public int loginAndGetUser(string name, string pwd, string company) { string sql = "select * from yh_jinxiaocun_user where name = '" + name + "' and password = '******' and gongsi = '" + company + "'"; ms = new Order.Common.MySqlHelper(sqlStr); MySqlDataReader read = ms.ExecuteReader(sql); if (read.HasRows) { clsuserinfo user = new clsuserinfo(); while (read.Read()) { user.Order_id = read["_id"].ToString(); user.AdminIS = read["AdminIS"].ToString(); user.Btype = read["Btype"].ToString(); user.Createdate = read["Createdate"].ToString(); user.gongsi = read["gongsi"].ToString(); user.jigoudaima = read["jigoudaima"].ToString(); user.name = read["name"].ToString(); user.password = read["password"].ToString(); user.mibao = read["mi_bao"].ToString(); user.denglushijian = DateTime.Now.ToString(); } if (user.Btype.Equals("锁定")) { return(-1); } System.Web.HttpContext.Current.Session["user"] = user; } return(read.HasRows ? 1 : 0); }
public int checkOrder_id(string order_id, string gongsi) { ms = new Order.Common.MySqlHelper(sqlStr); string sql = "select orderid from yh_jinxiaocun_mingxi where orderid = '" + order_id + "' and gongsi = '" + gongsi + "'"; int result = ms.ExecuteSql(sql); return(result); }
public List <string> getShouHuo(string name, string gongsi) { ms = new Order.Common.MySqlHelper(sqlStr); string sql = "select beizhu from yh_jinxiaocun_chuhuofang where finduser = '******' and gongsi = '" + gongsi + "'"; MySqlDataReader reader = ms.ExecuteReader(sql); List <string> gonghuo = new List <string>(); while (reader.Read()) { gonghuo.Add(reader["beizhu"].ToString()); } return(gonghuo); }
public int insertMingxi(items item, string company, string name, string mxtype) { ms = new Order.Common.MySqlHelper(sqlStr); string sql = ""; string date_now = DateTime.Now.ToString(); for (int i = 0; i < item.itemList.Count; i++) { sql += "insert into yh_jinxiaocun_mingxi(cplb,cpname,cpsj,cpsl,mxtype,orderid,shijian,sp_dm,shou_h,zh_name,gs_name) select lei_bie as cplb,`name` as cpname," + item.itemList[i].price + " as cpsj," + item.itemList[i].num + " as cpsl,'" + mxtype + "' as mxtype,'" + item.orderid + "' as orderid,'" + date_now + "' as shijian,sp_dm,'" + item.gonghuo + "' as shou_h,'" + company + "' as zh_name,'" + name + "' as gs_name from yh_jinxiaocun_jichuziliao where id = " + item.itemList[i].id + ";"; } int result = ms.ExecuteSql(sql); return(result); }