protected void ButtonEdit_Click(object sender, EventArgs e) { SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings["AppConnectionString"].ConnectionString); SqlCommand sqlCmd = new SqlCommand("sp_adminEdit", sqlConn); try { sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@PermAdmins", SqlDbType.Bit).Value = CheckBoxListEditPremissions.Items[0].Selected; sqlCmd.Parameters.Add("@PermBlog", SqlDbType.Bit).Value = CheckBoxListEditPremissions.Items[1].Selected; sqlCmd.Parameters.Add("@PermComments", SqlDbType.Bit).Value = CheckBoxListEditPremissions.Items[2].Selected; sqlCmd.Parameters.Add("@PermContent", SqlDbType.Bit).Value = CheckBoxListEditPremissions.Items[3].Selected; sqlCmd.Parameters.Add("@PermEvents", SqlDbType.Bit).Value = CheckBoxListEditPremissions.Items[4].Selected; sqlCmd.Parameters.Add("@PermLocations", SqlDbType.Bit).Value = CheckBoxListEditPremissions.Items[5].Selected; sqlCmd.Parameters.Add("@PermNewsletter", SqlDbType.Bit).Value = CheckBoxListEditPremissions.Items[6].Selected; sqlCmd.Parameters.Add("@PermSettings", SqlDbType.Bit).Value = CheckBoxListEditPremissions.Items[7].Selected; sqlCmd.Parameters.Add("@PermStats", SqlDbType.Bit).Value = CheckBoxListEditPremissions.Items[8].Selected; sqlCmd.Parameters.Add("@PermSupport", SqlDbType.Bit).Value = CheckBoxListEditPremissions.Items[9].Selected; sqlCmd.Parameters.Add("@PermUsers", SqlDbType.Bit).Value = CheckBoxListEditPremissions.Items[10].Selected; sqlCmd.Parameters.Add("@UserId", SqlDbType.Int).Value = Convert.ToInt32(LabelEditUserId.Text); sqlCmd.Parameters.Add("@Status", SqlDbType.Int).Value = 1; sqlConn.Open(); sqlCmd.ExecuteNonQuery(); GridViewAdmins.DataBind(); LabelEditMessage.Visible = true; LabelEditMessage.Text = "You have successfully changed admin permissions!"; } catch (Exception ex) { } finally { sqlConn.Close(); sqlCmd.Dispose(); sqlConn.Dispose(); } }
protected void ButtonAdd_Click(object sender, EventArgs e) { int numSelected = 0; foreach (ListItem li in CheckBoxListPremissions.Items) { if (li.Selected) { numSelected = numSelected + 1; } } if (numSelected != 0) { SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings["AppConnectionString"].ConnectionString); SqlDataAdapter sda = new SqlDataAdapter("sp_adminCheckExists", sqlConn); DataTable dt = new DataTable(); DataSet ds = new DataSet(); SqlCommand sqlCmd = new SqlCommand("sp_adminAdd", sqlConn); //try //{ sda.SelectCommand.CommandType = CommandType.StoredProcedure; sda.SelectCommand.Parameters.Add("@UserId", SqlDbType.Int).Value = Convert.ToInt32(TextBoxUserId.Text); sda.Fill(ds); dt = ds.Tables[0]; if (dt.Rows.Count == 0) //user doesn't exist as an admin { sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@PermAdmins", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[0].Selected; sqlCmd.Parameters.Add("@PermBlog", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[1].Selected; sqlCmd.Parameters.Add("@PermEvents", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[2].Selected; sqlCmd.Parameters.Add("@PermLocations", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[3].Selected; sqlCmd.Parameters.Add("@PermSettings", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[4].Selected; sqlCmd.Parameters.Add("@PermStats", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[5].Selected; sqlCmd.Parameters.Add("@PermUsers", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[6].Selected; sqlCmd.Parameters.Add("@UserId", SqlDbType.Int).Value = Convert.ToInt32(TextBoxUserId.Text); sqlCmd.Parameters.Add("@Status", SqlDbType.TinyInt).Value = 1; sqlConn.Open(); sqlCmd.ExecuteNonQuery(); GridViewAdmins.DataBind(); sqlCmd.Dispose(); sqlConn.Dispose(); sda.Dispose(); LabelAddMessage.Visible = true; LabelAddMessage.Text = "User added as an admin with the selected permissions."; } else //user exists as an admin { LabelAddMessage.Visible = true; LabelAddMessage.Text = "User was already an admin!"; sda.Dispose(); sqlConn.Close(); } //} //catch (Exception ex) //{ //} //finally //{ // //} } else { LabelAddMessage.Visible = true; LabelAddMessage.Text = "An admin must have at least one permission to be able to be added as an admin!"; } }
protected void ImageButtonAdd_Click(object sender, ImageClickEventArgs e) { DataTable dt = new DataTable(); DataSet ds = new DataSet(); SqlConnection sqlConn = new SqlConnection(ConfigurationManager.ConnectionStrings["ShopConnectionString"].ConnectionString); SqlDataAdapter sda = new SqlDataAdapter("sp_userFullNameByUserId", sqlConn); sda.SelectCommand.CommandType = CommandType.StoredProcedure; sda.SelectCommand.Parameters.Add("@UserId", SqlDbType.Int).Value = Convert.ToInt32(TextBoxUserId.Text); sda.Fill(ds); dt = ds.Tables[0]; if (dt.Rows.Count == 0) //user doesn't exist { LabelAddMessage.Visible = true; LabelAddMessage.Text = "کاربری با این شناسه موجود نمی باشد!"; LabelAddMessage.CssClass = "ErrorMessage"; } else //user exists { DataTable dt2 = new DataTable(); DataSet ds2 = new DataSet(); sda = new SqlDataAdapter("sp_adminAddCheckExists", sqlConn); sda.SelectCommand.CommandType = CommandType.StoredProcedure; sda.SelectCommand.Parameters.Add("@UserId", SqlDbType.Int).Value = Convert.ToInt32(TextBoxUserId.Text); sda.Fill(ds2); dt2 = ds2.Tables[0]; if (dt2.Rows.Count == 0) //user doesn't exist as an admin { SqlCommand sqlCmd = new SqlCommand("sp_adminAdd", sqlConn); sqlCmd.CommandType = CommandType.StoredProcedure; sqlCmd.Parameters.Add("@PremAdmins", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[0].Selected; sqlCmd.Parameters.Add("@PremAds", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[1].Selected; sqlCmd.Parameters.Add("@PremAgencies", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[2].Selected; sqlCmd.Parameters.Add("@PremBlog", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[3].Selected; sqlCmd.Parameters.Add("@PremCharity", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[4].Selected; sqlCmd.Parameters.Add("@PremCompanies", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[5].Selected; sqlCmd.Parameters.Add("@PremContent", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[6].Selected; sqlCmd.Parameters.Add("@PremCoupons", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[7].Selected; sqlCmd.Parameters.Add("@PremCredit", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[8].Selected; sqlCmd.Parameters.Add("@PremCurrencies", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[9].Selected; sqlCmd.Parameters.Add("@PremLocations", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[10].Selected; sqlCmd.Parameters.Add("@PremNewsletter", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[11].Selected; sqlCmd.Parameters.Add("@PremOffers", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[12].Selected; sqlCmd.Parameters.Add("@PremSettings", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[13].Selected; sqlCmd.Parameters.Add("@PremStats", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[14].Selected; sqlCmd.Parameters.Add("@PremSupport", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[15].Selected; sqlCmd.Parameters.Add("@PremUsers", SqlDbType.Bit).Value = CheckBoxListPremissions.Items[16].Selected; sqlCmd.Parameters.Add("@UserId", SqlDbType.Int).Value = Convert.ToInt32(TextBoxUserId.Text); sqlCmd.Parameters.Add("@Status", SqlDbType.TinyInt).Value = 1; sqlConn.Open(); sqlCmd.ExecuteNonQuery(); GridViewAdmins.DataBind(); sqlCmd.Dispose(); sqlConn.Dispose(); sda.Dispose(); LabelAddMessage.Visible = true; LabelAddMessage.Text = "کاربر با تنظیمات وارد شده به عنوان ادمین اضافه گردید."; LabelAddMessage.CssClass = "SuccessMessage"; //insert log AdminLogInsert ali = new AdminLogInsert(); ali.insertAdminLog(Convert.ToInt32(Session["UserId"]), 1101, Convert.ToInt32(TextBoxUserId.Text), "0"); } else //user exists as an admin { LabelAddMessage.Visible = true; LabelAddMessage.Text = "کاربر با شناسه وارد شده قبلاً به عنوان ادمین اضافه شده است!"; LabelAddMessage.CssClass = "ErrorMessage"; sda.Dispose(); sqlConn.Close(); } } }