public static int UpdateUserById(UserItem user)
{
try
{
string comText = "update [tUsers] set tUsers.uname='" + user.UName + "', tUsers.upwd='" + user.UPwd + "', tUsers.utext='" + user.UText + "', tUsers.ulevel='" + user.ULevel + "', tUsers.userupdate='" + user.UserUpdate + "' where tUsers.userid=" + user.UserId;
int rlt = OleDbHelper.ExecuteNonQuery(comText);
return rlt;
}
catch (Exception e)
{
throw e;
}
}
public static int AddUser(UserItem user)
{
try
{
string comText = "insert into [tUsers] (uname ,upwd ,utext ,ulevel) values ( '"
+ user.UName + "', '" + user.UPwd + "', '" + user.UText + "', " + user.ULevel + ")";
int rlt = OleDbHelper.ExecuteNonQuery(comText);
return rlt;
}
catch (Exception e)
{
throw e;
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
string sUserName = SqlHelper.MakeSafeFieldValue(txtUserName.Text);
string sPassWord = SqlHelper.MakeSafeFieldValue(System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(txtPassWord.Text.ToString(), "MD5"));
//验证码检查
if (!AuthCodePage.IsValidCode(this.txtChkcode.Text))
{
OKInfo.Text = "<font color='red'>验证码错误!!!</font>";
return;
}
string strsql = string.Concat("select * from tUsers where uname='", sUserName, "' and (upwd='", sPassWord, "' or upwd='" + SqlHelper.MakeSafeFieldValue(txtPassWord.Text) + "')");
string redirectUrl = null;
D.DB.ExecuteReader(strsql, new Func<IDataReader, object>(delegate(IDataReader dr)
{
if (dr.Read())
{
UserItem user = new UserItem();
user.UName = SqlHelper.MakeSafeFieldValue(txtUserName.Text);
user.ULevel = (int)dr["ulevel"];
user.UserId = (int) dr["userid"];
Session["UserName"] = user.UName; //SqlHelper.MakeSafeFieldValue(txtUserName.Text);
Session["UserType"] = user.ULevel;
Session["User"] = user;
OKInfo.Text = "登陆成功!!!";
redirectUrl = "CategoriesManage.aspx";
}
else
{
Session["UserName"] = null;
Session["UserType"] =null;
OKInfo.Text = "<font color='red'>用户名或密码错误,登陆不成功!!!</font>";
}
return null;
}));
if (!string.IsNullOrEmpty(redirectUrl))
{
Response.Redirect(redirectUrl);
}
}
protected void GridViewUsers_RowCommand(object sender, GridViewCommandEventArgs e)
{
if (e.CommandName == "AddUser")
{
if (GridViewUsers.FooterRow != null)
{
DAL.Entities.UserItem user = new UserItem();
user.UName = (GridViewUsers.FooterRow.FindControl("TextBoxUserNameFooter") as TextBox).Text.Trim();
user.UPwd = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile((GridViewUsers.FooterRow.FindControl("TextBoxPwdFooter") as TextBox).Text.Trim(), "MD5");
user.ULevel = Convert.ToInt32((GridViewUsers.FooterRow.FindControl("ddlUlevelFooter") as DropDownList).SelectedValue);
user.UText = (GridViewUsers.FooterRow.FindControl("textBoxUtextFooter") as TextBox).Text;
user.UserUpdate = DateTime.Now;
try
{
int rlt = DalHandler.AddUser(user);
if (rlt == 1)
{
RefreshCacheUsers(0, user);
BindGridView(true);
}
else
{
//...
}
}
catch (Exception ex)
{
errorPlace.InnerHtml = ex.Message;
}
}
}
else if (e.CommandName == "DeleteUser")
{
if (e.CommandArgument != null)
{
int userId = Convert.ToInt32(e.CommandArgument);
try
{
int rlt = DalHandler.DeleteUserById(userId);
if (rlt == 1)
{
DataTable dt = Cache["UsersCache"] as DataTable;
foreach (DataRow row in dt.Rows)
{
if (row["userid"].ToString().Equals(userId.ToString(), StringComparison.OrdinalIgnoreCase))
{
row.Delete();
break;
}
}
BindGridView(false);
}
}
catch (Exception ex)
{
errorPlace.InnerText = ex.Message;
}
}
}
}
protected void GridViewUsers_RowUpdating(object sender, GridViewUpdateEventArgs e)
{
try
{
int rowIndex = e.RowIndex;
GridViewRow row = GridViewUsers.Rows[rowIndex];
HiddenField hiddfield = row.FindControl("userIdHiddenField") as HiddenField;
if (hiddfield != null && !string.IsNullOrEmpty(hiddfield.Value))
{
DAL.Entities.UserItem user = new UserItem();
user.UserId = Convert.ToInt32(hiddfield.Value);
user.UName = (row.Cells[1].Controls[1] as TextBox).Text;
user.UPwd = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile((row.Cells[2].Controls[1] as TextBox).Text, "MD5");
user.ULevel = Convert.ToInt32((row.Cells[4].Controls[1] as DropDownList).SelectedValue);
user.UText = (row.Cells[3].Controls[1] as TextBox).Text;
user.UserUpdate = DateTime.Now;
int rlt = DalHandler.UpdateUserById(user);
if (rlt == 1)
{
RefreshCacheUsers(rowIndex, user);
GridViewUsers.EditIndex = -1;
BindGridView(true);
}
}
else
{
BindGridView(true);
}
}
catch (Exception ex)
{
errorPlace.InnerText = ex.Message;
}
}