc,messageTime desc"; Database db = new Database(); DataSet ds = db.GetDataSet(sql); return(ds); }
protected void Bt_upload_Click(object sender, EventArgs e) { if (FileUpload1.HasFile) { string oldname = FileUpload1.FileName; string type = FileUpload1.FileName.Substring(FileUpload1.FileName.LastIndexOf(".") + 1); //获取上传文件的后缀 string filename = DateTime.Now.Year.ToString() + DateTime.Now.Month.ToString() + DateTime.Now.Day.ToString() + DateTime.Now.Hour.ToString() + DateTime.Now.Minute.ToString() + DateTime.Now.Second.ToString() + DateTime.Now.Millisecond.ToString() + "." + type; if (type == "doc") { if (FileUpload1.FileName != "") { //更改上传文件名 String path = Server.MapPath("~/upfiles/" + filename); FileUpload1.PostedFile.SaveAs(path); } string author = Request.Cookies["userID"].Value.ToString(); string state = "0"; Hashtable docHt = new Hashtable(); docHt.Add("docTime", SQLString.GetQuotedString(DateTime.Now.ToString())); docHt.Add("docTitle", SQLString.GetQuotedString(Session["docTitle"].ToString())); docHt.Add("docTitleEn", SQLString.GetQuotedString(Session["docTitleEn"].ToString())); docHt.Add("docAbstract", SQLString.GetQuotedString(Session["docAbstract"].ToString())); docHt.Add("docAbstractEn", SQLString.GetQuotedString(Session["docAbstractEn"].ToString())); docHt.Add("docKeywords", SQLString.GetQuotedString(Session["docKeywords"].ToString())); docHt.Add("docKeywordsEn", SQLString.GetQuotedString(Session["docKeywordsEn"].ToString())); docHt.Add("docLetters", SQLString.GetQuotedString(Session["docLetters"].ToString())); docHt.Add("docAuthor", SQLString.GetQuotedString(Session["docAuthor"].ToString())); docHt.Add("docColumnID", SQLString.GetQuotedString(Session["docColumnID"].ToString())); docHt.Add("authorID", SQLString.GetQuotedString(author)); docHt.Add("docState", SQLString.GetQuotedString(state)); Doc dc = new Doc(); dc.Add(docHt); int docID = dc.GetID(author); Hashtable ht = new Hashtable(); ht.Add("attachFilename", SQLString.GetQuotedString(oldname)); ht.Add("attachName", SQLString.GetQuotedString(filename)); ht.Add("docID", SQLString.GetQuotedString(Convert.ToString(docID))); Attach attach = new Attach(); attach.Add(ht); Response.Write("<script language='javascript'>alert('投稿成功,谢谢您对本刊的支持!')</script>"); Response.Write("<script>window.location='contribution1.aspx';</script>"); } else { Response.Write("<script language='javascript'>alert('对不起,目前只接受.doc格式文档,请重新上传!')</script>"); } } }
public bool Update_Column(string editor, string column) { string sql = "update editor set editorColumn=" + SQLString.GetQuotedString(column) + "where editorID=" + SQLString.GetQuotedString(editor); Database db = new Database(); if (db.ExecuteSQL(sql) > 0) { return(true); } return(false); }
public bool Delete(string ID) { string sql = "delete from [author] where authorID=" + SQLString.GetQuotedString(ID); Database db = new Database(); if (db.ExecuteSQL(sql) > 0) { return(true); } return(false); }
public bool Update_board(int ID, string rank, string money, string state) //更新稿件版面信息 { string sql = "update board set boardRank=" + SQLString.GetQuotedString(rank) + ",boardMoney=" + SQLString.GetQuotedString(money) + ",boardState=" + SQLString.GetQuotedString(state) + "where docID=" + SQLString.GetQuotedString(Convert.ToString(ID)); Database db = new Database(); if (db.ExecuteSQL(sql) > 0) { return(true); } return(false); }
public void LoadInfo(string adminID) { string sql = "select * from admin where adminID=" + SQLString.GetQuotedString(adminID); Database db = new Database(); DataRow dr = db.GetDataRow(sql); if (dr != null) { this._adminID = GetSafeData.ValidateDataRow_S(dr, "adminID"); this._adminPwd = GetSafeData.ValidateDataRow_S(dr, "adminPwd"); } }
public bool CheckUser(string authorID) { string sql = "select * from author where authorID=" + SQLString.GetQuotedString(authorID); Database db = new Database(); DataRow dr = db.GetDataRow(sql); if (dr != null) { return(false); } return(true); }
public bool Del(string expert) { string sql = "delete from expert where expertID=" + SQLString.GetQuotedString(expert); Database db = new Database(); if (db.ExecuteSQL(sql) > 0) { return(true); } else { return(false); } }
public bool Delete(string editor) { string sql = "delete from editor where editorID=" + SQLString.GetQuotedString(editor); Database db = new Database(); if (db.ExecuteSQL(sql) > 0) { return(true); } else { return(false); } }
public int GetID(string authorID) //获取最后投稿的稿件编号 { int ID; string sql = "select docID from document where authorID=" + SQLString.GetQuotedString(authorID) + "order by docTime desc"; Database db = new Database(); SqlDataReader sdr = db.GetDataReader(sql); if (sdr.Read()) { ID = sdr.GetInt32(0); return(ID); } return(-1); }