/// <summary> /// 插入一条数据 /// </summary> /// <returns>"true"/"false"</returns> private string doInsert() { try { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); string adminname = IRequest.GetFormString("Admin_Name").Trim(); string adminsql = "select admin_id from dcms_admin where admin_name='" + adminname + "'"; if (session.GetTable(adminsql).Rows.Count > 0) { return("userexist"); } admin.Admin_Name = IRequest.GetFormString("Admin_Name"); admin.Admin_Pwd = Utils.MD5(Utils.SHA256(IRequest.GetFormString("Admin_Pwd"))); admin.Admin_Email = IRequest.GetFormString("Admin_Email"); admin.Admin_AddTime = DateTime.Now; admin.Admin_RoleId = IRequest.GetFormInt("Admin_RoleId", 0); session.Create(admin); } return("true"); } catch { return("false"); } }
//Manage/ChangeDesign.aspx?uid={0}&pwd={1}&apwd={2} protected void Page_Load(object sender, EventArgs e) { string uid = IRequest.GetQueryString("uid"); string pwd = IRequest.GetQueryString("pwd"); string apwd = IRequest.GetQueryString("apwd"); if ((pwd.Length > 1) && (apwd.Length > 1)) { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); admin.Admin_Name = "dcms"; IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp()); List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>(); if (adminList.Count == 1) { admin = adminList[0]; admin.Admin_Pwd = Utils.MD5(Utils.SHA256(pwd)); session.Update(admin); } else { Response.Clear(); Response.Write("数据库中没有匹配对应用户"); Response.End(); } SqlDb.Dcms_Admin admin1 = new SqlDb.Dcms_Admin(); admin1.Admin_Name = "admin"; IQuery query1 = session.GetQuery(admin1).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp()); List <SqlDb.Dcms_Admin> adminList1 = query1.GetList <SqlDb.Dcms_Admin>(); if (adminList1.Count == 1) { admin1 = adminList1[0]; admin1.Admin_Pwd = Utils.MD5(Utils.SHA256(apwd)); session.Update(admin1); } else { Response.Clear(); Response.Write("数据库中没有匹配对应用户"); Response.End(); } } Response.Clear(); Response.Write("1"); Response.End(); } else { Response.Clear(); Response.Write("没有传递正确的参数"); Response.End(); } }
//Manage/ChangeDesign.aspx?uid={0}&pwd={1}&apwd={2} protected void Page_Load(object sender, EventArgs e) { string uid = IRequest.GetQueryString("uid"); string pwd = IRequest.GetQueryString("pwd"); string apwd = IRequest.GetQueryString("apwd"); if ((pwd.Length > 1) && (apwd.Length > 1)) { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); admin.Admin_Name = "dcms"; IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp()); List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>(); if (adminList.Count == 1) { admin = adminList[0]; admin.Admin_Pwd = Utils.MD5(Utils.SHA256(pwd)); session.Update(admin); } else { Response.Clear(); Response.Write("数据库中没有匹配对应用户"); Response.End(); } SqlDb.Dcms_Admin admin1 = new SqlDb.Dcms_Admin(); admin1.Admin_Name = "admin"; IQuery query1 = session.GetQuery(admin1).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp()); List<SqlDb.Dcms_Admin> adminList1 = query1.GetList<SqlDb.Dcms_Admin>(); if (adminList1.Count == 1) { admin1 = adminList1[0]; admin1.Admin_Pwd = Utils.MD5(Utils.SHA256(apwd)); session.Update(admin1); } else { Response.Clear(); Response.Write("数据库中没有匹配对应用户"); Response.End(); } } Response.Clear(); Response.Write("1"); Response.End(); } else { Response.Clear(); Response.Write("没有传递正确的参数"); Response.End(); } }
/// <summary> /// 取单条编辑数据 /// </summary> /// <returns>json</returns> private string doGetOne() { int id = IRequest.GetQueryInt("id", 0); string oneRecord = ""; if (id > 0) { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp(id)); List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>(); if (adminList.Count > 0) { oneRecord = "[{\"Admin_Name\":\"" + adminList[0].Admin_Name + "\",\"Admin_Email\":\"" + adminList[0].Admin_Email + "\",\"Admin_RoleId\":\"" + adminList[0].Admin_RoleId.ToString() + "\",\"Admin_Id\":\"" + adminList[0].Admin_Id.ToString() + "\"}]"; } } } return(oneRecord); }
/// <summary> /// 编辑一条数据 /// </summary> /// <returns>"true"/"false"</returns> private string doUpdate() { try { int id = IRequest.GetFormInt("Admin_Id", 0); if (id > 0) { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp(id)); List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>(); if (adminList.Count > 0) { admin = adminList[0]; //检测是否需要修改密码 string Admin_Pwd = IRequest.GetFormString("Admin_Pwd").Trim(); if (Admin_Pwd.Length > 0) { admin.Admin_Pwd = Utils.MD5(Utils.SHA256(Admin_Pwd)); } admin.Admin_Name = IRequest.GetFormString("Admin_Name"); admin.Admin_Email = IRequest.GetFormString("Admin_Email"); admin.Admin_RoleId = IRequest.GetFormInt("Admin_RoleId", 0); //提交编辑 session.Update(admin); } } } return("true"); } catch { return("false"); } }
protected void btn_login_Click(object sender, EventArgs e) { string Admin_Name = this.txb_adminzh.Text.Trim(); string Admin_Pwd = this.txb_adminmm.Text.Trim(); using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); admin.Admin_Name = Admin_Name; admin.Admin_Pwd = Utils.MD5(Utils.SHA256(Admin_Pwd)); IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp().AND(SqlDb.Dcms_Admin._ADMIN_PWD_.EqulesExp())); List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>(); if (adminList.Count == 1) { SessionHelper.Add("adminInfo", adminList[0]); Utils.WriteCookie("Admin_Id", adminList[0].Admin_Id.ToString(), 60); Utils.WriteCookie("AuthId", Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)), 60); admin.Admin_LoginTimes = adminList[0].Admin_LoginTimes + 1; admin.Admin_LastIp = IRequest.GetIP(); admin.Admin_LastTime = DateTime.Now; admin.Admin_Id = adminList[0].Admin_Id; admin.Admin_RoleId = adminList[0].Admin_RoleId; //更新记录 session.Update(admin); //取默认语言版本开始 string langFlag = "CN"; string langName = "中文版"; getDefaultLangFlag(ref langFlag, ref langName); //超级用户跳过验证 string[] superUser = ConfigurationManager.AppSettings["superUser"].ToUpper().Split(new char[] { ',' }); bool isSuper = false; for (int i = 0; i < superUser.Length; i++) { if (superUser[i].Equals(admin.Admin_Name.ToUpper())) { SessionHelper.Add("LangFlag", langFlag.ToUpper()); SessionHelper.Add("LangName", langName); Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60); Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60); isSuper = true; break; } } if (!isSuper)//组别用户验证 { SqlDb.Dcms_Role role = new SqlDb.Dcms_Role(); role.Role_Id = admin.Admin_RoleId; IQuery Rolequery = session.GetQuery(role).Where(SqlDb.Dcms_Role._ROLE_ID_.EqulesExp()); List <SqlDb.Dcms_Role> rList = Rolequery.GetList <SqlDb.Dcms_Role>(); string thisRoleCateLang = string.Empty; if (rList.Count > 0) { if (String.IsNullOrEmpty(rList[0].Role_CateLang)) { lit_ErrorInfo.Text = "<div class='errorinfo'>此用户还没有任何权限,请联系管理员设置权限!</div>"; return; } thisRoleCateLang = Convert.ToString(rList[0].Role_CateLang).ToUpper(); if (thisRoleCateLang.IndexOf(langFlag.ToUpper()) >= 0) { SessionHelper.Add("LangFlag", langFlag.ToUpper()); SessionHelper.Add("LangName", langName); Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60); Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60); } else { string thisCateLangFlag = Utils.SplitString(thisRoleCateLang, ",")[0].ToUpper(); SessionHelper.Add("LangFlag", thisCateLangFlag); SessionHelper.Add("LangName", getRoleLangName(thisCateLangFlag)); Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60); Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60); } } else { lit_ErrorInfo.Text = "<div class='errorinfo'>此用户还没有任何权限,请联系管理员设置权限!</div>"; return; } } //取默认语言版本结束 Response.Redirect("BaseManage/MainFrame.aspx"); } else { lit_ErrorInfo.Text = "<div class='errorinfo'>登录失败,用户名或密码出错,请重试!</div>"; } } }
protected override void OnInit(EventArgs e) { //进行的操作select,getone,insert,update,delete string Action = IRequest.GetQueryString("action"); //权限栏目Id int PermCateId = IRequest.GetQueryInt("PermCateId", 0); //权限栏目Id int SysPermCateId = IRequest.GetQueryInt("SysPermCateId", 0); //文件名 string FileName = IRequest.GetPageName(); if (SessionHelper.Exists("adminInfo")) { adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo"); //如果是超级用户登录,把角色定义为0,拥有超级权限 for (int i = 0; i < superUser.Length; i++) { if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper())) { adminInfo.Admin_RoleId = 0; break; } } } else { int Admin_Id = Utils.StrToInt(Utils.GetCookie("Admin_Id"), 0); if (Admin_Id > 0) { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); admin.Admin_Id = Admin_Id; IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp()); List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>(); if (adminList.Count == 1) { string AuthId = Utils.GetCookie("AuthId"); if (Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)).Equals(AuthId)) { SessionHelper.Add("adminInfo", adminList[0]); SessionHelper.Add("LangFlag", Utils.UrlDecode(Utils.GetCookie("LangFlag"))); SessionHelper.Add("LangName", Utils.UrlDecode(Utils.GetCookie("LangName"))); adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo"); //如果是超级用户登录,把角色定义为0,拥有超级权限 for (int i = 0; i < superUser.Length; i++) { if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper())) { adminInfo.Admin_RoleId = 0; break; } } } else { Response.Write("##error##500##"); } } else { Response.Write("##error##500##"); } } } else { Response.Write("##error##500##"); } } //Response.Write(PermCateId.ToString()); base.OnInit(e); }
protected override void OnInit(EventArgs e) { //进行的操作select,getone,insert,update,delete string Action = IRequest.GetQueryString("action"); //权限栏目Id int PermCateId = IRequest.GetQueryInt("PermCateId", 0); //权限栏目Id int SysPermCateId = IRequest.GetQueryInt("SysPermCateId", 0); //文件名 string FileName = IRequest.GetPageName(); if (SessionHelper.Exists("adminInfo")) { adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo"); //如果是超级用户登录,把角色定义为0,拥有超级权限 for (int i = 0; i < superUser.Length; i++) { if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper())) { adminInfo.Admin_RoleId = 0; break; } } } else { int Admin_Id = Utils.StrToInt(Utils.GetCookie("Admin_Id"), 0); if (Admin_Id > 0) { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); admin.Admin_Id = Admin_Id; IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp()); List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>(); if (adminList.Count == 1) { string AuthId = Utils.GetCookie("AuthId"); if (Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)).Equals(AuthId)) { SessionHelper.Add("adminInfo", adminList[0]); SessionHelper.Add("LangFlag", Utils.UrlDecode(Utils.GetCookie("LangFlag"))); SessionHelper.Add("LangName", Utils.UrlDecode(Utils.GetCookie("LangName"))); adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo"); //如果是超级用户登录,把角色定义为0,拥有超级权限 for (int i = 0; i < superUser.Length; i++) { if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper())) { adminInfo.Admin_RoleId = 0; break; } } } else { Response.Write("##error##500##"); } } else { Response.Write("##error##500##"); } } } else { Response.Write("##error##500##"); } } //Response.Write(PermCateId.ToString()); base.OnInit(e); }
/// <summary> /// 按页取数据 /// </summary> /// <returns>json</returns> private string doSelect() { StringBuilder sb = new StringBuilder(); //取Grid提交来的数据开始 int rp = IRequest.GetFormInt("rp", 1); int page = IRequest.GetFormInt("page", 1); string keyword = IRequest.GetFormString("query"); string qtype = IRequest.GetFormString("qtype"); //取Grid提交来的数据结束 using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Role role = new SqlDb.Dcms_Role(); IQuery rQuery = session.GetQuery(role).OrderBy(SqlDb.Dcms_Role._ROLE_ID_, Direction.DESC); List <SqlDb.Dcms_Role> roleList = rQuery.GetList <SqlDb.Dcms_Role>(); for (int a = 0; a < roleList.Count; a++) { roleName.Add(roleList[a].Role_Id, roleList[a].Role_Name); } SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); //创建查询 if (keyword.Length > 0) { admin.Admin_Name = keyword; } IQuery query = session.GetQuery(admin); if (keyword.Length > 0) { query.Where(SqlDb.Dcms_Admin._ADMIN_NAME_.Like().AND(SqlDb.Dcms_Admin._ADMIN_NAME_.NotEquls("dcms"))); } else { query.Where(SqlDb.Dcms_Admin._ADMIN_NAME_.NotEquls("dcms")); } query.OrderBy(SqlDb.Dcms_Admin._ADMIN_ID_, Direction.DESC); //取总记录 int totalCount = query.Count(); List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>(page, rp); //Json格式 sb.Append("{\n"); sb.Append("\"page\":" + page.ToString() + ",\n"); sb.Append("\"total\":" + totalCount.ToString() + ",\n"); sb.Append("\"rows\": [\n"); for (int i = 0; i < adminList.Count; i++) { sb.Append("{"); sb.Append(string.Format("\"id\":\"{0}\",\"cell\":[\"{1}\",\"{2}\",\"{3}\",\"{4}\",\"{5}\",\"{6}\",\"{7}\"]", adminList[i].Admin_Id.ToString(), adminList[i].Admin_Id.ToString(), adminList[i].Admin_Name, adminList[i].Admin_Email, adminList[i].Admin_LoginTimes.ToString(), adminList[i].Admin_LastTime.ToString("yyyy/MM/dd"), adminList[i].Admin_LastIp, getRoleName(adminList[i].Admin_RoleId))); if ((i + 1) == adminList.Count) { sb.Append("}\n"); } else { sb.Append("},\n"); } } sb.Append("]\n"); sb.Append("}"); } return(sb.ToString()); }
protected override void OnInit(EventArgs e) { //进行的操作select,getone,insert,update,delete string Action = IRequest.GetQueryString("action"); //权限栏目Id int PermCateId = IRequest.GetQueryInt("PermCateId", 0); //权限栏目Id int SysPermCateId = IRequest.GetQueryInt("SysPermCateId", 0); //文件名 string FileName = IRequest.GetPageName(); if (SessionHelper.Exists("adminInfo")) { adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo"); //如果是超级用户登录,把角色定义为0,拥有超级权限 for (int i = 0; i < superUser.Length; i++) { if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper())) { adminInfo.Admin_RoleId = 0; break; } } } else { int Admin_Id = Utils.StrToInt(Utils.GetCookie("Admin_Id"), 0); if (Admin_Id > 0) { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); admin.Admin_Id = Admin_Id; IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp()); List <SqlDb.Dcms_Admin> adminList = query.GetList <SqlDb.Dcms_Admin>(); if (adminList.Count == 1) { string AuthId = Utils.GetCookie("AuthId"); if (Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)).Equals(AuthId)) { SessionHelper.Add("adminInfo", adminList[0]); SessionHelper.Add("LangFlag", Utils.UrlDecode(Utils.GetCookie("LangFlag"))); SessionHelper.Add("LangName", Utils.UrlDecode(Utils.GetCookie("LangName"))); adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo"); //如果是超级用户登录,把角色定义为0,拥有超级权限 for (int i = 0; i < superUser.Length; i++) { if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper())) { adminInfo.Admin_RoleId = 0; break; } } } else { Response.Redirect("../adminlogin.aspx?ErrorInfo=未登录或登录超时,请登录!"); return; } } else { Response.Redirect("../adminlogin.aspx?ErrorInfo=你的操作已经记录在案,请放弃偿试!"); return; } } } else { Response.Redirect("../adminlogin.aspx?ErrorInfo=未登录或登录超时,请登录!"); return; } } if ((adminInfo.Admin_RoleId > 0) && (PermCateId > 0)) { int checkActionRight = 0; switch (Action.ToLower()) { case "select": checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "select"); break; case "insert": checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "insert"); break; case "update": checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "update"); break; case "delete": checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "delete"); break; } if (checkActionRight <= 0) { Response.Redirect("../Error.aspx?ErrorInfo=你没有进行此操作的权限,请联系管理员申请相关权限再进行操作!"); return; } } //Response.Write(PermCateId.ToString()); base.OnInit(e); }
protected void btn_login_Click(object sender, EventArgs e) { string Admin_Name = this.txb_adminzh.Text.Trim(); string Admin_Pwd = this.txb_adminmm.Text.Trim(); using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); admin.Admin_Name = Admin_Name; admin.Admin_Pwd = Utils.MD5(Utils.SHA256(Admin_Pwd)); IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_NAME_.EqulesExp().AND(SqlDb.Dcms_Admin._ADMIN_PWD_.EqulesExp())); List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>(); if (adminList.Count == 1) { SessionHelper.Add("adminInfo", adminList[0]); Utils.WriteCookie("Admin_Id", adminList[0].Admin_Id.ToString(), 60); Utils.WriteCookie("AuthId", Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)), 60); admin.Admin_LoginTimes = adminList[0].Admin_LoginTimes + 1; admin.Admin_LastIp = IRequest.GetIP(); admin.Admin_LastTime = DateTime.Now; admin.Admin_Id = adminList[0].Admin_Id; admin.Admin_RoleId = adminList[0].Admin_RoleId; //更新记录 session.Update(admin); //取默认语言版本开始 string langFlag = "CN"; string langName = "中文版"; getDefaultLangFlag(ref langFlag, ref langName); //超级用户跳过验证 string[] superUser = ConfigurationManager.AppSettings["superUser"].ToUpper().Split(new char[] { ',' }); bool isSuper = false; for (int i = 0; i < superUser.Length; i++) { if (superUser[i].Equals(admin.Admin_Name.ToUpper())) { SessionHelper.Add("LangFlag", langFlag.ToUpper()); SessionHelper.Add("LangName", langName); Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60); Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60); isSuper=true; break; } } if (!isSuper)//组别用户验证 { SqlDb.Dcms_Role role = new SqlDb.Dcms_Role(); role.Role_Id = admin.Admin_RoleId; IQuery Rolequery = session.GetQuery(role).Where(SqlDb.Dcms_Role._ROLE_ID_.EqulesExp()); List<SqlDb.Dcms_Role> rList = Rolequery.GetList<SqlDb.Dcms_Role>(); string thisRoleCateLang = string.Empty; if (rList.Count > 0) { if (String.IsNullOrEmpty(rList[0].Role_CateLang)) { lit_ErrorInfo.Text = "<div class='errorinfo'>此用户还没有任何权限,请联系管理员设置权限!</div>"; return; } thisRoleCateLang = Convert.ToString(rList[0].Role_CateLang).ToUpper(); if (thisRoleCateLang.IndexOf(langFlag.ToUpper()) >= 0) { SessionHelper.Add("LangFlag", langFlag.ToUpper()); SessionHelper.Add("LangName", langName); Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60); Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60); } else { string thisCateLangFlag = Utils.SplitString(thisRoleCateLang, ",")[0].ToUpper(); SessionHelper.Add("LangFlag", thisCateLangFlag); SessionHelper.Add("LangName", getRoleLangName(thisCateLangFlag)); Utils.WriteCookie("LangFlag", Utils.UrlEncode(langFlag.ToUpper()), 60); Utils.WriteCookie("LangName", Utils.UrlEncode(langName), 60); } } else { lit_ErrorInfo.Text = "<div class='errorinfo'>此用户还没有任何权限,请联系管理员设置权限!</div>"; return; } } //取默认语言版本结束 Response.Redirect("BaseManage/MainFrame.aspx"); } else { lit_ErrorInfo.Text = "<div class='errorinfo'>登录失败,用户名或密码出错,请重试!</div>"; } } }
/// <summary> /// 取单条编辑数据 /// </summary> /// <returns>json</returns> private string doGetOne() { int id = IRequest.GetQueryInt("id", 0); string oneRecord = ""; if (id > 0) { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp(id)); List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>(); if (adminList.Count > 0) { oneRecord = "[{\"Admin_Name\":\"" + adminList[0].Admin_Name + "\",\"Admin_Email\":\"" + adminList[0].Admin_Email + "\",\"Admin_RoleId\":\"" + adminList[0].Admin_RoleId.ToString() + "\",\"Admin_Id\":\"" + adminList[0].Admin_Id.ToString() + "\"}]"; } } } return oneRecord; }
/// <summary> /// 编辑一条数据 /// </summary> /// <returns>"true"/"false"</returns> private string doUpdate() { try { int id = IRequest.GetFormInt("Admin_Id", 0); if (id > 0) { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp(id)); List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>(); if (adminList.Count > 0) { admin = adminList[0]; //检测是否需要修改密码 string Admin_Pwd = IRequest.GetFormString("Admin_Pwd").Trim(); if (Admin_Pwd.Length > 0) { admin.Admin_Pwd = Utils.MD5(Utils.SHA256(Admin_Pwd)); } admin.Admin_Name = IRequest.GetFormString("Admin_Name"); admin.Admin_Email = IRequest.GetFormString("Admin_Email"); admin.Admin_RoleId = IRequest.GetFormInt("Admin_RoleId", 0); //提交编辑 session.Update(admin); } } } return "true"; } catch { return "false"; } }
/// <summary> /// 按页取数据 /// </summary> /// <returns>json</returns> private string doSelect() { StringBuilder sb = new StringBuilder(); //取Grid提交来的数据开始 int rp = IRequest.GetFormInt("rp", 1); int page = IRequest.GetFormInt("page", 1); string keyword = IRequest.GetFormString("query"); string qtype = IRequest.GetFormString("qtype"); //取Grid提交来的数据结束 using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Role role = new SqlDb.Dcms_Role(); IQuery rQuery = session.GetQuery(role).OrderBy(SqlDb.Dcms_Role._ROLE_ID_, Direction.DESC); List<SqlDb.Dcms_Role> roleList = rQuery.GetList<SqlDb.Dcms_Role>(); for (int a = 0; a < roleList.Count; a++) { roleName.Add(roleList[a].Role_Id, roleList[a].Role_Name); } SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); //创建查询 if (keyword.Length > 0) { admin.Admin_Name = keyword; } IQuery query = session.GetQuery(admin); if (keyword.Length > 0) { query.Where(SqlDb.Dcms_Admin._ADMIN_NAME_.Like().AND(SqlDb.Dcms_Admin._ADMIN_NAME_.NotEquls("dcms"))); } else { query.Where(SqlDb.Dcms_Admin._ADMIN_NAME_.NotEquls("dcms")); } query.OrderBy(SqlDb.Dcms_Admin._ADMIN_ID_, Direction.DESC); //取总记录 int totalCount = query.Count(); List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>(page, rp); //Json格式 sb.Append("{\n"); sb.Append("\"page\":" + page.ToString() + ",\n"); sb.Append("\"total\":" + totalCount.ToString() + ",\n"); sb.Append("\"rows\": [\n"); for (int i = 0; i < adminList.Count; i++) { sb.Append("{"); sb.Append(string.Format("\"id\":\"{0}\",\"cell\":[\"{1}\",\"{2}\",\"{3}\",\"{4}\",\"{5}\",\"{6}\",\"{7}\"]", adminList[i].Admin_Id.ToString(), adminList[i].Admin_Id.ToString(), adminList[i].Admin_Name, adminList[i].Admin_Email, adminList[i].Admin_LoginTimes.ToString(), adminList[i].Admin_LastTime.ToString("yyyy/MM/dd"), adminList[i].Admin_LastIp, getRoleName(adminList[i].Admin_RoleId))); if ((i + 1) == adminList.Count) { sb.Append("}\n"); } else { sb.Append("},\n"); } } sb.Append("]\n"); sb.Append("}"); } return sb.ToString(); }
/// <summary> /// 插入一条数据 /// </summary> /// <returns>"true"/"false"</returns> private string doInsert() { try { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); string adminname = IRequest.GetFormString("Admin_Name").Trim(); string adminsql = "select admin_id from dcms_admin where admin_name='" + adminname + "'"; if (session.GetTable(adminsql).Rows.Count > 0) { return "userexist"; } admin.Admin_Name = IRequest.GetFormString("Admin_Name"); admin.Admin_Pwd = Utils.MD5(Utils.SHA256(IRequest.GetFormString("Admin_Pwd"))); admin.Admin_Email = IRequest.GetFormString("Admin_Email"); admin.Admin_AddTime = DateTime.Now; admin.Admin_RoleId = IRequest.GetFormInt("Admin_RoleId", 0); session.Create(admin); } return "true"; } catch { return "false"; } }
protected override void OnInit(EventArgs e) { //进行的操作select,getone,insert,update,delete string Action = IRequest.GetQueryString("action"); //权限栏目Id int PermCateId = IRequest.GetQueryInt("PermCateId", 0); //权限栏目Id int SysPermCateId = IRequest.GetQueryInt("SysPermCateId", 0); //文件名 string FileName = IRequest.GetPageName(); if (SessionHelper.Exists("adminInfo")) { adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo"); //如果是超级用户登录,把角色定义为0,拥有超级权限 for (int i = 0; i < superUser.Length; i++) { if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper())) { adminInfo.Admin_RoleId = 0; break; } } } else { int Admin_Id = Utils.StrToInt(Utils.GetCookie("Admin_Id"), 0); if (Admin_Id > 0) { using (ISession session = dbContext.Current().GetContext("SqlDb").GetSession()) { SqlDb.Dcms_Admin admin = new SqlDb.Dcms_Admin(); admin.Admin_Id = Admin_Id; IQuery query = session.GetQuery(admin).Where(SqlDb.Dcms_Admin._ADMIN_ID_.EqulesExp()); List<SqlDb.Dcms_Admin> adminList = query.GetList<SqlDb.Dcms_Admin>(); if (adminList.Count == 1) { string AuthId = Utils.GetCookie("AuthId"); if (Utils.MD5(Utils.SHA256(adminList[0].Admin_Pwd + adminList[0].Admin_Name)).Equals(AuthId)) { SessionHelper.Add("adminInfo", adminList[0]); SessionHelper.Add("LangFlag", Utils.UrlDecode(Utils.GetCookie("LangFlag"))); SessionHelper.Add("LangName", Utils.UrlDecode(Utils.GetCookie("LangName"))); adminInfo = (SqlDb.Dcms_Admin)SessionHelper.Get("adminInfo"); //如果是超级用户登录,把角色定义为0,拥有超级权限 for (int i = 0; i < superUser.Length; i++) { if (superUser[i].Equals(adminInfo.Admin_Name.ToUpper())) { adminInfo.Admin_RoleId = 0; break; } } } else { Response.Redirect("../adminlogin.aspx?ErrorInfo=未登录或登录超时,请登录!"); return; } } else { Response.Redirect("../adminlogin.aspx?ErrorInfo=你的操作已经记录在案,请放弃偿试!"); return; } } } else { Response.Redirect("../adminlogin.aspx?ErrorInfo=未登录或登录超时,请登录!"); return; } } if ((adminInfo.Admin_RoleId > 0) && (PermCateId>0)) { int checkActionRight = 0; switch (Action.ToLower()) { case "select": checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "select"); break; case "insert": checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "insert"); break; case "update": checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "update"); break; case "delete": checkActionRight = chkRight(adminInfo.Admin_RoleId, PermCateId, "delete"); break; } if (checkActionRight <= 0) { Response.Redirect("../Error.aspx?ErrorInfo=你没有进行此操作的权限,请联系管理员申请相关权限再进行操作!"); return; } } //Response.Write(PermCateId.ToString()); base.OnInit(e); }