Exemple #1
0
    protected void editClass_Click(object sender, EventArgs e)
    {
        string cid           = DropDownListClass.Text.Trim();
        string classNameTemp = className.Text.Trim();

        if (!String.IsNullOrEmpty(classNameTemp as string))
        {
            strValue[0] = classNameTemp;
            strValue[1] = classUrl.Text;
            strValue[2] = tk.Text;
            strValue[3] = DateTime.Now.AddDays(-7).ToString("yyyy-MM-dd HH:mm:ss");
            xc.insertMyLog(xc.adminID, "admin", "修改分类:" + classNameTemp);
            string returnStr = db.InsertUpdateDB("NewsTree", "@TreeName,@TreeUrl,@taobaoKe,@PostDate", strValue, "Tid=" + cid + " and TreeType='" + typeClss + "'");

            string strSql = "select Tid from newsTree where Tid=" + cid;
            strSql += " union select Tid from newsTree where idLayerStr like '%|" + cid + "|%'";
            DataTable dt = db.getDataTable(strSql);
            for (int i = 0; i < dt.Rows.Count; i++)
            {
                xClass.treeNameUpdate(xc.SafeNum(dt.Rows[i]["Tid"].ToString().Trim()));
            }
            dt.Dispose();

            xc.divError("", returnStr, 350, 150, "ClassList.aspx?tClass=" + typeClss, "goto");
        }
        else
        {
            xc.divError("", "请填写分类名称!", 350, 150, "ClassList.aspx?tClass=" + typeClss, "goto");
        }
    }
Exemple #2
0
    protected void Page_Load(object sender, EventArgs e)
    {
        XabaraCom xc = new XabaraCom();
        xc.CheckAdminLogin("|adsDel|");

        dbDataFunction db = new dbDataFunction();
        string returnValue = string.Empty;

        long idTemp = xc.SafeNum(Request["id"].Trim());

        returnValue = db.DelDB("ads", "aID", xc.SafeSql(Request["id"].Trim()).ToString(), string.Empty, false, "adImg");

        xc.insertMyLog(xc.adminID, "admin", "删除广告");

        xc.divError("", returnValue, 350, 150, Server.UrlDecode(xc.errorUrlTwo), "goto");
    }
Exemple #3
0
    protected void Page_Load(object sender, EventArgs e)
    {
        XabaraCom xc = new XabaraCom();

        xc.CheckAdminLogin("|adsDel|");

        dbDataFunction db          = new dbDataFunction();
        string         returnValue = string.Empty;

        long idTemp = xc.SafeNum(Request["id"].Trim());

        returnValue = db.DelDB("ads", "aID", xc.SafeSql(Request["id"].Trim()).ToString(), string.Empty, false, "adImg");

        xc.insertMyLog(xc.adminID, "admin", "删除广告");

        xc.divError("", returnValue, 350, 150, Server.UrlDecode(xc.errorUrlTwo), "goto");
    }
Exemple #4
0
    protected void Page_Load(object sender, EventArgs e)
    {
        XabaraCom xc = new XabaraCom();
        xc.CheckAdminLogin("|adminDel|");

        if (!xc.adminID.Equals(xc.SafeSql(Request["id"].Trim()).ToString()))
        {
            string returnValue = new dbDataFunction().DelDB("AdminUser", "UserId", xc.SafeSql(Request["id"].Trim()).ToString(), string.Empty, false, string.Empty);

            xc.insertMyLog(xc.adminID, "admin", "删除管理员");

            xc.divError("", returnValue, 350, 150, "userList.aspx", "goto");
        }
        else
        {
            xc.divError("", "不会吧,删除自己呀!", 350, 150, "userList.aspx", "goto");
        }
    }
Exemple #5
0
    protected void Page_Load(object sender, EventArgs e)
    {
        XabaraCom xc = new XabaraCom();

        xc.CheckAdminLogin("|adminDel|");

        if (!xc.adminID.Equals(xc.SafeSql(Request["id"].Trim()).ToString()))
        {
            string returnValue = new dbDataFunction().DelDB("AdminUser", "UserId", xc.SafeSql(Request["id"].Trim()).ToString(), string.Empty, false, string.Empty);

            xc.insertMyLog(xc.adminID, "admin", "删除管理员");

            xc.divError("", returnValue, 350, 150, "userList.aspx", "goto");
        }
        else
        {
            xc.divError("", "不会吧,删除自己呀!", 350, 150, "userList.aspx", "goto");
        }
    }
Exemple #6
0
    protected void imgLogin_Click(object sender, ImageClickEventArgs e)
    {
        string uid    = UID.Text.Trim().ToLower().ToString();
        string pw     = xc.GetMd5(PW.Text.ToString());
        string strSql = "select * from AdminUser where userID='" + uid + "' and UserPW='" + pw + "' and loginFlag=2 ";

        DataTable dt = db.getDataTable(strSql);

        if (dt.Rows.Count < 1)
        {
            xc.divError("登陆提示", "您的帐号或密码不正确!", 350, 150, xc.AdminFileName, "top");
        }
        else
        {
            long   lgNums  = xc.SafeNum(dt.Rows[0]["LoginNum"].ToString()) + 1;
            string strDim  = "@SessionError,@LoginNum,@LoginDate,@LoginIP";
            string rndNums = xc.GetRnd("abc", 8);
            Session.Add("AdminRndNums", rndNums);

            string[] strValue = new string[5];
            strValue[0] = xc.GetMd5(rndNums);
            strValue[1] = lgNums.ToString();
            strValue[2] = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
            strValue[3] = xc.GetIP();
            db.InsertUpdateDB("AdminUser", strDim, strValue, "userID='" + uid + "'");

            xc.insertMyLog(uid, "admin", "管理员登录");

            HttpCookie XabaraAdminCookies = new HttpCookie("XabaraAdmin");      //cookies写入磁盘
            XabaraAdminCookies.Values.Add("AdminID", uid);
            XabaraAdminCookies.Values.Add("AdminName", HttpUtility.UrlEncode(dt.Rows[0]["UserName"].ToString().Trim()));
            XabaraAdminCookies.Values.Add("AdminLgNums", lgNums.ToString());
            XabaraAdminCookies.Values.Add("AdminLgDate", dt.Rows[0]["LoginDate"].ToString().Trim());
            XabaraAdminCookies.Values.Add("AdminLgIP", dt.Rows[0]["LoginIP"].ToString().Trim());
            XabaraAdminCookies.Expires = DateTime.Now.AddDays(15d);
            Response.Cookies.Add(XabaraAdminCookies);

            dt.Dispose();
            Response.Redirect("admin.aspx", true);
        }
    }
    protected void setAdmin_Click(object sender, EventArgs e)
    {
        string selectValue = Request["adminPopedomSelect"];

        if (!string.IsNullOrEmpty(selectValue))
        {
            selectValue = selectValue.Replace(",", "|");

            string[] strValue = new string[2];
            strValue[0] = "|" + selectValue + "|";
            strValue[1] = "2";

            xc.insertMyLog(xc.adminID, "admin", "修改管理员权限");

            xc.divError("设置提示", db.InsertUpdateDB("AdminUser", "@UserAdmin,@loginFlag", strValue, "userID='" + xc.SafeSql(Request["id"].Trim()) + "'"), 350, 150, "userList.aspx", "goto");
        }
        else
        {
            xc.divError("", "请选择相应权限后再设置!", 350, 150, "", "");
        }
    }
Exemple #8
0
    protected void Page_Load(object sender, EventArgs e)
    {
        XabaraCom xc = new XabaraCom();

        xc.CheckAdminLogin("|adminPW|");

        string idTemp = xc.SafeNum(Request["id"].Trim()).ToString();
        string dimStr = "@UserPW";
        string[] strValue = new string[1];
        string strVlaueTemp = xc.GetRnd("abc", 1) + xc.GetRnd("abc123", 7).ToLower();
        strValue[0] = xc.GetMd5(strVlaueTemp).ToString();

        if (new dbDataFunction().InsertUpdateDB("AdminUser", dimStr, strValue, "Uid=" + idTemp + " and UserId<>'" + xc.adminID + "'").Equals("更新成功"))
        {
            xc.insertMyLog(xc.adminID, "admin", "管理员密码初始化");
            xc.divError("", "新密码:" + strVlaueTemp, 350, 150, "userList.aspx", "goto");
        }
        else
        {
            xc.divError("", "不能给自己密码初始化或操作错误!", 350, 150, "userList.aspx", "goto");
        }
    }
Exemple #9
0
    protected void editAdmin_Click(object sender, EventArgs e)
    {
        string dimStr = "@classID,@UserName,@UserPW,@userEmail,@userTel,@userMobile,@userQQ";

        string[] strValue = new string[7];
        strValue[0] = adminClass.Text;
        strValue[1] = adminName.Text.Trim();
        string pw = adminPW.Text;

        if (!string.IsNullOrEmpty(pw as string))
        {
            pw = xc.GetMd5(pw);
        }
        else
        {
            pw = oldPWHidden.Value;
        }
        strValue[2] = pw;
        strValue[3] = adminMail.Text.Trim();
        strValue[4] = adminTel.Text.Trim();
        strValue[5] = adminMobile.Text.Trim();
        strValue[6] = adminQQ.Text.Trim();

        if (db.InsertUpdateDB("AdminUser", dimStr, strValue, "userID='" + xc.adminID + "'").Equals("更新成功"))
        {
            xc.insertMyLog(xc.adminID, "admin", "修改资料");

            Session.Add("AdminRndNums", string.Empty);

            xc.divError("", "更新资料成功!", 350, 150, xc.AdminFileName, "top");
        }
        else
        {
            xc.divError("", "更新资料失败!", 350, 150, "userEdit.aspx", "goto");
        }
    }
Exemple #10
0
    protected void addAdmin_Click(object sender, EventArgs e)
    {
        string adminIDTemp = xc.SafeSql(adminID.Text.Trim().ToLower());
        string strSql      = "select * from AdminUser where userID='" + adminIDTemp + "'";

        if (db.getDataTable(strSql).Rows.Count > 0)
        {
            xc.divError("", "已存在该管理员!", 350, 150, "", "");
        }
        else
        {
            string dimStr = "@UserId,@UserName,@UserPW,@SessionError,@loginFlag,@LoginNum,@RegDate,@LoginDate,@LoginIP,@classID";

            string[] strValue = new string[10];
            strValue[0] = adminIDTemp;
            strValue[1] = adminName.Text.Trim();
            strValue[2] = xc.GetMd5(adminPW.Text.Trim());
            strValue[3] = "xabara.com";
            strValue[4] = "1";
            strValue[5] = "0";
            strValue[6] = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
            strValue[7] = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
            strValue[8] = xc.GetIP().ToString();
            strValue[9] = adminClass.Text;

            if (db.InsertUpdateDB("AdminUser", dimStr, strValue, string.Empty).Equals("发布成功"))
            {
                xc.insertMyLog(xc.adminID, "admin", "添加管理员:" + adminIDTemp);
                xc.divError("", "添加管理员成功,需对 " + adminName.Text.Trim() + " 进行权限设置后才可以正常登陆!", 500, 200, "userPopedom.aspx?id=" + adminIDTemp, "goto");
            }
            else
            {
                xc.divError("", "添加管理员失败!", 350, 150, "", "");
            }
        }
    }
Exemple #11
0
    protected void Page_Load(object sender, EventArgs e)
    {
        XabaraCom xc = new XabaraCom();

        xc.CheckAdminLogin("|adminPW|");

        string idTemp = xc.SafeNum(Request["id"].Trim()).ToString();
        string dimStr = "@UserPW";

        string[] strValue     = new string[1];
        string   strVlaueTemp = xc.GetRnd("abc", 1) + xc.GetRnd("abc123", 7).ToLower();

        strValue[0] = xc.GetMd5(strVlaueTemp).ToString();

        if (new dbDataFunction().InsertUpdateDB("AdminUser", dimStr, strValue, "Uid=" + idTemp + " and UserId<>'" + xc.adminID + "'").Equals("更新成功"))
        {
            xc.insertMyLog(xc.adminID, "admin", "管理员密码初始化");
            xc.divError("", "新密码:" + strVlaueTemp, 350, 150, "userList.aspx", "goto");
        }
        else
        {
            xc.divError("", "不能给自己密码初始化或操作错误!", 350, 150, "userList.aspx", "goto");
        }
    }
Exemple #12
0
    protected void addClass_Click(object sender, EventArgs e)
    {
        string classNameTemp = className.Text.Trim();
        string oldClassID    = DropDownListClass.Text.Trim();

        Session.Add(typeClss, oldClassID); //缓存
        string strSql = "select * from NewsTree where TreeID=" + oldClassID + " and TreeName='" + classNameTemp + "' and TreeType='" + typeClss + "'";

        if (db.getDataTable(strSql).Rows.Count > 0)
        {
            xc.divError("", "已存在该分类!", 350, 150, "ClassAdd.aspx?tClass=" + typeClss, "goto");
        }
        else
        {
            string dimStr = "@TreeID,@ListID,@TidNums,@TreeName,@TreeType,@treeAdmin,@treeDel,@PostDate,@AdminIP,@AdminID,@TreeUrl,@taobaoKe";

            string[] strValue = new string[12];
            strValue[0] = oldClassID;

            if (string.IsNullOrEmpty(classList.Text))
            {
                strValue[1] = "0";
            }
            else
            {
                strValue[1] = classList.Text;
            }

            strValue[2]  = "0";
            strValue[3]  = classNameTemp;
            strValue[4]  = typeClss;
            strValue[5]  = "0";
            strValue[6]  = "0";
            strValue[7]  = DateTime.Now.AddDays(-2).ToString("yyyy-MM-dd HH:mm:ss");
            strValue[8]  = xc.GetIP();
            strValue[9]  = xc.adminID;
            strValue[10] = classUrl.Text;
            strValue[11] = tk.Text;

            if (db.InsertUpdateDB("NewsTree", dimStr, strValue, string.Empty).Equals("发布成功"))
            {
                if (Convert.ToInt32(oldClassID) > 0) //更新子分类数
                {
                    string    strSqlSelect = "select TreeID,TidNums,idLayerStr from NewsTree where Tid=" + oldClassID + " and TreeType='" + typeClss + "'";
                    DataTable dt           = db.getDataTable(strSqlSelect);
                    int       tidNums      = Convert.ToInt32(dt.Rows[0]["TidNums"]) + 1;
                    strValue[0] = tidNums.ToString();
                    db.InsertUpdateDB("NewsTree", "@TidNums", strValue, "Tid=" + oldClassID + " and TreeType='" + typeClss + "'");

                    int tidTemp = Convert.ToInt32(dt.Rows[0]["TreeID"]);    //更新关联字符串
                    if (tidTemp < 1)
                    {
                        strValue[0] = "|";
                    }
                    else
                    {
                        strValue[0] = dt.Rows[0]["idLayerStr"].ToString();
                    }
                    strValue[0] = strValue[0].Trim() + oldClassID.ToString() + "|";
                    db.InsertUpdateDB("NewsTree", "@idLayerStr", strValue, "TreeID=" + oldClassID + " and TreeName='" + classNameTemp + "' and TreeType='" + typeClss + "'");

                    dt.Dispose();
                }

                xc.insertMyLog(xc.adminID, "admin", Server.UrlDecode(titleClass.Text + ":" + classNameTemp));

                xc.divError("", Server.UrlDecode(titleClass.Text) + "成功!", 350, 150, "ClassAdd.aspx?tClass=" + typeClss + "&title=" + titleClass.Text, "goto");
            }
            else
            {
                xc.divError("", Server.UrlDecode(titleClass.Text) + "失败!", 350, 150, "ClassAdd.aspx?tClass=" + typeClss + "&title=" + titleClass.Text, "goto");
            }
        }
    }
Exemple #13
0
    protected void editMoney_Click(object sender, EventArgs e)
    {
        string imgFile       = adImg.Text.Trim();
        string uploadFileStr = string.Empty;

        if (!imgFile.Equals("Code"))
        {
            uploadFileStr = xc.UploadFile(imgUpload, imgFile, false);
        }
        string url = adHttp.Text;

        string newFile = upImg.Value;

        if (uploadFileStr.Equals("上传成功"))
        {
            if (!string.IsNullOrEmpty(newFile as string))
            {
                xc.delFile(newFile.Substring(5, 8) + "/" + newFile);
            }
            newFile = Session["NewFile"].ToString().Trim();
        }

        string strDim = "@classID,@adW,@adH,@adImg,@adHttp,@adCode,@starDate,@stopDate,@postDate,@postIP,@adminID";

        string[] strValue = new string[11];
        strValue[0] = adClass.Text;
        strValue[1] = adW.Text;
        strValue[2] = adH.Text;
        strValue[3] = newFile;
        strValue[4] = url;
        switch (imgFile)
        {
        case "Img":
            if (!string.IsNullOrEmpty(url as string))
            {
                strValue[5] = "<a href=\"" + url + "\" target=\"_blank\"><img src=\"http://" + XmlReader.GetConfig(Server.MapPath("~/xabara.config"), "webDomains") + xc.UploadFolder + newFile.Substring(5, 8) + "/" + newFile + "\" style=\"boder:0px;width:" + adW.Text + "px;height:" + adH.Text + "px\" /></a>";
            }
            else
            {
                strValue[5] = "<img src=\"" + xc.UploadFolder + newFile.Substring(5, 8) + "/" + newFile + "\"  style=\"boder:0px;width:" + adW.Text + "px;height:" + adH.Text + "px\" />";
            }
            break;

        case "Flash":
            strValue[5] = "<object classid=\"clsid:d27cdb6e-ae6d-11cf-96b8-444553540000\" codebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0\" height=\"" + adH.Text + "\" width=\"" + adW.Text + "\"><param name=\"quality\" value=\"high\" /><param name=\"movie\" value=\"" + xc.UploadFolder + newFile.Substring(5, 8) + "/" + newFile + "\" /><embed height=\"" + adH.Text + "\" pluginspage=\"http://www.macromedia.com/go/getflashplayer\" quality=\"high\" src=\"" + xc.UploadFolder + newFile.Substring(5, 8) + "/" + newFile + "\" type=\"application/x-shockwave-flash\" width=\"" + adW.Text + "\"></embed></object>";
            break;

        default:
            strValue[5] = adCode.Text;
            break;
        }
        strValue[6]  = pDate.Text;
        strValue[7]  = eDate.Text;
        strValue[8]  = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
        strValue[9]  = xc.GetIP();
        strValue[10] = xc.adminID;

        xc.insertMyLog(xc.adminID, "admin", "修改广告");

        xc.divError("", db.InsertUpdateDB("ads", strDim, strValue, "aID=" + xc.SafeNum(Request["id"]).ToString()), 350, 150, "default.aspx", "goto");
    }