Exemplo n.º 1
0
    protected void btnAdd_Click(object sender, EventArgs e)
    {
        if (CheckError())
        {
            clsConnect cn  = new clsConnect();
            string     sql = "INSERT INTO menu(menu_title,menu_description,menu_url,menu_valuepath,menu_parent_id, menu_order) " +
                             "VALUES(@menu_title,@menu_description,@menu_url,@menu_valuepath,@menu_parent_id, @menu_order)";


            int      Nparameter = 6;
            string[] name       = new string[Nparameter];
            name[0] = "@menu_valuepath";
            name[1] = "@menu_description";
            name[2] = "@menu_url";
            name[3] = "@menu_title";
            name[4] = "@menu_parent_id";
            name[5] = "@menu_order";
            object[] value = new object[Nparameter];
            value[0] = "";
            if (tremenu.SelectedNode != null)
            {
                value[0] = tremenu.SelectedNode.ValuePath;
            }
            value[1] = txtmenu_description.Text;
            value[2] = txtmenu_url.Text;
            value[3] = txtmenu_name.Text;
            if (Request.QueryString["menu_id"] == null)
            {
                value[4] = 0;
            }
            else
            {
                value[4] = tremenu.SelectedValue;
            }
            value[5] = txtMenuOrder.Text;
            cn.UpdateData(sql, name, value, Nparameter);
            string menu_id = cn.LoadData("SELECT * FROM menu WHERE menu_id IN(SELECT TOP 1(menu_id) FROM menu ORDER BY menu_id desc)").Rows[0][0].ToString();
            value[0] = value[0].ToString() + "/" + menu_id;
            if (Request.QueryString["menu_id"] == null)
            {
                value[0] = menu_id;
            }
            cn.UpdateData("UPDATE menu SET menu_valuepath=@menu_valuepath WHERE menu_id=" + menu_id, name, value, 1);
            cn.close();
            String strURL = "menu.aspx?menu_id=" + menu_id + "&sub_menu=1";
            if (Request.QueryString["menu_id"] != null)
            {
                strURL = "menu.aspx?menu_id=" + Request.QueryString["menu_id"].ToString() + "&sub_menu=1";
            }
            Response.Redirect(strURL);
        }
    }
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        int id = 0;

        try
        {
            id = Convert.ToInt32(Request.QueryString["nhanvien_ma"]);
        }
        catch (Exception ex) { }
        if (Validate(id))
        {
            String sqlText =
                "UPDATE nhanvien SET nhanvien_ten = @nhanvien_ten " +
                "WHERE nhanvien_ma = @nhanvien_ma";
            clsConnect cn         = new clsConnect();
            int        Nparameter = 2;
            string[]   name       = new string[Nparameter];
            object[]   value      = new object[Nparameter];
            name[0]  = "@nhanvien_ten";
            name[1]  = "@nhanvien_ma";
            value[0] = txtTen.Text.Trim();
            value[1] = id;
            cn.UpdateData(sqlText, name, value, Nparameter);
            cn.close();
            String strURL = "sys_employee.aspx?save=1";
            Response.Redirect(strURL);
        }
    }
Exemplo n.º 3
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        int hanghoa_ma = 0;

        try
        {
            hanghoa_ma = Convert.ToInt32(Request.QueryString["service_type_id"]);
        }
        catch (Exception ex) { }
        if (Validate(hanghoa_ma))
        {
            String sqlText =
                "UPDATE service_type SET service_type_name = @service_type_name " +
                "WHERE service_type_id = @service_type_id";
            clsConnect cn         = new clsConnect();
            int        Nparameter = 2;
            string[]   name       = new string[Nparameter];
            object[]   value      = new object[Nparameter];
            name[0]  = "@service_type_name ";
            value[0] = txtTen.Text.ToUpper();
            name[1]  = "@service_type_id";
            value[1] = hanghoa_ma;
            cn.UpdateData(sqlText, name, value, Nparameter);
            cn.close();
            String strURL = "cat_service_type.aspx?save=1";
            Response.Redirect(strURL);
        }
    }
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        int dichvu_ma = 0;

        try
        {
            dichvu_ma = Convert.ToInt32(Request.QueryString["loaidv_id"]);
        }
        catch (Exception ex) { }
        if (Validate(dichvu_ma))
        {
            String sqlText =
                "UPDATE loaidv SET tendv = @tendv " +
                "WHERE loaidv_id = @loaidv_id";
            clsConnect cn         = new clsConnect();
            int        Nparameter = 2;
            string[]   name       = new string[Nparameter];
            object[]   value      = new object[Nparameter];
            name[0]  = "@tendv ";
            value[0] = txtTen.Text;
            name[1]  = "@loaidv_id";
            value[1] = dichvu_ma;
            cn.UpdateData(sqlText, name, value, Nparameter);
            cn.close();
            String strURL = "cat_service.aspx?save=" + txtTen.Text;
            Response.Redirect(strURL);
        }
    }
Exemplo n.º 5
0
    protected void btnSavemenu_Click(object sender, EventArgs e)
    {
        clsConnect cn  = new clsConnect();
        string     sql =
            "update chitietquyen set " +
            "quyen_xem = @quyen_xem, " +
            "quyen_sua = @quyen_sua, " +
            "quyen_them = @quyen_them, " +
            "quyen_xoa = @quyen_xoa " +
            "where quyen_ma=@quyen_ma and menu_id=@menu_id";
        int Nparameter = 6;

        string[] name  = new string[Nparameter];
        object[] value = new object[Nparameter];
        name[0]  = "@quyen_ma";
        name[1]  = "@menu_id";
        name[2]  = "@quyen_xem";
        name[3]  = "@quyen_them";
        name[4]  = "@quyen_sua";
        name[5]  = "@quyen_xoa";
        value[0] = Request.QueryString["quyen_ma"];
        for (int i = 0; i < rptquyenDetail.Items.Count; i++)
        {
            value[1] = ((Label)rptquyenDetail.Items[i].FindControl("lblMenuID")).Text;
            value[2] = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkView")).Checked;
            value[3] = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkAdd")).Checked;
            value[4] = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkEdit")).Checked;
            value[5] = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkDelete")).Checked;
            cn.UpdateData(sql, name, value, Nparameter);
        }
        cn.close();
        Response.Redirect("sys_authority.aspx?quyen_ma=" + Request.QueryString["quyen_ma"]);
    }
Exemplo n.º 6
0
 protected void btnInsert_Click(object sender, EventArgs e)
 {
     if (Validate(0))
     {
         String sqlText =
             "INSERT INTO TaiKhoan(username,password,quyen_ma,nhanvien_ma,tu_donvi,den_donvi) VALUES( " +
             "@user,@password,@quyen_ma,@nhanvien_ma,@tu_donvi,@den_donvi);";
         clsConnect cn         = new clsConnect();
         int        Nparameter = 6;
         string[]   name       = new string[Nparameter];
         object[]   value      = new object[Nparameter];
         name[0]  = "@user";
         name[1]  = "@password";
         name[2]  = "@quyen_ma";
         name[3]  = "@nhanvien_ma";
         name[4]  = "@tu_donvi";
         name[5]  = "@den_donvi";
         value[0] = txtTen.Text.Trim();
         value[1] = txtMatKhau.Text.Trim();
         value[2] = ddlQuyen.Text;
         value[3] = ddlNhanVien.Text;
         value[4] = txtFrom.Text.Trim();
         value[5] = txtTo.Text.Trim();
         cn.UpdateData(sqlText, name, value, Nparameter);
         cn.close();
         String strURL = "sys_sercurity.aspx?add=1";
         Response.Redirect(strURL);
     }
 }
Exemplo n.º 7
0
 protected void btnSave_Click(object sender, EventArgs e)
 {
     if (CheckError())
     {
         clsConnect cn  = new clsConnect();
         string     sql =
             "UPDATE menu SET menu_title = @menu_title, menu_description = @menu_description, " +
             "menu_url= @menu_url, menu_order = @menu_order where menu_id=@menu_id ";
         int      Nparameter = 5;
         string[] name       = new string[Nparameter];
         name[0] = "@menu_title";
         name[1] = "@menu_description";
         name[2] = "@menu_url";
         name[3] = "@menu_id";
         name[4] = "@menu_order";
         object[] value = new object[Nparameter];
         value[0] = txtmenu_name.Text;
         value[1] = txtmenu_description.Text;
         value[2] = txtmenu_url.Text;
         value[3] = Request.QueryString["menu_id"];
         value[4] = txtMenuOrder.Text;
         cn.UpdateData(sql, name, value, Nparameter);
         cn.close();
         Response.Redirect("menu.aspx");
     }
 }
Exemplo n.º 8
0
    private void Delete_Menu(string smenu_ID)
    {
        clsConnect cn      = new clsConnect();
        string     sqlText = "DELETE FROM menu WHERE menu_id = @menu_id ";

        string[] name       = new string[1];
        object[] value      = new object[1];
        int      Nparameter = 1;

        name[0]  = "@menu_id";
        value[0] = smenu_ID;
        cn.UpdateData(sqlText, name, value, Nparameter);
        cn.close();
    }
Exemplo n.º 9
0
    protected void DeleteIDList(String id)
    {
        //room_type table
        String     sqlText    = "DELETE FROM service WHERE service_id = ?service_id";
        clsConnect cn         = new clsConnect();
        int        Nparameter = 1;

        string[] name  = new string[Nparameter];
        object[] value = new object[Nparameter];
        name[0]  = "?service_id";
        value[0] = id;
        cn.UpdateData(sqlText, name, value, Nparameter);
        cn.close();
    }
Exemplo n.º 10
0
    protected void btnDel_Click(object sender, EventArgs e)
    {
        clsConnect cn         = new clsConnect();
        string     sql        = "delete from quyen where quyen_ma=@quyen_ma";
        int        Nparameter = 1;

        string[] name = new string[Nparameter];
        name[0] = "@quyen_ma";
        object[] value = new object[Nparameter];
        value[0] = Request.QueryString["quyen_ma"];
        cn.UpdateData(sql, name, value, Nparameter);
        cn.close();
        Response.Redirect("sys_authority.aspx");
    }
Exemplo n.º 11
0
    protected void DeleteCarBranchList(String sCarBranchID)
    {
        //room_type table
        String     sqlText = "DELETE FROM service_type WHERE service_type_id = @service_type_id";
        clsConnect cn      = new clsConnect();

        string[] name       = new string[1];
        object[] value      = new object[1];
        int      Nparameter = 1;

        name[0]  = "@service_type_id";
        value[0] = sCarBranchID;
        cn.UpdateData(sqlText, name, value, Nparameter);
        cn.close();
    }
Exemplo n.º 12
0
 protected void btnAdd_Click(object sender, EventArgs e)
 {
     if (Check_Error(0))
     {
         clsConnect cn         = new clsConnect();
         string     sql        = "insert into quyen(quyen) values(@quyen)";
         int        Nparameter = 1;
         string[]   name       = new string[Nparameter];
         name[0] = "@quyen";
         object[] value = new object[Nparameter];
         value[0] = txtquyen_ten.Text;
         cn.UpdateData(sql, name, value, Nparameter);
         string quyen_ma = cn.LoadData("select * from quyen WHERE quyen_ma IN(SELECT TOP 1(quyen_ma) FROM quyen ORDER BY quyen_ma DESC)").Rows[0][0].ToString();
         cn.close();
         Response.Redirect("sys_authority.aspx");//?quyen_ma=" + quyen_ma);
     }
 }
Exemplo n.º 13
0
 protected void btnInsert_Click(object sender, EventArgs e)
 {
     if (Validate(0))
     {
         String sqlText =
             "INSERT INTO service_type(service_type_name) VALUES(@service_type_name);";
         clsConnect cn         = new clsConnect();
         int        Nparameter = 1;
         string[]   name       = new string[Nparameter];
         object[]   value      = new object[Nparameter];
         name[0]  = "@service_type_name";
         value[0] = txtTen.Text.ToUpper();
         cn.UpdateData(sqlText, name, value, Nparameter);
         cn.close();
         String strURL = "cat_service_type.aspx?add=" + txtTen.Text;
         Response.Redirect(strURL);
     }
 }
Exemplo n.º 14
0
 protected void btnSave_Click(object sender, EventArgs e)
 {
     if (Check_Error(Convert.ToInt32(Request.QueryString["quyen_ma"])))
     {
         clsConnect cn         = new clsConnect();
         string     sql        = "update quyen set quyen = @quyen_ten where quyen_ma=@quyen_ma";
         int        Nparameter = 2;
         string[]   name       = new string[Nparameter];
         name[0] = "@quyen_ten";
         name[1] = "@quyen_ma";
         object[] value = new object[Nparameter];
         value[0] = txtquyen_ten.Text;
         value[1] = Request.QueryString["quyen_ma"];
         cn.UpdateData(sql, name, value, Nparameter);
         cn.close();
         Response.Redirect("sys_authority.aspx");
     }
 }
 protected void btnInsert_Click(object sender, EventArgs e)
 {
     if (Validate(0))
     {
         String sqlText =
             "INSERT INTO nhanvien(nhanvien_ten) VALUES( " +
             "@nhanvien_ten);";
         clsConnect cn         = new clsConnect();
         int        Nparameter = 1;
         string[]   name       = new string[Nparameter];
         object[]   value      = new object[Nparameter];
         name[0]  = "@nhanvien_ten";
         value[0] = txtTen.Text.Trim();
         cn.UpdateData(sqlText, name, value, Nparameter);
         cn.close();
         String strURL = "sys_employee.aspx?add=1";
         Response.Redirect(strURL);
     }
 }
Exemplo n.º 16
0
    protected void btnDelAll_Click(object sender, EventArgs e)
    {
        clsConnect cn  = new clsConnect();
        string     sql = "delete from quyen where quyen_ma=@quyen_ma";

        for (int i = 0; i < gridauthority.Items.Count; i++)
        {
            bool check = ((CheckBox)gridauthority.Items[i].FindControl("chkDel")).Checked;
            if (check)
            {
                int      Nparameter = 1;
                string[] name       = new string[Nparameter];
                name[0] = "@quyen_ma";
                object[] value = new object[Nparameter];
                value[0] = ((Label)gridauthority.Items[i].FindControl("lblID")).Text;
                cn.UpdateData(sql, name, value, Nparameter);
            }
        }
        cn.close();
        Response.Redirect("sys_authority.aspx");
    }
Exemplo n.º 17
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        int id = 0;

        try
        {
            id = Convert.ToInt32(Request.QueryString["id"]);
        }
        catch (Exception ex) { }
        if (Validate(id))
        {
            String sqlText =
                "UPDATE TaiKhoan SET username = @username,password=@password,nhanvien_ma=@nhanvien_ma, " +
                " quyen_ma=@quyen_ma,tu_donvi=@tu_donvi,den_donvi=@den_donvi " +
                "WHERE id = @id";
            clsConnect cn         = new clsConnect();
            int        Nparameter = 7;
            string[]   name       = new string[Nparameter];
            object[]   value      = new object[Nparameter];
            name[0]  = "@username";
            name[1]  = "@password";
            name[2]  = "@quyen_ma";
            name[3]  = "@nhanvien_ma";
            name[4]  = "@tu_donvi";
            name[5]  = "@den_donvi";
            name[6]  = "@id";
            value[0] = txtTen.Text.Trim();
            value[1] = txtMatKhau.Text.Trim();
            value[2] = ddlQuyen.Text;
            value[3] = ddlNhanVien.Text;
            value[4] = txtFrom.Text.Trim();
            value[5] = txtTo.Text.Trim();
            value[6] = id;
            cn.UpdateData(sqlText, name, value, Nparameter);
            cn.close();
            String strURL = "sys_sercurity.aspx?save=1";
            Response.Redirect(strURL);
        }
    }
Exemplo n.º 18
0
    protected void btnDelAllmenu_Click(object sender, EventArgs e)
    {
        clsConnect cn  = new clsConnect();
        string     sql = "delete from chitietquyen where quyen_ma=@quyen_ma and menu_id=@menu_id";

        for (int i = 0; i < rptquyenDetail.Items.Count; i++)
        {
            bool check = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkSelect")).Checked;
            if (check)
            {
                int      Nparameter = 2;
                string[] name       = new string[Nparameter];
                name[0] = "@quyen_ma";
                name[1] = "@menu_id";
                object[] value = new object[Nparameter];
                value[0] = Request.QueryString["quyen_ma"];
                value[1] = ((Label)rptquyenDetail.Items[i].FindControl("lblMenuID")).Text;
                cn.UpdateData(sql, name, value, Nparameter);
            }
        }
        cn.close();
        Response.Redirect("sys_authority.aspx?quyen_ma=" + Request.QueryString["quyen_ma"]);
    }
Exemplo n.º 19
0
    private void deletemenu(string menu_id)
    {
        clsConnect cn         = new clsConnect();
        string     sql        = "DELETE FROM menu WHERE menu_id = @menu_id";
        int        Nparameter = 1;

        string[] name = new string[Nparameter];
        name[0] = "@menu_id";
        object[] value = new object[Nparameter];
        value[0] = menu_id;
        cn.UpdateData(sql, name, value, Nparameter);
        sql = "SELECT menu_id FROM menu where menu_parent_id = @menu_id";
        DataTable dt = cn.LoadData(sql, name, value, Nparameter);

        if (dt.Rows.Count > 0)
        {
            foreach (DataRow row in dt.Rows)
            {
                deletemenu(row[0].ToString());
            }
        }
        cn.close();
    }
    protected void btnSave_Click(object sender, EventArgs e)
    {
        if (!SearchPassword())
        {
            return;
        }
        clsConnect cn        = new clsConnect();
        string     sql       = "UPDATE taikhoan SET password=@password WHERE nhanvien_ma=@nhanvien_ma";
        int        parameter = 2;

        string[] name  = new string[parameter];
        object[] value = new object[parameter];
        name[0]  = "@password";
        name[1]  = "@nhanvien_ma";
        value[0] = txtPassWordNew.Text.Trim();
        value[1] = Session["nhanvien_ma"].ToString();
        cn.UpdateData(sql, name, value, parameter);
        cn.close();
        lblMsg.Text           = "Bạn đã đổi mật khẩu thành công!";
        lblMsg.ForeColor      = System.Drawing.Color.Blue;
        txtPassWord.Text      = "";
        txtPassWordNew.Text   = "";
        txtPassWordReNew.Text = "";
    }
Exemplo n.º 21
0
    protected void btnUpdate_Click1(object sender, EventArgs e)
    {
        if (ddlServiceType.Text != "")
        {
            clsConnect cn         = new clsConnect();
            int        Nparameter = 11;
            string[]   name       = new string[Nparameter];
            object[]   value      = new object[Nparameter];
            string     sql        = "";
            //upload file vao thu muc thuvien/taptin
            //try
            //{
            if (FileUpLoad1.FileName != "")
            {
                string path = Server.MapPath("~/thuvien/taptin/") + FileUpLoad1.FileName;
                FileUpLoad1.SaveAs(path);
                Nparameter = 11;
                sql        = "UPDATE information SET service_id=?service_id,title=?title,date_post=?date_post,human_post=?human_post,source_link=?source_link, " +
                             "content=?content,heading_text=?heading_text,file=?file,status_id=?status_id , id=?id " +
                             "WHERE information_id=?information_id";

                name[0]  = "?service_id";
                name[1]  = "?title";
                name[2]  = "?date_post";
                name[3]  = "?human_post";
                name[4]  = "?source_link";
                name[5]  = "?content";
                name[6]  = "?heading_text";
                name[7]  = "?file";
                name[8]  = "?status_id";
                name[9]  = "?information_id";
                name[10] = "?id";
                value[0] = ddlService.Text;
                value[1] = txtTitle.Text.Trim();
                value[2] = DateTime.Now;
                value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
                value[4] = txtSource.Text.Trim();
                value[5] = txtContent.Value;
                value[6] = lblHeadingText.Text.Trim();
                value[7] = FileUpLoad1.FileName;
                //lay id chuyen muc, gan cho trang thai
                if (rbtChoise.SelectedValue == "0")
                {
                    value[8] = "0";
                }
                if (rbtChoise.SelectedValue == "1")
                {
                    value[8] = "1";
                }
                if (rbtChoise.SelectedValue == "2")
                {
                    value[8] = "2";
                }
                value[9]  = Request.QueryString["content_id"];
                value[10] = ddlMon.SelectedIndex.ToString();
                cn.UpdateData(sql, name, value, Nparameter);
            }
            else
            {
                Nparameter = 9;
                sql        = "UPDATE information SET service_id=?service_id,title=?title,date_post=?date_post,human_post=?human_post,source_link=?source_link, " +
                             "content=?content,heading_text=?heading_text,status_id=?status_id " +
                             "WHERE information_id=?information_id";

                name[0]  = "?service_id";
                name[1]  = "?title";
                name[2]  = "?date_post";
                name[3]  = "?human_post";
                name[4]  = "?source_link";
                name[5]  = "?content";
                name[6]  = "?heading_text";
                name[7]  = "?status_id";
                name[8]  = "?information_id";
                value[0] = ddlService.Text;
                value[1] = txtTitle.Text.Trim();
                value[2] = DateTime.Now;
                value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
                value[4] = txtSource.Text.Trim();
                value[5] = txtContent.Value;
                value[6] = lblHeadingText.Text.Trim();
                //lay id chuyen muc, gan cho trang thai
                if (rbtChoise.SelectedValue == "0")
                {
                    value[7] = "0";
                }
                if (rbtChoise.SelectedValue == "1")
                {
                    value[7] = "1";
                }
                if (rbtChoise.SelectedValue == "2")
                {
                    value[7] = "2";
                }
                value[8] = Request.QueryString["content_id"];
                cn.UpdateData(sql, name, value, Nparameter);
            }
            cn.close();
            Response.Redirect("web_send.aspx");
        }
    }
Exemplo n.º 22
0
    void UploadTinGioithieu()
    {
        clsConnect cn         = new clsConnect();
        int        Nparameter = 10;

        string[] name  = new string[Nparameter];
        object[] value = new object[Nparameter];
        string   sql   = "";

        //upload file vao thu muc thuvien/taptin
        //try
        //{
        if (FileUpLoad1.FileName != "")
        {
            string path = Server.MapPath("~/thuvien/taptin/") + FileUpLoad1.FileName;
            FileUpLoad1.SaveAs(path);
            Nparameter = 10;
            sql        = "INSERT INTO information(service_id,title,date_post,human_post,source_link,content,heading_text,file,status_id,id)VALUES( " +
                         "?service_id,?title,?date_post,?human_post,?source_link,?content,?heading_text,?file,?status_id,?id)";

            name[0]  = "?service_id";
            name[1]  = "?title";
            name[2]  = "?date_post";
            name[3]  = "?human_post";
            name[4]  = "?source_link";
            name[5]  = "?content";
            name[6]  = "?heading_text";
            name[7]  = "?file";
            name[8]  = "?status_id";
            name[9]  = "?id";
            value[0] = ddlService.Text;
            value[1] = txtTitle.Text.Trim();
            value[2] = DateTime.Now;
            value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
            value[4] = txtSource.Text.Trim();
            value[5] = txtContent.Value;
            value[6] = lblHeadingText.Text.Trim();
            value[7] = FileUpLoad1.FileName;
            //lay id chuyen muc, gan cho trang thai
            if (rbtChoise.SelectedValue == "0")
            {
                value[8] = "0";
            }
            if (rbtChoise.SelectedValue == "1")
            {
                value[8] = "1";
            }
            if (rbtChoise.SelectedValue == "2")
            {
                value[8] = "2";
            }
            value[9] = ddlMon.SelectedIndex.ToString();
            cn.UpdateData(sql, name, value, Nparameter);
        }
        else
        {
            Nparameter = 9;
            sql        = "INSERT INTO information(service_id,title,date_post,human_post,source_link,content,heading_text,status_id,id)VALUES( " +
                         "?service_id,?title,?date_post,?human_post,?source_link,?content,?heading_text,?status_id,?id)";

            name[0]  = "?service_id";
            name[1]  = "?title";
            name[2]  = "?date_post";
            name[3]  = "?human_post";
            name[4]  = "?source_link";
            name[5]  = "?content";
            name[6]  = "?heading_text";
            name[7]  = "?status_id";
            name[8]  = "?id";
            value[0] = ddlService.Text;
            value[1] = txtTitle.Text.Trim();
            value[2] = DateTime.Now;
            value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
            value[4] = txtSource.Text.Trim();
            value[5] = txtContent.Value;
            value[6] = lblHeadingText.Text.Trim();
            if (rbtChoise.SelectedValue == "0")
            {
                value[7] = "0";
            }
            if (rbtChoise.SelectedValue == "1")
            {
                value[7] = "1";
            }
            if (rbtChoise.SelectedValue == "2")
            {
                value[7] = "2";
            }
            value[8] = ddlMon.SelectedIndex.ToString();
            cn.UpdateData(sql, name, value, Nparameter);
        }
        cn.close();
    }
Exemplo n.º 23
0
 private void insertmenu(TreeNode node, clsConnect cn)
 {
     if (node.ChildNodes.Count == 0)
     {
         if (node.Checked)
         {
             string sql =
                 "select * from chitietquyen,menu where chitietquyen.menu_id=menu.menu_id " +
                 "and quyen_ma=@quyen_ma and menu.menu_id=@menu_id";
             int      Nparameter = 2;
             string[] name       = new string[Nparameter];
             name[0] = "@quyen_ma";
             name[1] = "@menu_id";
             object[] value = new object[Nparameter];
             value[0] = Request.QueryString["quyen_ma"];
             value[1] = node.Value;
             if (cn.LoadData(sql, name, value, Nparameter).Rows.Count == 0)
             {
                 sql = "insert into chitietquyen(quyen_ma,menu_id) values(@quyen_ma,@menu_id)";
                 cn.UpdateData(sql, name, value, Nparameter);
             }
         }
     }
     else
     {
         if (node.Checked)
         {
             string sql =
                 "select * from chitietquyen,menu where chitietquyen.menu_id=menu.menu_id " +
                 "and quyen_ma=@quyen_ma and menu.menu_id=@menu_id";
             int      Nparameter = 2;
             string[] name       = new string[Nparameter];
             name[0] = "@quyen_ma";
             name[1] = "@menu_id";
             object[] value = new object[Nparameter];
             value[0] = Request.QueryString["quyen_ma"];
             value[1] = node.Value;
             if (cn.LoadData(sql, name, value, Nparameter).Rows.Count == 0)
             {
                 sql = "insert into chitietquyen(quyen_ma,menu_id) values(@quyen_ma,@menu_id)";
                 cn.UpdateData(sql, name, value, Nparameter);
             }
         }
         foreach (TreeNode nodechild in node.ChildNodes)
         {
             if (nodechild.ChildNodes.Count == 0)
             {
                 if (nodechild.Checked)
                 {
                     string sql = "select * from chitietquyen,menu where chitietquyen.menu_id=menu.menu_id " +
                                  "and quyen_ma=@quyen_ma and menu.menu_id=@menu_id";
                     int      Nparameter = 2;
                     string[] name       = new string[Nparameter];
                     name[0] = "@quyen_ma";
                     name[1] = "@menu_id";
                     object[] value = new object[Nparameter];
                     value[0] = Request.QueryString["quyen_ma"];
                     value[1] = nodechild.Value;
                     if (cn.LoadData(sql, name, value, Nparameter).Rows.Count == 0)
                     {
                         sql = "insert into chitietquyen(quyen_ma,menu_id) values(@quyen_ma,@menu_id)";
                         cn.UpdateData(sql, name, value, Nparameter);
                     }
                 }
             }
             else
             {
                 insertmenu(nodechild, cn);
             }
         }
     }
 }