private void Login(DataTable _dtUsr) { if (_dtUsr.Rows[0]["Pwd_Web"].ToString() == CommomHelper.GetMD5(this.txtPwd.Text.Trim())) { LoginInfo._Usr_id = _dtUsr.Rows[0]["Usr_Id"].ToString(); LoginInfo._ZT_Admin_Id = _dtUsr.Rows[0]["ZT_Admin_Id"].ToString(); if (_dtUsr.Rows[0]["ZT_Admin_Id"].ToString() != "Z") //超级用户 { LoginInfo._Usr_Company = string.IsNullOrEmpty(this.textBoxContainButton1.ID) ? "" : this.textBoxContainButton1.ID; LoginInfo._Usr_Role = string.IsNullOrEmpty(this.textBoxContainButton2.ID) ? "" : this.textBoxContainButton2.ID; } else { string sqlStr = "Select Company_Id from SysCompany1 where isnull(Company_Up,'')=''"; object _dtCompany = SqlHelper.ExecuteScalar(sqlStr); LoginInfo._Usr_Company = _dtCompany.ToString(); LoginInfo._Usr_Role = string.IsNullOrEmpty(this.textBoxContainButton2.ID) ? "" : this.textBoxContainButton2.ID; } MainForm _main = new MainForm(); this.Hide(); _main.ShowDialog(); this.Close(); } else { MessageBox.Show("密码错误!"); } }
private bool UpdUsr() { StringBuilder UpdColmn = new StringBuilder(); UpdColmn.Append("Name=@Name,B_Date=@B_Date,E_Date=@E_Date,ZT_Admin_Id=@ZT_Admin_Id,Status_Id=@Status_Id,Usr__Id=@Usr__Id,Role__Id=@Role__Id,Create__Date=@Create__Date,Remark=@Remark"); if (!string.IsNullOrEmpty(this.txtPwd.Text)) { UpdColmn.Append(",Pwd_Web=@Pwd_Web "); } StringBuilder _sqlStr = new StringBuilder(); _sqlStr.Append(string.Format("Update Usr1 set {0} Where ZT_Id=@ZT_Id and Usr_Id=@Usr_Id ; ", UpdColmn)); StringBuilder _sqlCompany = new StringBuilder(); _sqlCompany.Append(" Delete from UsrCompany1 Where ZT_Id=@ZT_Id and Usr_Id=@Usr_Id ;"); StringBuilder _sqlRole = new StringBuilder(); BindingSource _bdSource = new BindingSource(); _bdSource = dataGridView1.DataSource as BindingSource; DataTable _dt = _bdSource.DataSource as DataTable; for (int i = 0; i < _dt.Rows.Count; i++) { if (!string.IsNullOrEmpty(_dt.Rows[i]["Company_Id"].ToString())) { _sqlCompany.Append("If ((select 1 from UsrCompany1 where ZT_Id=@ZT_Id and Usr_Id=@Usr_Id and Company_Id='" + _dt.Rows[i]["Company_Id"].ToString() + "') is null) " + "Insert Into UsrCompany1(ZT_Id,Usr_Id,Company_Id,Role__Id,Usr__Id,Create__Date)" + "VALUES(@ZT_Id,@Usr_Id,'" + _dt.Rows[i]["Company_Id"].ToString() + "',@Role__Id,@Usr__Id,@Create__Date) ;"); } if (!string.IsNullOrEmpty(_dt.Rows[i]["Company_Id"].ToString()) && !string.IsNullOrEmpty(_dt.Rows[i]["Role_Id"].ToString())) { _sqlRole.Append(" Delete from UsrRole Where Company_Id='" + _dt.Rows[i]["Company_Id"].ToString() + "' and Usr_Id=@Usr_Id;"); _sqlRole.Append("If ((select 1 from UsrRole where Usr_Id=@Usr_Id and Company_Id='" + _dt.Rows[i]["Company_Id"].ToString() + "'" + "and Role_Id='" + _dt.Rows[i]["Role_Id"].ToString() + "') is null)" + "Insert Into UsrRole(Usr_Id,Company_Id,Role_Id,Role__Id,Usr__Id,Create__Date)" + "VALUES(@Usr_Id,'" + _dt.Rows[i]["Company_Id"].ToString() + "','" + _dt.Rows[i]["Role_Id"].ToString() + "',@Role__Id,@Usr__Id,@Create__Date) ; "); } } SqlParameter[] paras = new SqlParameter[12]; paras[0] = new SqlParameter("@ZT_Id", SqlDbType.VarChar, 50); paras[0].Value = "CYGIA"; paras[1] = new SqlParameter("@Usr_Id", SqlDbType.VarChar, 50); paras[1].Value = this.txtUsrId.Text.Trim(); paras[2] = new SqlParameter("@Name", SqlDbType.VarChar, 100); paras[2].Value = this.txtName.Text.Trim(); paras[3] = new SqlParameter("@Pwd_Web", SqlDbType.VarChar, 100); paras[3].Value = CommomHelper.GetMD5(this.txtPwd.Text.Trim()); paras[4] = new SqlParameter("@B_Date", SqlDbType.DateTime); paras[4].Value = System.DateTime.Now; paras[5] = new SqlParameter("@E_Date", SqlDbType.DateTime); paras[5].Value = DBNull.Value; paras[6] = new SqlParameter("@ZT_Admin_Id", SqlDbType.VarChar, 1); if (LoginInfo._ZT_Admin_Id == "Z") { paras[6].Value = "Z"; } paras[7] = new SqlParameter("@Status_Id", SqlDbType.VarChar, 5); paras[7].Value = ""; paras[8] = new SqlParameter("@Usr__Id", SqlDbType.VarChar, 50); paras[8].Value = LoginInfo._Usr_id; paras[9] = new SqlParameter("@Role__Id", SqlDbType.VarChar, 50); paras[9].Value = ((LoginInfo._ZT_Admin_Id == "Z") ? "" : LoginInfo._Usr_Role); paras[10] = new SqlParameter("@Create__Date", SqlDbType.DateTime); paras[10].Value = System.DateTime.Now; paras[11] = new SqlParameter("@Remark", SqlDbType.Text); paras[11].Value = this.txtRemark.Text; if (SqlHelper.ExecuteQueryTrans(_sqlCompany.ToString() + _sqlRole.ToString() + _sqlStr.ToString(), paras)) { return(true); } else { return(false); } }