/// <summary> /// �����û���Ϣ���û���Ȩ����Ϣ /// </summary> /// <param name="userInfo"></param> /// <param name="_strRoleCodes"></param> /// <param name="_isRoleUpdate">True���£�false������Ȩ��</param> /// <returns></returns> public static bool UpdateUserInfo(TbUserInfoInfo userInfo, string _strRoleCodes, bool _isRoleUpdate) { string strLogName = HttpContext.Current.Server.HtmlEncode(userInfo.User_logname); string strPwd = HttpContext.Current.Server.HtmlEncode(userInfo.PSD); string strName = HttpContext.Current.Server.HtmlEncode(userInfo.Use_Name); string strEmail = HttpContext.Current.Server.HtmlEncode(userInfo.User_Email); string strNumber = HttpContext.Current.Server.HtmlEncode(userInfo.User_Number); string strTel = HttpContext.Current.Server.HtmlEncode(userInfo.User_Tel); SqlParameter[] parms; using (SqlConnection conn = SqlDbAccess.GetSqlConnection()) { conn.Open();//�������ݿ����Ӳ��� using (SqlTransaction trans = conn.BeginTransaction())//ʹ������ { try { //�ж��Ƿ�Ҫ����Ȩ���� if (true == _isRoleUpdate) { //2.ɾ����ǰ���е�Ȩ������ string sqlDelRoleRight = "Delete TbUserRole Where User_logname=@UserName"; parms = new SqlParameter[1]{ new System.Data.SqlClient.SqlParameter("@UserName", SqlDbType.NVarChar, 20)}; parms[0].Value = strLogName; SqlDbAccess.ExecNoQuery(trans, CommandType.Text, sqlDelRoleRight, parms); //3.����������µ�Ȩ������ ����û���ɫ��ϵ string sqlAddRole = "Insert Into TbUserRole values(@User_logname,@RoleCode)"; string[] roles = _strRoleCodes.Split(";".ToCharArray()[0]); foreach (string r in roles) { parms = new SqlParameter[2]{ new System.Data.SqlClient.SqlParameter("@User_logname", SqlDbType.NVarChar, 10), new System.Data.SqlClient.SqlParameter("@RoleCode", SqlDbType.NVarChar, 4)}; parms[0].Value = strLogName; parms[1].Value = r.Trim(); SqlDbAccess.ExecNoQuery(trans, CommandType.Text, sqlAddRole, parms); } } string updateManager; if (string.IsNullOrEmpty(strPwd))//��ûд���룬�������� { updateManager = "update TbUserInfo SET User_Email=@User_Email,Use_Name=@Use_Name,User_Number=@User_Number,User_Tel=@User_Tel where User_logname=@User_logname "; parms = new SqlParameter[5]{ new SqlParameter("@User_logname",strLogName), new SqlParameter("@User_Tel",strTel), new SqlParameter("@User_Email",strEmail), new SqlParameter("@Use_Name",strName), new SqlParameter("@User_Number",strNumber) }; } else//�������룬����� { updateManager = "update TbUserInfo SET PSD=@PSD , User_Email=@User_Email,Use_Name=@Use_Name,User_Number=@User_Number,User_Tel=@User_Tel where User_logname=@User_logname "; parms = new SqlParameter[6]{ new SqlParameter("@User_logname",strLogName), new SqlParameter("@User_Tel",strTel), new SqlParameter("@User_Email",strEmail), new SqlParameter("@Use_Name",strName), new SqlParameter("@User_Number",strNumber), new SqlParameter("@PSD",strPwd) }; } //�����û���Ϣ SqlDbAccess.ExecNoQuery(trans, CommandType.Text, updateManager, parms); trans.Commit(); } catch (Exception ex) { trans.Rollback(); throw new Exception("�������ݿ�ʧ��,�����Ѿ��ع�", ex); } }; }; return true; }
/// <summary> /// ע���û�������add by lidonglei/2010/04/15�� /// </summary> /// <param name="userInfo"></param> /// <param name="strRoleCodes">��ɫ����</param> /// <returns></returns> public static bool RegisterUser(TbUserInfoInfo userInfo, string strRoleCodes) { string strLogName = HttpContext.Current.Server.HtmlEncode(userInfo.User_logname); string strPwd = HttpContext.Current.Server.HtmlEncode(userInfo.PSD); string strName = HttpContext.Current.Server.HtmlEncode(userInfo.Use_Name); string strEmail = HttpContext.Current.Server.HtmlEncode(userInfo.User_Email); string strNumber = HttpContext.Current.Server.HtmlEncode(userInfo.User_Number); string strTel = HttpContext.Current.Server.HtmlEncode(userInfo.User_Tel); SqlParameter[] parms; string[] roles = strRoleCodes.Split(";".ToCharArray()[0]); using (SqlConnection conn = SqlDbAccess.GetSqlConnection()) { conn.Open();//������ //ʹ������֤һ���� using (SqlTransaction trans = conn.BeginTransaction()) { try { ////���ݽ�ɫ��������RoleCode //string sqlSelectRoleCode = "select RoleCode from TbRole where RoleName = @RoleName"; //parms = new SqlParameter[1]{ // new SqlParameter("@RoleName",strRoleName)}; //string strRoleCode = SqlDbAccess.ExecuteScalar(CommandType.Text, sqlSelectRoleCode, parms).ToString(); //����û���ɫ��ϵ string sqlAddRole = "Insert Into TbUserRole values(@User_logname,@RoleCode)"; foreach (string r in roles) { parms = new SqlParameter[2]{ new System.Data.SqlClient.SqlParameter("@User_logname", SqlDbType.NVarChar, 10), new System.Data.SqlClient.SqlParameter("@RoleCode", SqlDbType.NVarChar, 4)}; parms[0].Value = strLogName; parms[1].Value = r.Trim(); SqlDbAccess.ExecNoQuery(trans, CommandType.Text, sqlAddRole, parms); } //����û� //����û�sql��� string addManager = "Insert Into TbUserInfo(User_logname,PSD,Use_Name,User_Number,User_Email,User_Tel) " + "VALUES (@User_logname,@PSD,@Use_Name,@User_Number,@User_Email,@User_Tel)"; parms = new SqlParameter[6]{ new SqlParameter("@User_logname",strLogName), new SqlParameter("@PSD",strPwd), new SqlParameter("@Use_Name",strName), new SqlParameter("@User_Number",strNumber), new SqlParameter("@User_Email",strEmail), new SqlParameter("@User_Tel",strTel) }; SqlDbAccess.ExecNoQuery(trans, CommandType.Text, addManager, parms); trans.Commit(); } catch (Exception ex) { trans.Rollback(); throw new Exception("�������ݿ�ʧ��,�����Ѿ��ع�", ex); } }; }; return true; }
/// <summary> /// �����û���Ϣ /// </summary> /// <param name="userInfo"></param> /// <returns></returns> public static bool UpdateUserInfo(TbUserInfoInfo userInfo) { string strLogName = HttpContext.Current.Server.HtmlEncode(userInfo.User_logname); string strPwd = HttpContext.Current.Server.HtmlEncode(userInfo.PSD); string strName = HttpContext.Current.Server.HtmlEncode(userInfo.Use_Name); string strEmail = HttpContext.Current.Server.HtmlEncode(userInfo.User_Email); string strNumber = HttpContext.Current.Server.HtmlEncode(userInfo.User_Number); string strTel = HttpContext.Current.Server.HtmlEncode(userInfo.User_Tel); string strPro = HttpContext.Current.Server.HtmlEncode(userInfo.Province); string strCity = HttpContext.Current.Server.HtmlEncode(userInfo.City); string strCounty = HttpContext.Current.Server.HtmlEncode(userInfo.County); string strQQ = HttpContext.Current.Server.HtmlEncode(userInfo.QQ); string strCompany = HttpContext.Current.Server.HtmlEncode(userInfo.Company); string strSex = HttpContext.Current.Server.HtmlEncode(userInfo.Sex); string strPost = HttpContext.Current.Server.HtmlEncode(userInfo.Post); string strBussiness = HttpContext.Current.Server.HtmlEncode(userInfo.Bussiness); string strMoney = HttpContext.Current.Server.HtmlEncode(userInfo.Money.ToString()); using (SqlConnection conn = SqlDbAccess.GetSqlConnection()) { conn.Open();//�������ݿ����Ӳ��� using (SqlTransaction trans = conn.BeginTransaction())//ʹ������ { try { SqlParameter[] parms; string updateManager; if (string.IsNullOrEmpty(strPwd))//��ûд���룬�������� { updateManager = " update TbUserInfo SET User_Email=@User_Email,Use_Name=@Use_Name,User_Number=@User_Number,User_Tel=@User_Tel, " + " Province=@Province,City=@User_City,County=@User_County,User_QQ=@User_QQ,User_Post=@User_Post," + " Sex=@User_Sex,Company=@User_Company,Bussiness=@User_Bussiness,Money=@Money " + " where User_logname=@User_logname "; parms = new SqlParameter[] { new SqlParameter("@User_logname",strLogName), new SqlParameter("@User_Tel",strTel), new SqlParameter("@User_Email",strEmail), new SqlParameter("@Use_Name",strName), new SqlParameter("@User_Number",strNumber), new SqlParameter("@Province",strPro), new SqlParameter("@User_City",strCity), new SqlParameter("@User_County",strCounty), new SqlParameter("@User_QQ",strQQ), new SqlParameter("@User_Post",strPost), new SqlParameter("@User_Sex",strSex), new SqlParameter("@User_Company",strCompany), new SqlParameter("@User_Bussiness",strBussiness), new SqlParameter("@Money",strMoney) }; } else//�������룬����� { updateManager = "update TbUserInfo SET PSD=@PSD , User_Email=@User_Email,Use_Name=@Use_Name,User_Number=@User_Number,User_Tel=@User_Tel, " + " Province=@Province,City=@User_City,County=@User_County,User_QQ=@User_QQ,User_Post=@User_Post," + " Sex=@User_Sex,Company=@User_Company,Bussiness=@User_Bussiness,Money=@Money " + " where User_logname=@User_logname "; parms = new SqlParameter[] { new SqlParameter("@User_logname",strLogName), new SqlParameter("@User_Tel",strTel), new SqlParameter("@User_Email",strEmail), new SqlParameter("@Use_Name",strName), new SqlParameter("@User_Number",strNumber), new SqlParameter("@PSD",strPwd), new SqlParameter("@Province",strPro), new SqlParameter("@User_City",strCity), new SqlParameter("@User_County",strCounty), new SqlParameter("@User_QQ",strQQ), new SqlParameter("@User_Post",strPost), new SqlParameter("@User_Sex",strSex), new SqlParameter("@User_Company",strCompany), new SqlParameter("@User_Bussiness",strBussiness), new SqlParameter("@Money",strMoney) }; } //�����û���Ϣ SqlDbAccess.ExecNoQuery(trans, CommandType.Text, updateManager, parms); trans.Commit(); } catch (Exception ex) { trans.Rollback(); throw new Exception("�������ݿ�ʧ��,�����Ѿ��ع�", ex); } }; }; return true; }
/// <summary> /// ���ݵ�¼������û���Ϣ /// </summary> /// <param name="strLogName"></param> /// <returns></returns> public static TbUserInfoInfo GetUserInfoByLogName(string strLogName) { strLogName = HttpContext.Current.Server.HtmlEncode(strLogName); //ƴsql��� string strSql = "select * from TbUserInfo where User_logname = @UserName"; //���ò��� SqlParameter parms = new SqlParameter("@UserName", strLogName); //ִ�в�������ݱ� DataTable dt = SqlDbAccess.GetDataTable(CommandType.Text, strSql, parms); //��������䵽ʵ���� TbUserInfoInfo userInfo = new TbUserInfoInfo(); if (dt.Rows != null && dt.Rows.Count > 0) { int nID; bool bRes = int.TryParse(dt.Rows[0]["ID"].ToString(), out nID); if (bRes) { userInfo.ID = nID; userInfo.User_logname = dt.Rows[0]["User_logname"].ToString(); userInfo.PSD = dt.Rows[0]["PSD"].ToString(); userInfo.Use_Name = dt.Rows[0]["Use_Name"].ToString(); userInfo.User_Number = dt.Rows[0]["User_Number"].ToString(); userInfo.User_Email = dt.Rows[0]["User_Email"].ToString(); userInfo.User_Tel = dt.Rows[0]["User_Tel"].ToString(); } } return userInfo; }