Esempio n. 1
0
        protected void DoAddSubmitUser()
        {
            AppUser u = new AppUser();

            // validate data
            u._username = Request["username"];
            u._passwd = Request["passwd"];
            u._firstname = Request["firstname"];
            u._surname = Request["surname"];
            u._roleId = Int32.Parse(Request["role_id"]);
            u._branchID = Int32.Parse(Request["branch_id"]);

            // Save to DB
            DBManager db = new MySQLDBManager(Config.DB_SERVER, Config.DB_NAME, Config.DB_USER, Config.DB_PASSWORD, Config.DB_CHAR_ENC);
            db.Connect();
            try
            {
                u.AddToDB(db);
            }
            catch (Exception e)
            {
                // show message?
            }
            db.Close();
        }
Esempio n. 2
0
        public static bool CreateForm(OdbcDataReader reader, AppUser user)
        {
            int fCount = reader.FieldCount;
            for (int i = 0; i < fCount; i++)
            {
                string name = reader.GetName(i);
                // Map to DB field. Need to change if db changed
                switch (name)
                {
                    case "username": user._username = reader.GetString(i);
                        break;
                    case "user_id": user._userId = reader.GetInt32(i);
                        break;
                    case "passwd": user._encodedPassword = reader.GetString(i);
                        break;
                    case "firstname": user._firstname = reader.GetString(i);
                        break;
                    case "surname": user._surname = reader.GetString(i);
                        break;
                    case "role_id": user._roleId = reader.GetInt32(i);
                        break;
                    case "branch_id": user._branchID = reader.GetInt32(i);
                        break;
                    case "is_valid": user._isValid = reader.GetInt32(i) > 0 ? true : false;
                        break;

                    // helper info
                    case "branch_name": user._branchName = reader.GetString(i);
                        break;

                }
            }
            return reader.HasRows;
        }
Esempio n. 3
0
        protected void DoDeleteUser(string username)
        {
            AppUser u = new AppUser();
            u._username = username;

            DBManager db = new MySQLDBManager(Config.DB_SERVER, Config.DB_NAME, Config.DB_USER, Config.DB_PASSWORD, Config.DB_CHAR_ENC);
            db.Connect();
            u.DeleteToDB(db);
            db.Close();
        }
Esempio n. 4
0
        public void DoEditUser(string username)
        {
            DBManager db = new MySQLDBManager(Config.DB_SERVER, Config.DB_NAME, Config.DB_USER, Config.DB_PASSWORD, Config.DB_CHAR_ENC);
            theUser = new AppUser();
            if (!theUser.LoadFromDB(db, "username='******'")) theUser = null;

            roleList = Role.LoadListFromDB(db, "");
            branchList = Branch.LoadListFromDB(db, "");

            db.Close();
        }
Esempio n. 5
0
 public PaymentHistory(Payment p, PaidGroup pg,int paidCost, int receiverId, AppUser user)
 {
     this._courseID = p._courseID;
     this._paidDate = DateTime.Now;
     this._paidCost = paidCost;
     this._sumAllCost = p._sumAllCost;
     this._sumMaxPayable = p._sumMaxPayable;
     this._sumPaidCost = p._sumPaidCost;
     this._paidRound = pg._currentRound;
     this._costInfo = pg._rawRateInfo;
     this._receiverTeacherID = receiverId;
     this._username = user._username;
     this._branchID = user._branchID;
 }
Esempio n. 6
0
        protected void DoInitPrintReceiptPaymentData(string paymentID)
        {
            DBManager db = new MySQLDBManager(Config.DB_SERVER, Config.DB_NAME, Config.DB_USER, Config.DB_PASSWORD, Config.DB_CHAR_ENC);
            db.Connect();

            PaymentHistory pm = new PaymentHistory();
            pm.LoadFromDB(db, " payment_id="+paymentID);
            pm.LoadCourse(db);
            pm._course.LoadTeacher(db);
            pm._course.LoadPaidGroup(db);
            // load teacher in this group
            Teacher[] listTeacher = pm._course._paidGroup.LoadMemberTeachers(db);
            pm.LoadReceiver(db);
            // preload all branches
            Dictionary<int, Branch> branches = Branch.LoadListFromDBAsMap(db, "");

            // Load PaymentHistory BEFORE this
            PaymentHistory[] pmList =  PaymentHistory.LoadListFromDB(db, " WHERE course_id='" + pm._courseID + "' and payment_id<='" + pm._paymentID + "' ORDER BY payment_id");

            // Construct Teacher List
            StringBuilder teachTxt = new StringBuilder();
            for (int i = 0; i < listTeacher.Length; i++)
            {
                string link = "TeacherManage.aspx?actPage=edit&targetID=" + listTeacher[i]._teacherID;
                teachTxt.Append(listTeacher[i]._firstname + " " + listTeacher[i]._surname + "<br>");
            }

            // Construct Paid history
            StringBuilder phTxt = new StringBuilder();
            for (int i=0;i<pmList.Length;i++)
            {
                PaymentHistory ph = pmList[i];
                ph.LoadReceiver(db);
                ph.LoadUser(db);
                Branch b = branches[ph._branchID];
                string link = "TeacherManage.aspx?actPage=edit&targetID=" + ph._receiverTeacherID;
                phTxt.AppendLine("<tr><td align=center>" + PaymentHistory.GetPaymentHistoryID(ph._paymentID) + "</td>");
                phTxt.AppendLine("<td align=center>" + StringUtil.ConvertYearToEng(ph._paidDate, "yyyy/MM/dd HH:mm:ss ") + "</td>");
                phTxt.AppendLine("<td align=center>" + StringUtil.Int2StrComma(ph._paidCost) + "</td>");
                phTxt.AppendLine("<td align=center>" + ph._receiverTeacher._firstname + " " + ph._receiverTeacher._surname + "</td>");
                phTxt.AppendLine("<td align=center>" + ph._user._firstname + " "+ ph._user._surname+ "</td>");
                phTxt.AppendLine("<td align=center>" + b._branchName + "</td>");
            }

            // User
            AppUser user = new AppUser();
            user.LoadFromDB(db, " username='******'");

            // Generate HTML content
            TextReader reader = new StreamReader(Config.PATH_APP_ROOT + "\\template\\payment_print.htm");
            String templateContent = reader.ReadToEnd();
            reader.Close();

            String htmlContent =
                String.Format(templateContent
                    , StringUtil.ConvertYearToEng(pm._paidDate, "yyyy/MM/dd HH:mm:ss")
                    , pm._receiverTeacher._firstname + " " + pm._receiverTeacher._surname
                    , pm._course._btsCourseID + " \"" + pm._course._courseName + "\""
                    , StringUtil.Int2StrComma(pm._paidCost)
                    , pm._course._teacher._firstname + " " + pm._course._teacher._surname
                    , PaidGroup.GetPaidGroupID(pm._course._paidGroup._currentRound)
                    , teachTxt.ToString()
                    , StringUtil.Int2StrComma(pm._sumMaxPayable)
                    , StringUtil.Int2StrComma(pm._sumPaidCost + pm._paidCost)
                    , phTxt.ToString()
                    , user._firstname + " " + user._surname
                    );

            outBuf.Append(htmlContent);

            db.Close();
        }
Esempio n. 7
0
        //static string Verify(int idxAppName, string right, string actPage, string redirectPage)
        public static string Verify(HttpSessionState Session, HttpRequest Request, HttpResponse Response, string redirectPage)
        {
            string checkRight = "true";

            // DEBUG
            if (Config.AUTO_LOGIN)
            {
                if (Session[SessionVar.USER] == null)
                {
                    AppUser auser = new AppUser();
                    auser._username = "******";
                    auser._firstname = "Weerawat";
                    auser._surname = "Seetalalai";
                    auser._roleId = 1;
                    auser._branchID = 1;
                    auser._branchName = "BTS สีลม";
                    Session[SessionVar.USER] = auser;
                }
            }
            else
            {
                String loginPage = "AppLogin.aspx";
                if (Session[SessionVar.USER] == null)
                {
                    //return "loginPage + \"?message=คุณยังไม่ได้ทำการล็อกอินเข้าระบบ\"";
                    Response.Redirect(loginPage + "?message=คุณยังไม่ได้ทำการล็อกอินเข้าระบบ");
                }
            }

            String noRightPage = redirectPage + "?backPage=" + Request.UrlReferrer;

            AppUser user = (AppUser)Session[SessionVar.USER];
            if (user == null)
            {
                //return noRightPage;
                Response.Redirect(noRightPage);

                /*
                string attName = "redirectPage";
                if (Context.Items.Contains(attName))
                {
                    if (Context.Items[attName] != null)
                    {
                        redirectPage = (string)Context.Items[attName];
                        Response.Redirect(redirectPage);
                    }
                }
                */
            }

            if (checkRight.ToUpper().Equals("TRUE"))
            {
                int idxAppName = Request.Path.Substring(1).IndexOf("/");
                string right = Request.Path.Substring(idxAppName + 2);

                if (!Authorizer.Verify(user._roleId, right, Request.Form["actPage"]))
                {
                    //return noRightPage;
                    Response.Redirect(noRightPage);
                }
            }
            return "";
        }
Esempio n. 8
0
 public static AppUser CreateForm(OdbcDataReader reader)
 {
     AppUser user = new AppUser();
     AppUser.CreateForm(reader, user);
     return user;
 }
Esempio n. 9
0
        public static AppUser[] LoadListFromDB(DBManager db, string sqlCriteria)
        {
            OdbcDataReader reader = db.Query("SELECT * FROM user " + sqlCriteria);
            LinkedList<AppUser> list = new LinkedList<AppUser>();
            while (reader.Read())
            {
                list.AddLast(AppUser.CreateForm(reader));
            }

            AppUser[] entities = new AppUser[list.Count];
            int i = 0;
            foreach (AppUser t in list)
            {
                entities[i++] = t;
            }
            return entities;
        }
Esempio n. 10
0
        public void CreateTransactionCode_OLD(DBManager db, DateTime regisdate)
        {
            // format
            // 1. paid method C/K/D/T
            // 2. user role A/M/F
            // 3. user id XX
            // 4. yyMM 1302
            // 5. number of transaction this month XXX

            // collect user info
            AppUser regisUser = new AppUser();
            regisUser.LoadFromDB(db, " username='******'");
            // find the number of transaction for the user on this month

            int numRegisted = regisUser.GetRegistrationCountThisMonth(db);

            StringBuilder buf = new StringBuilder(40);
            buf.Append(PAID_METHOD_TRANCODE[_paidMethod]);
            buf.Append(USER_TRANCODE[regisUser._roleId - 1]);

            buf.Append(StringUtil.FillString(regisUser._userId.ToString(), "0", 2, true));
            buf.Append(regisdate.Year.ToString().Substring(2)).Append(StringUtil.FillString(regisdate.Month.ToString(), "0", 2, true));
            buf.Append(StringUtil.FillString((numRegisted + 1).ToString(), "0", 3, true));
            // set
            this._transactionCode = buf.ToString();
        }
Esempio n. 11
0
        public static StringBuilder PrintReceipt(DBManager db, Registration theReg, string title)
        {
            StringBuilder outBuf = new StringBuilder();

            Branch branch = theReg._branch;
            AppUser authorizer = new AppUser();
            authorizer.LoadFromDB(db, " username='******'");
            // Load all course registered in the same transaction
            String sql = "SELECT rg.*,c.course_name as course_name "
                        +" FROM registration rg, course c "
                        +" WHERE rg.course_id=c.course_id AND transaction_id=" + theReg._transactionID + " AND branch_id="+ theReg._branchID  +" ORDER BY regis_id ";

            Registration[] regCourses = Registration.LoadListFromDBCustom(db, sql);
            // load branch code
            regCourses[0].LoadBranch(db);

            // Generate HTML content
            TextReader reader = new StreamReader(Config.PATH_APP_ROOT + "\\template\\registration_print_receipt.htm");
            String templateContent = reader.ReadToEnd();
            reader.Close();

            StringBuilder courseTxt = new StringBuilder();
            int sumFullCost = 0;
            int sumDiscountedCost = 0;
            for (int i = 0; i < regCourses.Length; i++)
            {
                regCourses[i].LoadCourse(db);
                Branch b = regCourses[i]._course.LoadBranchInfo(db);

                sumFullCost += regCourses[i]._fullCost;
                sumDiscountedCost += regCourses[i]._discountedCost;

                String startDateInfo = "-";
                String endDateInfo = "-";
                if (regCourses[i]._courseType == "คอร์สสด")
                {
                    startDateInfo = StringUtil.ConvertYearToEng(regCourses[i]._course._startdate, "dd/MM/yyyy");
                    endDateInfo = StringUtil.ConvertYearToEng(regCourses[i]._course._enddate, "dd/MM/yyyy");
                }

                courseTxt.Append("<tr>");
                courseTxt.Append("<td align=center><font size=2>" + regCourses[i]._course._btsCourseID + "</font></td>");
                courseTxt.Append("<td><font size=1>" + regCourses[i]._courseName + "</font></td>");
                courseTxt.Append("<td align=center><font size=2>" + startDateInfo + "</font></td>");
                courseTxt.Append("<td align=center><font size=2>" + endDateInfo + "</font></td>");
                courseTxt.Append("<td align=center><font size=2>" + regCourses[i]._course._opentime + "</font></td>");
                courseTxt.Append("<td align=center><font size=2>" + StringUtil.Int2StrComma(regCourses[i]._fullCost) + "</font></td>");
                courseTxt.Append("<td align=center><font size=2>" + StringUtil.Int2StrComma(regCourses[i]._fullCost - regCourses[i]._discountedCost) + "</font></td>");
                courseTxt.Append("<td align=center><font size=2>" + b._branchCode + "</font></td>");
                courseTxt.AppendLine("</tr>");
            }

            // paid method
            StringBuilder paidMethodTxt = new StringBuilder();
            for (int i = 0; i < PAID_METHOD.Length; i++)
            {
                if (theReg._paidMethod == i)
                {
                    paidMethodTxt.Append("  [√]");
                }
                else
                {
                    paidMethodTxt.Append("  [&nbsp&nbsp]");
                }
                paidMethodTxt.Append(GetPaidMethodText(i.ToString()));
            }

            String htmlContent =
                String.Format(templateContent
                    , theReg.GetRegisTransactionID()
                    , branch._branchName
                    , StringUtil.ConvertYearToEng(theReg._regisdate, "dd/MM/yyyy HH:mm")
                    , Student.GetStudentID(theReg._student._studentID)
                    , theReg._student._firstname + " " + theReg._student._surname
                    , theReg._student._school
                    , StringUtil.ConvertEducateLevel(theReg._student._level)
                    , theReg._student.GetTel()
                    , courseTxt.ToString()
                    , paidMethodTxt.ToString()
                    , StringUtil.Int2StrComma(sumFullCost - sumDiscountedCost)
                    , StringUtil.Int2StrComma(sumDiscountedCost)
                    , authorizer._firstname + " " + authorizer._surname
                    , title
                    , StringUtil.ConvertYearToEng(theReg._paiddate, "dd/MM/yyyy")
                    );

            outBuf.Append(htmlContent);

            return outBuf;
        }
Esempio n. 12
0
        public static StringBuilder PrintCard(DBManager db, int regisID)
        {
            StringBuilder outBuf = new StringBuilder();

            Registration theReg = new Registration();
            theReg.LoadFromDB(db, " regis_id=" + regisID);
            theReg.LoadCourse(db);
            theReg.LoadStudent(db);
            Branch branch = new Branch();
            branch.LoadFromDB(db, " branch_id=" + theReg._branchID);
            AppUser authorizer = new AppUser();
            authorizer.LoadFromDB(db, " username='******'");

            // Load all registration in the same transaction
            Registration[] reg = Registration.LoadListFromDBIncludeCourseHelper(db, " r.transaction_id="+theReg._transactionID + " AND r.branch_id="+theReg._branchID);

            // Generate HTML content
            TextReader reader = new StreamReader(Config.PATH_APP_ROOT + "\\template\\registration_print_card.htm");
            String templateContent = reader.ReadToEnd();
            reader.Close();

            int[] rowH = { 22, 20, 20, 20, 20, 20, 20 };

            StringBuilder courseCalendar = new StringBuilder();
            for (int i = 0; i < reg.Length; i++)
            {
                reg[i].LoadCourse(db);
                Branch b = reg[i]._course.LoadBranchInfo(db);

                courseCalendar.Append("<tr height=\"24px\">");
                courseCalendar.Append("<td width=\"38px\" align=left><font style=\"font: 10px 'Trebuchet MS', Verdana, Arial, Helvetica, sans-serif;\">&nbsp&nbsp&nbsp" + reg[i]._btsCourseID + "</font></td>");
                courseCalendar.Append("<td width=\"100px\" align=left><font style=\"font: 10px 'Trebuchet MS', Verdana, Arial, Helvetica, sans-serif;\">&nbsp" + reg[i]._courseShortName + "</font></td>");
                courseCalendar.Append("<td width=\"17px\" align=left><font style=\"font: 10px 'Trebuchet MS', Verdana, Arial, Helvetica, sans-serif;\">" + b._branchCode + "</font></td>");
                courseCalendar.Append("<td width=\"48px\"><font style=\"font: 10px 'Trebuchet MS', Verdana, Arial, Helvetica, sans-serif;\">" + StringUtil.ConvertYearToEng(reg[i]._course._startdate, "dd/MM/yy") + "</font></td>");
                courseCalendar.Append("<td width=\"25px\"><font style=\"font: 10px 'Trebuchet MS', Verdana, Arial, Helvetica, sans-serif;\">" + reg[i]._course._dayOfWeek+"</font></td>");
                courseCalendar.Append("<td width=\"70px\"><font style=\"font: 10px 'Trebuchet MS', Verdana, Arial, Helvetica, sans-serif;\">" + reg[i]._course._opentime + "</font></td>");

                courseCalendar.Append("</tr>");
            }

            /*
                <tr height="10px"><td colspan=2></td></tr>
            <tr><td width="10px" align="right">&nbsp</td><td><font size=2>คอร์ส: {4}</font></td></tr>
            <tr><td align="right">&nbsp</td><td><font size=2>ชื่อคอร์ส: {5} </font></td></tr>
            <tr><td align="right">&nbsp</td><td><font size=2>วันที่เริ่ม: {6}</font></td></tr>
            <tr><td align="right">&nbsp</td><td><font size=2>เวลา: {7}</font></td></tr>
            <tr><td align="right">&nbsp</td><td><font size=2>หนังสือ: </font></td></tr>
            */

            String htmlContent =
                String.Format(templateContent
                    , theReg._student._firstname + " " + theReg._student._surname
                    , Student.GetStudentID(theReg._student._studentID)
                    , StringUtil.ConvertYearToEng(theReg._regisdate, "dd/MM/yyyy")
                    , authorizer._firstname + " " + authorizer._surname
                    , reg[0].GetRegisTransactionID()
                    , courseCalendar.ToString()
                    );

            outBuf.Append(htmlContent);
            return outBuf;
        }
Esempio n. 13
0
        protected void DoEditSubmitUser(string username)
        {
            AppUser u = new AppUser();

            // validate data
            u._username = username;
            //FIX
            if (!String.IsNullOrEmpty(Request["passwd"]))  // Check validate???
                u._passwd = AppUser.GetMD5Encoded(Request["passwd"]);
            u._firstname = Request["firstname"];
            u._surname = Request["surname"];
            u._roleId = Int32.Parse(Request["role_id"]);
            u._branchID = Int32.Parse(Request["branch_id"]);

            // Save to DB
            DBManager db = new MySQLDBManager(Config.DB_SERVER, Config.DB_NAME, Config.DB_USER, Config.DB_PASSWORD, Config.DB_CHAR_ENC);
            db.Connect();
            u.UpdateToDB(db);
            db.Close();
        }
Esempio n. 14
0
        protected void Page_Load(object sender, EventArgs e)
        {
            // DEBUG
            if (Config.AUTO_LOGIN)
            {
                if (Session[SessionVar.USER] == null)
                {
                    AppUser auser = new AppUser();
                    auser._username = "******";
                    auser._firstname = "Weerawat";
                    auser._surname = "Seetalalai";
                    auser._roleId = 1;
                    auser._branchID = 1;
                    auser._branchName = "BTS สีลม";
                    Session[SessionVar.USER] = auser;

                    // preload all branches into Session
                    Branch[] b = new Branch[2];
                    b[0] = new Branch();
                    b[0]._branchID = 1;
                    b[0]._branchName = "BTS สีลม";
                    b[1] = new Branch();
                    b[1]._branchID = 2;
                    b[1]._branchName = "BTS สยาม";
                    Session["BRANCHES"] = b;

                }
            }
            else
            {
                String loginPage = "AppLogin.aspx";
                if (Session[SessionVar.USER] == null)
                {
                    Response.Write("<br><font color=red size=3>คุณยังไม่ได้ทำการล็อกอินเข้าระบบ </font>");
                    Response.Write("<br><a href=\"" + "AppLogin.aspx" + "\">ไปหน้าล็อกอิน</a>");
                    Response.Redirect(loginPage + "?message=คุณยังไม่ได้ทำการล็อกอินเข้าระบบ");
                }
            }

            String noRightPage = redirectPage + "?backPage=" + Request.UrlReferrer;

            AppUser user = (AppUser)Session[SessionVar.USER];
            if (user == null)
            {
                Response.Redirect(noRightPage);
                /*
                string attName = "redirectPage";
                if (Context.Items.Contains(attName))
                {
                    if (Context.Items[attName] != null)
                    {
                        redirectPage = (string)Context.Items[attName];
                        Response.Redirect(redirectPage);
                    }
                }
                */
            }

            if (checkRight.ToUpper().Equals("TRUE"))
            {
                int idxAppName = Request.Path.Substring(1).IndexOf("/");
                string right = Request.Path.Substring(idxAppName + 2);

                if (!Authorizer.Verify(user._roleId, right, Request["actPage"]))
                {

                    Response.Redirect(noRightPage);
                }
            }
        }
Esempio n. 15
0
 public bool LoadUser(DBManager db)
 {
     if (_username == null) return false;
     _user = new AppUser();
     _user.LoadFromDB(db, " username='******'");
     return true;
 }