//用户注册
public bool AddUser(Model.User ur)
{
bool flag = false;
DataTable dt = new DataTable();
IDataParameter[] parameter =
{
new SqlParameter("@username", SqlDbType.VarChar, 10)
};
parameter[0].Value = ur.Username;
dt = pr.GetDataTable("AddUser", parameter);
if (dt.Rows.Count > 0)
{
return(flag);
}
else
{
IDataParameter[] parameter1 =
{
new SqlParameter("@email", SqlDbType.VarChar, 50),
new SqlParameter("@username", SqlDbType.VarChar, 10),
new SqlParameter("@pwd", SqlDbType.VarChar, 20),
new SqlParameter("@role", SqlDbType.VarChar, 6)
};
parameter1[0].Value = ur.Email;
parameter1[1].Value = ur.Username;
parameter1[2].Value = ur.Pwd;
parameter1[3].Value = "用户";
pr.ExcutePro("AddUser1", parameter1);
flag = true;
return(flag);
}
//string SQL1 = "select * from [user] where username='******'";
//dt = db.SQLGetDataTable(SQL1);
//if (dt.Rows.Count > 0)
//{
// return flag;
//}
//else
//{
// string ConnString = ConfigurationManager.ConnectionStrings["ConnString"].ToString();
// SqlConnection conn = new SqlConnection(ConnString);
// string SQL2 = "insert into [user](email,username,pwd,role)"
// + "values('" + ur.Email + "','" + ur.Username + "','" + ur.Pwd + "','用户')";
// SqlCommand cmd2 = new SqlCommand(SQL2, conn);
// conn.Open();
// cmd2.ExecuteNonQuery();
// conn.Close();
// flag = true;
// return flag;
//}
}
//登陆
public bool Login(Model.User user)
{
string SQL = "select * from news_user where username='******'";
DataSet ds = DBHelper.GetDataSet(SQL);
if (ds.Tables[0].Rows.Count > 0)
{
return(true);
}
else
{
return(false);
}
}
//登录时数据的返回
public DataTable LoginRecord(Model.User ur)
{
DataTable dt = new DataTable();
IDataParameter[] parameter =
{
new SqlParameter("@username", SqlDbType.VarChar, 10),
new SqlParameter("@pwd", SqlDbType.VarChar, 20)
};
parameter[0].Value = ur.Username;
parameter[1].Value = ur.Pwd;
dt = pr.GetDataTable("Login", parameter);
return(dt);
}
//用户更新密码
public bool Updatepwd(Model.User user)
{
string SQL = "update news_user set password='******' where username='******'";
bool iRet = DBHelper.ExecSql(SQL);
if (iRet)
{
return(true);
}
else
{
HttpContext.Current.Response.Write("<script>alert('修改密码失败,请重试');</script>");
return(false);
}
}
//更新用户信息
public bool Updateinfo(Model.User user)
{
string SQL = "update news_user set email='" + user.email + "',realname='" + user.realname + "' where username='******'";
bool iRet = DBHelper.ExecSql(SQL);
if (iRet)
{
return(true);
}
else
{
HttpContext.Current.Response.Write("<script>alert('修改信息失败,请重试');</script>");
return(false);
}
}
//查找用户的方法,返回User类型
public Model.User findUser(string account)
{
Model.User user = new Model.User();
string sql = "SELECT * FROM [login_demo].[dbo].[user] WHERE [account]= '" + account + "'";
//通过DBUtil类查询并返回结果到DataTable中
DataTable dataTable = DBUtil.SQLConnect(sql);
if (dataTable.Rows.Count > 0)
{
//从DataTable中获取账号密码.
user.account = dataTable.Rows[0]["account"].ToString().Trim();
user.pwd = dataTable.Rows[0]["pwd"].ToString().Trim();
}
return(user);
}
//删除用户
public bool DelUser(Model.User user)
{
string SQL = "DELETE from news_user where id='" + user.id + "'";
bool iRet = DBHelper.ExecSql(SQL);
if (iRet)
{
HttpContext.Current.Response.Write("<script>alert('删除成功');location.href='user_management.aspx'</script>");
return(true);
}
else
{
HttpContext.Current.Response.Write("<script>alert('删除失败,请重试');</script>");
return(false);
}
}
//重置用户密码
public bool UpdateUser(Model.User user)
{
string SQL = "update news_user set password='******' where id='" + user.id + "'";
bool iRet = DBHelper.ExecSql(SQL);
if (iRet)
{
// HttpContext.Current.Response.Write("<script>alert('重置密码成功,新密码为:123456');location.href='user_management.aspx'</script>");
return(true);
}
else
{
HttpContext.Current.Response.Write("<script>alert('重置密码失败,请重试');</script>");
return(false);
}
}
//搜索某个指定的用户
public DataTable point_searchUser(Model.User u)
{
DataTable dt = new DataTable();
IDataParameter[] parameter =
{
new SqlParameter("@username", SqlDbType.VarChar, 10)
};
parameter[0].Value = u.Username;
dt = pr.GetDataTable("point_searchUser", parameter);
return(dt);
//string SQL = "select * from [user] where username='******'";
//dt = db.SQLGetDataTable(SQL);
//return dt;
}
/// <summary>
/// 更新用户密码
/// </summary>
/// <param name="mu"></param>
/// <returns></returns>
public bool updatePwd(Model.User mu)
{
string sql = "UPDATE dbo.tb_User ";
sql += "SET pass = @userpwd ";
sql += "WHERE id = @userid ";
SqlParameter[] paras =
{
new SqlParameter("@userpwd", mu.Password),
new SqlParameter("@userid", mu.UserID)
};
int retval = SqlHelper.ExecuteNonQuery(con, CommandType.Text, sql, paras);
return(retval == 1);
}
//登录
public bool Login(Model.User ur)
{
bool flag = false;
DataTable dt = new DataTable();
IDataParameter[] parameter =
{
new SqlParameter("@username", SqlDbType.VarChar, 10),
new SqlParameter("@pwd", SqlDbType.VarChar, 20)
};
parameter[0].Value = ur.Username;
parameter[1].Value = ur.Pwd;
dt = pr.GetDataTable("login", parameter);
if (dt.Rows.Count > 0)
{
flag = true;
}
return(flag);
}
//查询用户信息
public bool QueryUser(Model.User user)
{
string SQL = "select * from news_user where id ='" + user.id + "'";
DataSet ds = DBHelper.GetDataSet(SQL);
if (ds.Tables[0].Rows.Count > 0)
{
user.id = ds.Tables[0].Rows[0][0].ToString();
user.username = ds.Tables[0].Rows[0][1].ToString();
user.password = ds.Tables[0].Rows[0][2].ToString();
user.email = ds.Tables[0].Rows[0][3].ToString();
user.realname = ds.Tables[0].Rows[0][4].ToString();
return(true);
}
else
{
return(false);
}
}
/// <summary>
/// 获取单个管理员信息
/// </summary>
/// <param name="Id"></param>
/// <returns></returns>
public Model.User GetUser(int Id)
{
Model.User user = new Model.User();
SqlConnection co = SQLSeverOpen();
SqlCommand cmd = new SqlCommand();
cmd.Connection = co;
cmd.CommandText = "select * from T_Base_User where Id = " + Id;
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
user.Id = Convert.ToInt32(reader["Id"]);
user.UserName = Convert.ToString(reader["UserName"]);
user.UserPWD = Convert.ToString(reader["UserPWD"]);
}
reader.Close();
co.Close();
return(user);
}
// ----------------------------------------------------------------------------------
// Added by Edward Chan.
/// <summary>
/// 添加用户
/// </summary>
/// <param name="mu"></param>
/// <returns></returns>
public bool addUser(Model.User mu)
{
string sql = "INSERT INTO dbo.tb_User ( id, name, pass, role, state, comm ) ";
sql += "VALUES ( @userid, @username, @userpwd, @userrole, @userstate, @usercomm ) ";
SqlParameter[] paras =
{
new SqlParameter("@userid", mu.UserID),
new SqlParameter("@userpwd", mu.Password),
new SqlParameter("@username", mu.UserName),
new SqlParameter("@userrole", mu.UserRole),
new SqlParameter("@userstate", mu.UserState),
new SqlParameter("@usercomm", mu.UserComment)
};
int retval = SqlHelper.ExecuteNonQuery(con, CommandType.Text, sql, paras);
return(retval == 1);
}
/// <summary>
/// 检查教师登录信息
/// </summary>
/// <param name="RoleId"></param>
/// <param name="SchoolId"></param>
/// <param name="LoginName"></param>
/// <param name="Password"></param>
/// <returns></returns>
public Model.Teacher CheckTeacher(int RoleId, int SchoolId, string LoginName, string Password)
{
SqlConnection co = SQLSeverOpen();
SqlCommand cmd = new SqlCommand();
cmd.Connection = co;
cmd.CommandText = "select * from T_Base_Teacher where SchoolId = " + SchoolId +
" and TeacherWorkNum = '" + LoginName + "' and TeacherPWD = '" + Password + "' and RoleId = " + RoleId;
SqlDataReader reader = cmd.ExecuteReader();
int result = 0;
Model.Teacher teacher = new Model.Teacher();
Model.User user = new Model.User();
int roleId = -1;
while (reader.Read())
{
result++;
teacher.Id = Convert.ToInt32(reader["Id"]);
teacher.TeacherName = Convert.ToString(reader["TeacherName"]);
teacher.TeacherWorkNum = Convert.ToString(reader["TeacherWorkNum"]);
teacher.TeacherPWD = Convert.ToString(reader["TeacherPWD"]);
teacher.SchoolId = Convert.ToInt32(reader["SchoolId"]);
teacher.IsLeader = Convert.ToInt32(reader["IsLeader"]);
teacher.Sex = Convert.ToInt32(reader["Sex"]);
teacher.CourseId = Convert.ToInt32(reader["CourseId"]);
teacher.RoleId = Convert.ToInt32(reader["RoleId"]);
roleId = Convert.ToInt32(reader["RoleId"]);
}
reader.Close();
co.Close();
if (result == 1)
{
return(teacher);
}
else
{
teacher.RoleId = -1;
return(teacher);
}
}
/// <summary>
/// 更新用户
/// </summary>
/// <param name="mu"></param>
/// <returns></returns>
public bool updateUser(Model.User mu)
{
string sql = "UPDATE dbo.tb_User ";
sql += "SET name = @username, role = @userrole, state = @userstate ";
sql += "WHERE id = @userid ";
SqlParameter[] paras =
{
new SqlParameter("@username", mu.UserName),
//new SqlParameter("@userpwd", mu.Password),
new SqlParameter("@userrole", mu.UserRole),
new SqlParameter("@userstate", mu.UserState),
//new SqlParameter("@usercomm", mu.UserComment),
new SqlParameter("@userid", mu.UserID)
};
int retval = SqlHelper.ExecuteNonQuery(con, CommandType.Text, sql, paras);
return(retval == 1);
}
/// <summary>
/// 得到一个对象实体
/// </summary>
public Model.User GetModel(int Id)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("select top 1 Id,LoginId,LoginPwd,Name,Address,Phone,Mail,UserStateId from Users ");
strSql.Append(" where Id=@Id ");
SqlParameter[] parameters =
{
new SqlParameter("@Id", SqlDbType.Int, 4)
};
parameters[0].Value = Id;
Model.User model = new Model.User();
DataSet ds = DbHelperSQL.Query(strSql.ToString(), parameters);
if (ds.Tables[0].Rows.Count > 0)
{
if (ds.Tables[0].Rows[0]["Id"].ToString() != "")
{
model.Id = int.Parse(ds.Tables[0].Rows[0]["Id"].ToString());
}
model.LoginId = ds.Tables[0].Rows[0]["LoginId"].ToString();
model.LoginPwd = ds.Tables[0].Rows[0]["LoginPwd"].ToString();
model.Name = ds.Tables[0].Rows[0]["Name"].ToString();
model.Address = ds.Tables[0].Rows[0]["Address"].ToString();
model.Phone = ds.Tables[0].Rows[0]["Phone"].ToString();
model.Mail = ds.Tables[0].Rows[0]["Mail"].ToString();
if (ds.Tables[0].Rows[0]["UserStateId"].ToString() != "")
{
int UserStateId = int.Parse(ds.Tables[0].Rows[0]["UserStateId"].ToString());
model.UserState = userStateServices.GetModel(UserStateId);
}
return(model);
}
else
{
return(null);
}
}
/// <summary>
/// 增加一条数据
/// </summary>
public int Add(Model.User model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("insert into Users(");
strSql.Append("LoginId,LoginPwd,Name,Address,Phone,Mail,UserStateId)");
strSql.Append(" values (");
strSql.Append("@LoginId,@LoginPwd,@Name,@Address,@Phone,@Mail,@UserStateId)");
strSql.Append(";select @@IDENTITY");
SqlParameter[] parameters =
{
new SqlParameter("@LoginId", SqlDbType.NVarChar, 50),
new SqlParameter("@LoginPwd", SqlDbType.NVarChar, 50),
new SqlParameter("@Name", SqlDbType.NVarChar, 50),
new SqlParameter("@Address", SqlDbType.NVarChar, 200),
new SqlParameter("@Phone", SqlDbType.NVarChar, 100),
new SqlParameter("@Mail", SqlDbType.NVarChar, 100),
new SqlParameter("@UserStateId", SqlDbType.Int, 4)
};
parameters[0].Value = model.LoginId;
parameters[1].Value = model.LoginPwd;
parameters[2].Value = model.Name;
parameters[3].Value = model.Address;
parameters[4].Value = model.Phone;
parameters[5].Value = model.Mail;
parameters[6].Value = model.UserState.Id;
object obj = DbHelperSQL.GetSingle(strSql.ToString(), parameters);
if (obj == null)
{
return(1);
}
else
{
return(Convert.ToInt32(obj));
}
}
/// <summary>
/// 获取全部的角色
/// </summary>
/// <returns></returns>
public List <Model.User> GetRole()
{
List <Model.User> list = new List <Model.User>();
SqlConnection co = SQLSeverOpen();
SqlCommand cmd = new SqlCommand();
cmd.Connection = co;
cmd.CommandText = "select * from T_Base_Role";
SqlDataReader reader = cmd.ExecuteReader();
while (reader.Read())
{
Model.User user = new Model.User();
user.RoleId = Convert.ToInt32(reader["Id"]);
user.RoleName = Convert.ToString(reader["RoleName"]);
user.Memo = Convert.ToString(reader["Memo"]);
list.Add(user);
}
reader.Close();
co.Close();
return(list);
}
private void OnAddUserCommand()
{
if (!ValidateProperties())
{
return;
}
var user = new User
{
Name = Login,
};
if (IsPasswordSet)
{
SaltedHash saltedHash = new SaltedHash(Password);
user.IsPasswordSet = true;
user.Hash = saltedHash.Hash;
user.Salt = saltedHash.Salt;
}
var asset = new Asset
{
Name = DefaultAssetName,
User = user
};
using (var uow = new UnitOfWork())
{
uow.UserRepository.Insert(user);
uow.AssetRepository.Insert(asset);
uow.Commit();
}
Users.Add(UserModel.Convert(user));
ClearCredentials();
}
/// <summary>
/// 添加用户信息
/// </summary>
/// <param name="user">用户对象</param>
/// <returns>添加结果</returns>
public int IsertUser(Model.User user)
{
return(DbHelpe.ExecQuery(
"Insert into [User]" +
"(UserID,[UName],[LoginInfio],[pwd],[Genter],[Nation],[Phone],[Email],[Identity],[Address],[LanguageID],[LastLogDate],[State]) values ('" + user.UserID + "','" + user.UName + "','" + user.LoginInfo + "','" + user.pwd + "','" + user.Gender + "','" + user.Nation + "','" + user.Phone + "','" + user.Email + "','" + user.Identity + "','" + user.Address + "','" + user.LanguageID + "','" + user.LastLogDate + "','" + user.State + "',)"));
}
/// <summary>
/// 更新用户信息
/// </summary>
/// <param name="user">用户对象</param>
/// <returns>更新结果</returns>
public int UpdateUser(Model.User user)
{
string sql = "Update [User] set[State]=0";
if (!string.IsNullOrEmpty(user.UName))
{
sql += ",[UName]='" + user.UName + "'";
}
if (!string.IsNullOrEmpty(user.LoginInfo))
{
sql += ",[LoginInfo]='" + user.LoginInfo + "'";
}
if (!string.IsNullOrEmpty(user.pwd))
{
sql += ",[pwd]='" + user.pwd + "'";
}
if (!string.IsNullOrEmpty(user.Nation))
{
sql += ",[Nation]='" + user.Nation + "'";
}
if (!string.IsNullOrEmpty(user.Phone))
{
sql += ",[Phone]='" + user.Phone + "'";
}
if (!string.IsNullOrEmpty(user.Email))
{
sql += ",[Email]='" + user.Email + "'";
}
if (!string.IsNullOrEmpty(user.Identity))
{
sql += ",[Identity]='" + user.Identity + "'";
}
if (!string.IsNullOrEmpty(user.Address))
{
sql += ",[Address]='" + user.Address + "'";
}
if (!string.IsNullOrEmpty(user.LanguageID))
{
sql += ",[LanguageID]='" + user.LanguageID + "'";
}
if (user.LastLogDate.Year > 1)
{
sql += ",[LastLogDate]='" + user.LastLogDate + "'";
}
if (!string.IsNullOrEmpty(user.State))
{
sql += ",[State]='" + user.State + "'";
}
sql += " where [UserID]='" + user.UserID + "'";
return(DbHelpe.ExecQuery(sql));
}