/// <summary>
/// 权限添加
/// </summary>
private void Add(HttpContext Context)
{
Hashtable PurviewTable = new Hashtable();
int Id = 0;
string Type = "";
int TypeId = 0;
string TypeIdPath = "";
string Sql = "";
int Index = 0;
if (Base.Common.IsNumeric(Context.Request.Form["Id"]) == true)
{
Id = Context.Request.Form["Id"].TypeInt();
}
else
{
return;
}
Type = Context.Request.Form["Type"].TypeString();
if (Base.Common.StringCheck(Type, @"^(department|role|user)$") == false)
{
return;
}
if (Context.Request.Form.GetValues("TypeId").Length == 0)
{
return;
}
if (AppCommon.PurviewCheck(Id, true, "creator", ref Conn) == false)
{
Context.Response.Write("no-permission");
return;
}
for (Index = 0; Index < Context.Request.Form.GetValues("TypeId").Length; Index++)
{
if (Base.Common.IsNumeric(Context.Request.Form.GetValues("TypeId")[Index]) == true)
{
TypeId = Context.Request.Form.GetValues("TypeId")[Index].TypeInt();
}
else
{
continue;
}
if (Type == "department")
{
TypeIdPath = AppCommon.DepartmentIdPath(TypeId, ref Conn);
}
switch (Type)
{
case "department":
Sql = "Select DBS_FileId, DBS_DepartmentId, DBS_RoleId, DBS_UserId From DBS_File_Purview Where DBS_FileId = " + Id + " And DBS_DepartmentId = '" + TypeIdPath + "'";
break;
case "role":
Sql = "Select DBS_FileId, DBS_DepartmentId, DBS_RoleId, DBS_UserId From DBS_File_Purview Where DBS_FileId = " + Id + " And DBS_RoleId = " + TypeId;
break;
case "user":
Sql = "Select DBS_FileId, DBS_DepartmentId, DBS_RoleId, DBS_UserId From DBS_File_Purview Where DBS_FileId = " + Id + " And DBS_UserId = " + TypeId;
break;
}
Base.Data.SqlDataToTable(Sql, ref Conn, ref PurviewTable);
if (PurviewTable["Exist"].TypeBool() == true)
{
continue;
}
PurviewTable.Clear();
Base.Data.SqlQuery("Insert Into DBS_File_Purview(DBS_FileId, DBS_DepartmentId, DBS_RoleId, DBS_UserId, DBS_Purview) Values(" + Id + ", '" + (Type == "department" ? TypeIdPath : "null") + "', " + (Type == "role" ? TypeId : 0) + ", " + (Type == "user" ? TypeId : 0) + ", 'viewer')", ref Conn);
}
Context.Response.Write("complete");
}
/// <summary>
/// 读取用户数据列表返回json格式字符串
/// </summary>
private void ListDataToJson(HttpContext Context)
{
int DepartmentId = 0;
int RoleId = 0;
string Status = "";
string Keyword = "";
int Page = 0;
string Query = "";
string Json = "";
if (Base.Common.IsNumeric(Context.Request.QueryString["DepartmentId"]) == true)
{
DepartmentId = Context.Request.QueryString["DepartmentId"].TypeInt();
}
if (Base.Common.IsNumeric(Context.Request.QueryString["RoleId"]) == true)
{
RoleId = Context.Request.QueryString["RoleId"].TypeInt();
}
Status = Context.Request.QueryString["Status"].TypeString();
if (Base.Common.StringCheck(Status, @"^(job-on|job-off)$") == false)
{
Status = "";
}
else
{
Status = Status == "job-on" ? "1" : "0";
}
Keyword = Base.Common.InputFilter(Context.Request.QueryString["Keyword"].TypeString());
if (Base.Common.IsNumeric(Context.Request.QueryString["Page"]) == true)
{
Page = Context.Request.QueryString["Page"].TypeInt();
Page = Page < 1 ? 1 : Page;
}
else
{
Page = 1;
}
if (DepartmentId > 0)
{
Query += "DBS_DepartmentId Like '" + AppCommon.DepartmentIdPath(DepartmentId, ref Conn) + "%' And ";
}
if (RoleId > 0)
{
Query += "DBS_RoleId = " + RoleId + " And ";
}
if (string.IsNullOrEmpty(Status) == false)
{
Query += "DBS_Status = " + Status + " And ";
}
if (string.IsNullOrEmpty(Keyword) == false)
{
Query += "Exists (";
// 用户账号查询
Query += "Select A.DBS_Id From DBS_User As A Where " +
"A.DBS_Id = DBS_User.DBS_Id And " +
"A.DBS_Username = '******' Union All ";
// 电子邮箱查询
Query += "Select B.DBS_Id From DBS_User As B Where " +
"B.DBS_Id = DBS_User.DBS_Id And " +
"B.DBS_Email = '" + Keyword + "' Union All ";
// 手机号码查询
Query += "Select C.DBS_Id From DBS_User As C Where " +
"C.DBS_Id = DBS_User.DBS_Id And " +
"C.DBS_Phone = '" + Keyword + "'";
Query += ") And ";
}
Query += "DBS_Recycle = 0";
Json = Base.Data.SqlPageToJson("DBS_User", "DBS_Id, DBS_DepartmentId, DBS_RoleId, DBS_Username, DBS_Position, DBS_Email, DBS_Phone, DBS_Status, DBS_Recycle", "DBS_Username Asc, DBS_Id Desc", Query, 50, Page, ref Conn);
Context.Response.Write(Json);
}
/// <summary>
/// 用户归类
/// </summary>
private void Classify(HttpContext Context)
{
Hashtable UserTable = new Hashtable();
int Id = 0;
int ClassifyId = 0;
string ClassifyType = "";
string DepartmentIdPath = "";
int Index = 0;
if (Context.Request.Form.GetValues("Id").Length == 0)
{
return;
}
if (Base.Common.IsNumeric(Context.Request.Form["ClassifyId"]) == true)
{
ClassifyId = Context.Request.Form["ClassifyId"].TypeInt();
}
else
{
return;
}
ClassifyType = Context.Request.Form["ClassifyType"].TypeString();
if (Base.Common.StringCheck(ClassifyType, @"^(department|role)$") == false)
{
return;
}
if (ClassifyType == "department")
{
DepartmentIdPath = AppCommon.DepartmentIdPath(ClassifyId, ref Conn);
}
for (Index = 0; Index < Context.Request.Form.GetValues("Id").Length; Index++)
{
if (Base.Common.IsNumeric(Context.Request.Form.GetValues("Id")[Index]) == true)
{
Id = Context.Request.Form.GetValues("Id")[Index].TypeInt();
}
else
{
continue;
}
Base.Data.SqlDataToTable("Select DBS_Id From DBS_User Where DBS_Id = " + Id, ref Conn, ref UserTable);
if (UserTable["Exist"].TypeBool() == false)
{
continue;
}
UserTable.Clear();
if (ClassifyType == "department")
{
Base.Data.SqlQuery("Update DBS_User Set DBS_DepartmentId = '" + DepartmentIdPath + "' Where DBS_Id = " + Id, ref Conn);
}
else if (ClassifyType == "role")
{
Base.Data.SqlQuery("Update DBS_User Set DBS_RoleId = " + ClassifyId + " Where DBS_Id = " + Id, ref Conn);
}
}
DataToJson(Context);
Context.Response.Write("complete");
}
/// <summary>
/// 用户添加
/// </summary>
private void Add(HttpContext Context)
{
Hashtable UserTable = new Hashtable();
int Id = 0;
int DepartmentId = 0;
string DepartmentIdPath = "";
int RoleId = 0;
string Username = "";
string Password = "";
string Code = "";
string Position = "";
string Email = "";
string Phone = "";
string Tel = "";
string Admin = "";
string Send = "";
string Sql = "";
if (Base.Common.IsNumeric(Context.Request.Form["DepartmentId"]) == true)
{
DepartmentId = Context.Request.Form["DepartmentId"].TypeInt();
}
else
{
return;
}
if (Base.Common.IsNumeric(Context.Request.Form["RoleId"]) == true)
{
RoleId = Context.Request.Form["RoleId"].TypeInt();
}
else
{
return;
}
Username = Context.Request.Form["Username"].TypeString();
if (Base.Common.StringCheck(Username, @"^[^\s\`\~\!\@\#\$\%\^\&\*\(\)\-_\=\+\[\]\{\}\;\:\'\""\\\|\,\.\<\>\/\?]{2,16}$") == false)
{
return;
}
Password = Context.Request.Form["Password"].TypeString();
if (Base.Common.StringCheck(Password, @"^[\S]{6,16}$") == false)
{
return;
}
Password = Base.Common.StringCrypto(Password, "MD5");
Code = Context.Request.Form["Code"].TypeString();
if (string.IsNullOrEmpty(Code) == false)
{
if (Base.Common.StringCheck(Code, @"^[\w\-]{2,16}$") == false)
{
return;
}
}
Position = Base.Common.InputFilter(Context.Request.Form["Position"].TypeString());
if (string.IsNullOrEmpty(Position) == false)
{
if (Base.Common.StringCheck(Position, @"^[\s\S]{2,32}$") == false)
{
return;
}
}
Email = Context.Request.Form["Email"].TypeString();
if (string.IsNullOrEmpty(Email) == false)
{
if (Base.Common.StringCheck(Email, @"^[\w\-]+\@[\w\-]+\.[\w]{2,4}(\.[\w]{2,4})?$") == false)
{
return;
}
}
Phone = Context.Request.Form["Phone"].TypeString();
if (string.IsNullOrEmpty(Phone) == false)
{
if (Base.Common.StringCheck(Phone, @"^\+?([\d]{2,4}\-?)?[\d]{6,11}$") == false)
{
return;
}
}
Tel = Context.Request.Form["Tel"].TypeString();
if (string.IsNullOrEmpty(Tel) == false)
{
if (Base.Common.StringCheck(Tel, @"^\+?([\d]{2,4}\-?){0,2}[\d]{6,8}(\-?[\d]{2,8})?$") == false)
{
return;
}
}
Admin = Context.Request.Form["Admin"].TypeString();
if (Base.Common.StringCheck(Admin, @"^(true|false)$") == false)
{
return;
}
else
{
Admin = Admin == "true" ? "1" : "0";
}
Send = Context.Request.Form["Send"].TypeString();
if (Base.Common.StringCheck(Send, @"^(true|false)$") == false)
{
return;
}
Base.Data.SqlDataToTable("Select DBS_Username From DBS_User Where DBS_Username = '******'", ref Conn, ref UserTable);
if (UserTable["Exist"].TypeBool() == true)
{
Context.Response.Write("username-existed");
return;
}
UserTable.Clear();
if (string.IsNullOrEmpty(Email) == false)
{
Base.Data.SqlDataToTable("Select DBS_Email From DBS_User Where DBS_Email = '" + Email + "'", ref Conn, ref UserTable);
if (UserTable["Exist"].TypeBool() == true)
{
Context.Response.Write("email-existed");
return;
}
UserTable.Clear();
}
if (string.IsNullOrEmpty(Phone) == false)
{
Base.Data.SqlDataToTable("Select DBS_Phone From DBS_User Where DBS_Phone = '" + Phone + "'", ref Conn, ref UserTable);
if (UserTable["Exist"].TypeBool() == true)
{
Context.Response.Write("phone-existed");
return;
}
UserTable.Clear();
}
if (DepartmentId == 0)
{
DepartmentIdPath = "/0/";
}
else
{
DepartmentIdPath = AppCommon.DepartmentIdPath(DepartmentId, ref Conn);
}
Sql = "Insert Into DBS_User(DBS_DepartmentId, DBS_RoleId, DBS_Username, DBS_Password, DBS_Code, DBS_Position, DBS_Email, DBS_Phone, DBS_Tel, DBS_Admin, DBS_Status, DBS_Recycle, DBS_Time, DBS_LoginIP, DBS_LoginTime) ";
Sql += "Values('" + DepartmentIdPath + "', " + RoleId + ", '" + Username + "', '" + Password + "', '" + Code + "', '" + Position + "', '" + Email + "', '" + Phone + "', '" + Tel + "', " + Admin + ", 1, 0, '" + DateTime.Now.ToString() + "', '0.0.0.0', '1970/1/1 00:00:00')";
Id = Base.Data.SqlInsert(Sql, ref Conn);
if (Id == 0)
{
return;
}
if (string.IsNullOrEmpty(Email) == false && Send == "true")
{
Password = Context.Request.Form["Password"].TypeString();
CreateMail(Username, Password, Email, Context);
}
DataToJson(Context);
Context.Response.Write("complete");
}
/// <summary>
/// 用户修改
/// </summary>
private void Modify(HttpContext Context)
{
Hashtable UserTable = new Hashtable();
int Id = 0;
int DepartmentId = 0;
string DepartmentIdPath = "";
int RoleId = 0;
string Password = "";
string Code = "";
string Position = "";
string Email = "";
string Phone = "";
string Tel = "";
string Admin = "";
string Status = "";
string Leave = "";
string Sql = "";
if (Base.Common.IsNumeric(Context.Request.Form["Id"]) == true)
{
Id = Context.Request.Form["Id"].TypeInt();
}
else
{
return;
}
if (Base.Common.IsNumeric(Context.Request.Form["DepartmentId"]) == true)
{
DepartmentId = Context.Request.Form["DepartmentId"].TypeInt();
}
else
{
return;
}
if (Base.Common.IsNumeric(Context.Request.Form["RoleId"]) == true)
{
RoleId = Context.Request.Form["RoleId"].TypeInt();
}
else
{
return;
}
Password = Context.Request.Form["Password"].TypeString();
if (Base.Common.StringCheck(Password, @"^[\S]{6,16}$") == true)
{
Password = Base.Common.StringCrypto(Password, "MD5");
}
Code = Context.Request.Form["Code"].TypeString();
if (string.IsNullOrEmpty(Code) == false)
{
if (Base.Common.StringCheck(Code, @"^[\w\-]{2,16}$") == false)
{
return;
}
}
Position = Base.Common.InputFilter(Context.Request.Form["Position"].TypeString());
if (string.IsNullOrEmpty(Position) == false)
{
if (Base.Common.StringCheck(Position, @"^[\s\S]{2,32}$") == false)
{
return;
}
}
Email = Context.Request.Form["Email"].TypeString();
if (string.IsNullOrEmpty(Email) == false)
{
if (Base.Common.StringCheck(Email, @"^[\w\-]+\@[\w\-]+\.[\w]{2,4}(\.[\w]{2,4})?$") == false)
{
return;
}
}
Phone = Context.Request.Form["Phone"].TypeString();
if (string.IsNullOrEmpty(Phone) == false)
{
if (Base.Common.StringCheck(Phone, @"^\+?([\d]{2,4}\-?)?[\d]{6,11}$") == false)
{
return;
}
}
Tel = Context.Request.Form["Tel"].TypeString();
if (string.IsNullOrEmpty(Tel) == false)
{
if (Base.Common.StringCheck(Tel, @"^\+?([\d]{2,4}\-?){0,2}[\d]{6,8}(\-?[\d]{2,8})?$") == false)
{
return;
}
}
Admin = Context.Request.Form["Admin"].TypeString();
if (Base.Common.StringCheck(Admin, @"^(true|false)$") == false)
{
return;
}
else
{
Admin = Admin == "true" ? "1" : "0";
}
Leave = Context.Request.Form["Leave"].TypeString();
if (Base.Common.StringCheck(Leave, @"^(true|false)$") == false)
{
return;
}
else
{
Status = Leave == "true" ? "0" : "1";
}
Base.Data.SqlDataToTable("Select DBS_Id From DBS_User Where DBS_Id = " + Id, ref Conn, ref UserTable);
if (UserTable["Exist"].TypeBool() == false)
{
return;
}
UserTable.Clear();
if (string.IsNullOrEmpty(Email) == false)
{
Base.Data.SqlDataToTable("Select DBS_Id, DBS_Email From DBS_User Where DBS_Email = '" + Email + "'", ref Conn, ref UserTable);
if (UserTable["Exist"].TypeBool() == true)
{
if (UserTable["DBS_Id"].TypeInt() != Id)
{
Context.Response.Write("email-existed");
return;
}
}
UserTable.Clear();
}
if (string.IsNullOrEmpty(Phone) == false)
{
Base.Data.SqlDataToTable("Select DBS_Id, DBS_Phone From DBS_User Where DBS_Phone = '" + Phone + "'", ref Conn, ref UserTable);
if (UserTable["Exist"].TypeBool() == true)
{
if (UserTable["DBS_Id"].TypeInt() != Id)
{
Context.Response.Write("phone-existed");
return;
}
}
UserTable.Clear();
}
if (DepartmentId == 0)
{
DepartmentIdPath = "/0/";
}
else
{
DepartmentIdPath = AppCommon.DepartmentIdPath(DepartmentId, ref Conn);
}
if (string.IsNullOrEmpty(Password) == true)
{
Sql = "Update DBS_User Set DBS_DepartmentId = '" + DepartmentIdPath + "', DBS_RoleId = " + RoleId + ", DBS_Code = '" + Code + "', DBS_Position = '" + Position + "', DBS_Email = '" + Email + "', DBS_Phone = '" + Phone + "', DBS_Tel = '" + Tel + "', DBS_Admin = " + Admin + ", DBS_Status = " + Status + " Where DBS_Id = " + Id;
}
else
{
Sql = "Update DBS_User Set DBS_DepartmentId = '" + DepartmentIdPath + "', DBS_RoleId = " + RoleId + ", DBS_Password = '******', DBS_Code = '" + Code + "', DBS_Position = '" + Position + "', DBS_Email = '" + Email + "', DBS_Phone = '" + Phone + "', DBS_Tel = '" + Tel + "', DBS_Admin = " + Admin + ", DBS_Status = " + Status + " Where DBS_Id = " + Id;
}
Base.Data.SqlQuery(Sql, ref Conn);
DataToJson(Context);
Context.Response.Write("complete");
}