public object UpdateUserLevel([FromBody] UpdateUserLevelModel um) { try { var addr = Server.GetUserIp(Request.HttpContext); if (Server.IpHandle(addr) == 0) { return(new[] { "your ip can't using our api , please contact administrator" }); } var account = HttpContext.Session.GetString("user_account"); if (account == null) { return(new { result = 401, msg = "not login" }); } var re = UserServer.UpdateUserLevel(um); return(re); } catch (Exception e) { return(new { result = e.HResult, msg = e.Message }); } }
/// <summary> /// 用户修改等级 /// </summary> /// <param name="um">用户</param> /// <returns>修改等级结果</returns> public static object UpdateUserLevel(UpdateUserLevelModel um) { using (var con = new SqlConnection(Server.SqlConString)) { con.Open(); var sqlCom = new SqlCommand("sp_UpdateUser", con) { CommandType = CommandType.StoredProcedure }; sqlCom.Parameters.AddRange(new [] { new SqlParameter { ParameterName = "@userId", Direction = ParameterDirection.Input, SqlDbType = SqlDbType.Int, Value = um.Id }, new SqlParameter { ParameterName = "@newLevel", Direction = ParameterDirection.Input, SqlDbType = SqlDbType.NVarChar, Size = 15, Value = um.Level }, new SqlParameter { ParameterName = "@message", Direction = ParameterDirection.Output, Size = 30, SqlDbType = SqlDbType.VarChar }, new SqlParameter { ParameterName = "@return", Direction = ParameterDirection.ReturnValue, SqlDbType = SqlDbType.Int } }); sqlCom.ExecuteNonQuery(); return(new { result = (int)sqlCom.Parameters["@return"].Value, msg = (string)sqlCom.Parameters["@message"].Value }); } }