/// <summary> /// 获取用户权限 /// </summary> /// <param name="strUserName"></param> /// <param name="strPassword"></param> /// <returns></returns> public DataTable GetLoginUserRole(string strUserName, string strPassword) { StringBuilder strSql = new StringBuilder(); strSql.Append("SELECT * from LoginUser lu where lu.IsValid = 'Y' and lu.UserName=@UserName and lu.Password=@Password;"); OleDbParameter[] parameters = { new OleDbParameter("@UserName", OleDbType.VarChar, 100), new OleDbParameter("@Password", OleDbType.VarChar, 100) }; parameters[0].Value = strUserName; parameters[1].Value = strPassword; DataSet ds = OledbHelper.Query(strSql.ToString(), parameters); if (ds != null && ds.Tables.Count > 0 && ds.Tables[0].Rows.Count > 0) { return(ds.Tables[0]); } return(null); }
/// <summary> /// 通过用户权限获取所有客户数据 /// </summary> /// <param name="strUserName"></param> /// <param name="strPassword"></param> /// <returns></returns> public DataSet GetAllCustomer(string strUserName, string strPassword) { LoginUserDAL dal = new LoginUserDAL(); DataTable dt = dal.GetLoginUserRole(strUserName, strPassword); if (dt != null || IsNotHaveUNPW == "0") { StringBuilder strSql = new StringBuilder(); OleDbParameter[] parameters = { new OleDbParameter("@LID", OleDbType.VarChar, 100) }; strSql.Append(@"SELECT c.ID , l.UserName , c.FullName , c.Phone , c.Address , c.Gender , c.CreateTime , c.UpdateTime , c.IsValid , c.Remarks , c.Account , c.AccountRemarks , c.ConsumptionTime FROM Customer As c LEFT JOIN LoginUser l on c.LID = l.UID"); if (IsNotHaveUNPW == "0") { parameters = null; } else if (!DefaultHighestAuthority.Equals(dt.Rows[0]["Authority"].ToString())) { strSql.Append(" where c.LID = @LID"); parameters[0].Value = dt.Rows[0]["UID"]; } strSql.Append(" Order By c.CreateTime desc;"); return(OledbHelper.Query(strSql.ToString(), parameters)); } return(null); }