protected void btnAdd_Click(object sender, EventArgs e)
{
if (CheckError())
{
clsConnect cn = new clsConnect();
string sql = "INSERT INTO menu(menu_title,menu_description,menu_url,menu_valuepath,menu_parent_id, menu_order) " +
"VALUES(@menu_title,@menu_description,@menu_url,@menu_valuepath,@menu_parent_id, @menu_order)";
int Nparameter = 6;
string[] name = new string[Nparameter];
name[0] = "@menu_valuepath";
name[1] = "@menu_description";
name[2] = "@menu_url";
name[3] = "@menu_title";
name[4] = "@menu_parent_id";
name[5] = "@menu_order";
object[] value = new object[Nparameter];
value[0] = "";
if (tremenu.SelectedNode != null)
{
value[0] = tremenu.SelectedNode.ValuePath;
}
value[1] = txtmenu_description.Text;
value[2] = txtmenu_url.Text;
value[3] = txtmenu_name.Text;
if (Request.QueryString["menu_id"] == null)
{
value[4] = 0;
}
else
{
value[4] = tremenu.SelectedValue;
}
value[5] = txtMenuOrder.Text;
cn.UpdateData(sql, name, value, Nparameter);
string menu_id = cn.LoadData("SELECT * FROM menu WHERE menu_id IN(SELECT TOP 1(menu_id) FROM menu ORDER BY menu_id desc)").Rows[0][0].ToString();
value[0] = value[0].ToString() + "/" + menu_id;
if (Request.QueryString["menu_id"] == null)
{
value[0] = menu_id;
}
cn.UpdateData("UPDATE menu SET menu_valuepath=@menu_valuepath WHERE menu_id=" + menu_id, name, value, 1);
cn.close();
String strURL = "menu.aspx?menu_id=" + menu_id + "&sub_menu=1";
if (Request.QueryString["menu_id"] != null)
{
strURL = "menu.aspx?menu_id=" + Request.QueryString["menu_id"].ToString() + "&sub_menu=1";
}
Response.Redirect(strURL);
}
}
protected void btnUpdate_Click(object sender, EventArgs e)
{
int id = 0;
try
{
id = Convert.ToInt32(Request.QueryString["nhanvien_ma"]);
}
catch (Exception ex) { }
if (Validate(id))
{
String sqlText =
"UPDATE nhanvien SET nhanvien_ten = @nhanvien_ten " +
"WHERE nhanvien_ma = @nhanvien_ma";
clsConnect cn = new clsConnect();
int Nparameter = 2;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
name[0] = "@nhanvien_ten";
name[1] = "@nhanvien_ma";
value[0] = txtTen.Text.Trim();
value[1] = id;
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
String strURL = "sys_employee.aspx?save=1";
Response.Redirect(strURL);
}
}
protected void btnUpdate_Click(object sender, EventArgs e)
{
int hanghoa_ma = 0;
try
{
hanghoa_ma = Convert.ToInt32(Request.QueryString["service_type_id"]);
}
catch (Exception ex) { }
if (Validate(hanghoa_ma))
{
String sqlText =
"UPDATE service_type SET service_type_name = @service_type_name " +
"WHERE service_type_id = @service_type_id";
clsConnect cn = new clsConnect();
int Nparameter = 2;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
name[0] = "@service_type_name ";
value[0] = txtTen.Text.ToUpper();
name[1] = "@service_type_id";
value[1] = hanghoa_ma;
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
String strURL = "cat_service_type.aspx?save=1";
Response.Redirect(strURL);
}
}
protected void btnUpdate_Click(object sender, EventArgs e)
{
int dichvu_ma = 0;
try
{
dichvu_ma = Convert.ToInt32(Request.QueryString["loaidv_id"]);
}
catch (Exception ex) { }
if (Validate(dichvu_ma))
{
String sqlText =
"UPDATE loaidv SET tendv = @tendv " +
"WHERE loaidv_id = @loaidv_id";
clsConnect cn = new clsConnect();
int Nparameter = 2;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
name[0] = "@tendv ";
value[0] = txtTen.Text;
name[1] = "@loaidv_id";
value[1] = dichvu_ma;
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
String strURL = "cat_service.aspx?save=" + txtTen.Text;
Response.Redirect(strURL);
}
}
protected void btnSavemenu_Click(object sender, EventArgs e)
{
clsConnect cn = new clsConnect();
string sql =
"update chitietquyen set " +
"quyen_xem = @quyen_xem, " +
"quyen_sua = @quyen_sua, " +
"quyen_them = @quyen_them, " +
"quyen_xoa = @quyen_xoa " +
"where quyen_ma=@quyen_ma and menu_id=@menu_id";
int Nparameter = 6;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
name[0] = "@quyen_ma";
name[1] = "@menu_id";
name[2] = "@quyen_xem";
name[3] = "@quyen_them";
name[4] = "@quyen_sua";
name[5] = "@quyen_xoa";
value[0] = Request.QueryString["quyen_ma"];
for (int i = 0; i < rptquyenDetail.Items.Count; i++)
{
value[1] = ((Label)rptquyenDetail.Items[i].FindControl("lblMenuID")).Text;
value[2] = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkView")).Checked;
value[3] = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkAdd")).Checked;
value[4] = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkEdit")).Checked;
value[5] = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkDelete")).Checked;
cn.UpdateData(sql, name, value, Nparameter);
}
cn.close();
Response.Redirect("sys_authority.aspx?quyen_ma=" + Request.QueryString["quyen_ma"]);
}
protected void btnInsert_Click(object sender, EventArgs e)
{
if (Validate(0))
{
String sqlText =
"INSERT INTO TaiKhoan(username,password,quyen_ma,nhanvien_ma,tu_donvi,den_donvi) VALUES( " +
"@user,@password,@quyen_ma,@nhanvien_ma,@tu_donvi,@den_donvi);";
clsConnect cn = new clsConnect();
int Nparameter = 6;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
name[0] = "@user";
name[1] = "@password";
name[2] = "@quyen_ma";
name[3] = "@nhanvien_ma";
name[4] = "@tu_donvi";
name[5] = "@den_donvi";
value[0] = txtTen.Text.Trim();
value[1] = txtMatKhau.Text.Trim();
value[2] = ddlQuyen.Text;
value[3] = ddlNhanVien.Text;
value[4] = txtFrom.Text.Trim();
value[5] = txtTo.Text.Trim();
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
String strURL = "sys_sercurity.aspx?add=1";
Response.Redirect(strURL);
}
}
protected void btnSave_Click(object sender, EventArgs e)
{
if (CheckError())
{
clsConnect cn = new clsConnect();
string sql =
"UPDATE menu SET menu_title = @menu_title, menu_description = @menu_description, " +
"menu_url= @menu_url, menu_order = @menu_order where menu_id=@menu_id ";
int Nparameter = 5;
string[] name = new string[Nparameter];
name[0] = "@menu_title";
name[1] = "@menu_description";
name[2] = "@menu_url";
name[3] = "@menu_id";
name[4] = "@menu_order";
object[] value = new object[Nparameter];
value[0] = txtmenu_name.Text;
value[1] = txtmenu_description.Text;
value[2] = txtmenu_url.Text;
value[3] = Request.QueryString["menu_id"];
value[4] = txtMenuOrder.Text;
cn.UpdateData(sql, name, value, Nparameter);
cn.close();
Response.Redirect("menu.aspx");
}
}
private void Delete_Menu(string smenu_ID)
{
clsConnect cn = new clsConnect();
string sqlText = "DELETE FROM menu WHERE menu_id = @menu_id ";
string[] name = new string[1];
object[] value = new object[1];
int Nparameter = 1;
name[0] = "@menu_id";
value[0] = smenu_ID;
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
}
protected void DeleteIDList(String id)
{
//room_type table
String sqlText = "DELETE FROM service WHERE service_id = ?service_id";
clsConnect cn = new clsConnect();
int Nparameter = 1;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
name[0] = "?service_id";
value[0] = id;
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
}
protected void btnDel_Click(object sender, EventArgs e)
{
clsConnect cn = new clsConnect();
string sql = "delete from quyen where quyen_ma=@quyen_ma";
int Nparameter = 1;
string[] name = new string[Nparameter];
name[0] = "@quyen_ma";
object[] value = new object[Nparameter];
value[0] = Request.QueryString["quyen_ma"];
cn.UpdateData(sql, name, value, Nparameter);
cn.close();
Response.Redirect("sys_authority.aspx");
}
protected void DeleteCarBranchList(String sCarBranchID)
{
//room_type table
String sqlText = "DELETE FROM service_type WHERE service_type_id = @service_type_id";
clsConnect cn = new clsConnect();
string[] name = new string[1];
object[] value = new object[1];
int Nparameter = 1;
name[0] = "@service_type_id";
value[0] = sCarBranchID;
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
}
protected void btnAdd_Click(object sender, EventArgs e)
{
if (Check_Error(0))
{
clsConnect cn = new clsConnect();
string sql = "insert into quyen(quyen) values(@quyen)";
int Nparameter = 1;
string[] name = new string[Nparameter];
name[0] = "@quyen";
object[] value = new object[Nparameter];
value[0] = txtquyen_ten.Text;
cn.UpdateData(sql, name, value, Nparameter);
string quyen_ma = cn.LoadData("select * from quyen WHERE quyen_ma IN(SELECT TOP 1(quyen_ma) FROM quyen ORDER BY quyen_ma DESC)").Rows[0][0].ToString();
cn.close();
Response.Redirect("sys_authority.aspx");//?quyen_ma=" + quyen_ma);
}
}
protected void btnInsert_Click(object sender, EventArgs e)
{
if (Validate(0))
{
String sqlText =
"INSERT INTO service_type(service_type_name) VALUES(@service_type_name);";
clsConnect cn = new clsConnect();
int Nparameter = 1;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
name[0] = "@service_type_name";
value[0] = txtTen.Text.ToUpper();
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
String strURL = "cat_service_type.aspx?add=" + txtTen.Text;
Response.Redirect(strURL);
}
}
protected void btnSave_Click(object sender, EventArgs e)
{
if (Check_Error(Convert.ToInt32(Request.QueryString["quyen_ma"])))
{
clsConnect cn = new clsConnect();
string sql = "update quyen set quyen = @quyen_ten where quyen_ma=@quyen_ma";
int Nparameter = 2;
string[] name = new string[Nparameter];
name[0] = "@quyen_ten";
name[1] = "@quyen_ma";
object[] value = new object[Nparameter];
value[0] = txtquyen_ten.Text;
value[1] = Request.QueryString["quyen_ma"];
cn.UpdateData(sql, name, value, Nparameter);
cn.close();
Response.Redirect("sys_authority.aspx");
}
}
protected void btnInsert_Click(object sender, EventArgs e)
{
if (Validate(0))
{
String sqlText =
"INSERT INTO nhanvien(nhanvien_ten) VALUES( " +
"@nhanvien_ten);";
clsConnect cn = new clsConnect();
int Nparameter = 1;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
name[0] = "@nhanvien_ten";
value[0] = txtTen.Text.Trim();
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
String strURL = "sys_employee.aspx?add=1";
Response.Redirect(strURL);
}
}
protected void btnDelAll_Click(object sender, EventArgs e)
{
clsConnect cn = new clsConnect();
string sql = "delete from quyen where quyen_ma=@quyen_ma";
for (int i = 0; i < gridauthority.Items.Count; i++)
{
bool check = ((CheckBox)gridauthority.Items[i].FindControl("chkDel")).Checked;
if (check)
{
int Nparameter = 1;
string[] name = new string[Nparameter];
name[0] = "@quyen_ma";
object[] value = new object[Nparameter];
value[0] = ((Label)gridauthority.Items[i].FindControl("lblID")).Text;
cn.UpdateData(sql, name, value, Nparameter);
}
}
cn.close();
Response.Redirect("sys_authority.aspx");
}
protected void btnUpdate_Click(object sender, EventArgs e)
{
int id = 0;
try
{
id = Convert.ToInt32(Request.QueryString["id"]);
}
catch (Exception ex) { }
if (Validate(id))
{
String sqlText =
"UPDATE TaiKhoan SET username = @username,password=@password,nhanvien_ma=@nhanvien_ma, " +
" quyen_ma=@quyen_ma,tu_donvi=@tu_donvi,den_donvi=@den_donvi " +
"WHERE id = @id";
clsConnect cn = new clsConnect();
int Nparameter = 7;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
name[0] = "@username";
name[1] = "@password";
name[2] = "@quyen_ma";
name[3] = "@nhanvien_ma";
name[4] = "@tu_donvi";
name[5] = "@den_donvi";
name[6] = "@id";
value[0] = txtTen.Text.Trim();
value[1] = txtMatKhau.Text.Trim();
value[2] = ddlQuyen.Text;
value[3] = ddlNhanVien.Text;
value[4] = txtFrom.Text.Trim();
value[5] = txtTo.Text.Trim();
value[6] = id;
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
String strURL = "sys_sercurity.aspx?save=1";
Response.Redirect(strURL);
}
}
protected void btnDelAllmenu_Click(object sender, EventArgs e)
{
clsConnect cn = new clsConnect();
string sql = "delete from chitietquyen where quyen_ma=@quyen_ma and menu_id=@menu_id";
for (int i = 0; i < rptquyenDetail.Items.Count; i++)
{
bool check = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkSelect")).Checked;
if (check)
{
int Nparameter = 2;
string[] name = new string[Nparameter];
name[0] = "@quyen_ma";
name[1] = "@menu_id";
object[] value = new object[Nparameter];
value[0] = Request.QueryString["quyen_ma"];
value[1] = ((Label)rptquyenDetail.Items[i].FindControl("lblMenuID")).Text;
cn.UpdateData(sql, name, value, Nparameter);
}
}
cn.close();
Response.Redirect("sys_authority.aspx?quyen_ma=" + Request.QueryString["quyen_ma"]);
}
private void deletemenu(string menu_id)
{
clsConnect cn = new clsConnect();
string sql = "DELETE FROM menu WHERE menu_id = @menu_id";
int Nparameter = 1;
string[] name = new string[Nparameter];
name[0] = "@menu_id";
object[] value = new object[Nparameter];
value[0] = menu_id;
cn.UpdateData(sql, name, value, Nparameter);
sql = "SELECT menu_id FROM menu where menu_parent_id = @menu_id";
DataTable dt = cn.LoadData(sql, name, value, Nparameter);
if (dt.Rows.Count > 0)
{
foreach (DataRow row in dt.Rows)
{
deletemenu(row[0].ToString());
}
}
cn.close();
}
protected void btnSave_Click(object sender, EventArgs e)
{
if (!SearchPassword())
{
return;
}
clsConnect cn = new clsConnect();
string sql = "UPDATE taikhoan SET password=@password WHERE nhanvien_ma=@nhanvien_ma";
int parameter = 2;
string[] name = new string[parameter];
object[] value = new object[parameter];
name[0] = "@password";
name[1] = "@nhanvien_ma";
value[0] = txtPassWordNew.Text.Trim();
value[1] = Session["nhanvien_ma"].ToString();
cn.UpdateData(sql, name, value, parameter);
cn.close();
lblMsg.Text = "Bạn đã đổi mật khẩu thành công!";
lblMsg.ForeColor = System.Drawing.Color.Blue;
txtPassWord.Text = "";
txtPassWordNew.Text = "";
txtPassWordReNew.Text = "";
}
protected void btnUpdate_Click1(object sender, EventArgs e)
{
if (ddlServiceType.Text != "")
{
clsConnect cn = new clsConnect();
int Nparameter = 11;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
string sql = "";
//upload file vao thu muc thuvien/taptin
//try
//{
if (FileUpLoad1.FileName != "")
{
string path = Server.MapPath("~/thuvien/taptin/") + FileUpLoad1.FileName;
FileUpLoad1.SaveAs(path);
Nparameter = 11;
sql = "UPDATE information SET service_id=?service_id,title=?title,date_post=?date_post,human_post=?human_post,source_link=?source_link, " +
"content=?content,heading_text=?heading_text,file=?file,status_id=?status_id , id=?id " +
"WHERE information_id=?information_id";
name[0] = "?service_id";
name[1] = "?title";
name[2] = "?date_post";
name[3] = "?human_post";
name[4] = "?source_link";
name[5] = "?content";
name[6] = "?heading_text";
name[7] = "?file";
name[8] = "?status_id";
name[9] = "?information_id";
name[10] = "?id";
value[0] = ddlService.Text;
value[1] = txtTitle.Text.Trim();
value[2] = DateTime.Now;
value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
value[4] = txtSource.Text.Trim();
value[5] = txtContent.Value;
value[6] = lblHeadingText.Text.Trim();
value[7] = FileUpLoad1.FileName;
//lay id chuyen muc, gan cho trang thai
if (rbtChoise.SelectedValue == "0")
{
value[8] = "0";
}
if (rbtChoise.SelectedValue == "1")
{
value[8] = "1";
}
if (rbtChoise.SelectedValue == "2")
{
value[8] = "2";
}
value[9] = Request.QueryString["content_id"];
value[10] = ddlMon.SelectedIndex.ToString();
cn.UpdateData(sql, name, value, Nparameter);
}
else
{
Nparameter = 9;
sql = "UPDATE information SET service_id=?service_id,title=?title,date_post=?date_post,human_post=?human_post,source_link=?source_link, " +
"content=?content,heading_text=?heading_text,status_id=?status_id " +
"WHERE information_id=?information_id";
name[0] = "?service_id";
name[1] = "?title";
name[2] = "?date_post";
name[3] = "?human_post";
name[4] = "?source_link";
name[5] = "?content";
name[6] = "?heading_text";
name[7] = "?status_id";
name[8] = "?information_id";
value[0] = ddlService.Text;
value[1] = txtTitle.Text.Trim();
value[2] = DateTime.Now;
value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
value[4] = txtSource.Text.Trim();
value[5] = txtContent.Value;
value[6] = lblHeadingText.Text.Trim();
//lay id chuyen muc, gan cho trang thai
if (rbtChoise.SelectedValue == "0")
{
value[7] = "0";
}
if (rbtChoise.SelectedValue == "1")
{
value[7] = "1";
}
if (rbtChoise.SelectedValue == "2")
{
value[7] = "2";
}
value[8] = Request.QueryString["content_id"];
cn.UpdateData(sql, name, value, Nparameter);
}
cn.close();
Response.Redirect("web_send.aspx");
}
}
void UploadTinGioithieu()
{
clsConnect cn = new clsConnect();
int Nparameter = 10;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
string sql = "";
//upload file vao thu muc thuvien/taptin
//try
//{
if (FileUpLoad1.FileName != "")
{
string path = Server.MapPath("~/thuvien/taptin/") + FileUpLoad1.FileName;
FileUpLoad1.SaveAs(path);
Nparameter = 10;
sql = "INSERT INTO information(service_id,title,date_post,human_post,source_link,content,heading_text,file,status_id,id)VALUES( " +
"?service_id,?title,?date_post,?human_post,?source_link,?content,?heading_text,?file,?status_id,?id)";
name[0] = "?service_id";
name[1] = "?title";
name[2] = "?date_post";
name[3] = "?human_post";
name[4] = "?source_link";
name[5] = "?content";
name[6] = "?heading_text";
name[7] = "?file";
name[8] = "?status_id";
name[9] = "?id";
value[0] = ddlService.Text;
value[1] = txtTitle.Text.Trim();
value[2] = DateTime.Now;
value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
value[4] = txtSource.Text.Trim();
value[5] = txtContent.Value;
value[6] = lblHeadingText.Text.Trim();
value[7] = FileUpLoad1.FileName;
//lay id chuyen muc, gan cho trang thai
if (rbtChoise.SelectedValue == "0")
{
value[8] = "0";
}
if (rbtChoise.SelectedValue == "1")
{
value[8] = "1";
}
if (rbtChoise.SelectedValue == "2")
{
value[8] = "2";
}
value[9] = ddlMon.SelectedIndex.ToString();
cn.UpdateData(sql, name, value, Nparameter);
}
else
{
Nparameter = 9;
sql = "INSERT INTO information(service_id,title,date_post,human_post,source_link,content,heading_text,status_id,id)VALUES( " +
"?service_id,?title,?date_post,?human_post,?source_link,?content,?heading_text,?status_id,?id)";
name[0] = "?service_id";
name[1] = "?title";
name[2] = "?date_post";
name[3] = "?human_post";
name[4] = "?source_link";
name[5] = "?content";
name[6] = "?heading_text";
name[7] = "?status_id";
name[8] = "?id";
value[0] = ddlService.Text;
value[1] = txtTitle.Text.Trim();
value[2] = DateTime.Now;
value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
value[4] = txtSource.Text.Trim();
value[5] = txtContent.Value;
value[6] = lblHeadingText.Text.Trim();
if (rbtChoise.SelectedValue == "0")
{
value[7] = "0";
}
if (rbtChoise.SelectedValue == "1")
{
value[7] = "1";
}
if (rbtChoise.SelectedValue == "2")
{
value[7] = "2";
}
value[8] = ddlMon.SelectedIndex.ToString();
cn.UpdateData(sql, name, value, Nparameter);
}
cn.close();
}
private void insertmenu(TreeNode node, clsConnect cn)
{
if (node.ChildNodes.Count == 0)
{
if (node.Checked)
{
string sql =
"select * from chitietquyen,menu where chitietquyen.menu_id=menu.menu_id " +
"and quyen_ma=@quyen_ma and menu.menu_id=@menu_id";
int Nparameter = 2;
string[] name = new string[Nparameter];
name[0] = "@quyen_ma";
name[1] = "@menu_id";
object[] value = new object[Nparameter];
value[0] = Request.QueryString["quyen_ma"];
value[1] = node.Value;
if (cn.LoadData(sql, name, value, Nparameter).Rows.Count == 0)
{
sql = "insert into chitietquyen(quyen_ma,menu_id) values(@quyen_ma,@menu_id)";
cn.UpdateData(sql, name, value, Nparameter);
}
}
}
else
{
if (node.Checked)
{
string sql =
"select * from chitietquyen,menu where chitietquyen.menu_id=menu.menu_id " +
"and quyen_ma=@quyen_ma and menu.menu_id=@menu_id";
int Nparameter = 2;
string[] name = new string[Nparameter];
name[0] = "@quyen_ma";
name[1] = "@menu_id";
object[] value = new object[Nparameter];
value[0] = Request.QueryString["quyen_ma"];
value[1] = node.Value;
if (cn.LoadData(sql, name, value, Nparameter).Rows.Count == 0)
{
sql = "insert into chitietquyen(quyen_ma,menu_id) values(@quyen_ma,@menu_id)";
cn.UpdateData(sql, name, value, Nparameter);
}
}
foreach (TreeNode nodechild in node.ChildNodes)
{
if (nodechild.ChildNodes.Count == 0)
{
if (nodechild.Checked)
{
string sql = "select * from chitietquyen,menu where chitietquyen.menu_id=menu.menu_id " +
"and quyen_ma=@quyen_ma and menu.menu_id=@menu_id";
int Nparameter = 2;
string[] name = new string[Nparameter];
name[0] = "@quyen_ma";
name[1] = "@menu_id";
object[] value = new object[Nparameter];
value[0] = Request.QueryString["quyen_ma"];
value[1] = nodechild.Value;
if (cn.LoadData(sql, name, value, Nparameter).Rows.Count == 0)
{
sql = "insert into chitietquyen(quyen_ma,menu_id) values(@quyen_ma,@menu_id)";
cn.UpdateData(sql, name, value, Nparameter);
}
}
}
else
{
insertmenu(nodechild, cn);
}
}
}
}