protected void button5_ServerClick(object sender, EventArgs e)
{
BLL.Member member = new BLL.Member();
string password = Common.GetStringOfForm("txtPassword");//txtPassword.Text.Trim();
if (!member.CompareLoginPassword(UserLoginInfo.UserID, password))
{
//Label1.Text = "对不起,您输入的旧密码有误!";
CommonManager.Web.RegJs(this, "alert('对不起,您输入的旧密码有误!');location.href=location.href;", true);
BindInfo();
return;
}
//昵称可以输入任何字符,所以要对它进行HTML编码,防止恶意木马脚本字符串;过滤"'"为"''",避免SQL注入式攻击
string nickname = Server.HtmlEncode(Common.GetStringOfForm("nickname").Replace("'", "''"));
string sex = Common.FilterString(Common.GetStringOfForm("sex"));
string pwd = Common.FilterString(Common.GetStringOfForm("pwd"));
string email = Common.FilterString(Common.GetStringOfForm("email"));
string mobile = Common.FilterString(Common.GetStringOfForm("mobile"));
string logoid = Common.FilterString(Common.GetStringOfForm("hidLogoID"));
string qqnum = Common.FilterString(Common.GetStringOfForm("qqnum"));
logoid = member.SetLogoID(Convert.ToInt32(sex.Trim()), Convert.ToInt32(logoid.Trim())).ToString();
string _address = Server.HtmlEncode(CommonManager.Web.RequestForm("txtAddress", ""));
string _province = CommonManager.Web.RequestForm("hidProvince", "");
string _city = CommonManager.Web.RequestForm("hidCity", "");
string _occu = CommonManager.Web.RequestForm("txtOccuPation", "");
//int iRows = member.UpdateBaseInfo(UserLoginInfo.UserID, pwd, nickname, int.Parse(logoid), int.Parse(sex), email, mobile, qqnum);
int iRows = member.UpdateBaseInfo(UserLoginInfo.UserID, pwd, nickname, int.Parse(logoid), int.Parse(sex), email, mobile, _occu, _province, _city, _address, qqnum);
if (iRows > 0)
{
//Label1.Text = "资料修改成功!" + DateTime.Now;
CommonManager.Web.RegJs(this, "alert('资料修改成功!');location.href=location.href;", true);
BindInfo();
/*if (Convert.ToInt32(logoid.Trim()) <= BLL.Member.LogoId_Const2)
* {
* //trImgType.Attributes.Add("style", "display:none");
* //tbCust.Attributes.Add("style", "display:none");
* }*/
}
else
{
//Label1.Text = "抱歉,资料修改失败,可能是服务器繁忙,请稍候再试!";
CommonManager.Web.RegJs(this, "alert('抱歉,资料修改失败,可能是服务器繁忙,请稍候再试!');location.href=location.href;", true);
}
}
protected void button5_ServerClick(object sender, EventArgs e)
{
BLL.Member member = new BLL.Member();
string password = Common.GetStringOfForm("txtPassword");//txtPassword.Text.Trim();
if (!member.CompareLoginPassword(UserLoginInfo.UserID, password))
{
//Label1.Text = "�Բ���������ľ���������";
CommonManager.Web.RegJs(this, "alert('�Բ���������ľ���������');location.href=location.href;", true);
BindInfo();
return;
}
//�dzƿ��������κ��ַ�������Ҫ��������HTML���룬��ֹ����ľ��ű��ַ���������"'"Ϊ"''"������SQLע��ʽ����
string nickname = Server.HtmlEncode(Common.GetStringOfForm("nickname").Replace("'", "''"));
string sex = Common.FilterString(Common.GetStringOfForm("sex"));
string pwd = Common.FilterString(Common.GetStringOfForm("pwd"));
string email = Common.FilterString(Common.GetStringOfForm("email"));
string mobile = Common.FilterString(Common.GetStringOfForm("mobile"));
string logoid = Common.FilterString(Common.GetStringOfForm("hidLogoID"));
string qqnum = Common.FilterString(Common.GetStringOfForm("qqnum"));
logoid = member.SetLogoID(Convert.ToInt32(sex.Trim()), Convert.ToInt32(logoid.Trim())).ToString();
string _address = Server.HtmlEncode( CommonManager.Web.RequestForm( "txtAddress", "" ) );
string _province = CommonManager.Web.RequestForm( "hidProvince", "" );
string _city = CommonManager.Web.RequestForm( "hidCity", "" );
string _occu = CommonManager.Web.RequestForm( "txtOccuPation", "" );
//int iRows = member.UpdateBaseInfo(UserLoginInfo.UserID, pwd, nickname, int.Parse(logoid), int.Parse(sex), email, mobile, qqnum);
int iRows = member.UpdateBaseInfo( UserLoginInfo.UserID, pwd, nickname, int.Parse( logoid ), int.Parse( sex ), email, mobile, _occu, _province, _city, _address,qqnum);
if (iRows > 0)
{
//Label1.Text = "�����ijɹ���" + DateTime.Now;
CommonManager.Web.RegJs(this, "alert('�����ijɹ���');location.href=location.href;", true);
BindInfo();
/*if (Convert.ToInt32(logoid.Trim()) <= BLL.Member.LogoId_Const2)
{
//trImgType.Attributes.Add("style", "display:none");
//tbCust.Attributes.Add("style", "display:none");
}*/
}
else
{
//Label1.Text = "��Ǹ��������ʧ�ܣ������Ƿ�������æ�����Ժ����ԣ�";
CommonManager.Web.RegJs(this, "alert('��Ǹ��������ʧ�ܣ������Ƿ�������æ�����Ժ����ԣ�');location.href=location.href;", true);
}
}