protected void Page_LoadComplete(object sender, EventArgs e) { if (HttpContext.Current.Session["CurrentUser"] == null) { Response.Redirect("Logout.aspx"); } ltrSubMenu.Text = UtilMenu.StudentMenu("studentusers"); if (!Utils.User.UserRoleByName("Student - Users").allowView) { ltrGrid.Text = "You do not have rights to view."; return; } string ms = Request.QueryString["ms"]; this.ltrMScript.Text = Utils.MenuSelectScript(ms); string saveClicked = Request.Form["SaveClicked"] ?? ""; if (IsPostBack && saveClicked.Equals("1")) { BestField fld = new BestField() { fieldName = "guidfield", paramOledbType = System.Data.OleDb.OleDbType.Guid, fieldType = "System.Guid" }; List<BestField> bparam = new List<BestField>(); string delguid = Request.Form["deleteguid"]; if (!string.IsNullOrEmpty(delguid)) { BestUser bsduser = new BestUser(); fld.fieldValue = delguid; bparam.Add(fld); bsduser.LoadRows("guidfield=?", bparam); bsduser.CurrentRow.IsDelete = true; if (!bsduser.CurrentRow.Save()) { ltrValidateMsg.Text = Utils.WarningMessage(bsduser.CurrentRow.lastError); } } else { string stdGud = Request.Form["studentTag10"]; if (!string.IsNullOrEmpty(stdGud)) { fld.fieldValue = stdGud; bparam.Add(fld); BestStudents bstud = new BestStudents(); bstud.LoadRows("guidfield=?", bparam); if (!bstud.CurrentRow.IsNew) { if (string.IsNullOrEmpty(bstud.emailId)) { ltrValidateMsg.Text = Utils.WarningMessage("Student E-Mail Address is Required."); } else { BestUser bstuser = new BestUser(); bstuser.userName = bstud.emailId; bstuser.firstName = bstud.firstName; bstuser.lastName = bstud.lastName; bstuser.address1 = bstud.address1; bstuser.address2 = bstud.address2; bstuser.city = bstud.city; bstuser.state = bstud.state; bstuser.zip = bstud.zip; bstuser.cellPhone = bstud.cellPhone; bstuser.workPhone = bstud.workPhone; bstuser.homePhone = bstud.homePhone; bstuser.studentGuid = bstud.guidfield; bstuser.Centers = bstud.CenterId; bstuser.emailId = bstud.emailId; bstuser.userType = "Student"; string randPwd = RandomString(8); bstuser.password = Utils.GetMD5Hash(randPwd); bstuser.passwordExpiration = DateTime.Today.AddDays(3); if (bstuser.CurrentRow.Save()) { Utils.User.emailUtil.Send(bstuser.emailId, "BLC Login Information", @"<h2>Welcome to Bali Learning Center!</h2><br><h3>Your login information is enclosed.</h3> <b>Accessing Your Account</b><br> Step 1:<br> Click the link below or enter the URL below into your web browser<br> Address: <a href=""http://best.vasbal.com"">Bali Learning Center Login</a><br><br> Step 2:<br> Enter the following user name and temporary password.<br> User Name: <b>" + bstuser.userName + @"</b><br> Password: <b>" + randPwd + @"</b><br><br> <h3>This temporary password expires in 24 hours.</h3><br><br> You will be prompted to change your user name and password during your initial log in as well as answer a few security related questions. <br> <br> <br> <br> Thank you,<br> Bali Learning Center", bstuser.firstName + " " + bstuser.lastName); /* Create Studet - Personal Role */ List<BestField> bparams = new List<BestField>(); BestField paramUName = new BestField() { fieldName = "username", fieldSize = 80, fieldType = "System.String", paramOledbType = System.Data.OleDb.OleDbType.VarChar, displayField = false }; paramUName.fieldValue = bstuser.userName; BestField service = new BestField() { fieldName = "service", fieldSize = 80, fieldType = "System.String", paramOledbType = System.Data.OleDb.OleDbType.VarChar, displayField = false }; bparams.Add(paramUName); bparams.Add(service); string[] aryRoles = { "2.Students", "Student - Personal", "Student - Planner" }; for (int i = 0; i < aryRoles.Length; i++) { UserRoles urole = new UserRoles(); bparams[1].fieldValue = aryRoles[i]; urole.LoadRows("username = ? and service=?", bparams); if (urole.TableRows.Count == 0) { urole.Service = aryRoles[i]; urole.UserName = bstuser.userName; urole.allowView = "1"; urole.CurrentRow.Save(); } } } else { ltrValidateMsg.Text = Utils.WarningMessage( bstuser.CurrentRow.lastError); } } } } } } BestGrid bsGrid = new BestGrid(); bsGrid.PageRequest = Page.Request; bsGrid.Title = "Student Users"; bsGrid.securityPage = "Student - Users"; BestUser bsuser = new BestUser(); bsuser.overrideAdd = Utils.User.UserRoleByName("Student - Users").allowAdd; bsuser.overrideDelete = Utils.User.UserRoleByName("Student - Users").allowDelete; bsuser.overrideEdit = false; bsuser.TableFields["address1"].displayField = false; bsuser.TableFields["address2"].displayField = false; bsuser.TableFields["city"].displayField = false; bsuser.TableFields["zip"].displayField = false; bsuser.TableFields["state"].displayField = false; bsuser.TableFields["Centers"].displayField = false; bsGrid.GridTable = bsuser; bsGrid.whereClause = "usertype in ('Student')"; ltrGrid.Text = bsGrid.ToHTML(); /* Auto Student */ StringBuilder sb = new StringBuilder(); string autoSample = "{value:\"[paramValue]\", label:[paramLabel]}"; sb.AppendLine("<script type=\"text/javascript\">"); sb.AppendLine("autoStudents = ["); BestStudents bstd = new BestStudents(); bstd.LoadRows(); for (int s = 0; s < bstd.TableRows.Count; s++) { string result = autoSample; result = result.Replace("[paramValue]", bstd.TableRows[s].Fields["guidfield"].fieldValue); result = result.Replace("[paramLabel]", Utils.EnquoteJS((bstd.TableRows[s].Fields["firstName"].fieldValue ?? "") + " " + (bstd.TableRows[s].Fields["lastName"].fieldValue ?? ""))); sb.Append(result); if (s < bstd.TableRows.Count - 1) sb.AppendLine(","); } sb.AppendLine("];"); sb.AppendLine("</script>"); this.ltrScript.Text = sb.ToString(); }
protected void Page_LoadComplete(object sender, EventArgs e) { if (HttpContext.Current.Session["CurrentUser"] == null) { Response.Redirect("Logout.aspx"); } string ms = Request.QueryString["ms"]; ltrMScript.Text = Utils.MenuSelectScript(ms); ltrSubMenu.Text = UtilMenu.SetupSubMenu("userroles"); if (!Utils.User.UserRoleByName("Setup - User Roles").allowView) { ltrGrid.Text = "You do not have rights to view."; return; } string username = Request.Form["userName"]; if (!string.IsNullOrEmpty(username)) { UserRoles uroles = new UserRoles(); string insSQL = "insert into bestuserroles (service, username) (select bserv.service, ? from bestservices bserv left join bestuserroles bur on bur.service=bserv.service and bur.username = ? where bur.Service is null)"; OleDbCommand myCmd = uroles.dbCmd; OleDbParameter p1 = new OleDbParameter("username0", OleDbType.VarChar, 200); p1.Value = username; OleDbParameter p2 = new OleDbParameter("username1", OleDbType.VarChar, 200); p2.Value = username; myCmd.Parameters.Add(p1); myCmd.Parameters.Add(p2); myCmd.CommandText = insSQL; try { myCmd.ExecuteNonQuery(); } catch { } string saveclicked = Request.Form["saveClicked"]; bool canSave = (IsPostBack && ((!string.IsNullOrEmpty(saveclicked)) && saveclicked.Equals("1,"))); List<BestField> bparams = new List<BestField>(); BestField paramUName = new BestField() { fieldName = "username", fieldSize = 80, fieldType = "System.String", paramOledbType = System.Data.OleDb.OleDbType.VarChar, displayField = false }; paramUName.fieldValue = username; bparams.Add(paramUName); uroles.LoadRows("username = ?", bparams, "service"); StringBuilder sbg = new StringBuilder(); sbg.Append("<table style=\"width:100%;\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\" class=\"bestgrid\"><tr><th>Service Name</th><th>Allow View</th><th>Allow Add</th><th>Allow Edit</th><th>Allow Delete</th></tr>"); //sbg.Append("<table style=\"width:100%;\" cellpadding=\"0\" cellspacing=\"0\" border=\"0\" class=\"bestgrid\"><tr><th></th><th><input type="+checkbox"/>Tick all view</th><th>Tick all add</th><th>tick all edit</th><th>tick all Delete</th></tr>"); for (int rnum = 0; rnum < uroles.TableRows.Count; rnum++) { string srclass = " class=" + ((rnum % 2 == 0) ? "\"grideven\"" : "\"gridodd\""); sbg.Append("<tr" + srclass + ">"); sbg.Append("<td>" + HttpUtility.HtmlEncode(uroles.TableRows[rnum].Fields["Service"].fieldValue) + "</td>"); BestRow curRow = uroles.TableRows[rnum]; if (canSave) { string allowview = Request.Form["view_" + rnum.ToString()]; string allowadd = Request.Form["add_" + rnum.ToString()]; string allowedit = Request.Form["edit_" + rnum.ToString()]; string allowdel = Request.Form["delete_" + rnum.ToString()]; if ((!string.IsNullOrEmpty(allowadd)) && allowadd.Equals("on")) { curRow.Fields["allowAdd"].fieldValue = "1"; } else { curRow.Fields["allowAdd"].fieldValue = "0"; } if ((!string.IsNullOrEmpty(allowdel)) && allowdel.Equals("on")) { curRow.Fields["allowDelete"].fieldValue = "1"; } else { curRow.Fields["allowDelete"].fieldValue = "0"; } if ((!string.IsNullOrEmpty(allowedit)) && allowedit.Equals("on")) { curRow.Fields["allowEdit"].fieldValue = "1"; } else { curRow.Fields["allowEdit"].fieldValue = "0"; } if ((!string.IsNullOrEmpty(allowview)) && allowview.Equals("on")) { curRow.Fields["allowView"].fieldValue = "1"; } else { curRow.Fields["allowView"].fieldValue = "0"; } curRow.Save(); } bool allowAdd = curRow.Fields["allowAdd"].fieldValue.Equals("1"); bool allowView = curRow.Fields["allowView"].fieldValue.Equals("1"); bool allowEdit = curRow.Fields["allowEdit"].fieldValue.Equals("1"); bool allowDelete = curRow.Fields["allowDelete"].fieldValue.Equals("1"); string rowguid = curRow.Fields["guidfield"].fieldValue; sbg.Append("<input type=\"hidden\" id=\"guid_" + rnum.ToString() + "\" value=\"" + rowguid + "\" />"); sbg.Append("<td class=\"ca\"><input type=\"checkbox\" id=\"view_" + rnum.ToString() + "\" name=\"view_" + rnum.ToString() + "\" "); if (allowView) { sbg.Append(" checked=\"checked\" "); } sbg.Append(" /></td>"); sbg.Append("<td class=\"ca\"><input type=\"checkbox\" id=\"add_" + rnum.ToString() + "\" name=\"add_" + rnum.ToString() + "\" "); if (allowAdd) { sbg.Append(" checked=\"checked\" "); } sbg.Append(" /></td>"); sbg.Append("<td class=\"ca\"><input type=\"checkbox\" id=\"edit_" + rnum.ToString() + "\" name=\"edit_" + rnum.ToString() + "\" "); if (allowEdit) { sbg.Append(" checked=\"checked\" "); } sbg.Append(" /></td>"); sbg.Append("<td class=\"ca\"><input type=\"checkbox\" id=\"delete_" + rnum.ToString() + "\" name=\"delete_" + rnum.ToString() + "\" "); if (allowDelete) { sbg.Append(" checked=\"checked\" "); } sbg.Append(" /></td>"); } /* TODO:User Rights */ sbg.Append("<tr><td colspan=\"5\"><input type=\"button\" id=\"btnSave\" name=\"btnSave\" onclick=\"doSave();\" value=\"Save\" /></td></tr>"); sbg.Append("</table>"); ltrGrid.Text = sbg.ToString(); } else { ltrGrid.Text = "<div style=\"height:200px;\"></div>"; } BestUser buser = new BestUser(); buser.LoadRows("usertype not in ('Student', 'Tutor')", null); StringBuilder sb = new StringBuilder(); sb.Append("<option value=\"\"></option>"); for (int rownum = 0; rownum < buser.TableRows.Count; rownum++) { string uname = buser.TableRows[rownum].Fields["userName"].fieldValue; sb.Append("<option value=\"" + HttpUtility.HtmlEncode(uname) + "\" "); if (uname.Equals(username)) { sb.Append(" selected=\"selected\" "); } sb.Append(">" + HttpUtility.HtmlEncode(uname) + "</option>"); } ltrSelectUser.Text = sb.ToString(); }