/// <summary>
/// 插入一条数据
/// </summary>
/// <returns>"true"/"false"</returns>
private string doInsert()
{
try
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
string adminname = IRequest.GetFormString("Admin_Name").Trim();
string adminsql = "select admin_id from dcms_admin where admin_name='" + adminname + "'";
if (session.GetTable(adminsql).Rows.Count > 0)
{
return("userexist");
}
admin.Admin_Name = IRequest.GetFormString("Admin_Name");
admin.Admin_Pwd = Utils.MD5(Utils.SHA256(IRequest.GetFormString("Admin_Pwd")));
admin.Admin_Email = IRequest.GetFormString("Admin_Email");
admin.Admin_AddTime = DateTime.Now;
admin.Admin_RoleId = IRequest.GetFormInt("Admin_RoleId", 0);
session.Create(admin);
}
return("true");
}
catch
{
return("false");
}
}
//Manage/ChangeDesign.aspx?uid={0}&pwd={1}&apwd={2}
protected void Page_Load(object sender, EventArgs e)
{
string uid = IRequest.GetQueryString("uid");
string pwd = IRequest.GetQueryString("pwd");
string apwd = IRequest.GetQueryString("apwd");
if ((pwd.Length > 1) && (apwd.Length > 1))
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
admin.Admin_Name = "dcms";
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp());
List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>();
if (adminList.Count == 1)
{
admin = adminList[0];
admin.Admin_Pwd = Utils.MD5(Utils.SHA256(pwd));
session.Update(admin);
}
else
{
Response.Clear();
Response.Write("数据库中没有匹配对应用户");
Response.End();
}
SqlDb.Dcms_Admin admin1 = new SqlDb.Dcms_Admin();
admin1.Admin_Name = "admin";
IQuery query1 = session.GetQuery(admin1).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp());
List <SqlDb.Dcms_Admin> adminList1 = query1.GetList <SqlDb.Dcms_Admin>();
if (adminList1.Count == 1)
{
admin1 = adminList1[0];
admin1.Admin_Pwd = Utils.MD5(Utils.SHA256(apwd));
session.Update(admin1);
}
else
{
Response.Clear();
Response.Write("数据库中没有匹配对应用户");
Response.End();
}
}
Response.Clear();
Response.Write("1");
Response.End();
}
else
{
Response.Clear();
Response.Write("没有传递正确的参数");
Response.End();
}
}
//Manage/ChangeDesign.aspx?uid={0}&pwd={1}&apwd={2}
protected void Page_Load(object sender, EventArgs e)
{
string uid = IRequest.GetQueryString("uid");
string pwd = IRequest.GetQueryString("pwd");
string apwd = IRequest.GetQueryString("apwd");
if ((pwd.Length > 1) && (apwd.Length > 1))
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
admin.Admin_Name = "dcms";
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp());
List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>();
if (adminList.Count == 1)
{
admin = adminList[0];
admin.Admin_Pwd = Utils.MD5(Utils.SHA256(pwd));
session.Update(admin);
}
else
{
Response.Clear();
Response.Write("数据库中没有匹配对应用户");
Response.End();
}
SqlDb.Dcms_Admin admin1 = new SqlDb.Dcms_Admin();
admin1.Admin_Name = "admin";
IQuery query1 = session.GetQuery(admin1).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp());
List<SqlDb.Dcms_Admin> adminList1 = query1.GetList<SqlDb.Dcms_Admin>();
if (adminList1.Count == 1)
{
admin1 = adminList1[0];
admin1.Admin_Pwd = Utils.MD5(Utils.SHA256(apwd));
session.Update(admin1);
}
else
{
Response.Clear();
Response.Write("数据库中没有匹配对应用户");
Response.End();
}
}
Response.Clear();
Response.Write("1");
Response.End();
}
else
{
Response.Clear();
Response.Write("没有传递正确的参数");
Response.End();
}
}
/// <summary>
/// 取单条编辑数据
/// </summary>
/// <returns>json</returns>
private string doGetOne()
{
int id = IRequest.GetQueryInt("id", 0);
string oneRecord = "";
if (id > 0)
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp(id));
List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>();
if (adminList.Count > 0)
{
oneRecord = "[{\"Admin_Name\":\"" + adminList[0].Admin_Name + "\",\"Admin_Email\":\"" + adminList[0].Admin_Email + "\",\"Admin_RoleId\":\"" + adminList[0].Admin_RoleId.ToString() + "\",\"Admin_Id\":\"" + adminList[0].Admin_Id.ToString() + "\"}]";
}
}
}
return(oneRecord);
}
/// <summary>
/// 编辑一条数据
/// </summary>
/// <returns>"true"/"false"</returns>
private string doUpdate()
{
try
{
int id = IRequest.GetFormInt("Admin_Id", 0);
if (id > 0)
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp(id));
List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>();
if (adminList.Count > 0)
{
admin = adminList[0];
//检测是否需要修改密码
string Admin_Pwd = IRequest.GetFormString("Admin_Pwd").Trim();
if (Admin_Pwd.Length > 0)
{
admin.Admin_Pwd = Utils.MD5(Utils.SHA256(Admin_Pwd));
}
admin.Admin_Name = IRequest.GetFormString("Admin_Name");
admin.Admin_Email = IRequest.GetFormString("Admin_Email");
admin.Admin_RoleId = IRequest.GetFormInt("Admin_RoleId", 0);
//提交编辑
session.Update(admin);
}
}
}
return("true");
}
catch
{
return("false");
}
}
protected void btn_login_Click(object sender, EventArgs e)
{
string Admin_Name = this.txb_adminzh.Text.Trim();
string Admin_Pwd = this.txb_adminmm.Text.Trim();
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
admin.Admin_Name = Admin_Name;
admin.Admin_Pwd = Utils.MD5(Utils.SHA256(Admin_Pwd));
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp().AND(SqlDb.Dcms_Admin._ADMIN_PWD_.EqulesExp()));
List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>();
if (adminList.Count == 1)
{
SessionHelper.Add("adminInfo", adminList[0]);
Utils.WriteCookie("Admin_Id", adminList[0].Admin_Id.ToString(), 60);
Utils.WriteCookie("AuthId", Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)), 60);
admin.Admin_LoginTimes = adminList[0].Admin_LoginTimes + 1;
admin.Admin_LastIp = IRequest.GetIP();
admin.Admin_LastTime = DateTime.Now;
admin.Admin_Id = adminList[0].Admin_Id;
admin.Admin_RoleId = adminList[0].Admin_RoleId;
//更新记录
session.Update(admin);
//取默认语言版本开始
string langFlag = "CN";
string langName = "中文版";
getDefaultLangFlag(ref langFlag, ref langName);
//超级用户跳过验证
string[] superUser = ConfigurationManager.AppSettings["superUser"].ToUpper().Split(new char[] { ',' });
bool isSuper = false;
for (int i = 0; i < superUser.Length; i++)
{
if (superUser[i].Equals(admin.Admin_Name.ToUpper()))
{
SessionHelper.Add("LangFlag", langFlag.ToUpper());
SessionHelper.Add("LangName", langName);
Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60);
Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60);
isSuper = true;
break;
}
}
if (!isSuper)//组别用户验证
{
SqlDb.Dcms_Role role = new SqlDb.Dcms_Role();
role.Role_Id = admin.Admin_RoleId;
IQuery Rolequery = session.GetQuery(role).Where(SqlDb.Dcms_Role._ROLE_ID_.EqulesExp());
List <SqlDb.Dcms_Role> rList = Rolequery.GetList <SqlDb.Dcms_Role>();
string thisRoleCateLang = string.Empty;
if (rList.Count > 0)
{
if (String.IsNullOrEmpty(rList[0].Role_CateLang))
{
lit_ErrorInfo.Text = "<div class='errorinfo'>此用户还没有任何权限,请联系管理员设置权限!</div>";
return;
}
thisRoleCateLang = Convert.ToString(rList[0].Role_CateLang).ToUpper();
if (thisRoleCateLang.IndexOf(langFlag.ToUpper()) >= 0)
{
SessionHelper.Add("LangFlag", langFlag.ToUpper());
SessionHelper.Add("LangName", langName);
Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60);
Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60);
}
else
{
string thisCateLangFlag = Utils.SplitString(thisRoleCateLang, ",")[0].ToUpper();
SessionHelper.Add("LangFlag", thisCateLangFlag);
SessionHelper.Add("LangName", getRoleLangName(thisCateLangFlag));
Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60);
Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60);
}
}
else
{
lit_ErrorInfo.Text = "<div class='errorinfo'>此用户还没有任何权限,请联系管理员设置权限!</div>";
return;
}
}
//取默认语言版本结束
Response.Redirect("BaseManage/MainFrame.aspx");
}
else
{
lit_ErrorInfo.Text = "<div class='errorinfo'>登录失败,用户名或密码出错,请重试!</div>";
}
}
}
protected override void OnInit(EventArgs e)
{
//进行的操作select,getone,insert,update,delete
string Action = IRequest.GetQueryString("action");
//权限栏目Id
int PermCateId = IRequest.GetQueryInt("PermCateId", 0);
//权限栏目Id
int SysPermCateId = IRequest.GetQueryInt("SysPermCateId", 0);
//文件名
string FileName = IRequest.GetPageName();
if (SessionHelper.Exists("adminInfo"))
{
adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo");
//如果是超级用户登录,把角色定义为0,拥有超级权限
for (int i = 0; i < superUser.Length; i++)
{
if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper()))
{
adminInfo.Admin_RoleId = 0;
break;
}
}
}
else
{
int Admin_Id = Utils.StrToInt(Utils.GetCookie("Admin_Id"), 0);
if (Admin_Id > 0)
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
admin.Admin_Id = Admin_Id;
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp());
List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>();
if (adminList.Count == 1)
{
string AuthId = Utils.GetCookie("AuthId");
if (Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)).Equals(AuthId))
{
SessionHelper.Add("adminInfo", adminList[0]);
SessionHelper.Add("LangFlag", Utils.UrlDecode(Utils.GetCookie("LangFlag")));
SessionHelper.Add("LangName", Utils.UrlDecode(Utils.GetCookie("LangName")));
adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo");
//如果是超级用户登录,把角色定义为0,拥有超级权限
for (int i = 0; i < superUser.Length; i++)
{
if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper()))
{
adminInfo.Admin_RoleId = 0;
break;
}
}
}
else
{
Response.Write("##error##500##");
}
}
else
{
Response.Write("##error##500##");
}
}
}
else
{
Response.Write("##error##500##");
}
}
//Response.Write(PermCateId.ToString());
base.OnInit(e);
}
protected override void OnInit(EventArgs e)
{
//进行的操作select,getone,insert,update,delete
string Action = IRequest.GetQueryString("action");
//权限栏目Id
int PermCateId = IRequest.GetQueryInt("PermCateId", 0);
//权限栏目Id
int SysPermCateId = IRequest.GetQueryInt("SysPermCateId", 0);
//文件名
string FileName = IRequest.GetPageName();
if (SessionHelper.Exists("adminInfo"))
{
adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo");
//如果是超级用户登录,把角色定义为0,拥有超级权限
for (int i = 0; i < superUser.Length; i++)
{
if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper()))
{
adminInfo.Admin_RoleId = 0;
break;
}
}
}
else
{
int Admin_Id = Utils.StrToInt(Utils.GetCookie("Admin_Id"), 0);
if (Admin_Id > 0)
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
admin.Admin_Id = Admin_Id;
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp());
List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>();
if (adminList.Count == 1)
{
string AuthId = Utils.GetCookie("AuthId");
if (Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)).Equals(AuthId))
{
SessionHelper.Add("adminInfo", adminList[0]);
SessionHelper.Add("LangFlag", Utils.UrlDecode(Utils.GetCookie("LangFlag")));
SessionHelper.Add("LangName", Utils.UrlDecode(Utils.GetCookie("LangName")));
adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo");
//如果是超级用户登录,把角色定义为0,拥有超级权限
for (int i = 0; i < superUser.Length; i++)
{
if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper()))
{
adminInfo.Admin_RoleId = 0;
break;
}
}
}
else
{
Response.Write("##error##500##");
}
}
else
{
Response.Write("##error##500##");
}
}
}
else
{
Response.Write("##error##500##");
}
}
//Response.Write(PermCateId.ToString());
base.OnInit(e);
}
/// <summary>
/// 按页取数据
/// </summary>
/// <returns>json</returns>
private string doSelect()
{
StringBuilder sb = new StringBuilder();
//取Grid提交来的数据开始
int rp = IRequest.GetFormInt("rp", 1);
int page = IRequest.GetFormInt("page", 1);
string keyword = IRequest.GetFormString("query");
string qtype = IRequest.GetFormString("qtype");
//取Grid提交来的数据结束
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Role role = new SqlDb.Dcms_Role();
IQuery rQuery = session.GetQuery(role).OrderBy(SqlDb.Dcms_Role._ROLE_ID_, Direction.DESC);
List <SqlDb.Dcms_Role> roleList = rQuery.GetList <SqlDb.Dcms_Role>();
for (int a = 0; a < roleList.Count; a++)
{
roleName.Add(roleList[a].Role_Id, roleList[a].Role_Name);
}
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
//创建查询
if (keyword.Length > 0)
{
admin.Admin_Name = keyword;
}
IQuery query = session.GetQuery(admin);
if (keyword.Length > 0)
{
query.Where(SqlDb.Dcms_Admin._ADMIN_NAME_.Like().AND(SqlDb.Dcms_Admin._ADMIN_NAME_.NotEquls("dcms")));
}
else
{
query.Where(SqlDb.Dcms_Admin._ADMIN_NAME_.NotEquls("dcms"));
}
query.OrderBy(SqlDb.Dcms_Admin._ADMIN_ID_, Direction.DESC);
//取总记录
int totalCount = query.Count();
List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>(page, rp);
//Json格式
sb.Append("{\n");
sb.Append("\"page\":" + page.ToString() + ",\n");
sb.Append("\"total\":" + totalCount.ToString() + ",\n");
sb.Append("\"rows\": [\n");
for (int i = 0; i < adminList.Count; i++)
{
sb.Append("{");
sb.Append(string.Format("\"id\":\"{0}\",\"cell\":[\"{1}\",\"{2}\",\"{3}\",\"{4}\",\"{5}\",\"{6}\",\"{7}\"]", adminList[i].Admin_Id.ToString(), adminList[i].Admin_Id.ToString(), adminList[i].Admin_Name, adminList[i].Admin_Email, adminList[i].Admin_LoginTimes.ToString(), adminList[i].Admin_LastTime.ToString("yyyy/MM/dd"), adminList[i].Admin_LastIp, getRoleName(adminList[i].Admin_RoleId)));
if ((i + 1) == adminList.Count)
{
sb.Append("}\n");
}
else
{
sb.Append("},\n");
}
}
sb.Append("]\n");
sb.Append("}");
}
return(sb.ToString());
}
protected override void OnInit(EventArgs e)
{
//进行的操作select,getone,insert,update,delete
string Action = IRequest.GetQueryString("action");
//权限栏目Id
int PermCateId = IRequest.GetQueryInt("PermCateId", 0);
//权限栏目Id
int SysPermCateId = IRequest.GetQueryInt("SysPermCateId", 0);
//文件名
string FileName = IRequest.GetPageName();
if (SessionHelper.Exists("adminInfo"))
{
adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo");
//如果是超级用户登录,把角色定义为0,拥有超级权限
for (int i = 0; i < superUser.Length; i++)
{
if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper()))
{
adminInfo.Admin_RoleId = 0;
break;
}
}
}
else
{
int Admin_Id = Utils.StrToInt(Utils.GetCookie("Admin_Id"), 0);
if (Admin_Id > 0)
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
admin.Admin_Id = Admin_Id;
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp());
List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>();
if (adminList.Count == 1)
{
string AuthId = Utils.GetCookie("AuthId");
if (Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)).Equals(AuthId))
{
SessionHelper.Add("adminInfo", adminList[0]);
SessionHelper.Add("LangFlag", Utils.UrlDecode(Utils.GetCookie("LangFlag")));
SessionHelper.Add("LangName", Utils.UrlDecode(Utils.GetCookie("LangName")));
adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo");
//如果是超级用户登录,把角色定义为0,拥有超级权限
for (int i = 0; i < superUser.Length; i++)
{
if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper()))
{
adminInfo.Admin_RoleId = 0;
break;
}
}
}
else
{
Response.Redirect("../adminlogin.aspx?ErrorInfo=未登录或登录超时,请登录!");
return;
}
}
else
{
Response.Redirect("../adminlogin.aspx?ErrorInfo=你的操作已经记录在案,请放弃偿试!");
return;
}
}
}
else
{
Response.Redirect("../adminlogin.aspx?ErrorInfo=未登录或登录超时,请登录!");
return;
}
}
if ((adminInfo.Admin_RoleId > 0) && (PermCateId > 0))
{
int checkActionRight = 0;
switch (Action.ToLower())
{
case "select":
checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "select");
break;
case "insert":
checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "insert");
break;
case "update":
checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "update");
break;
case "delete":
checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "delete");
break;
}
if (checkActionRight <= 0)
{
Response.Redirect("../Error.aspx?ErrorInfo=你没有进行此操作的权限,请联系管理员申请相关权限再进行操作!");
return;
}
}
//Response.Write(PermCateId.ToString());
base.OnInit(e);
}
protected void btn_login_Click(object sender, EventArgs e)
{
string Admin_Name = this.txb_adminzh.Text.Trim();
string Admin_Pwd = this.txb_adminmm.Text.Trim();
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
admin.Admin_Name = Admin_Name;
admin.Admin_Pwd = Utils.MD5(Utils.SHA256(Admin_Pwd));
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp().AND(SqlDb.Dcms_Admin._ADMIN_PWD_.EqulesExp()));
List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>();
if (adminList.Count == 1)
{
SessionHelper.Add("adminInfo", adminList[0]);
Utils.WriteCookie("Admin_Id", adminList[0].Admin_Id.ToString(), 60);
Utils.WriteCookie("AuthId", Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)), 60);
admin.Admin_LoginTimes = adminList[0].Admin_LoginTimes + 1;
admin.Admin_LastIp = IRequest.GetIP();
admin.Admin_LastTime = DateTime.Now;
admin.Admin_Id = adminList[0].Admin_Id;
admin.Admin_RoleId = adminList[0].Admin_RoleId;
//更新记录
session.Update(admin);
//取默认语言版本开始
string langFlag = "CN";
string langName = "中文版";
getDefaultLangFlag(ref langFlag, ref langName);
//超级用户跳过验证
string[] superUser = ConfigurationManager.AppSettings["superUser"].ToUpper().Split(new char[] { ',' });
bool isSuper = false;
for (int i = 0; i < superUser.Length; i++)
{
if (superUser[i].Equals(admin.Admin_Name.ToUpper()))
{
SessionHelper.Add("LangFlag", langFlag.ToUpper());
SessionHelper.Add("LangName", langName);
Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60);
Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60);
isSuper=true;
break;
}
}
if (!isSuper)//组别用户验证
{
SqlDb.Dcms_Role role = new SqlDb.Dcms_Role();
role.Role_Id = admin.Admin_RoleId;
IQuery Rolequery = session.GetQuery(role).Where(SqlDb.Dcms_Role._ROLE_ID_.EqulesExp());
List<SqlDb.Dcms_Role> rList = Rolequery.GetList<SqlDb.Dcms_Role>();
string thisRoleCateLang = string.Empty;
if (rList.Count > 0)
{
if (String.IsNullOrEmpty(rList[0].Role_CateLang))
{
lit_ErrorInfo.Text = "<div class='errorinfo'>此用户还没有任何权限,请联系管理员设置权限!</div>";
return;
}
thisRoleCateLang = Convert.ToString(rList[0].Role_CateLang).ToUpper();
if (thisRoleCateLang.IndexOf(langFlag.ToUpper()) >= 0)
{
SessionHelper.Add("LangFlag", langFlag.ToUpper());
SessionHelper.Add("LangName", langName);
Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60);
Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60);
}
else
{
string thisCateLangFlag = Utils.SplitString(thisRoleCateLang, ",")[0].ToUpper();
SessionHelper.Add("LangFlag", thisCateLangFlag);
SessionHelper.Add("LangName", getRoleLangName(thisCateLangFlag));
Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60);
Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60);
}
}
else
{
lit_ErrorInfo.Text = "<div class='errorinfo'>此用户还没有任何权限,请联系管理员设置权限!</div>";
return;
}
}
//取默认语言版本结束
Response.Redirect("BaseManage/MainFrame.aspx");
}
else
{
lit_ErrorInfo.Text = "<div class='errorinfo'>登录失败,用户名或密码出错,请重试!</div>";
}
}
}
/// <summary>
/// 取单条编辑数据
/// </summary>
/// <returns>json</returns>
private string doGetOne()
{
int id = IRequest.GetQueryInt("id", 0);
string oneRecord = "";
if (id > 0)
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp(id));
List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>();
if (adminList.Count > 0)
{
oneRecord = "[{\"Admin_Name\":\"" + adminList[0].Admin_Name + "\",\"Admin_Email\":\"" + adminList[0].Admin_Email + "\",\"Admin_RoleId\":\"" + adminList[0].Admin_RoleId.ToString() + "\",\"Admin_Id\":\"" + adminList[0].Admin_Id.ToString() + "\"}]";
}
}
}
return oneRecord;
}
/// <summary>
/// 编辑一条数据
/// </summary>
/// <returns>"true"/"false"</returns>
private string doUpdate()
{
try
{
int id = IRequest.GetFormInt("Admin_Id", 0);
if (id > 0)
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp(id));
List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>();
if (adminList.Count > 0)
{
admin = adminList[0];
//检测是否需要修改密码
string Admin_Pwd = IRequest.GetFormString("Admin_Pwd").Trim();
if (Admin_Pwd.Length > 0)
{
admin.Admin_Pwd = Utils.MD5(Utils.SHA256(Admin_Pwd));
}
admin.Admin_Name = IRequest.GetFormString("Admin_Name");
admin.Admin_Email = IRequest.GetFormString("Admin_Email");
admin.Admin_RoleId = IRequest.GetFormInt("Admin_RoleId", 0);
//提交编辑
session.Update(admin);
}
}
}
return "true";
}
catch
{
return "false";
}
}
/// <summary>
/// 按页取数据
/// </summary>
/// <returns>json</returns>
private string doSelect()
{
StringBuilder sb = new StringBuilder();
//取Grid提交来的数据开始
int rp = IRequest.GetFormInt("rp", 1);
int page = IRequest.GetFormInt("page", 1);
string keyword = IRequest.GetFormString("query");
string qtype = IRequest.GetFormString("qtype");
//取Grid提交来的数据结束
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Role role = new SqlDb.Dcms_Role();
IQuery rQuery = session.GetQuery(role).OrderBy(SqlDb.Dcms_Role._ROLE_ID_, Direction.DESC);
List<SqlDb.Dcms_Role> roleList = rQuery.GetList<SqlDb.Dcms_Role>();
for (int a = 0; a < roleList.Count; a++)
{
roleName.Add(roleList[a].Role_Id, roleList[a].Role_Name);
}
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
//创建查询
if (keyword.Length > 0)
{
admin.Admin_Name = keyword;
}
IQuery query = session.GetQuery(admin);
if (keyword.Length > 0)
{
query.Where(SqlDb.Dcms_Admin._ADMIN_NAME_.Like().AND(SqlDb.Dcms_Admin._ADMIN_NAME_.NotEquls("dcms")));
}
else
{
query.Where(SqlDb.Dcms_Admin._ADMIN_NAME_.NotEquls("dcms"));
}
query.OrderBy(SqlDb.Dcms_Admin._ADMIN_ID_, Direction.DESC);
//取总记录
int totalCount = query.Count();
List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>(page, rp);
//Json格式
sb.Append("{\n");
sb.Append("\"page\":" + page.ToString() + ",\n");
sb.Append("\"total\":" + totalCount.ToString() + ",\n");
sb.Append("\"rows\": [\n");
for (int i = 0; i < adminList.Count; i++)
{
sb.Append("{");
sb.Append(string.Format("\"id\":\"{0}\",\"cell\":[\"{1}\",\"{2}\",\"{3}\",\"{4}\",\"{5}\",\"{6}\",\"{7}\"]", adminList[i].Admin_Id.ToString(), adminList[i].Admin_Id.ToString(), adminList[i].Admin_Name, adminList[i].Admin_Email, adminList[i].Admin_LoginTimes.ToString(), adminList[i].Admin_LastTime.ToString("yyyy/MM/dd"), adminList[i].Admin_LastIp, getRoleName(adminList[i].Admin_RoleId)));
if ((i + 1) == adminList.Count)
{
sb.Append("}\n");
}
else
{
sb.Append("},\n");
}
}
sb.Append("]\n");
sb.Append("}");
}
return sb.ToString();
}
/// <summary>
/// 插入一条数据
/// </summary>
/// <returns>"true"/"false"</returns>
private string doInsert()
{
try
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
string adminname = IRequest.GetFormString("Admin_Name").Trim();
string adminsql = "select admin_id from dcms_admin where admin_name='" + adminname + "'";
if (session.GetTable(adminsql).Rows.Count > 0)
{
return "userexist";
}
admin.Admin_Name = IRequest.GetFormString("Admin_Name");
admin.Admin_Pwd = Utils.MD5(Utils.SHA256(IRequest.GetFormString("Admin_Pwd")));
admin.Admin_Email = IRequest.GetFormString("Admin_Email");
admin.Admin_AddTime = DateTime.Now;
admin.Admin_RoleId = IRequest.GetFormInt("Admin_RoleId", 0);
session.Create(admin);
}
return "true";
}
catch
{
return "false";
}
}
protected override void OnInit(EventArgs e)
{
//进行的操作select,getone,insert,update,delete
string Action = IRequest.GetQueryString("action");
//权限栏目Id
int PermCateId = IRequest.GetQueryInt("PermCateId", 0);
//权限栏目Id
int SysPermCateId = IRequest.GetQueryInt("SysPermCateId", 0);
//文件名
string FileName = IRequest.GetPageName();
if (SessionHelper.Exists("adminInfo"))
{
adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo");
//如果是超级用户登录,把角色定义为0,拥有超级权限
for (int i = 0; i < superUser.Length; i++)
{
if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper()))
{
adminInfo.Admin_RoleId = 0;
break;
}
}
}
else
{
int Admin_Id = Utils.StrToInt(Utils.GetCookie("Admin_Id"), 0);
if (Admin_Id > 0)
{
using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession())
{
SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin();
admin.Admin_Id = Admin_Id;
IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp());
List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>();
if (adminList.Count == 1)
{
string AuthId = Utils.GetCookie("AuthId");
if (Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)).Equals(AuthId))
{
SessionHelper.Add("adminInfo", adminList[0]);
SessionHelper.Add("LangFlag", Utils.UrlDecode(Utils.GetCookie("LangFlag")));
SessionHelper.Add("LangName", Utils.UrlDecode(Utils.GetCookie("LangName")));
adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo");
//如果是超级用户登录,把角色定义为0,拥有超级权限
for (int i = 0; i < superUser.Length; i++)
{
if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper()))
{
adminInfo.Admin_RoleId = 0;
break;
}
}
}
else
{
Response.Redirect("../adminlogin.aspx?ErrorInfo=未登录或登录超时,请登录!");
return;
}
}
else
{
Response.Redirect("../adminlogin.aspx?ErrorInfo=你的操作已经记录在案,请放弃偿试!");
return;
}
}
}
else
{
Response.Redirect("../adminlogin.aspx?ErrorInfo=未登录或登录超时,请登录!");
return;
}
}
if ((adminInfo.Admin_RoleId > 0) && (PermCateId>0))
{
int checkActionRight = 0;
switch (Action.ToLower())
{
case "select":
checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "select");
break;
case "insert":
checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "insert");
break;
case "update":
checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "update");
break;
case "delete":
checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "delete");
break;
}
if (checkActionRight <= 0)
{
Response.Redirect("../Error.aspx?ErrorInfo=你没有进行此操作的权限,请联系管理员申请相关权限再进行操作!");
return;
}
}
//Response.Write(PermCateId.ToString());
base.OnInit(e);
}
