Esempio n. 1
0
    protected void ModifyMyPassword_Click(object sender, EventArgs e)
    {
        if (OldPsd_TextBox.Text == "" || NewPsd_TextBox.Text == "")
        {
            JScript.Alert("输入不完整,请检查后再提交。", this);
            return;
        }
        if (NewPsd_TextBox.Text != NewPsdRe_TextBox.Text)
        {
            JScript.Alert("两次密码输入不同,请重新输入。", this);
            return;
        }
        if (NewPsd_TextBox.Text.Length < 6)
        {
            JScript.Alert("密码至少应为6个字符。", this);
            return;
        }
        string          md5Password   = MD5Provider.Hash(OldPsd_TextBox.Text);
        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            string       strSQL  = "SELECT Top 1 * FROM YHTable WHERE YHName = @userName";
            OleDbCommand command = new OleDbCommand(strSQL, objConnection);
            command.Parameters.Add("@userName", OleDbType.VarChar).Value = Session["userName"].ToString();
            OleDbDataAdapter adapter = new OleDbDataAdapter(command);
            DataTable        dt      = new DataTable();
            adapter.Fill(dt);
            if (dt.Rows.Count == 1)
            {
                if (dt.Rows[0]["YHPassword"].ToString() == md5Password)
                {
                    strSQL  = "UPDATE YHTable SET YHPassword=@psw WHERE 编号=" + dt.Rows[0]["编号"].ToString();
                    command = new OleDbCommand(strSQL, objConnection);
                    command.Parameters.Add("@psw", OleDbType.VarChar).Value = MD5Provider.Hash(NewPsd_TextBox.Text);
                    command.ExecuteNonQuery();
                    MyBasePage.writeLog(Session["userName"].ToString(), "修改密码成功");
                    JScript.Alert("密码修改成功", this);
                }
                else
                {
                    MyBasePage.writeLog(Session["userName"].ToString(), "修改密码错误:旧密码输入错误");
                    JScript.Alert("密码修改失败:旧密码输入错误", this);
                }
            }
            else
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "修改密码错误:无法在数据库中检索到用户原始信息");
                MyBasePage.logout(this);
                JScript.AlertAndRedirect("系统出现错误,请重新登录后再试", "../Deafult.aspx", this);
            }
        }
    }
Esempio n. 2
0
    protected void Btn_Login_Click(object sender, EventArgs e)
    {
        string Out_Error;

        if (MyBasePage.login_check(Txt_UserName.Text, Txt_Password.Text, out Out_Error, this))
        {
            Response.Redirect("Default.aspx");
        }
        else
        {
            JScript.Alert("用户名或密码错误", this);
        }
    }
Esempio n. 3
0
    protected void Article_Insert(object sender, EventArgs e)
    {
        if (productNameTextBox.Text == "")
        {
            JScript.Alert("请输入明星产品名称", this);
            return;
        }
        if (picURLTextBox.Text == "")
        {
            JScript.Alert("请输入产品图片地址", this);
            return;
        }
        int nindex;

        if (!int.TryParse(posIndexTextBox.Text, out nindex))
        {
            JScript.Alert("显示顺序必须为整数", this);
            return;
        }

        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            string       strSQL  = "INSERT INTO ProductsShowTable(ProductName,PicURL,Remarks,LinkURL,PosIndex,AltValue) values (@name,@picurl,@remarks,@linkURL,@posIndex,@altValue)";
            OleDbCommand command = new OleDbCommand(strSQL, objConnection);
            command.Parameters.Add("@name", OleDbType.VarChar).Value     = productNameTextBox.Text;
            command.Parameters.Add("@picurl", OleDbType.VarChar).Value   = picURLTextBox.Text;
            command.Parameters.Add("@remarks", OleDbType.VarChar).Value  = remarksTextBox.Text;
            command.Parameters.Add("@linkURL", OleDbType.VarChar).Value  = linkURLTextBox.Text;
            command.Parameters.Add("@posIndex", OleDbType.Integer).Value = nindex;
            command.Parameters.Add("@altValue", OleDbType.VarChar).Value = altTextBox.Text;
            if (command.ExecuteNonQuery() > 0)
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加明星产品,标题:" + productNameTextBox.Text);
                JScript.AlertAndRedirect("记录已添加", "", this);

                NewsListPanel.Visible = true;
                EditPanel.Visible     = false;
                //ViewPanel.Visible = false;
            }
            else
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加明星产品时发生错误,返回受影响数据库条数为零。欲添加标题: " + productNameTextBox.Text);
                JScript.AlertAndRedirect("添加数据库记录时发生错误", "", this);
            }
        }
    }
Esempio n. 4
0
    protected void Article_Insert(object sender, EventArgs e)
    {
        if (titleTextBox.Text == "")
        {
            JScript.Alert("请输入标题", this);
            return;
        }

        int index;

        if (!int.TryParse(IndexTextBox.Text, out index))
        {
            index = 100;
            JScript.Alert("显示顺序必须为整数", this);
            return;
        }

        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            string       strSQL  = "INSERT INTO LBTable(LBName,LBInf,LBHasChild,LBParentID,PosIndex) values (@title,@content,@hasChild,@parentID,@posIndex)";
            OleDbCommand command = new OleDbCommand(strSQL, objConnection);
            command.Parameters.Add("@title", OleDbType.VarChar).Value    = titleTextBox.Text;
            command.Parameters.Add("@content", OleDbType.VarChar).Value  = contentTextBox.Text;
            command.Parameters.Add("@hasChild", OleDbType.Boolean).Value = hasChildCheckBox.Checked;
            command.Parameters.Add("@parentID", OleDbType.Integer).Value = parentIDDropDown.SelectedValue;
            command.Parameters.Add("@posIndex", OleDbType.Integer).Value = index;
            if (command.ExecuteNonQuery() > 0)
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加产品类别,标题:" + titleTextBox.Text);
                JScript.AlertAndRedirect("类别已添加", "", this);

                NewsListPanel.Visible = true;
                EditPanel.Visible     = false;
            }
            else
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加产品类别时发生错误,返回受影响数据库条数为零。欲添加标题: " + titleTextBox.Text);
                JScript.AlertAndRedirect("添加类别时发生错误", "", this);
            }
        }
    }
Esempio n. 5
0
    protected void Article_Insert(object sender, EventArgs e)
    {
        if (titleTextBox.Text == "")
        {
            JScript.Alert("请输入文章标题", this);
            return;
        }
        if (contentTextBox.Text == "")
        {
            JScript.Alert("请输入文章内容", this);
            return;
        }

        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            string       strSQL  = "INSERT INTO XWTable(newsTitle,newsContents,isTop) values (@title,@content,@isTop)";
            OleDbCommand command = new OleDbCommand(strSQL, objConnection);
            command.Parameters.Add("@title", OleDbType.VarChar).Value   = titleTextBox.Text;
            command.Parameters.Add("@content", OleDbType.VarChar).Value = contentTextBox.Text;
            //command.Parameters.Add("@addTime", OleDbType.DBDate).Value = DateTime.Now;
            //command.Parameters.Add("@picURL", OleDbType.VarChar).Value = Txt_newsPicURL.Text;
            command.Parameters.Add("@isTop", OleDbType.Boolean).Value = isTopCheckBox.Checked;

            if (command.ExecuteNonQuery() > 0)
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加新闻或通知,标题:" + titleTextBox.Text);
                JScript.AlertAndRedirect("新闻或通知已添加", "", this);

                NewsListPanel.Visible = true;
                EditPanel.Visible     = false;
                ViewPanel.Visible     = false;
            }
            else
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加新闻或通知时发生错误,返回受影响数据库条数为零。欲添加标题: " + titleTextBox.Text);
                JScript.AlertAndRedirect("添加新闻或通知时发生错误", "", this);
            }
        }
    }
Esempio n. 6
0
    protected void Article_Insert(object sender, EventArgs e)
    {
        if (Txt_PicURL.Text == "")
        {
            JScript.Alert("请输入大图片地址", this);
            return;
        }
        if (Txt_PicURLSmall.Text == "")
        {
            JScript.Alert("请输入小图片地址", this);
            return;
        }

        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            string       strSQL  = "INSERT INTO ZSTable(picName,picURL,picSmall) values (@name,@picurl,@picsmallurl)";
            OleDbCommand command = new OleDbCommand(strSQL, objConnection);
            command.Parameters.Add("@name", OleDbType.VarChar).Value        = titleTextBox.Text;
            command.Parameters.Add("@picurl", OleDbType.VarChar).Value      = Txt_PicURL.Text;
            command.Parameters.Add("@picsmallurl", OleDbType.VarChar).Value = Txt_PicURLSmall.Text;
            if (command.ExecuteNonQuery() > 0)
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加新闻或通知,标题:" + titleTextBox.Text);
                JScript.AlertAndRedirect("记录已添加", "", this);

                NewsListPanel.Visible = true;
                EditPanel.Visible     = false;
                ViewPanel.Visible     = false;
            }
            else
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加新闻或通知时发生错误,返回受影响数据库条数为零。欲添加标题: " + titleTextBox.Text);
                JScript.AlertAndRedirect("添加数据库记录时发生错误", "", this);
            }
        }
    }
Esempio n. 7
0
    protected void Article_Insert(object sender, EventArgs e)
    {
        if (titleTextBox.Text == "")
        {
            JScript.Alert("请输入产品名称", this);
            return;
        }


        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            string       strSQL  = "INSERT INTO CPTable(CPName,CPInf,CPDetails,CPPicURL,CPLBID,CPInMainPage) values (@title,@inf,@content,@newsPic,@lbID,@inMain)";
            OleDbCommand command = new OleDbCommand(strSQL, objConnection);
            command.Parameters.Add("@title", OleDbType.VarChar).Value   = titleTextBox.Text;
            command.Parameters.Add("@inf", OleDbType.VarChar).Value     = infTextBox.Text;
            command.Parameters.Add("@content", OleDbType.VarChar).Value = contentTextBox.Text;
            command.Parameters.Add("@newsPic", OleDbType.VarChar).Value = Txt_newsPicURL.Text;
            command.Parameters.Add("@lbID", OleDbType.Integer).Value    = parentIDDropDown.SelectedValue;
            //command.Parameters.Add("@inMain", OleDbType.Boolean).Value = inMainPageCheckBox.Checked;
            command.Parameters.Add("@inMain", OleDbType.Boolean).Value = false;
            if (command.ExecuteNonQuery() > 0)
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加新闻或通知,标题:" + titleTextBox.Text);
                JScript.AlertAndRedirect("产品信息已添加", "", this);

                NewsListPanel.Visible = true;
                EditPanel.Visible     = false;
                ViewPanel.Visible     = false;
            }
            else
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加新闻或通知时发生错误,返回受影响数据库条数为零。欲添加标题: " + titleTextBox.Text);
                JScript.AlertAndRedirect("添加产品信息时发生错误", "", this);
            }
        }
    }
Esempio n. 8
0
    protected void Article_Insert(object sender, EventArgs e)
    {
        if (titleTextBox.Text == "")
        {
            JScript.Alert("请输入文章标题", this);
            return;
        }
        if (contentTextBox.Text == "")
        {
            JScript.Alert("请输入文章内容", this);
            return;
        }

        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            string       strSQL  = "INSERT INTO ALTable(ALName,ALContent) values (@title,@content)";
            OleDbCommand command = new OleDbCommand(strSQL, objConnection);
            command.Parameters.Add("@title", OleDbType.VarChar).Value   = titleTextBox.Text;
            command.Parameters.Add("@content", OleDbType.VarChar).Value = contentTextBox.Text;

            if (command.ExecuteNonQuery() > 0)
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加新闻或通知,标题:" + titleTextBox.Text);
                JScript.AlertAndRedirect("文章已添加", "", this);

                NewsListPanel.Visible = true;
                EditPanel.Visible     = false;
                ViewPanel.Visible     = false;
            }
            else
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "添加新闻或通知时发生错误,返回受影响数据库条数为零。欲添加标题: " + titleTextBox.Text);
                JScript.AlertAndRedirect("添加文章时发生错误", "", this);
            }
        }
    }
Esempio n. 9
0
    protected void saveButton_Click(object sender, EventArgs e)
    {
        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            string       strSql  = @"UPDATE XXTable SET GSJJ=@GSJJ, LXFS=@LXFS, ZPXX=@ZPXX, GSXJ=@GSXJ, 
            GSEmail=@GSEmail, IsShowBannerImage=@IsShowBannerImage,
            IsScrollStarProducts=@IsScrollStarProducts,
            ScrollSpeed=@ScrollSpeed,
            ScrollPicNum=@ScrollPicNum
            ";
            OleDbCommand command = new OleDbCommand(strSql, objConnection);
            command.Parameters.Add("@GSJJ", OleDbType.VarChar).Value                 = GSJJTextBox.Text;
            command.Parameters.Add("@LXFS", OleDbType.VarChar).Value                 = LXFSTextBox.Text;
            command.Parameters.Add("@ZPXX", OleDbType.VarChar).Value                 = ZPXXTextBox.Text;
            command.Parameters.Add("@GSXJ", OleDbType.VarChar).Value                 = GSXJTextBox.Text;
            command.Parameters.Add("@GSEmail", OleDbType.VarChar).Value              = GSEMAILTextBox.Text;
            command.Parameters.Add("@IsShowBannerImage", OleDbType.Boolean).Value    = isShowBannerCheckBox.Checked;
            command.Parameters.Add("@IsScrollStarProducts", OleDbType.Boolean).Value = IsScrollStarProductsCheckBox.Checked;
            command.Parameters.Add("@ScrollSpeed", OleDbType.VarChar).Value          = ScrollSpeedTextBox.Text;
            command.Parameters.Add("@ScrollPicNum", OleDbType.VarChar).Value         = ScrollPicNumTextBox.Text;
            //command.Parameters.Add("@ZCLXFS", OleDbType.VarChar).Value = ZCLXFSTextBox.Text;
            if (command.ExecuteNonQuery() > 0)
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "修改系统设置");
                JScript.AlertAndRedirect("系统设置已修改", "", this);
            }
            else
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "修改系统设置时发生错误,返回受影响数据库条数为零。");
                JScript.AlertAndRedirect("系统设置修改失败", "", this);
            }
        }
    }
Esempio n. 10
0
    protected void Article_Command(object sender, CommandEventArgs e)
    {
        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            int actionNeedAuthority = 1;
            switch (e.CommandName)
            {
            case "doEdit":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string           strSQL  = "SELECT * FROM XWTable WHERE 编号=" + e.CommandArgument.ToString();
                    OleDbCommand     command = new OleDbCommand(strSQL, objConnection);
                    OleDbDataAdapter adapter = new OleDbDataAdapter(command);
                    DataTable        dt      = new DataTable();
                    adapter.Fill(dt);
                    if (dt.Rows.Count >= 1)
                    {
                        doUpdateButton.CommandArgument = e.CommandArgument.ToString();
                        doUpdateButton.Visible         = true;
                        doInsertButton.Visible         = false;

                        titleTextBox.Text = dt.Rows[0]["newsTitle"].ToString();
                        //Txt_newsPicURL.Text = dt.Rows[0]["newsPicURL"].ToString();
                        contentTextBox.Text   = dt.Rows[0]["newsContents"].ToString();
                        isTopCheckBox.Checked = Convert.ToBoolean(dt.Rows[0]["isTop"]);
                        NewsListPanel.Visible = false;
                        EditPanel.Visible     = true;
                        ViewPanel.Visible     = false;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "选择指定新闻或通知时发生错误,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("载入指定新闻或通知时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doUpdate":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    if (titleTextBox.Text == "")
                    {
                        JScript.Alert("请输入文章标题", this);
                        return;
                    }
                    if (contentTextBox.Text == "")
                    {
                        JScript.Alert("请输入文章内容", this);
                        return;
                    }

                    string       strSQL  = "UPDATE XWTable SET newsTitle=@title, newsContents=@content, isTop=@isTop  WHERE 编号=" + e.CommandArgument;
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    command.Parameters.Add("@title", OleDbType.VarChar).Value   = titleTextBox.Text;
                    command.Parameters.Add("@content", OleDbType.VarChar).Value = contentTextBox.Text;
                    //command.Parameters.Add("@newsPic", OleDbType.VarChar).Value = Txt_newsPicURL.Text;
                    command.Parameters.Add("@isTop", OleDbType.Boolean).Value = isTopCheckBox.Checked;

                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改新闻或通知,操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("新闻或通知已修改", "", this);

                        NewsListPanel.Visible = true;
                        EditPanel.Visible     = false;
                        ViewPanel.Visible     = false;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改新闻或通知时发生错误,返回受影响数据库条数为零。操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("修改新闻或通知时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }
                break;

            case "doDelete":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string       strSQL  = "UPDATE XWTable SET newsDelete=true WHERE 编号=" + e.CommandArgument.ToString();
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除新闻或通知,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("该新闻或通知已删除", "", this);
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除新闻或通知时发生错误,返回受影响数据库条数为零。欲操作对象ID: " + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("删除新闻或通知时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doView":
                //actionNeedAuthority = 1;
                //if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                //{
                //    string strSQL = "SELECT * FROM XWTable WHERE 编号=" + e.CommandArgument.ToString();
                //    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                //    OleDbDataAdapter adapter = new OleDbDataAdapter(command);
                //    DataTable dt = new DataTable();
                //    adapter.Fill(dt);
                //    if (dt.Rows.Count >= 1)
                //    {

                //        ArticleViewTitle.Text = dt.Rows[0]["newsTitle"].ToString();
                //        viewDoEditButton.CommandArgument = e.CommandArgument.ToString();
                //        string articleInfo = string.Empty;
                //        articleInfo += ("<div>点击量:" + dt.Rows[0]["newsClickTimes"].ToString() + "</div>");
                //        articleInfo += ("<div>添加时间:" + dt.Rows[0]["newsTime"].ToString() + "</div>");

                //        ArticleViewInfo.Text = articleInfo;
                //        ArticleView.Text = dt.Rows[0]["newsContents"].ToString();
                //        if (dt.Rows[0]["newsPicURL"].ToString() != "")
                //        {
                //            ArticlePic.ImageUrl = dt.Rows[0]["newsPicURL"].ToString();
                //            ArticlePic.Visible = true;
                //        }
                //        else
                //        {
                //            ArticlePic.Visible = false;
                //        }
                //        NewsListPanel.Visible = false;
                //        EditPanel.Visible = false;
                //        ViewPanel.Visible = true;
                //    }
                //    else
                //    {
                //        MyBasePage.writeLog(Session["userName"].ToString(), "选择指定新闻或通知时发生错误,操作对象ID:" + e.CommandArgument.ToString());
                //        JScript.AlertAndRedirect("载入指定新闻或通知时发生错误", "", this);
                //    }

                //}
                //else
                //{
                //    JScript.Alert("您无权进行此操作", this);
                //}

                break;
            }
        }
    }
Esempio n. 11
0
    protected void DoInsertButton_Click(object sender, EventArgs e)
    {
        /*
         * 1.检查输入是否合法(用户名必须输入,权限为1到5)
         * 2.检查是否有此用户名
         * 3.执行添加
         */

        if (UserNameTextBox.Text == "")
        {
            UserNameTextBoxLabel.Text = "请输入用户名";
            return;
        }
        else
        {
            UserNameTextBoxLabel.Text = "";
        }
        if (PasswordTextBox.Text == "")
        {
            PasswordTextBoxLabel.Text = "请输入密码";
            return;
        }
        else
        {
            PasswordTextBoxLabel.Text = "";
        }
        int uAuth = 0;

        try
        {
            int.TryParse(AuthorityTextBox.Text, out uAuth);
        }
        catch
        {
        }
        if (uAuth == 0)
        {
            AuthorityTextBoxLabel.Text = "权限必须为大于等于1,小于等于5的数字";
            return;
        }
        else
        {
            AuthorityTextBoxLabel.Text = "";
        }

        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            string       strSQL  = "SELECT TOP 1 * FROM YHTable WHERE YHName=@userName";
            OleDbCommand command = new OleDbCommand(strSQL, objConnection);
            command.Parameters.Add("@userName", OleDbType.VarChar).Value = UserNameTextBox.Text;
            OleDbDataAdapter adapter = new OleDbDataAdapter(command);
            DataTable        dt      = new DataTable();
            adapter.Fill(dt);
            if (dt.Rows.Count >= 1)
            {
                UserNameTextBoxLabel.Text = "该用户已存在";
            }
            else
            {
                strSQL  = "INSERT INTO YHTable(YHName,YHPassword,YHAuthority) values (@userName,@userPassword,@userAuthority)";
                command = new OleDbCommand(strSQL, objConnection);
                command.Parameters.Add("@userName", OleDbType.VarChar).Value      = UserNameTextBox.Text;
                command.Parameters.Add("@userPassword", OleDbType.VarChar).Value  = MD5Provider.Hash(PasswordTextBox.Text);
                command.Parameters.Add("@userAuthority", OleDbType.Numeric).Value = uAuth;
                if (command.ExecuteNonQuery() > 0)
                {
                    MyBasePage.writeLog(Session["userName"].ToString(), "添加用户,账户: " + UserNameTextBox.Text + "  权限:" + uAuth.ToString());
                    JScript.AlertAndRedirect("用户已添加", "", this);
                }
                else
                {
                    MyBasePage.writeLog(Session["userName"].ToString(), "添加用户时发生错误,返回受影响数据库条数为零。欲添加账户: " + UserNameTextBox.Text + "  权限:" + uAuth.ToString());
                    JScript.AlertAndRedirect("添加帐号时发生错误", "", this);
                }
            }
        }
    }
Esempio n. 12
0
    protected void DoModifyButton_Click(object sender, EventArgs e)
    {
        /*
         * 1.检查输入是否合法(用户名必须输入,权限为1到5)
         * 2.检查是否有此用户名
         * 3.执行添加
         */

        int uAuth = 0;

        try
        {
            int.TryParse(mAuthorityTextBox.Text, out uAuth);
        }
        catch
        {
        }
        if (uAuth == 0)
        {
            mAuthorityTextBoxLabel.Text = "权限必须为大于等于1,小于等于5的数字";
            return;
        }
        else
        {
            mAuthorityTextBoxLabel.Text = "";
        }

        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            string strSQL = string.Empty;
            if (mPasswordTextBox.Text == "")
            {
                strSQL = "UPDATE YHTable SET YHAuthority=@userAuthority WHERE YHName=\"" + mUserNameLabel.Text + "\"";
            }
            else
            {
                strSQL = "UPDATE YHTable SET YHPassword=@userPassword, YHAuthority=@userAuthority WHERE YHName=\"" + mUserNameLabel.Text + "\"";
            }
            OleDbCommand command = new OleDbCommand(strSQL, objConnection);
            //command.Parameters.Add("@userName", OleDbType.VarChar).Value = mUserNameLabel.Text;
            if (mPasswordTextBox.Text != "")
            {
                command.Parameters.Add("@userPassword", OleDbType.VarChar).Value = MD5Provider.Hash(mPasswordTextBox.Text);
            }
            command.Parameters.Add("@userAuthority", OleDbType.Numeric).Value = uAuth;
            if (command.ExecuteNonQuery() > 0)
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "修改用户,账户: " + mUserNameLabel.Text + "  权限:" + uAuth.ToString());
                JScript.AlertAndRedirect("用户信息已修改", "", this);
            }
            else
            {
                MyBasePage.writeLog(Session["userName"].ToString(), "修改用户时发生错误,返回受影响数据库条数为零。账户: " + mUserNameLabel.Text + "  欲修改为:权限:" + uAuth.ToString());
                JScript.AlertAndRedirect("修改用户信息时发生错误", "", this);
            }
        }
    }
Esempio n. 13
0
    protected void Article_Command(object sender, CommandEventArgs e)
    {
        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            int actionNeedAuthority = 1;
            switch (e.CommandName)
            {
            case "doEdit":
                break;

            case "doUpdate":
                break;

            case "doDelete":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string       strSQL  = "UPDATE LYTable SET LYDelete=true WHERE 编号=" + e.CommandArgument.ToString();
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除新闻或通知,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("该新闻或通知已删除", "", this);
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除新闻或通知时发生错误,返回受影响数据库条数为零。欲操作对象ID: " + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("删除新闻或通知时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doView":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string           strSQL  = "SELECT * FROM LYTable WHERE 编号=" + e.CommandArgument.ToString();
                    OleDbCommand     command = new OleDbCommand(strSQL, objConnection);
                    OleDbDataAdapter adapter = new OleDbDataAdapter(command);
                    DataTable        dt      = new DataTable();
                    adapter.Fill(dt);
                    if (dt.Rows.Count >= 1)
                    {
                        ArticleViewTitle.Text            = dt.Rows[0]["LYTitle"].ToString();
                        viewDoEditButton.CommandArgument = e.CommandArgument.ToString();
                        string articleInfo = string.Empty;
                        articleInfo += ("<div>姓名:" + dt.Rows[0]["LYName"].ToString() + "</div>");
                        articleInfo += ("<div>留言时间:" + dt.Rows[0]["LYTime"].ToString() + "</div>");
                        articleInfo += ("<div>Email:" + dt.Rows[0]["LYEmail"].ToString() + "</div>");
                        articleInfo += ("<div>电话:" + dt.Rows[0]["LYTel"].ToString() + "</div>");

                        ArticleViewInfo.Text  = articleInfo;
                        ArticleView.Text      = dt.Rows[0]["LYContents"].ToString();
                        NewsListPanel.Visible = false;
                        ViewPanel.Visible     = true;

                        strSQL  = "UPDATE LYTable SET LYRead=true WHERE 编号=" + e.CommandArgument.ToString();
                        command = new OleDbCommand(strSQL, objConnection);
                        command.ExecuteNonQuery();
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "选择指定新闻或通知时发生错误,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("载入指定新闻或通知时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }
                break;
            }
        }
    }
Esempio n. 14
0
    protected void Article_Command(object sender, CommandEventArgs e)
    {
        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            int actionNeedAuthority = 1;
            switch (e.CommandName)
            {
            case "doEdit":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string           strSQL  = "SELECT * FROM CPTable WHERE 编号=" + e.CommandArgument.ToString();
                    OleDbCommand     command = new OleDbCommand(strSQL, objConnection);
                    OleDbDataAdapter adapter = new OleDbDataAdapter(command);
                    DataTable        dt      = new DataTable();
                    adapter.Fill(dt);
                    if (dt.Rows.Count >= 1)
                    {
                        doUpdateButton.CommandArgument = e.CommandArgument.ToString();
                        doUpdateButton.Visible         = true;
                        doInsertButton.Visible         = false;

                        titleTextBox.Text   = dt.Rows[0]["CPName"].ToString();
                        Txt_newsPicURL.Text = dt.Rows[0]["CPPicURL"].ToString();
                        infTextBox.Text     = dt.Rows[0]["CPInf"].ToString();
                        contentTextBox.Text = dt.Rows[0]["CPDetails"].ToString();
                        try
                        {
                            parentIDDropDown.SelectedValue = dt.Rows[0]["CPLBID"].ToString();
                        }
                        catch
                        {
                            parentIDDropDown.SelectedValue = "-1";
                        }
                        //inMainPageCheckBox.Checked = Convert.ToBoolean(dt.Rows[0]["CPInMainPage"]);

                        NewsListPanel.Visible = false;
                        EditPanel.Visible     = true;
                        ViewPanel.Visible     = false;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "选择指定新闻或通知时发生错误,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("载入指定产品信息时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doUpdate":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    if (titleTextBox.Text == "")
                    {
                        JScript.Alert("请输入产品名称", this);
                        return;
                    }

                    string       strSQL  = "UPDATE CPTable SET CPName=@title, CPInf=@inf, CPDetails=@content, CPPicURL=@newsPic, CPLBID=@lbID, CPInMainPage=@inMain WHERE 编号=" + e.CommandArgument;
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    command.Parameters.Add("@title", OleDbType.VarChar).Value   = titleTextBox.Text;
                    command.Parameters.Add("@inf", OleDbType.VarChar).Value     = infTextBox.Text;
                    command.Parameters.Add("@content", OleDbType.VarChar).Value = contentTextBox.Text;
                    command.Parameters.Add("@newsPic", OleDbType.VarChar).Value = Txt_newsPicURL.Text;
                    command.Parameters.Add("@lbID", OleDbType.Integer).Value    = parentIDDropDown.SelectedValue;
                    command.Parameters.Add("@inMain", OleDbType.Boolean).Value  = false;
                    //command.Parameters.Add("@inMain", OleDbType.Boolean).Value = inMainPageCheckBox.Checked;
                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改新闻或通知,操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("产品信息已修改", "", this);

                        NewsListPanel.Visible = true;
                        EditPanel.Visible     = false;
                        ViewPanel.Visible     = false;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改新闻或通知时发生错误,返回受影响数据库条数为零。操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("修改产品信息时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }
                break;

            case "doDelete":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string       strSQL  = "UPDATE CPTable SET CPDel=true WHERE 编号=" + e.CommandArgument.ToString();
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除新闻或通知,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("该产品信息已删除", "", this);
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除新闻或通知时发生错误,返回受影响数据库条数为零。欲操作对象ID: " + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("删除产品信息时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doView":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string           strSQL  = "SELECT * FROM CPTable WHERE 编号=" + e.CommandArgument.ToString();
                    OleDbCommand     command = new OleDbCommand(strSQL, objConnection);
                    OleDbDataAdapter adapter = new OleDbDataAdapter(command);
                    DataTable        dt      = new DataTable();
                    adapter.Fill(dt);
                    if (dt.Rows.Count >= 1)
                    {
                        ArticleViewTitle.Text            = dt.Rows[0]["CPName"].ToString();
                        viewDoEditButton.CommandArgument = e.CommandArgument.ToString();
                        string articleInfo = string.Empty;
                        //articleInfo += ("<div>类别:" + dt.Rows[0]["CPLBID"].ToString() + "</div>");
                        //articleInfo += ("<div>首页展示:" + ( Convert.ToBoolean(dt.Rows[0]["CPInMainPage"]) ? "√" : "×" ) + "</div>");

                        ArticleViewInfo.Text = articleInfo;
                        ArticleView.Text     = "<p>" + dt.Rows[0]["CPInf"].ToString() + "</p><p>&nbsp;</p><p>&nbsp;</p>" + dt.Rows[0]["CPDetails"].ToString();
                        if (dt.Rows[0]["CPPicURL"].ToString() != "")
                        {
                            ArticlePic.ImageUrl = dt.Rows[0]["CPPicURL"].ToString();
                            ArticlePic.Visible  = true;
                        }
                        else
                        {
                            ArticlePic.Visible = false;
                        }
                        NewsListPanel.Visible = false;
                        EditPanel.Visible     = false;
                        ViewPanel.Visible     = true;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "选择指定新闻或通知时发生错误,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("载入指定产品信息时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }
                break;
            }
        }
    }
Esempio n. 15
0
    protected void Article_Command(object sender, CommandEventArgs e)
    {
        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            int actionNeedAuthority = 1;
            switch (e.CommandName)
            {
            case "doEdit":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string           strSQL  = "SELECT * FROM LBTable WHERE 编号=" + e.CommandArgument.ToString();
                    OleDbCommand     command = new OleDbCommand(strSQL, objConnection);
                    OleDbDataAdapter adapter = new OleDbDataAdapter(command);
                    DataTable        dt      = new DataTable();
                    adapter.Fill(dt);
                    if (dt.Rows.Count >= 1)
                    {
                        doUpdateButton.CommandArgument = e.CommandArgument.ToString();
                        doUpdateButton.Visible         = true;
                        doInsertButton.Visible         = false;

                        titleTextBox.Text   = dt.Rows[0]["LBName"].ToString();
                        contentTextBox.Text = dt.Rows[0]["LBInf"].ToString();
                        IndexTextBox.Text   = dt.Rows[0]["PosIndex"].ToString();
                        try
                        {
                            parentIDDropDown.SelectedValue = dt.Rows[0]["LBParentID"].ToString();
                        }
                        catch
                        {
                            parentIDDropDown.SelectedValue = "-1";
                        }
                        hasChildCheckBox.Checked = Convert.ToBoolean(dt.Rows[0]["LBHasChild"]);
                        NewsListPanel.Visible    = false;
                        EditPanel.Visible        = true;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "选择指定新闻或通知时发生错误,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("载入指定内容时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doUpdate":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    if (titleTextBox.Text == "")
                    {
                        JScript.Alert("请输入标题", this);
                        return;
                    }
                    if (parentIDDropDown.SelectedValue == e.CommandArgument.ToString())
                    {
                        parentIDDropDown.SelectedValue = "-1";
                        JScript.Alert("不可指定自身为父级", this);
                        return;
                    }
                    int index;
                    if (!int.TryParse(IndexTextBox.Text, out index))
                    {
                        index = 100;
                        JScript.Alert("显示顺序必须为整数", this);
                        return;
                    }

                    string       strSQL  = "UPDATE LBTable SET LBName=@title, LBInf=@content, LBHasChild=@hasChild, LBParentID=@parentID, PosIndex=@posIndex WHERE 编号=" + e.CommandArgument;
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    command.Parameters.Add("@title", OleDbType.VarChar).Value    = titleTextBox.Text;
                    command.Parameters.Add("@content", OleDbType.VarChar).Value  = contentTextBox.Text;
                    command.Parameters.Add("@hasChild", OleDbType.Boolean).Value = hasChildCheckBox.Checked;
                    command.Parameters.Add("@parentID", OleDbType.Integer).Value = parentIDDropDown.SelectedValue;
                    command.Parameters.Add("@posIndex", OleDbType.Integer).Value = index;
                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改产品类别,操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("类别信息已修改", "", this);

                        NewsListPanel.Visible = true;
                        EditPanel.Visible     = false;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改产品类别时发生错误,返回受影响数据库条数为零。操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("修改类别信息时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }
                break;

            case "doDelete":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string       strSQL  = "UPDATE LBTable SET LBDel=true WHERE 编号=" + e.CommandArgument.ToString();
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除产品类别,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("类别已被删除", "", this);
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除产品类别时发生错误,返回受影响数据库条数为零。欲操作对象ID: " + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("删除类别时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;
            }
        }
    }
Esempio n. 16
0
    protected void Article_Command(object sender, CommandEventArgs e)
    {
        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            int actionNeedAuthority = 1;
            switch (e.CommandName)
            {
            case "doEdit":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string           strSQL  = "SELECT * FROM ALTable WHERE ID=" + e.CommandArgument.ToString();
                    OleDbCommand     command = new OleDbCommand(strSQL, objConnection);
                    OleDbDataAdapter adapter = new OleDbDataAdapter(command);
                    DataTable        dt      = new DataTable();
                    adapter.Fill(dt);
                    if (dt.Rows.Count >= 1)
                    {
                        doUpdateButton.CommandArgument = e.CommandArgument.ToString();
                        doUpdateButton.Visible         = true;
                        doInsertButton.Visible         = false;

                        titleTextBox.Text     = dt.Rows[0]["ALName"].ToString();
                        contentTextBox.Text   = dt.Rows[0]["ALContent"].ToString();
                        NewsListPanel.Visible = false;
                        EditPanel.Visible     = true;
                        ViewPanel.Visible     = false;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "选择指定新闻或通知时发生错误,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("载入指定文章时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doUpdate":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    if (titleTextBox.Text == "")
                    {
                        JScript.Alert("请输入文章标题", this);
                        return;
                    }
                    if (contentTextBox.Text == "")
                    {
                        JScript.Alert("请输入文章内容", this);
                        return;
                    }

                    string       strSQL  = "UPDATE ALTable SET ALName=@title, ALContent=@content WHERE ID=" + e.CommandArgument;
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    command.Parameters.Add("@title", OleDbType.VarChar).Value   = titleTextBox.Text;
                    command.Parameters.Add("@content", OleDbType.VarChar).Value = contentTextBox.Text;
                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改新闻或通知,操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("文章已修改", "", this);

                        NewsListPanel.Visible = true;
                        EditPanel.Visible     = false;
                        ViewPanel.Visible     = false;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改新闻或通知时发生错误,返回受影响数据库条数为零。操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("修改文章时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }
                break;

            case "doDelete":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string       strSQL  = "DELETE FROM ALTable WHERE ID=" + e.CommandArgument.ToString();
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除新闻或通知,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("该文章已被删除", "", this);
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除新闻或通知时发生错误,返回受影响数据库条数为零。欲操作对象ID: " + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("删除文章时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doView":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string           strSQL  = "SELECT * FROM ALTable WHERE ID=" + e.CommandArgument.ToString();
                    OleDbCommand     command = new OleDbCommand(strSQL, objConnection);
                    OleDbDataAdapter adapter = new OleDbDataAdapter(command);
                    DataTable        dt      = new DataTable();
                    adapter.Fill(dt);
                    if (dt.Rows.Count >= 1)
                    {
                        ArticleViewTitle.Text            = dt.Rows[0]["ALName"].ToString();
                        viewDoEditButton.CommandArgument = e.CommandArgument.ToString();
                        string articleInfo = string.Empty;

                        ArticleViewInfo.Text  = articleInfo;
                        ArticleView.Text      = dt.Rows[0]["ALContent"].ToString();
                        NewsListPanel.Visible = false;
                        EditPanel.Visible     = false;
                        ViewPanel.Visible     = true;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "选择指定新闻或通知时发生错误,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("载入指定文章时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }
                break;
            }
        }
    }
Esempio n. 17
0
 protected void logoutButton_Click1(object sender, EventArgs e)
 {
     MyBasePage.logout(this.Page);
     JScript.AlertAndRedirect("您已安全退出管理后台", "../Default.aspx", this.Page);
 }
Esempio n. 18
0
    protected void Article_Command(object sender, CommandEventArgs e)
    {
        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            int actionNeedAuthority = 1;
            switch (e.CommandName)
            {
            case "doEdit":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string           strSQL  = "SELECT * FROM ProductsShowTable WHERE CPID=" + e.CommandArgument.ToString();
                    OleDbCommand     command = new OleDbCommand(strSQL, objConnection);
                    OleDbDataAdapter adapter = new OleDbDataAdapter(command);
                    DataTable        dt      = new DataTable();
                    adapter.Fill(dt);
                    if (dt.Rows.Count >= 1)
                    {
                        doUpdateButton.CommandArgument = e.CommandArgument.ToString();
                        doUpdateButton.Visible         = true;
                        doInsertButton.Visible         = false;

                        productNameTextBox.Text = dt.Rows[0]["ProductName"].ToString();
                        picURLTextBox.Text      = dt.Rows[0]["PicURL"].ToString();
                        remarksTextBox.Text     = dt.Rows[0]["Remarks"].ToString();
                        linkURLTextBox.Text     = dt.Rows[0]["LinkURL"].ToString();
                        posIndexTextBox.Text    = dt.Rows[0]["PosIndex"].ToString();
                        altTextBox.Text         = dt.Rows[0]["AltValue"].ToString();


                        Image_preview.ImageUrl = formatPicURL(dt.Rows[0]["PicURL"].ToString());


                        NewsListPanel.Visible = false;
                        EditPanel.Visible     = true;
                        //ViewPanel.Visible = false;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "选择指定明星产品时发生错误,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("载入指定数据时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doUpdate":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    if (productNameTextBox.Text == "")
                    {
                        JScript.Alert("请输入明星产品名称", this);
                        return;
                    }
                    if (picURLTextBox.Text == "")
                    {
                        JScript.Alert("请输入产品图片地址", this);
                        return;
                    }
                    int nindex;
                    if (!int.TryParse(posIndexTextBox.Text, out nindex))
                    {
                        JScript.Alert("显示顺序必须为整数", this);
                        return;
                    }


                    string       strSQL  = "UPDATE ProductsShowTable SET ProductName=@name, PicURL=@picurl, Remarks=@remarks, LinkURL=@linkURL, PosIndex=@posIndex, AltValue=@altValue WHERE CPID=" + e.CommandArgument;
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    command.Parameters.Add("@name", OleDbType.VarChar).Value     = productNameTextBox.Text;
                    command.Parameters.Add("@picurl", OleDbType.VarChar).Value   = picURLTextBox.Text;
                    command.Parameters.Add("@remarks", OleDbType.VarChar).Value  = remarksTextBox.Text;
                    command.Parameters.Add("@linkURL", OleDbType.VarChar).Value  = linkURLTextBox.Text;
                    command.Parameters.Add("@posIndex", OleDbType.Integer).Value = nindex;
                    command.Parameters.Add("@altValue", OleDbType.VarChar).Value = altTextBox.Text.Trim();

                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改明星产品,操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("记录已修改", "", this);

                        NewsListPanel.Visible = true;
                        EditPanel.Visible     = false;
                        //ViewPanel.Visible = false;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改明星产品时发生错误,返回受影响数据库条数为零。操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("修改数据库记录时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }
                break;

            case "doDelete":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string       strSQL  = "UPDATE ProductsShowTable SET IsDel=true WHERE CPID=" + e.CommandArgument.ToString();
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除明星产品,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("该明星产品已删除", "", this);
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除明星产品时发生错误,返回受影响数据库条数为零。欲操作对象ID: " + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("删除明星产品时发生错误", "", this);
                    }
                    //string strSQL = "DELETE FROM ProductsShowTable WHERE CPID=" + e.CommandArgument.ToString();
                    //OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    //if (command.ExecuteNonQuery() > 0)
                    //{
                    //    MyBasePage.writeLog(Session["userName"].ToString(), "删除明星产品,操作对象ID:" + e.CommandArgument.ToString());
                    //    JScript.AlertAndRedirect("记录已删除", "", this);
                    //}
                    //else
                    //{
                    //    MyBasePage.writeLog(Session["userName"].ToString(), "删除明星产品时发生错误,返回受影响数据库条数为零。欲操作对象ID: " + e.CommandArgument.ToString());
                    //    JScript.AlertAndRedirect("删除数据库记录时发生错误", "", this);
                    //}
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doView":
                break;
            }
        }
    }
Esempio n. 19
0
    protected void Article_Command(object sender, CommandEventArgs e)
    {
        string          strConnection = ConfigurationManager.ConnectionStrings["AccessConnectionString"].ConnectionString;
        OleDbConnection objConnection = new OleDbConnection(strConnection);

        objConnection.Open();
        using (objConnection)
        {
            int actionNeedAuthority = 1;
            switch (e.CommandName)
            {
            case "doEdit":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string           strSQL  = "SELECT * FROM ZSTable WHERE ID=" + e.CommandArgument.ToString();
                    OleDbCommand     command = new OleDbCommand(strSQL, objConnection);
                    OleDbDataAdapter adapter = new OleDbDataAdapter(command);
                    DataTable        dt      = new DataTable();
                    adapter.Fill(dt);
                    if (dt.Rows.Count >= 1)
                    {
                        doUpdateButton.CommandArgument = e.CommandArgument.ToString();
                        doUpdateButton.Visible         = true;
                        doInsertButton.Visible         = false;

                        titleTextBox.Text       = dt.Rows[0]["picName"].ToString();
                        Txt_PicURLSmall.Text    = dt.Rows[0]["picSmall"].ToString();
                        Txt_PicURL.Text         = dt.Rows[0]["picURL"].ToString();
                        Image_picSmall.ImageUrl = formatPicURL(dt.Rows[0]["picSmall"].ToString());
                        Image_pic.ImageUrl      = formatPicURL(dt.Rows[0]["picURL"].ToString());

                        NewsListPanel.Visible = false;
                        EditPanel.Visible     = true;
                        ViewPanel.Visible     = false;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "选择指定新闻或通知时发生错误,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("载入指定数据时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doUpdate":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    if (Txt_PicURL.Text == "")
                    {
                        JScript.Alert("请输入大图片地址", this);
                        return;
                    }
                    if (Txt_PicURLSmall.Text == "")
                    {
                        JScript.Alert("请输入小图片地址", this);
                        return;
                    }

                    string       strSQL  = "UPDATE ZSTable SET picName=@name, picURL=@picurl, picSmall=@picsmallurl WHERE ID=" + e.CommandArgument;
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    command.Parameters.Add("@name", OleDbType.VarChar).Value        = titleTextBox.Text;
                    command.Parameters.Add("@picurl", OleDbType.VarChar).Value      = Txt_PicURL.Text;
                    command.Parameters.Add("@picsmallurl", OleDbType.VarChar).Value = Txt_PicURLSmall.Text;
                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改新闻或通知,操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("记录已修改", "", this);

                        NewsListPanel.Visible = true;
                        EditPanel.Visible     = false;
                        ViewPanel.Visible     = false;
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "修改新闻或通知时发生错误,返回受影响数据库条数为零。操作对象ID:" + e.CommandArgument);
                        JScript.AlertAndRedirect("修改数据库记录时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }
                break;

            case "doDelete":
                actionNeedAuthority = 1;
                if (admin_MasterPage.userAuthority >= actionNeedAuthority)
                {
                    string       strSQL  = "DELETE FROM ZSTable WHERE ID=" + e.CommandArgument.ToString();
                    OleDbCommand command = new OleDbCommand(strSQL, objConnection);
                    if (command.ExecuteNonQuery() > 0)
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除新闻或通知,操作对象ID:" + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("记录已删除", "", this);
                    }
                    else
                    {
                        MyBasePage.writeLog(Session["userName"].ToString(), "删除新闻或通知时发生错误,返回受影响数据库条数为零。欲操作对象ID: " + e.CommandArgument.ToString());
                        JScript.AlertAndRedirect("删除数据库记录时发生错误", "", this);
                    }
                }
                else
                {
                    JScript.Alert("您无权进行此操作", this);
                }

                break;

            case "doView":
                break;
            }
        }
    }