Exemple #1
0
        protected void Page_Command(Object sender, CommandEventArgs e)
        {
            Guid   gPARENT_ID   = Sql.ToGuid(Request["PARENT_ID"]);
            string sMODULE      = String.Empty;
            string sPARENT_TYPE = String.Empty;
            string sPARENT_NAME = String.Empty;

            try
            {
                SqlProcs.spPARENT_Get(ref gPARENT_ID, ref sMODULE, ref sPARENT_TYPE, ref sPARENT_NAME);
            }
            catch (Exception ex)
            {
                SplendidError.SystemError(new StackTrace(true).GetFrame(0), ex);
                // The only possible error is a connection failure, so just ignore all errors.
                gPARENT_ID = Guid.Empty;
            }
            if (e.CommandName == "Save")
            {
                // 01/16/2006 Paul.  Enable validator before validating page.
                this.ValidateEditViewFields(m_sMODULE + ".EditView");
                this.ValidateEditViewFields(m_sMODULE + ".EditAddress");
                if (Page.IsValid)
                {
                    string      sUSER_PREFERENCES = String.Empty;
                    XmlDocument xml = new XmlDocument();
                    try
                    {
                        try
                        {
                            sUSER_PREFERENCES = Sql.ToString(ViewState["USER_PREFERENCES"]);
                            xml.LoadXml(sUSER_PREFERENCES);
                        }
                        catch (Exception ex)
                        {
                            SplendidError.SystemWarning(new StackTrace(true).GetFrame(0), ex);
                            xml.AppendChild(xml.CreateProcessingInstruction("xml", "version=\"1.0\" encoding=\"UTF-8\""));
                            xml.AppendChild(xml.CreateElement("USER_PREFERENCE"));
                        }
                        // user_settings
                        XmlUtil.SetSingleNode(xml, "gridline", chkGRIDLINE.Checked ? "true" : "false");
                        XmlUtil.SetSingleNode(xml, "culture", lstLANGUAGE.SelectedValue);
                        XmlUtil.SetSingleNode(xml, "theme", lstTHEME.SelectedValue);
                        XmlUtil.SetSingleNode(xml, "dateformat", lstDATE_FORMAT.SelectedValue);
                        XmlUtil.SetSingleNode(xml, "timeformat", lstTIME_FORMAT.SelectedValue);
                        XmlUtil.SetSingleNode(xml, "timezone", lstTIMEZONE.SelectedValue);
                        XmlUtil.SetSingleNode(xml, "currency_id", lstCURRENCY.SelectedValue);
                        XmlUtil.SetSingleNode(xml, "num_grp_sep", txtGROUP_SEPARATOR.Text);
                        XmlUtil.SetSingleNode(xml, "dec_sep", txtDECIMAL_SEPARATOR.Text);
                        // 08/05/2006 Paul.  Remove stub of unsupported code. Reminder is not supported at this time.
                        //XmlUtil.SetSingleNode(xml, "reminder_time"       , chkSHOULD_REMIND.Checked ? lstREMINDER_TIME.SelectedValue : "0" );
                        // mail_options

                        string sMAIL_SMTPPASS = Sql.ToString(ViewState["mail_smtppass"]);
                        // 08/06/2005 Paul.  Password might be our empty value.
                        TextBox txtMAIL_SMTPPASS = FindControl("MAIL_SMTPPASS") as TextBox;
                        if (txtMAIL_SMTPPASS != null)
                        {
                            // 08/05/2006 Paul.  Allow the password to be cleared.
                            if (txtMAIL_SMTPPASS.Text != sEMPTY_PASSWORD)
                            {
                                sMAIL_SMTPPASS = txtMAIL_SMTPPASS.Text;
                            }
                        }

                        XmlUtil.SetSingleNode(xml, "mail_fromname", new DynamicControl(this, "MAIL_FROMNAME").Text);
                        XmlUtil.SetSingleNode(xml, "mail_fromaddress", new DynamicControl(this, "MAIL_FROMADDRESS").Text);
                        XmlUtil.SetSingleNode(xml, "mail_smtpserver", new DynamicControl(this, "MAIL_SMTPSERVER").Text);
                        XmlUtil.SetSingleNode(xml, "mail_smtpport", new DynamicControl(this, "MAIL_SMTPPORT").Text);
                        XmlUtil.SetSingleNode(xml, "mail_sendtype", new DynamicControl(this, "MAIL_SENDTYPE").Text);
                        XmlUtil.SetSingleNode(xml, "mail_smtpauth_req", new DynamicControl(this, "MAIL_SMTPAUTH_REQ").Checked ? "true" : "false");
                        XmlUtil.SetSingleNode(xml, "mail_smtpuser", new DynamicControl(this, "MAIL_SMTPUSER").Text);
                        XmlUtil.SetSingleNode(xml, "mail_smtppass", sMAIL_SMTPPASS);

                        // freebusy
                        // 08/05/2006 Paul.  Remove stub of unsupported code. Calendar Publish Key is not supported at this time.
                        //XmlUtil.SetSingleNode(xml, "calendar_publish_key", txtCALENDAR_PUBLISH_KEY .Text         );
                        //XmlUtil.SetSingleNode(xml, "calendar_publish_url", txtCALENDAR_PUBLISH_URL .Text         );
                        //XmlUtil.SetSingleNode(xml, "calendar_search_url" , txtCALENDAR_SEARCH_URL  .Text         );
                    }
                    catch (Exception ex)
                    {
                        SplendidError.SystemError(new StackTrace(true).GetFrame(0), ex);
                    }
                    if (Sql.ToBoolean(Application["CONFIG.XML_UserPreferences"]))
                    {
                        sUSER_PREFERENCES = xml.OuterXml;
                    }
                    else
                    {
                        sUSER_PREFERENCES = XmlUtil.ConvertToPHP(xml.DocumentElement);
                    }

                    // 12/06/2005 Paul.  Need to prevent duplicate users.
                    string            sUSER_NAME = txtUSER_NAME.Text.Trim();
                    DbProviderFactory dbf        = DbProviderFactories.GetFactory();
                    try
                    {
                        // 11/10/2006 Paul.  If the decimal and group separate match, then .NET will not be able to parse decimals.
                        // The exception "Input string was not in a correct format." is thrown.
                        if (txtGROUP_SEPARATOR.Text == txtDECIMAL_SEPARATOR.Text)
                        {
                            throw(new Exception(L10n.Term("Users.LBL_INVALID_DECIMAL")));
                        }
                        if (!Sql.IsEmptyString(sUSER_NAME))
                        {
                            using (IDbConnection con = dbf.CreateConnection())
                            {
                                string sSQL;
                                sSQL = "select USER_NAME             " + ControlChars.CrLf
                                       + "  from vwUSERS               " + ControlChars.CrLf
                                       + " where USER_NAME = @USER_NAME" + ControlChars.CrLf;
                                using (IDbCommand cmd = con.CreateCommand())
                                {
                                    cmd.CommandText = sSQL;
                                    Sql.AddParameter(cmd, "@USER_NAME", sUSER_NAME);
                                    if (!Sql.IsEmptyGuid(gID))
                                    {
                                        // 12/06/2005 Paul.  Only include the ID if it is not null as we cannot compare NULL to anything.
                                        cmd.CommandText += "   and ID <> @ID" + ControlChars.CrLf;
                                        Sql.AddParameter(cmd, "@ID", gID);
                                    }
                                    con.Open();
                                    using (IDataReader rdr = cmd.ExecuteReader(CommandBehavior.SingleRow))
                                    {
                                        if (rdr.Read())
                                        {
                                            string sMESSAGE = String.Empty;
                                            sMESSAGE = String.Format(L10n.Term("Users.ERR_USER_NAME_EXISTS_1") + "{0}" + L10n.Term("Users.ERR_USER_NAME_EXISTS_2"), sUSER_NAME);
                                            throw(new Exception(sMESSAGE));
                                        }
                                    }
                                }
                            }
                        }
                    }
                    catch (Exception ex)
                    {
                        SplendidError.SystemError(new StackTrace(true).GetFrame(0), ex);
                        ctlEditButtons.ErrorText = ex.Message;
                        return;
                    }

                    string    sCUSTOM_MODULE = "USERS";
                    DataTable dtCustomFields = SplendidCache.FieldsMetaData_Validated(sCUSTOM_MODULE);
                    using (IDbConnection con = dbf.CreateConnection())
                    {
                        con.Open();
                        // 11/18/2007 Paul.  Use the current values for any that are not defined in the edit view.
                        DataRow   rowCurrent = null;
                        DataTable dtCurrent  = new DataTable();
                        if (!Sql.IsEmptyGuid(gID))
                        {
                            string sSQL;
                            sSQL = "select *           " + ControlChars.CrLf
                                   + "  from vwUSERS_Edit" + ControlChars.CrLf;
                            using (IDbCommand cmd = con.CreateCommand())
                            {
                                cmd.CommandText = sSQL;
                                Security.Filter(cmd, m_sMODULE, "edit");
                                Sql.AppendParameter(cmd, gID, "ID", false);
                                using (DbDataAdapter da = dbf.CreateDataAdapter())
                                {
                                    ((IDbDataAdapter)da).SelectCommand = cmd;
                                    da.Fill(dtCurrent);
                                    if (dtCurrent.Rows.Count > 0)
                                    {
                                        rowCurrent = dtCurrent.Rows[0];
                                    }
                                    else
                                    {
                                        // 11/19/2007 Paul.  If the record is not found, clear the ID so that the record cannot be updated.
                                        // It is possible that the record exists, but that ACL rules prevent it from being selected.
                                        gID = Guid.Empty;
                                    }
                                }
                            }
                        }

                        using (IDbTransaction trn = con.BeginTransaction())
                        {
                            try
                            {
                                bool bNewUser = Sql.IsEmptyGuid(gID);
                                // 04/24/2006 Paul.  Upgrade to SugarCRM 4.2 Schema.
                                // 11/18/2007 Paul.  Use the current values for any that are not defined in the edit view.
                                SqlProcs.spUSERS_Update
                                    (ref gID
                                    , sUSER_NAME
                                    , txtFIRST_NAME.Text
                                    , txtLAST_NAME.Text
                                    , new DynamicControl(this, rowCurrent, "REPORTS_TO_ID").ID
                                    , (Security.IS_ADMIN ? chkIS_ADMIN.Checked : Sql.ToBoolean(ViewState["IS_ADMIN"]))
                                    , chkRECEIVE_NOTIFICATIONS.Checked
                                    , new DynamicControl(this, rowCurrent, "DESCRIPTION").Text
                                    , new DynamicControl(this, rowCurrent, "TITLE").Text
                                    , new DynamicControl(this, rowCurrent, "DEPARTMENT").Text
                                    , new DynamicControl(this, rowCurrent, "PHONE_HOME").Text
                                    , new DynamicControl(this, rowCurrent, "PHONE_MOBILE").Text
                                    , new DynamicControl(this, rowCurrent, "PHONE_WORK").Text
                                    , new DynamicControl(this, rowCurrent, "PHONE_OTHER").Text
                                    , new DynamicControl(this, rowCurrent, "PHONE_FAX").Text
                                    , new DynamicControl(this, rowCurrent, "EMAIL1").Text
                                    , new DynamicControl(this, rowCurrent, "EMAIL2").Text
                                    , lstSTATUS.SelectedValue
                                    , new DynamicControl(this, rowCurrent, "ADDRESS_STREET").Text
                                    , new DynamicControl(this, rowCurrent, "ADDRESS_CITY").Text
                                    , new DynamicControl(this, rowCurrent, "ADDRESS_STATE").Text
                                    , new DynamicControl(this, rowCurrent, "ADDRESS_POSTALCODE").Text
                                    , new DynamicControl(this, rowCurrent, "ADDRESS_COUNTRY").Text
                                    , sUSER_PREFERENCES
                                    , chkPORTAL_ONLY.Checked
                                    , new DynamicControl(this, rowCurrent, "EMPLOYEE_STATUS").SelectedValue
                                    , new DynamicControl(this, rowCurrent, "MESSENGER_ID").Text
                                    , new DynamicControl(this, rowCurrent, "MESSENGER_TYPE").SelectedValue
                                    , sMODULE
                                    , gPARENT_ID
                                    , new DynamicControl(this, rowCurrent, "IS_GROUP").Checked
                                    , trn
                                    );
                                SplendidDynamic.UpdateCustomFields(this, trn, gID, sCUSTOM_MODULE, dtCustomFields);
                                trn.Commit();
                                // 09/09/2006 Paul.  Refresh cached user information.
                                if (bNewUser)
                                {
                                    SplendidCache.ClearUsers();
                                }
                                // 08/27/2005 Paul. Reload session with user preferences.
                                // 08/30/2005 Paul. Only reload preferences the user is editing his own profile.
                                // We want to allow an administrator to update other user profiles.
                                if (Security.USER_ID == gID)
                                {
                                    SplendidInit.LoadUserPreferences(gID, lstTHEME.SelectedValue, lstLANGUAGE.SelectedValue);
                                }
                            }
                            catch (Exception ex)
                            {
                                trn.Rollback();
                                SplendidError.SystemError(new StackTrace(true).GetFrame(0), ex);
                                ctlEditButtons.ErrorText = ex.Message;
                                return;
                            }
                        }
                    }
                    if (!Sql.IsEmptyGuid(gPARENT_ID))
                    {
                        Response.Redirect("~/" + sMODULE + "/view.aspx?ID=" + gPARENT_ID.ToString());
                    }
                    else if (bMyAccount)
                    {
                        Response.Redirect("MyAccount.aspx");
                    }
                    else
                    {
                        Response.Redirect("view.aspx?ID=" + gID.ToString());
                    }
                }
            }
            else if (e.CommandName == "Cancel")
            {
                if (!Sql.IsEmptyGuid(gPARENT_ID))
                {
                    Response.Redirect("~/" + sMODULE + "/view.aspx?ID=" + gPARENT_ID.ToString());
                }
                else if (bMyAccount)
                {
                    Response.Redirect("MyAccount.aspx");
                }
                else if (Sql.IsEmptyGuid(gID))
                {
                    Response.Redirect("default.aspx");
                }
                else
                {
                    Response.Redirect("view.aspx?ID=" + gID.ToString());
                }
            }
        }