protected void Page_Load(object sender, EventArgs e)
{
SessionObject obj = (SessionObject)Session["User"];
AccessType = obj.Access;
lbldbg.Visible = false;
if (AccessType == accessType.Staff)
{
lbldbg.Text = " STAFF Access : Session ID = " + Session.SessionID;
btnLogin.Text = "Staff Login";
btnCreateId.Visible = false;
}
else
{
lbldbg.Text = " Member Access : Session ID = " + Session.SessionID;
btnLogin.Text = "Member Login";
}
if (Request.Browser.Cookies && !IsPostBack)
{
HttpCookie hasCookie = Request.Cookies["AD_598"];
if ((hasCookie == null) || (hasCookie["Name"] == ""))
{
HttpCookie noCookie = new HttpCookie("AD_598");
noCookie.Values.Add("SessionId", Session.SessionID);
noCookie.Values.Add("username", String.Empty);
noCookie.Values.Add("passHash", String.Empty);
noCookie.Values.Add("LoggedIn", "False");
noCookie.Values.Add("Access", String.Empty);
noCookie.Expires = DateTime.Now.AddDays(1d);
Response.Cookies.Add(noCookie);
}
else
{
if (hasCookie.Values.Get("SessionId").ToString() == Session.SessionID &&
hasCookie.Values.Get("LoggedIn").ToString() == "True" &&
ValidateUserName(hasCookie.Values.Get("username").ToString(), AccessType) &&
ValidateUserPasswrod(hasCookie.Values.Get("username").ToString(), hasCookie.Values.Get("passHash").ToString(), AccessType) &&
(hasCookie.Values.Get("Access").ToString() == AccessType.ToString()))
{
// move on to the main page
if (AccessType == accessType.Staff)
{
Response.Redirect("Private/Staff.aspx");
}
else
{
Response.Redirect("Member/Member.aspx");
}
}
}
}
}
/// <summary>
/// 學生個案會議
/// </summary>
public StudCaseMeetingRecordForm(DAO.UDT_CounselCaseMeetingRecordDef CounselCaseMeetingRecord,accessType accType)
{
InitializeComponent();
_UDTTransfer = new DAO.UDTTransfer();
_CounselCaseMeetingRecord = CounselCaseMeetingRecord;
_accessType = accType;
_studRec = Student.SelectByID(CounselCaseMeetingRecord.StudentID.ToString());
_TeacherIDNameDict = Utility.GetCounselTeacherIDNameDict(CounselCaseMeetingRecord.StudentID.ToString ());
_TeacherNameIDDict = Utility.GetCounselTeacherNameIDDict(CounselCaseMeetingRecord.StudentID.ToString());
//if (_accessType == accessType.Insert)
// _CounselCaseMeetingRecord.AuthorID = Utility.GetAuthorID();
_LogTransfer = new DAO.LogTransfer();
}
/// <summary>
/// 學生個案會議
/// </summary>
public StudCaseMeetingRecordForm(DAO.UDT_CounselCaseMeetingRecordDef CounselCaseMeetingRecord, accessType accType)
{
InitializeComponent();
_UDTTransfer = new DAO.UDTTransfer();
_CounselCaseMeetingRecord = CounselCaseMeetingRecord;
_accessType = accType;
_studRec = Student.SelectByID(CounselCaseMeetingRecord.StudentID.ToString());
_TeacherIDNameDict = Utility.GetCounselTeacherIDNameDict(CounselCaseMeetingRecord.StudentID.ToString());
_TeacherNameIDDict = Utility.GetCounselTeacherNameIDDict(CounselCaseMeetingRecord.StudentID.ToString());
//if (_accessType == accessType.Insert)
// _CounselCaseMeetingRecord.AuthorID = Utility.GetAuthorID();
_LogTransfer = new DAO.LogTransfer();
}
public FrmFitnessRecord(DAO.StudentFitnessRecord rec, accessType actType)
{
InitializeComponent();
_studRec = Student.SelectByID(rec.StudentID);
_fitnessRec = rec;
_actType = actType;
_LogTransfer = new Log.LogTransfer();
if(_actType == accessType.Edit)
this.TitleText = _FrmTitleEdit;
else
this.TitleText = _FrmTitleAdd;
}
protected bool ValidateUserPasswrod(string userName, string Password, accessType access)
{
// this function returns true if User Name Exists
bool result = false;
string xmlFileName = @"App_data\Members.xml";
//string SearchKey = "Members";
// if access is staff, reset the file name and searchkey
if (access == accessType.Staff)
{
xmlFileName = @"App_data\Staff.xml";
// SearchKey = "Staff";
}
string xmlPath = Server.MapPath("~");
string xmlFullPath = Path.Combine(xmlPath, xmlFileName);
try
{
// Open file stream
XPathDocument xDoc = new XPathDocument(xmlFullPath);
var nav = xDoc.CreateNavigator();
var nodes = nav.Evaluate(@"//member");
foreach (XPathNavigator node in (XPathNodeIterator)nodes)
{
// Check Name
var NameElem = node.MoveToFirstChild();
if (node.InnerXml == userName)
{
node.MoveToNext();
if (node.InnerXml == Password)
{
return(true);
}
else
{
return(false);
}
}
}
}
catch (Exception e)
{
return(false); // error occured so reply with not valid.
}
return(result);
}
public StudCareRecordForm(DAO.UDT_CounselCareRecordDef CareRecordDef, accessType accType)
{
InitializeComponent();
this.MaximumSize = this.MinimumSize = this.Size;
_accessType = accType;
_CounselCareRecord = CareRecordDef;
_itemListCategory = new List <string>();
_itemListOrigin = new List <string>();
_studRec = Student.SelectByID(_CounselCareRecord.StudentID.ToString());
_UDTTransfer = new DAO.UDTTransfer();
_LogTransfer = new DAO.LogTransfer();
//if (accType == accessType.Insert)
// _CounselCareRecord.AuthorID = Utility.GetAuthorID();
}
public StudCareRecordForm(DAO.UDT_CounselCareRecordDef CareRecordDef,accessType accType)
{
InitializeComponent();
this.MaximumSize = this.MinimumSize = this.Size;
_accessType = accType;
_CounselCareRecord = CareRecordDef;
_itemListCategory = new List<string>();
_itemListOrigin = new List<string>();
_studRec = Student.SelectByID(_CounselCareRecord.StudentID.ToString());
_UDTTransfer = new DAO.UDTTransfer();
_LogTransfer = new DAO.LogTransfer();
//if (accType == accessType.Insert)
// _CounselCareRecord.AuthorID = Utility.GetAuthorID();
}
public FrmFitnessRecord(DAO.StudentFitnessRecord rec, accessType actType)
{
InitializeComponent();
_studRec = Student.SelectByID(rec.StudentID);
_fitnessRec = rec;
_actType = actType;
_LogTransfer = new Log.LogTransfer();
if (_actType == accessType.Edit)
{
this.TitleText = _FrmTitleEdit;
}
else
{
this.TitleText = _FrmTitleAdd;
}
}
public FrmFitnessRecord(DAO.StudentFitnessRecord rec, accessType actType)
{
InitializeComponent();
_studRec = Student.SelectByID(rec.StudentID);
_fitnessRec = rec;
_actType = actType;
_LogTransfer = new Log.LogTransfer();
if (_actType == accessType.Edit)
{
this.Text = _FrmTitleEdit;
//修改模式無法變更學年度
this.integerInput1.Enabled = false;
}
else
{
this.Text = _FrmTitleAdd;
}
}
protected bool ValidateUserName(string userName, accessType access)
{
// this function returns true if User Name Exists
bool result = false;
string xmlFileName = @"App_data\Members.xml";
string SearchKey = @"//Name";
// if access is staff, reset the file name and searchkey
if (access == accessType.Staff)
{
xmlFileName = @"App_data\Staff.xml";
}
string xmlPath = Server.MapPath("~");
string xmlFullPath = Path.Combine(xmlPath, xmlFileName);
try
{
// Open file stream
XPathDocument xDoc = new XPathDocument(xmlFullPath);
var nav = xDoc.CreateNavigator();
var nodes = nav.Evaluate(SearchKey);
foreach (XPathNavigator node in (XPathNodeIterator)nodes)
{
if (node.InnerXml == userName)
{
result = true;
break;
}
}
}
catch (Exception e)
{
return(false); // error occured so reply with not valid.
}
return(result);
}
/// <summary>
/// ChangeAccessType - replace the AccessType of the given location
/// </summary>
/// <param name="lc - location"></param>
/// <param name="pswd- password"></param>
/// <returns> true if password change is made</returns>
public bool ChangeAccessType(int lc, accessType type)
{
KeyPassword keyPasswrd = null;
foreach (KeyPassword kp in keypasswords)
{
if (kp.loc == lc)
{
keyPasswrd = kp;
break;
}
}
if (keyPasswrd == null)
{
Program.logEvent("KeyPassword - no location found" + lc.ToString());
return(false); ///location not found - what happened here
}
else
{
keyPasswrd.accessIntType = (int)type;
return(true);
}
}
public bool SetAccessType(int loc, accessType type)
{
return(keyPassWordList.ChangeAccessType(loc, type));
}
public SessionObject(string name, string hash, accessType access)
{
Name = name;
Hash = hash;
Access = access;
}
