private static void SetCopyright(Control control, CopyrightBox copyright) { copyright.Text = "Copyright © 2004 smartService Solution. All rights reserved."; if (UserAuthorize.GetUserProfile(control) != null) { copyright.EmployeeID = UserAuthorize.GetUserProfile(control).EmployeeID; } }
public static void CheckAuthorize(Control control) { Pages.Session(control); HttpResponse httpResponse = Pages.Response(control); string rawUrl = Pages.Request(control).RawUrl; int num = rawUrl.IndexOf("?"); if (num >= 0) { rawUrl = rawUrl.Substring(0, num); } num = rawUrl.IndexOf("#"); if (num >= 0) { rawUrl = rawUrl.Substring(0, num); } if (rawUrl.Length > Pages.LOGIN_PAGE.Length && rawUrl.ToUpper().Substring(rawUrl.Length - Pages.LOGIN_PAGE.Length) == Pages.LOGIN_PAGE.ToUpper() || rawUrl.Length > Pages.BUSINESS_LOGIN_PAGE.Length && rawUrl.ToUpper().Substring(rawUrl.Length - Pages.BUSINESS_LOGIN_PAGE.Length) == Pages.BUSINESS_LOGIN_PAGE.ToUpper() || rawUrl.Length > Pages.NOAUTHO_PAGE.Length && rawUrl.ToUpper().Substring(rawUrl.Length - Pages.NOAUTHO_PAGE.Length) == Pages.NOAUTHO_PAGE.ToUpper()) { return; } UserProfile userProfile = UserAuthorize.GetUserProfile(control); if (userProfile == null) { object item = Pages.Session(control)[UserAuthorize.SES_ADMINTYPE]; if (item == null || !(item.ToString() == "BUSINESS")) { httpResponse.Redirect(Pages.Url(control, Pages.LOGIN_PAGE)); } else { httpResponse.Redirect(Pages.Url(control, Pages.BUSINESS_LOGIN_PAGE)); } } SqlConnection connection = ConnectDB.GetConnection(); SqlCommand sqlCommand = new SqlCommand("admin_CheckAuthorize", connection) { CommandType = CommandType.StoredProcedure }; sqlCommand.Parameters.Add("@url", SqlDbType.VarChar).Value = rawUrl; SqlParameter employeeID = sqlCommand.Parameters.Add("@empID", SqlDbType.Int); employeeID.Value = userProfile.EmployeeID; object obj = sqlCommand.ExecuteScalar(); connection.Close(); if (obj is DBNull || obj == null) { httpResponse.Redirect(Pages.Url(control, Pages.NOAUTHO_PAGE)); } }
public static bool Logout(Control control) { SqlConnection connection = ConnectDB.GetConnection(); SqlCommand sqlCommand = new SqlCommand("checkLogout", connection) { CommandType = CommandType.StoredProcedure }; SqlParameter employeeID = sqlCommand.Parameters.Add("@employeeid", SqlDbType.Int); employeeID.Value = UserAuthorize.GetUserProfile(control).EmployeeID; sqlCommand.ExecuteNonQuery(); connection.Close(); Pages.Session(control).Remove("SES_USERPROFILE"); return(true); }
private static ListItemCollection GetSubMenu(Control control, int menuType) { if (Pages.Session(control)["MAINMENU"] == null || Pages.Session(control)["MAINMENUID"] == null) { return(null); } ArrayList item = (ArrayList)Pages.Session(control)["MAINMENUID"]; ListItemCollection listItemCollections = (ListItemCollection)Pages.Session(control)["MAINMENU"]; ListItemCollection listItemCollections1 = new ListItemCollection(); SqlConnection connection = ConnectDB.GetConnection(); SqlCommand sqlCommand = new SqlCommand("admin_AdminSubMenu", connection) { CommandType = CommandType.StoredProcedure }; SqlParameter employeeID = sqlCommand.Parameters.Add("@employeeid", SqlDbType.Int); employeeID.Value = UserAuthorize.GetUserProfile(control).EmployeeID; SqlParameter sqlParameter = sqlCommand.Parameters.Add("@rootid", SqlDbType.Char); sqlParameter.Value = (string)item[menuType]; SqlDataReader sqlDataReaders = sqlCommand.ExecuteReader(); string str = null; while (sqlDataReaders.Read()) { string item1 = (string)sqlDataReaders["adminmenutext"]; string str1 = (string)sqlDataReaders["link"]; if (item1 == "-" && item1 == str) { continue; } if (str1 != "") { str1 = Pages.Url(control, str1); } listItemCollections1.Add(new ListItem(item1, str1)); str = item1; } if (listItemCollections1.Count > 0 && listItemCollections1[listItemCollections1.Count - 1].Text == "-") { listItemCollections1.RemoveAt(listItemCollections1.Count - 1); } sqlDataReaders.Close(); connection.Close(); Pages.Session(control)[string.Concat("SUBMENU", menuType)] = listItemCollections1; return((ListItemCollection)Pages.Session(control)[string.Concat("SUBMENU", menuType)]); }
public static void SetMenu(Control control, HeaderBox header, SubmenuBox sub, CopyrightBox copyright) { UserAuthorize.CheckAuthorize(control); if (Pages.Request(control).Form["_menuTab_"] == "-1") { Pages.Response(control).Redirect(Pages.Url(control, Pages.LOGOUT_PAGE)); } if (header != null) { AdminMenu.SetMainMenu(control, header); object item = Pages.Session(control)[UserAuthorize.SES_ADMINTYPE]; header.IsAdmin = (item == null ? true : item.ToString() != "BUSINESS"); } if (sub != null) { sub.Items = AdminMenu.GetSubMenu(control, header.ActiveIndex); } if (copyright != null) { AdminMenu.SetCopyright(control, copyright); } }
private static ListItemCollection GetMainMenu(Control control) { ListItemCollection listItemCollections = new ListItemCollection(); ArrayList arrayLists = new ArrayList(); SqlConnection connection = ConnectDB.GetConnection(); SqlCommand sqlCommand = new SqlCommand("admin_AdminMainMenu", connection) { CommandType = CommandType.StoredProcedure }; SqlParameter employeeID = sqlCommand.Parameters.Add("@employeeid", SqlDbType.Int); employeeID.Value = UserAuthorize.GetUserProfile(control).EmployeeID; SqlDataReader sqlDataReaders = sqlCommand.ExecuteReader(); int num = 0; while (sqlDataReaders.Read()) { string item = (string)sqlDataReaders["adminmenuid"]; string str = (string)sqlDataReaders["adminmenutext"]; string item1 = (string)sqlDataReaders["link"]; if ((int)sqlDataReaders["menucnt"] == 0 && (item1 == null || item1 == "")) { item1 = string.Concat(Pages.Url(control, Pages.NOAUTHO_PAGE), "?type=", num); } else if (item1 != "") { item1 = Pages.Url(control, item1); } listItemCollections.Add(new ListItem(str, item1)); arrayLists.Add(item); num++; } sqlDataReaders.Close(); connection.Close(); Pages.Session(control)["MAINMENU"] = listItemCollections; Pages.Session(control)["MAINMENUID"] = arrayLists; return((ListItemCollection)Pages.Session(control)["MAINMENU"]); }