protected void Page_Load(object sender, EventArgs e)
 {
     sql = "select	u.user_id, u.user_name, d.user_deptname " +
         "from	rps_userinfo u, rps_deptinfo d " +
         "where	u.user_dept = d.user_dept " +
         "order by u.user_id";
     this.db = new Database("rpsdb", this.sql, Database.WebConfig);
 }
Exemple #2
0
        public User(String ID, String PW, String IPAddress, String Token)
        {
            this.ID = ID;
            this.PW = PW;
            this.IPAddress = IPAddress;
            this.Token = Token;
            this.ss = HttpContext.Current.Session.SessionID;

            this.sql = "insert into rps_session values('" + this.ID + "','" + this.Token +
                "','" + this.ss + "', GETDATE(), '" + this.IPAddress + "')";
            this.db = new Database("rpsdb", this.sql, Database.WebConfig);
            this.db.ExecuteSql(this.sql);
            this.db.Close();

            ResetReportParameter();
        }
 protected void Button1_Click(object sender, EventArgs e)
 {
     if (TB_OldPassword.Text.Equals(""))
         ShowMessage("請輸入舊密碼!", MessagePanel, TB_OldPassword);
     else if (TB_NewPassword.Text.Equals(""))
         ShowMessage("請輸入新密碼!", MessagePanel, TB_NewPassword);
     else if (TB_ConfirmPassword.Text.Equals(""))
         ShowMessage("請輸入確認密碼!", MessagePanel, TB_ConfirmPassword);
     else if (!TB_ConfirmPassword.Text.Equals(TB_NewPassword.Text))
     {
         ShowMessage("新密碼與確認密碼不吻合!", MessagePanel, TB_NewPassword);
         TB_NewPassword.Text = "";
         TB_ConfirmPassword.Text = "";
     }
     else if (!this.user.ValidatePassword(TB_OldPassword.Text))
     {
         ShowMessage("舊密碼不正確!", MessagePanel, TB_OldPassword);
     }
     else
     {
         MessagePanel.Text = " ";
         try
         {
             String HashPW = Cryptography.MD5(TB_NewPassword.Text);
             String sql = "update rps_userinfo set user_pw = '" + HashPW + "' where user_id = '" + user.ID + "'";
             Database db = new Database("rpsdb", sql, Database.WebConfig);
             db.ExecuteSql(sql);
             MessagePanel.Text = " ";
             TB_OldPassword.Text = "";
             TB_NewPassword.Text = "";
             TB_ConfirmPassword.Text = "";
             String script = "alert('密碼成功更新!'); location.replace('/Main.aspx');";
             ScriptManager.RegisterClientScriptBlock(this, this.GetType(), "ClientScript", script, true);
         }
         catch (Exception)
         {
             String script = "alert('密碼更新失敗!'); location.replace('/Main.aspx');";
             ScriptManager.RegisterClientScriptBlock(this, this.GetType(), "ClientScript", script, true);
         }
     }
 }
Exemple #4
0
        protected void Button1_Click(object sender, EventArgs e)
        {
            if (TB_UserID.Text.Equals(""))
                ShowMessage("請輸入用戶名稱!", MessagePanel, TB_UserID);
            else if (TB_UserPw.Text.Equals(""))
                ShowMessage("請輸入用戶密碼!", MessagePanel, TB_UserPw);
            else
            {
                String UserPW = "";
                String sql = "select user_pw from rps_userinfo where user_id = '" + TB_UserID.Text.Trim() + "'";
                try
                {
                    Database db = new Database("rpsdb", sql, Database.WebConfig);
                    SqlDataReader reader = db.GetReader();

                    while (reader.Read())
                        UserPW = reader["user_pw"].ToString();

                    if (!reader.HasRows || !TB_UserPw.Text.Trim().Equals(UserPW.Trim()))
                    {
                        TB_UserPw.Text = "";
                        ShowMessage("登入失敗!", MessagePanel, TB_UserPw);
                        db.Close();
                    }
                    else
                    {
                        Session[HF_UserToken.Value] = true;
                        Session["User"] = new User(TB_UserID.Text, TB_UserPw.Text, Request.UserHostAddress, HF_UserToken.Value);
                        db.Close();
                        ScriptManager.RegisterClientScriptBlock(this, this.GetType(), "ClientScript", "location.replace('/Main.aspx');", true);
                    }
                }
                catch (SqlException)
                {
                    TB_UserPw.Text = "";
                    TB_UserPw.Text = "";
                    MessagePanel.Text = "資料庫連接失敗!";
                    //MessagePanel.Text = ex.Message;
                }
            }
        }
        protected void Btn_AddUser_Click(object sender, EventArgs e)
        {
            if (TB_UserID.Text.Equals(""))
                ShowMessage("請輸入用戶ID!", MessagePanel, TB_UserID);
            else if (TB_UserPw.Text.Equals(""))
                ShowMessage("請輸入用戶密碼!", MessagePanel, TB_UserPw);
            else if (TB_UserName.Text.Equals(""))
                ShowMessage("請輸入用戶名稱!", MessagePanel, TB_UserName);
            else
            {
                String UserID = TB_UserID.Text.Trim();
                String UserName = TB_UserName.Text.Trim();
                String UserPW = Cryptography.MD5(TB_UserPw.Text);
                String UserDept = DDL_Dept.SelectedValue;

                String sql = "select * from rps_userinfo where user_id = '" + UserID + "'";
                Database db = new Database("rpsdb", sql, Database.WebConfig);
                SqlDataReader reader = db.GetReader();

                if (reader.HasRows)
                    ShowMessage("用戶ID己存在!", MessagePanel, TB_UserID);
                else
                {
                    reader.Close();
                    sql = "insert into rps_userinfo values (" +
                        "'" + UserID + "', '" + UserPW + "', '" + UserName + "', '" + UserDept + "', '1900-01-01 00:00:00.000', 'T')";
                    db.ExecuteSql(sql);
                    sql = "insert into rps_usermenu values ('" + UserID + "','R00')";
                    db.ExecuteSql(sql);
                    sql = "insert into rps_usermenu values ('" + UserID + "','R0002')";
                    db.ExecuteSql(sql);
                    String ClientScript = "alert('用戶新增成功!'); location.replace('R0101_UserMaintenance.aspx'); ";
                    ScriptManager.RegisterClientScriptBlock(UpdatePanel1, GetType(), "Alert", ClientScript, true);
                }

            }
        }