private void InitData()
{
CheckUser();
string loginName = Session["userID"].ToString();
Users user = new Users();
user.LoadData(loginName);
//LabelTree.Text = "ÄúºÃ:" + user.UserName + "<hr>";
string sql = "Select * from ReportTreeMenu Where [Duty] in (";
foreach (string duty in user.Duties)
{
sql += SQLString.GetQuotedString(duty) + ",";
}
sql += "'#')";
DataBase db = new DataBase();
DataTable dt = db.GetDataTable(sql);
Tree2 tree = new Tree2("------------ Kypera Report Lists ------------");
LabelTree.Text += tree.CreateTree2(dt);
}
private void InitData()
{
CheckUser();
string loginName = Session["userID"].ToString();
Users user = new Users();
user.LoadData(loginName);
//LabelTree.Text = "ÄúºÃ:" + user.UserName + "<hr>";
string sql = "Select * from [TreeMenu] Where [Duty] in (";
foreach (string duty in user.Duties)
{
sql += SQLString.GetQuotedString(duty) + ",";
}
sql += "'#')";
sql += "order by nodeid asc ";
DataBase db = new DataBase();
DataTable dt = db.GetDataTable(sql);
Tree tree = new Tree("====== Menu ======");
LabelTree.Text += tree.CreateTree(dt);
}
public void Delete(string ID)
{
string sql = "delete from [column] where columnID=" + SQLString.GetQuotedString(ID);
Database db = new Database();
db.ExecuteSQL(sql);
}
private void SendExp(int docID)
{
int i = 0;
foreach (ListItem item in CheckBoxList1.Items)
{
if (item.Selected == true)
{
i++;
}
}
if (i != 3)
{
Response.Write("<Script Language=JavaScript>alert(\"请选择三位专家评审!\")</Script>");
}
else
{
string[] arr = new string[CheckBoxList1.Items.Count];
for (int j = 0; j < CheckBoxList1.Items.Count; j++)
{
if (CheckBoxList1.Items[j].Selected == true)
{
arr[i] = CheckBoxList1.Items[j].Value;
Hashtable ht = new Hashtable();
ht.Add("expertID", SQLString.GetQuotedString(arr[i]));
ht.Add("docID", SQLString.GetQuotedString(Convert.ToString(docID)));
Assess ass = new Assess();
ass.AsignExp(ht);
}
}
}
}
protected void Bt_add_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
Editor ed = new Editor();
ed.LoadInfo(Request.Cookies["userID"].Value.ToString());
string column = ed.editorColumn;
Hashtable ht = new Hashtable();
ht.Add("expertID", SQLString.GetQuotedString(txtID.Text));
ht.Add("expertPwd", SQLString.GetQuotedString(txtID.Text));//51(aspx)
ht.Add("expertName", SQLString.GetQuotedString(txtName.Text));
ht.Add("expertColumn", SQLString.GetQuotedString(column));
Expert ep = new Expert();
if (ep.Add(ht))
{
Response.Write("<script>alert('添加成功!');window.location=window.location;</script>");
}
else
{
Response.Write("<script>alert('添加失败!');window.location=window.location;</script>");
}
txtID.Text = "";
txtName.Text = "";
}
}
public void Delete(string expertID)
{
string sql = "delete from expert where expertID=" + SQLString.GetQuotedString(expertID);
Database db = new Database();
db.ExecuteSQL(sql);
}
protected void Bt_send_Click(object sender, EventArgs e)
{
if (IsValid)
{
Hashtable ht = new Hashtable();
ht.Add("messageFrom", SQLString.GetQuotedString(Request.Cookies["userID"].Value.ToString()));
//ht.Add("messageFrom", SQLString.GetQuotedString("abse10"));
ht.Add("messageTo", SQLString.GetQuotedString(ddlColumn.SelectedValue));
ht.Add("messageTime", SQLString.GetQuotedString(DateTime.Now.ToString()));
ht.Add("messageTitle", SQLString.GetQuotedString(txtTitle.Text));
ht.Add("messageContent", SQLString.GetQuotedString(txtContent.Text));//5_1_a_s_p_x
ht.Add("messageState", SQLString.GetQuotedString("0"));
Message msg = new Message();
if (msg.NewMesg(ht))
{
Response.Write("<Script Language=JavaScript>alert(\"发送成功!\")</Script>");
}
else
{
Response.Write("<Script Language=JavaScript>alert(\"发送失败!\")</Script>");
}
txtContent.Text = "";
txtTitle.Text = "";
}
}
protected void Bt_send_Click(object sender, EventArgs e)
{
if (IsValid)
{
Expert expert = new Expert();
expert.LoadInfo(Request.Cookies["userID"].Value.ToString());
string msgTo = expert.expertColumn;
Hashtable ht = new Hashtable();
ht.Add("messageFrom", SQLString.GetQuotedString(Request.Cookies["userID"].Value.ToString()));
ht.Add("messageTo", SQLString.GetQuotedString(msgTo));
ht.Add("messageTime", SQLString.GetQuotedString(DateTime.Now.ToString()));
ht.Add("messageTitle", SQLString.GetQuotedString(txtTitle.Text));
ht.Add("messageContent", SQLString.GetQuotedString(txtContent.Text));
ht.Add("messageState", SQLString.GetQuotedString("0"));
Message msg = new Message();
if (msg.NewMesg(ht))
{
Response.Write("<Script Language=JavaScript>alert(\"发送成功!\")</Script>");
}
else
{
Response.Write("<Script Language=JavaScript>alert(\"发送失败!\")</Script>");
}
txtContent.Text = "";
txtTitle.Text = "";
}
}
public void Delete(int docID)
{
string sql = "delete from assess where docID=" + SQLString.GetQuotedString(Convert.ToString(docID));
Database db = new Database();
db.ExecuteSQL(sql);
}
protected void Bt_register_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
Hashtable ht = new Hashtable();
ht.Add("authorID", SQLString.GetQuotedString(txtID.Text));
ht.Add("authorPwd", SQLString.GetQuotedString(txtPwd.Text));
ht.Add("authorName", SQLString.GetQuotedString(txtName.Text));
ht.Add("authorSex", SQLString.GetQuotedString(rblSex.SelectedValue));
ht.Add("authorBirth", SQLString.GetQuotedString(txtBirth.Text));
ht.Add("authorRegion", SQLString.GetQuotedString(txtRegion.Text));
ht.Add("authorPost", SQLString.GetQuotedString(TxtPostcode.Text));
ht.Add("authorMail", SQLString.GetQuotedString(txtMail.Text));
ht.Add("authorDegree", SQLString.GetQuotedString(dddlDegree.SelectedValue));
ht.Add("authorMajor", SQLString.GetQuotedString(txtMajor.Text));
ht.Add("authorTitle", SQLString.GetQuotedString(txtTitle.Text));
ht.Add("authorJob", SQLString.GetQuotedString(txtJob.Text));
ht.Add("authorCompany", SQLString.GetQuotedString(txtCompany.Text));
ht.Add("authorPhone", SQLString.GetQuotedString(txtPhone.Text));
ht.Add("authorAddress", SQLString.GetQuotedString(txtAddress.Text));
ht.Add("authorInfo", SQLString.GetQuotedString(txtInfo.Text));
Author author = new Author();
if (author.Add(ht))
{
Response.Write("<script>alert('注册成功!');window.location='login.aspx';</script>");
}
else
{
Response.Write("<Script Language=JavaScript>alert(\"注册失败!\")</Script>");
}
}
}
public void Delete_msg(int messageID) //删除消息
{
string sql = "delete from message where messageID=" + SQLString.GetQuotedString(Convert.ToString(messageID));
Database db = new Database();
db.ExecuteSQL(sql);
}
protected void Bt_ok_Click(object sender, EventArgs e)
{
string where = " where docID=" + SQLString.GetQuotedString(Request.QueryString["docID"]);
string state = ddlState.SelectedValue;
Hashtable ht = new Hashtable();
ht.Add("docState", SQLString.GetQuotedString(state));
ht.Add("docReason", SQLString.GetQuotedString(txtdocReason.Text));
Doc dc = new Doc();
if (dc.Update(ht, where))
{
Hashtable board = new Hashtable();
board.Add("docID", SQLString.GetQuotedString(Request.QueryString["docID"]));
board.Add("boardState", SQLString.GetQuotedString("未缴费"));
Board bd = new Board();
bd.Add(board);
Response.Write("<script>alert('审核完毕!');window.location='doclist.aspx';</script>");
}
else
{
Response.Write("<script>alert('审核失败!');window.location='doclist.aspx';</script>");
}
}
public string Get_msgCount(string user) //计算未读消息条数
{
string sql = "select count(*) from message where messageState=" + SQLString.GetQuotedString("0") + "and messageTo=" + SQLString.GetQuotedString(user);
Database db = new Database();
return(db.GetScalar(sql));
}
protected void Bt_update_Click(object sender, EventArgs e)
{
string userID = Request.Cookies["userID"].Value.ToString();
string where = " where authorID=" + SQLString.GetQuotedString(userID);
Hashtable ht = new Hashtable();
ht.Add("authorName", SQLString.GetQuotedString(txtName.Text));
ht.Add("authorSex", SQLString.GetQuotedString(rblSex.SelectedValue));
ht.Add("authorBirth", SQLString.GetQuotedString(txtBirth.Text));
ht.Add("authorRegion", SQLString.GetQuotedString(txtRegion.Text));
ht.Add("authorMail", SQLString.GetQuotedString(txtMail.Text));
ht.Add("authorPost", SQLString.GetQuotedString(TxtPostcode.Text));
ht.Add("authorDegree", SQLString.GetQuotedString(ddlDegree.SelectedValue));
ht.Add("authorMajor", SQLString.GetQuotedString(txtMajor.Text));
ht.Add("authorTitle", SQLString.GetQuotedString(txtTitle.Text));
ht.Add("authorJob", SQLString.GetQuotedString(txtJob.Text));
ht.Add("authorCompany", SQLString.GetQuotedString(txtCompany.Text));
ht.Add("authorPhone", SQLString.GetQuotedString(txtPhone.Text));
ht.Add("authorAddress", SQLString.GetQuotedString(txtAddress.Text));
ht.Add("authorInfo", SQLString.GetQuotedString(txtInfo.Text));
Author author = new Author();
if (author.Update(ht, where))
{
Response.Write("<Script Language=JavaScript>alert(\"修改成功!\")</Script>");
}
}
public void Update_state(int messageID) //打开消息后改变状态
{
string sql = "update message set messageState=" + SQLString.GetQuotedString("1") + "where messageID=" + SQLString.GetQuotedString(Convert.ToString(messageID));
Database db = new Database();
db.ExecuteSQL(sql);
}
public void LoadInfo(string authorID)
{
string sql = "select * from author where authorID=" + SQLString.GetQuotedString(authorID);
Database db = new Database();
DataRow dr = db.GetDataRow(sql);
if (dr != null)
{
this._authorID = GetSafeData.ValidateDataRow_S(dr, "authorID");
this._authorPwd = GetSafeData.ValidateDataRow_S(dr, "authorPwd");
this._authorName = GetSafeData.ValidateDataRow_S(dr, "authorName");
this._authorSex = GetSafeData.ValidateDataRow_S(dr, "authorSex");
this._authorBirth = GetSafeData.ValidateDataRow_S(dr, "authorBirth");
this._authorRegion = GetSafeData.ValidateDataRow_S(dr, "authorRegion");
this._authorPost = GetSafeData.ValidateDataRow_S(dr, "authorPost");
this._authorMail = GetSafeData.ValidateDataRow_S(dr, "authorMail");
this._authorDegree = GetSafeData.ValidateDataRow_S(dr, "authorDegree");
this._authorMajor = GetSafeData.ValidateDataRow_S(dr, "authorMajor");
this._authorTitle = GetSafeData.ValidateDataRow_S(dr, "authorTitle");
this._authorJob = GetSafeData.ValidateDataRow_S(dr, "authorJob");
this._authorCompany = GetSafeData.ValidateDataRow_S(dr, "authorCompany");
this._authorPhone = GetSafeData.ValidateDataRow_S(dr, "authorPhone");
this._authorAddress = GetSafeData.ValidateDataRow_S(dr, "authorAddress");
this._authorInfo = GetSafeData.ValidateDataRow_S(dr, "authorInfo");
this._exist = true;
}
else
{
this._exist = false;
}
}
public void Update_attach(int docID, string state) //上传返修稿件后更改状态
{
string sql = "update document set docState=" + SQLString.GetQuotedString(state) + "where docID=" + SQLString.GetQuotedString(Convert.ToString(docID));
Database db = new Database();
db.ExecuteSQL(sql);
}
protected void Bt_Update_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
Admin admin = new Admin();
admin.LoadInfo(Request.Cookies["userID"].Value.ToString());
if (txtPwdold.Text == admin.adminPwd)
{
string xwhere = "where adminID=" + SQLString.GetQuotedString(Request.Cookies["userID"].Value.ToString());
Hashtable ht = new Hashtable();
ht.Add("adminPwd", SQLString.GetQuotedString(txtPwdnew.Text));
if (admin.Update(ht, xwhere))
{
Response.Write("<Script Language=JavaScript>alert(\"密码修改成功!\")</Script>");
}
else
{
Response.Write("<Script Language=JavaScript>alert(\"密码修改失败!\")</Script>");
}
}
else
{
Response.Write("<Script Language=JavaScript>alert(\"旧密码错误!\")</Script>");
}
}
}
public DataRow GetRow(int docID)
{
string sql = "select * from attach where docID=" + SQLString.GetQuotedString(Convert.ToString(docID));
Database db = new Database();
DataRow dr = db.GetDataRow(sql);
return(dr);
}
public DataRow viewassess(string expert, int docID) //查看专家审稿意见
{
string sql = "select assessment from assess where docID=" + SQLString.GetQuotedString(Convert.ToString(docID)) + "and expertID=" + SQLString.GetQuotedString(expert);
Database db = new Database();
DataRow dr = db.GetDataRow(sql);
return(dr);
}
public DataSet LoadMsg(string user) //加载消息
{
string sql = "select * from message where messageTo=" + SQLString.GetQuotedString(user) + "order by messageState asc,messageTime desc";
Database db = new Database();
DataSet ds = db.GetDataSet(sql);
return(ds);
}
protected void Bt_upload_Click(object sender, EventArgs e)
{
if (FileUpload1.HasFile)
{
string oldname = FileUpload1.FileName;
string type = FileUpload1.FileName.Substring(FileUpload1.FileName.LastIndexOf(".") + 1); //获取上传文件的后缀
string filename = DateTime.Now.Year.ToString() + DateTime.Now.Month.ToString() + DateTime.Now.Day.ToString() + DateTime.Now.Hour.ToString() + DateTime.Now.Minute.ToString() + DateTime.Now.Second.ToString() + DateTime.Now.Millisecond.ToString() + "." + type;
if (type == "doc")
{
if (FileUpload1.FileName != "")
{
//更改上传文件名
String path = Server.MapPath("~/upfiles/" + filename);
FileUpload1.PostedFile.SaveAs(path);
}
string author = Request.Cookies["userID"].Value.ToString();
string state = "0";
Hashtable docHt = new Hashtable();
docHt.Add("docTime", SQLString.GetQuotedString(DateTime.Now.ToString()));
docHt.Add("docTitle", SQLString.GetQuotedString(Session["docTitle"].ToString()));
docHt.Add("docTitleEn", SQLString.GetQuotedString(Session["docTitleEn"].ToString()));
docHt.Add("docAbstract", SQLString.GetQuotedString(Session["docAbstract"].ToString()));
docHt.Add("docAbstractEn", SQLString.GetQuotedString(Session["docAbstractEn"].ToString()));
docHt.Add("docKeywords", SQLString.GetQuotedString(Session["docKeywords"].ToString()));
docHt.Add("docKeywordsEn", SQLString.GetQuotedString(Session["docKeywordsEn"].ToString()));
docHt.Add("docLetters", SQLString.GetQuotedString(Session["docLetters"].ToString()));
docHt.Add("docAuthor", SQLString.GetQuotedString(Session["docAuthor"].ToString()));
docHt.Add("docColumnID", SQLString.GetQuotedString(Session["docColumnID"].ToString()));
docHt.Add("authorID", SQLString.GetQuotedString(author));
docHt.Add("docState", SQLString.GetQuotedString(state));
Doc dc = new Doc();
dc.Add(docHt);
int docID = dc.GetID(author);
Hashtable ht = new Hashtable();
ht.Add("attachFilename", SQLString.GetQuotedString(oldname));
ht.Add("attachName", SQLString.GetQuotedString(filename));
ht.Add("docID", SQLString.GetQuotedString(Convert.ToString(docID)));
Attach attach = new Attach();
attach.Add(ht);
Response.Write("<script language='javascript'>alert('投稿成功,谢谢您对本刊的支持!')</script>");
Response.Write("<script>window.location='contribution1.aspx';</script>");
}
else
{
Response.Write("<script language='javascript'>alert('对不起,目前只接受.doc格式文档,请重新上传!')</script>");
}
}
}
public bool Update_Column(string editor, string column)
{
string sql = "update editor set editorColumn=" + SQLString.GetQuotedString(column) + "where editorID=" + SQLString.GetQuotedString(editor);
Database db = new Database();
if (db.ExecuteSQL(sql) > 0)
{
return(true);
}
return(false);
}
public bool Delete(string ID)
{
string sql = "delete from [author] where authorID=" + SQLString.GetQuotedString(ID);
Database db = new Database();
if (db.ExecuteSQL(sql) > 0)
{
return(true);
}
return(false);
}
public bool Update_board(int ID, string rank, string money, string state) //更新稿件版面信息
{
string sql = "update board set boardRank=" + SQLString.GetQuotedString(rank) + ",boardMoney=" + SQLString.GetQuotedString(money) + ",boardState=" + SQLString.GetQuotedString(state) + "where docID=" + SQLString.GetQuotedString(Convert.ToString(ID));
Database db = new Database();
if (db.ExecuteSQL(sql) > 0)
{
return(true);
}
return(false);
}
public void LoadInfo(string adminID)
{
string sql = "select * from admin where adminID=" + SQLString.GetQuotedString(adminID);
Database db = new Database();
DataRow dr = db.GetDataRow(sql);
if (dr != null)
{
this._adminID = GetSafeData.ValidateDataRow_S(dr, "adminID");
this._adminPwd = GetSafeData.ValidateDataRow_S(dr, "adminPwd");
}
}
public bool CheckUser(string authorID)
{
string sql = "select * from author where authorID=" + SQLString.GetQuotedString(authorID);
Database db = new Database();
DataRow dr = db.GetDataRow(sql);
if (dr != null)
{
return(false);
}
return(true);
}
public bool Del(string expert)
{
string sql = "delete from expert where expertID=" + SQLString.GetQuotedString(expert);
Database db = new Database();
if (db.ExecuteSQL(sql) > 0)
{
return(true);
}
else
{
return(false);
}
}
public bool Delete(string editor)
{
string sql = "delete from editor where editorID=" + SQLString.GetQuotedString(editor);
Database db = new Database();
if (db.ExecuteSQL(sql) > 0)
{
return(true);
}
else
{
return(false);
}
}
public int GetID(string authorID) //获取最后投稿的稿件编号
{
int ID;
string sql = "select docID from document where authorID=" + SQLString.GetQuotedString(authorID) + "order by docTime desc";
Database db = new Database();
SqlDataReader sdr = db.GetDataReader(sql);
if (sdr.Read())
{
ID = sdr.GetInt32(0);
return(ID);
}
return(-1);
}