//修改密码
private void button_add_Click(object sender, EventArgs e)
{
if (CValidateTools.isNull(textBox_oldPwd.Text))
{
CValidateTools.showError("请输入旧密码");
return;
}
if (CValidateTools.isNull(textBox_new1.Text))
{
CValidateTools.showError("请输入新密码");
return;
}
if (textBox_new1.Text != textBox_new2.Text)
{
CValidateTools.showError("二次密码输入不一致");
return;
}
//查询此用户的旧密码是否正确
string str = "select * from userInfo where AdmName = '#username' and AdmPwd = '#pwd' ";
str = str.Replace("#username", m_usname);
str = str.Replace("#pwd", textBox_oldPwd.Text);
ADOHelper db = new ADOHelper();
if (!db.ExecuteRead(str).HasRows)
{
CValidateTools.showError("旧密码不正确,无法修改新密码");
return;
}
//替换新密码
string strUpdate = "update userInfo set AdmPwd = '#pwd' where admName = '#admName' ";
strUpdate = strUpdate.Replace("#admName", m_usname).Replace("#pwd", textBox_new1.Text);
bool result = false;
try
{
ADOHelper db1 = new ADOHelper();
result = db1.ExecuteUpdate(strUpdate);
}
catch (Exception ex)
{
CValidateTools.showError(ex.Message);
return;
}
if (result)
CValidateTools.showOK("密码重置成功!");
}
private bool checkLogin()
{
//防止sql注入 类似 where user='******' and pwd ='123' or 'a' = 'a'
if (textBox_uname.Text.IndexOf(" ") > 0 || textBox_upwd.Text.IndexOf(" ") > 0)
{
return false;
}
//ADOHelper db = new ADOHelper();
string str = m_strLoginStr;
str = str.Replace("#username", textBox_uname.Text);
str = str.Replace("#pwd", textBox_upwd.Text);
try
{
ADOHelper db = new ADOHelper();
OleDbDataReader result = db.ExecuteRead(str);
if (!result.HasRows)
{
return false;
}
while (result.Read())//保存全局用户信息
{
ClassGlobalUserInfo.cName = result["cName"].ToString();
ClassGlobalUserInfo.amdName = result["AdmName"].ToString();
ClassGlobalUserInfo.userNumber = result["userNumber"].ToString();
ClassGlobalUserInfo.roleID = result["roleID"].ToString();
ClassGlobalUserInfo.depId = result["depId"].ToString();
ClassGlobalUserInfo.depCId = result["depCId"].ToString();
}
}
catch (Exception se)
{
CValidateTools.showError(se.ToString());
return false;
}
return true;
}
//添加用户
private void button_add_Click(object sender, EventArgs e)
{
if (!checkValide())
return;
//格式化数据
string sid = textBox_id.Text;
string admName = textBox_name.Text;
string cName = textBox_cname.Text;
int roleID = int.Parse(comboBox_role.SelectedValue.ToString());
int depID = int.Parse(comboBox_dep.SelectedValue.ToString());
//查询记录中是否已经有相同记录
string queryString = "select * from userInfo where userNumber = '#user1' or AdmName = '#aname' ";
string str1 = queryString.Replace("#user1", sid);
str1 = str1.Replace("#aname", admName);
ADOHelper db = new ADOHelper();
if (db.ExecuteRead(str1).HasRows)
{
MessageBox.Show("编号或用户名已存在", "错误", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
//插入新用户
string insertString = "insert into userInfo (admname,usernumber,admpwd,roleid,depcid,depid,cname) values( '#admName', '#userNum', '#pwd', #roleID, #depCID, #depID, '#cName' )";
string str = insertString.Replace("#admName", admName);
str = str.Replace("#userNum", sid);
str = str.Replace("#pwd", "888888");
str = str.Replace("#userNum", sid);
str = str.Replace("#roleID", roleID.ToString());
str = str.Replace("#depCID", DevTools.getDepartmentId());//默认用2,2为交管局,1为公安局
str = str.Replace("#depID", depID.ToString());
str = str.Replace("#cName", cName);
if (db.ExecuteUpdate(str))
{
CValidateTools.showOK("添加用户成功");
clearControlData();//清除录入数据
}
else
{
CValidateTools.showError("添加用户失败");
}
}