public static string UpdatePassword(string oldpwd, string newpwd, int userid) { SHA256CryptoServiceProvider sha256crypto = new SHA256CryptoServiceProvider(); oldpwd = CommonMethods.Decrypt(oldpwd); byte[] b = sha256crypto.ComputeHash(Encoding.UTF8.GetBytes(oldpwd)); oldpwd = CommonMethods.BytesToHexString(b); SqlQueryCondition sqlcondition1 = new SqlQueryCondition(UserField.Id, SqlQueryConditionOperator.Equal, userid); SqlQueryCondition sqlcondition2 = new SqlQueryCondition(UserField.Password, SqlQueryConditionOperator.Equal, oldpwd); if (UserDAO.Select(new UserField[] { UserField.Id }, new SqlQueryCondition(new SqlQueryCondition[] { sqlcondition1, sqlcondition2 }, SqlQueryLogicalOperator.And)).Length == 0) //学号不存在或者状态码或密码不正确 { return("原密码不正确!"); } else { newpwd = CommonMethods.Decrypt(newpwd); if (newpwd.Length < 8 || newpwd.Length > 16) { return("新密码长度不符合要求!"); } b = sha256crypto.ComputeHash(Encoding.UTF8.GetBytes(newpwd)); newpwd = CommonMethods.BytesToHexString(b); UserDAO.Update(new UserField[] { UserField.Password }, new object[] { newpwd }, sqlcondition1); UserLogDAO.Insert(userid, "updpwd{}"); return("true"); } }
public static string SignOut(string sno, string sequence, string remark) { if (!ScheduleField.Sequence.TestValue(sequence) || !ScheduleField.SignOutRemark.TestValue(remark)) { return("数据格式或长度错误 请联系管理员!"); } DateTime nowtime = DateTime.Now; SqlQueryCondition[] sqlconditions1 = new SqlQueryCondition[] { new SqlQueryCondition(UserField.StudentNmber, SqlQueryConditionOperator.Equal, sno), new SqlQueryCondition(UserField.Status, SqlQueryConditionOperator.Equal, 1) }; object[,] user = UserDAO.Select(new UserField[] { UserField.Id, UserField.Name }, new SqlQueryCondition(sqlconditions1, SqlQueryLogicalOperator.And)); if (user.Length == 0) { return("未找到该用户的信息,请检查学号是否填写正确!"); } SqlQueryCondition[] sqlconditions2 = new SqlQueryCondition[] { new SqlQueryCondition(ScheduleField.Date, SqlQueryConditionOperator.Equal, nowtime), new SqlQueryCondition(ScheduleField.Sequence, SqlQueryConditionOperator.Equal, sequence), new SqlQueryCondition(ScheduleField.Attendant, SqlQueryConditionOperator.Equal, user[0, 0]) }; object[,] schedule = ScheduleDAO.Select(new ScheduleField[] { ScheduleField.Id, ScheduleField.SignInTime, ScheduleField.SignOutTime }, new SqlQueryCondition(sqlconditions2, SqlQueryLogicalOperator.And)); if (schedule.Length == 0) { return("未找到你的值班信息,请检查班次是否错误!"); } if (schedule[0, 1] == DBNull.Value) { return("你还未进行入站签到,请先入站签到!"); } if (schedule[0, 2] != DBNull.Value) { return("你已对此班签出!"); } if (nowtime.TimeOfDay < dutytimes[sequence].EndTime - aheadtime) { return("此时签出太早了,请晚点再来!"); } if (nowtime.TimeOfDay > dutytimes[sequence].EndTime + gracetime) { return("你来晚了,签出时间已过!"); } ScheduleDAO.Update(new ScheduleField[] { ScheduleField.SignOutTime, ScheduleField.SignOutRemark }, new object[] { nowtime.TimeOfDay, remark }, new SqlQueryCondition(ScheduleField.Id, SqlQueryConditionOperator.Equal, schedule[0, 0])); UserLogDAO.Insert((int)user[0, 0], "signout{" + sequence + '\r' + remark + "}"); return("true\n" + user[0, 1].ToString() + " 第" + sequence + "班 " + nowtime.ToLongTimeString() + "签出"); }
public static string DeleteTimetable(string timetableid, int userid) { if (!TimetableField.Id.TestValue(timetableid)) { return(""); } SqlQueryCondition[] sqlconditions = new SqlQueryCondition[] { new SqlQueryCondition(TimetableField.Id, SqlQueryConditionOperator.Equal, timetableid), new SqlQueryCondition(TimetableField.Status, SqlQueryConditionOperator.NotEqual, 1), new SqlQueryCondition(TimetableField.Owner, SqlQueryConditionOperator.Equal, userid) //加入此条件防止非法更改他人课表 }; TimetableDAO.Delete(new SqlQueryCondition(sqlconditions, SqlQueryLogicalOperator.And)); UserLogDAO.Insert(userid, "deltb{" + timetableid + "}"); return("true"); }
public static string UpdateTimetableData(string timetableid, string newdata, int userid) { if (!TimetableField.Id.TestValue(timetableid) || !TimetableField.Data.TestValue(newdata)) { return("数据错误 请联系管理员!"); } SqlQueryCondition[] sqlconditions = new SqlQueryCondition[] { new SqlQueryCondition(TimetableField.Owner, SqlQueryConditionOperator.Equal, userid), //加入此条件防止非法更改他人课表 new SqlQueryCondition(TimetableField.Id, SqlQueryConditionOperator.Equal, timetableid) }; TimetableDAO.Update(new TimetableField[] { TimetableField.Data }, new object[] { newdata }, new SqlQueryCondition(sqlconditions, SqlQueryLogicalOperator.And)); UserLogDAO.Insert(userid, "updtb{" + timetableid + "}"); return("true"); }
public static object[,] GetTimetableData(string timetableid, int userid) { if (!TimetableField.Id.TestValue(timetableid)) { return new object[, ] { { "" } } } ; SqlQueryCondition[] sqlconditions = new SqlQueryCondition[] { new SqlQueryCondition(TimetableField.Id, SqlQueryConditionOperator.Equal, timetableid), new SqlQueryCondition(TimetableField.Owner, SqlQueryConditionOperator.Equal, userid) //加入此条件防止非法查看他人课表 }; UserLogDAO.Insert(userid, "gettbdat{" + timetableid + "}"); return(TimetableDAO.Select(new TimetableField[] { TimetableField.Data }, new SqlQueryCondition(sqlconditions, SqlQueryLogicalOperator.And))); }
public static string AddTimetable(string timetablename, string data, int userid) { if (!TimetableField.Name.TestValue(timetablename) || !TimetableField.Data.TestValue(data)) { return("数据错误 请联系管理员!"); } SqlQueryCondition[] sqlconditions = new SqlQueryCondition[] { new SqlQueryCondition(TimetableField.Owner, SqlQueryConditionOperator.Equal, userid), new SqlQueryCondition(TimetableField.Name, SqlQueryConditionOperator.Equal, timetablename) }; if (TimetableDAO.Select(new TimetableField[] { TimetableField.Id }, new SqlQueryCondition(sqlconditions, SqlQueryLogicalOperator.And)).Length != 0) { return("课表名重复!"); } else { UserLogDAO.Insert(userid, "addtb{" + timetablename + "}"); return("true:" + TimetableDAO.Insert(timetablename, userid, data)); //加上id一起返回 } }
public static string ActiveTimetable(string timetableid, int userid) { if (!TimetableField.Id.TestValue(timetableid)) { return(""); } SqlQueryCondition sqlcondition1 = new SqlQueryCondition(TimetableField.Id, SqlQueryConditionOperator.Equal, timetableid); SqlQueryCondition sqlcondition2 = new SqlQueryCondition(TimetableField.Status, SqlQueryConditionOperator.Equal, 1); SqlQueryCondition sqlcondition3 = new SqlQueryCondition(TimetableField.Owner, SqlQueryConditionOperator.Equal, userid); //加入此条件防止非法更改他人课表 if (TimetableDAO.Select(new TimetableField[] { TimetableField.Id }, new SqlQueryCondition(new SqlQueryCondition[] { sqlcondition1, sqlcondition3 }, SqlQueryLogicalOperator.And)).Length != 0) { TimetableDAO.Update(new TimetableField[] { TimetableField.Status }, new object[] { 0 }, new SqlQueryCondition(new SqlQueryCondition[] { sqlcondition2, sqlcondition3 }, SqlQueryLogicalOperator.And)); TimetableDAO.Update(new TimetableField[] { TimetableField.Status }, new object[] { 1 }, new SqlQueryCondition(new SqlQueryCondition[] { sqlcondition1 }, SqlQueryLogicalOperator.And)); } UserLogDAO.Insert(userid, "acttb{" + timetableid + "}"); return("true"); }
public static string RenameTimetable(string timetableid, string newname, int userid) { if (!TimetableField.Id.TestValue(timetableid) || !TimetableField.Name.TestValue(newname)) { return("数据错误 请联系管理员!"); } SqlQueryCondition sqlcondition1 = new SqlQueryCondition(TimetableField.Owner, SqlQueryConditionOperator.Equal, userid); //加入此条件防止非法更改他人课表 SqlQueryCondition sqlcondition2 = new SqlQueryCondition(TimetableField.Id, SqlQueryConditionOperator.Equal, timetableid); SqlQueryCondition sqlcondition3 = new SqlQueryCondition(TimetableField.Name, SqlQueryConditionOperator.Equal, newname); if (TimetableDAO.Select(new TimetableField[] { TimetableField.Id }, new SqlQueryCondition(new SqlQueryCondition[] { sqlcondition1, sqlcondition3 }, SqlQueryLogicalOperator.And)).Length != 0) { return("课表名重复!"); } else { TimetableDAO.Update(new TimetableField[] { TimetableField.Name }, new object[] { newname }, new SqlQueryCondition(new SqlQueryCondition[] { sqlcondition1, sqlcondition2 }, SqlQueryLogicalOperator.And)); UserLogDAO.Insert(userid, "rntb{" + timetableid + '\r' + newname + "}"); return("true"); } }
public static string UpdateUserInfo(Dictionary <string, string> info, out object[,] newinfo, int userid) { List <UserField> fieldlist = new List <UserField>(7); List <object> valuelist = new List <object>(7); List <string> changes = new List <string>(7); string s = "", msg; if (info.ContainsKey("birthday")) { if (info["birthday"].Length != 0) { DateTime date; if (DateTime.TryParse(info["birthday"], out date)) { fieldlist.Add(UserField.Birthday); valuelist.Add(date.ToString("yyyy-MM-dd")); changes.Add("生日:" + date.ToString("yyyy-MM-dd")); } else { s += "生日信息错误 不是一个日期\n"; } } else { fieldlist.Add(UserField.Birthday); valuelist.Add(null); changes.Add("生日:(空)"); } } if (info.ContainsKey("qq")) { if (UserField.QQ.TestValue(info["qq"], out msg)) { fieldlist.Add(UserField.QQ); valuelist.Add(info["qq"]); changes.Add("QQ:" + info["qq"]); } else { s += "QQ信息错误 " + msg + '\n'; } } if (info.ContainsKey("wechat")) { if (UserField.WeChat.TestValue(info["wechat"], out msg)) { fieldlist.Add(UserField.WeChat); valuelist.Add(info["wechat"]); changes.Add("微信:" + info["wechat"]); } else { s += "微信信息错误 " + msg + '\n'; } } if (info.ContainsKey("phone")) { if (UserField.PhoneNumber.TestValue(info["phone"], out msg)) { fieldlist.Add(UserField.PhoneNumber); valuelist.Add(info["phone"]); changes.Add("电话号码:" + info["phone"]); } else { s += "电话号码信息错误 " + msg + '\n'; } } if (info.ContainsKey("dormitory")) { if (UserField.Dormitory.TestValue(info["dormitory"], out msg)) { fieldlist.Add(UserField.Dormitory); valuelist.Add(info["dormitory"]); changes.Add("宿舍:" + info["dormitory"]); } else { s += "宿舍信息错误 " + msg + '\n'; } } if (info.ContainsKey("address")) { if (UserField.Address.TestValue(info["address"], out msg)) { fieldlist.Add(UserField.Address); valuelist.Add(info["address"]); changes.Add("家庭住址:" + info["address"]); } else { s += "家庭住址信息错误 " + msg + '\n'; } } if (info.ContainsKey("idcard")) { if (UserField.IdCardNumber.TestValue(info["idcard"], out msg)) { fieldlist.Add(UserField.IdCardNumber); valuelist.Add(info["idcard"]); changes.Add("身份证号:" + info["idcard"]); } else { s += "身份证号信息错误 " + msg + '\n'; } } SqlQueryCondition sqlcondition = new SqlQueryCondition(UserField.Id, SqlQueryConditionOperator.Equal, userid); if (fieldlist.Count == 0) { s = "没有符合要求的数据!"; } else { UserDAO.Update(fieldlist.ToArray(), valuelist.ToArray(), sqlcondition); string loginfo = changes[0]; bool overflow = false; for (int i = 1; i < changes.Count; i++) { if (loginfo.Length + changes[i].Length <= UserLogField.Event.SqlDataLength - 14) { loginfo += '\t' + changes[i]; } else { overflow = true; } } if (overflow) { loginfo += "\t..."; } UserLogDAO.Insert(userid, "updinfo{" + loginfo + "}"); if (s.Length != 0) { s = "true:" + s; } else { s = "true"; } } newinfo = UserDAO.Select(UserField.OtherFields, sqlcondition); return(s); }
public static object[,] GetTimetables(int userid) { UserLogDAO.Insert(userid, "gettbs{}"); TimetableField[] fields = new TimetableField[] { TimetableField.Id, TimetableField.Name, TimetableField.Status }; return(TimetableDAO.Select(fields, new SqlQueryCondition(TimetableField.Owner, SqlQueryConditionOperator.Equal, userid))); }
public static object[,] GetInfo(int userid) { UserLogDAO.Insert(userid, "getinfo{}"); return(UserDAO.Select(UserField.OtherFields, new SqlQueryCondition(UserField.Id, SqlQueryConditionOperator.Equal, userid))); }
public static string GetName(int userid) { UserLogDAO.Insert(userid, "getname{}"); return(UserDAO.Select(new UserField[] { UserField.Name }, new SqlQueryCondition(UserField.Id, SqlQueryConditionOperator.Equal, userid))[0, 0].ToString()); }