public int MyDatabaseMethod(string strLoginID, string strUserName, string strUserPwd, string strUserSex, string strBirthday, string strDeptID, string strJobID, string strTelephone, string strCertType, string strCertNum, string strLoginIP, int intUserType, int intUserState, int intJudgeUser, int intJudgeTestType, int intRoleMenu, int intCreateUserID, DateTime dtmCreateDate, byte[] imgbin)
{
string strConn = "";
string strSql = "";
PublicFunction ObjFun = new PublicFunction();
strConn = ConfigurationSettings.AppSettings["strConn"];
SqlConnection ObjConn = new SqlConnection(strConn);
strSql = "Insert into UserInfo(LoginID,UserName,UserPwd,UserSex,Birthday,DeptID,JobID,Telephone,CertType,CertNum,LoginIP,UserType,UserState,JudgeUser,JudgeTestType,RoleMenu,CreateUserID,CreateDate,UserPhoto) Values (@TmpLoginID,@TmpUserName,@TmpUserPwd,@TmpUserSex,@TmpBirthday,@TmpDeptID,@TmpJobID,@TmpTelephone,@TmpCertType,@TmpCertNum,@TmpLoginIP,@TmpUserType,@TmpUserState,@TmpJudgeUser,@TmpJudgeTestType,@TmpRoleMenu,@TmpCreateUserID,@TmpCreateDate,@TmpUserPhoto)";
SqlCommand ObjCmd = new SqlCommand(strSql, ObjConn);
//帐号
SqlParameter ParamLoginID = new SqlParameter("@TmpLoginID", SqlDbType.VarChar, 20);
ParamLoginID.Value = strLoginID;
ObjCmd.Parameters.Add(ParamLoginID);
//姓名
SqlParameter ParamUserName = new SqlParameter("@TmpUserName", SqlDbType.VarChar, 20);
ParamUserName.Value = strUserName;
ObjCmd.Parameters.Add(ParamUserName);
//密码
SqlParameter ParamUserPwd = new SqlParameter("@TmpUserPwd", SqlDbType.VarChar, 20);
ParamUserPwd.Value = strUserPwd;
ObjCmd.Parameters.Add(ParamUserPwd);
//性别
SqlParameter ParamUserSex = new SqlParameter("@TmpUserSex", SqlDbType.VarChar, 2);
ParamUserSex.Value = strUserSex;
ObjCmd.Parameters.Add(ParamUserSex);
//出生年月
if (strBirthday != "")
{
SqlParameter ParamBirthday = new SqlParameter("@TmpBirthday", SqlDbType.DateTime);
ParamBirthday.Value = Convert.ToDateTime(strBirthday);
ObjCmd.Parameters.Add(ParamBirthday);
}
else
{
SqlParameter ParamBirthday = new SqlParameter("@TmpBirthday", SqlDbType.DateTime);
ParamBirthday.Value = System.DBNull.Value;
ObjCmd.Parameters.Add(ParamBirthday);
}
//所属部门
SqlParameter ParamDeptID = new SqlParameter("@TmpDeptID", SqlDbType.Int);
ParamDeptID.Value = Convert.ToInt32(strDeptID);
ObjCmd.Parameters.Add(ParamDeptID);
//职务
SqlParameter ParamJobID = new SqlParameter("@TmpJobID", SqlDbType.Int);
ParamJobID.Value = Convert.ToInt32(strJobID);
ObjCmd.Parameters.Add(ParamJobID);
//电话
SqlParameter ParamTelephone = new SqlParameter("@TmpTelephone", SqlDbType.VarChar, 20);
ParamTelephone.Value = strTelephone;
ObjCmd.Parameters.Add(ParamTelephone);
//证件类型
SqlParameter ParamCertType = new SqlParameter("@TmpCertType", SqlDbType.VarChar, 20);
ParamCertType.Value = ObjFun.CheckString(strCertType);
ObjCmd.Parameters.Add(ParamCertType);
//证件号码
SqlParameter ParamCertNum = new SqlParameter("@TmpCertNum", SqlDbType.VarChar, 20);
ParamCertNum.Value = strCertNum;
ObjCmd.Parameters.Add(ParamCertNum);
//登录IP
SqlParameter ParamLoginIP = new SqlParameter("@TmpLoginIP", SqlDbType.VarChar, 20);
ParamLoginIP.Value = strLoginIP;
ObjCmd.Parameters.Add(ParamLoginIP);
//类型
SqlParameter ParamUserType = new SqlParameter("@TmpUserType", SqlDbType.Int);
ParamUserType.Value = Convert.ToInt32(intUserType);
ObjCmd.Parameters.Add(ParamUserType);
//状态
SqlParameter ParamUserState = new SqlParameter("@TmpUserState", SqlDbType.Int);
ParamUserState.Value = Convert.ToInt32(intUserState);
ObjCmd.Parameters.Add(ParamUserState);
//评卷帐号
SqlParameter ParamJudgeUser = new SqlParameter("@TmpJudgeUser", SqlDbType.Int);
ParamJudgeUser.Value = Convert.ToInt32(intJudgeUser);
ObjCmd.Parameters.Add(ParamJudgeUser);
//评卷题型
SqlParameter ParamJudgeTestType = new SqlParameter("@TmpJudgeTestType", SqlDbType.Int);
ParamJudgeTestType.Value = Convert.ToInt32(intJudgeTestType);
ObjCmd.Parameters.Add(ParamJudgeTestType);
//角色菜单
SqlParameter ParamRoleMenu = new SqlParameter("@TmpRoleMenu", SqlDbType.Int);
ParamRoleMenu.Value = Convert.ToInt32(intRoleMenu);
ObjCmd.Parameters.Add(ParamRoleMenu);
//创建帐号
SqlParameter ParamCreateUserID = new SqlParameter("@TmpCreateUserID", SqlDbType.Int);
ParamCreateUserID.Value = Convert.ToInt32(intCreateUserID);
ObjCmd.Parameters.Add(ParamCreateUserID);
//创建时间
SqlParameter ParamCreateDate = new SqlParameter("@TmpCreateDate", SqlDbType.DateTime);
ParamCreateDate.Value = dtmCreateDate;
ObjCmd.Parameters.Add(ParamCreateDate);
if (imgbin.Length > 0)
{
SqlParameter ParamUserPhoto = new SqlParameter("@TmpUserPhoto", SqlDbType.Image);
ParamUserPhoto.Value = imgbin;
ObjCmd.Parameters.Add(ParamUserPhoto);
}
else
{
SqlParameter ParamUserPhoto = new SqlParameter("@TmpUserPhoto", SqlDbType.Image);
ParamUserPhoto.Value = System.DBNull.Value;
ObjCmd.Parameters.Add(ParamUserPhoto);
}
ObjConn.Open();
int numRowsAffected = ObjCmd.ExecuteNonQuery();
ObjConn.Close();
ObjConn.Dispose();
return(numRowsAffected);
}
public int MyDatabaseMethod(string strLoginID,string strUserName,string strUserPwd,string strUserSex,string strBirthday,string strDeptID,string strJobID,string strTelephone,string strCertType,string strCertNum,string strLoginIP,int intUserType,int intUserState,int intJudgeUser,int intJudgeTestType,int intRoleMenu,int intCreateUserID,DateTime dtmCreateDate,byte[] imgbin)
{
string strConn="";
string strSql="";
PublicFunction ObjFun=new PublicFunction();
strConn=ConfigurationSettings.AppSettings["strConn"];
SqlConnection ObjConn = new SqlConnection(strConn);
strSql="Insert into UserInfo(LoginID,UserName,UserPwd,UserSex,Birthday,DeptID,JobID,Telephone,CertType,CertNum,LoginIP,UserType,UserState,JudgeUser,JudgeTestType,RoleMenu,CreateUserID,CreateDate,UserPhoto) Values (@TmpLoginID,@TmpUserName,@TmpUserPwd,@TmpUserSex,@TmpBirthday,@TmpDeptID,@TmpJobID,@TmpTelephone,@TmpCertType,@TmpCertNum,@TmpLoginIP,@TmpUserType,@TmpUserState,@TmpJudgeUser,@TmpJudgeTestType,@TmpRoleMenu,@TmpCreateUserID,@TmpCreateDate,@TmpUserPhoto)";
SqlCommand ObjCmd=new SqlCommand(strSql,ObjConn);
//�ʺ�
SqlParameter ParamLoginID=new SqlParameter("@TmpLoginID",SqlDbType.VarChar,20);
ParamLoginID.Value = strLoginID;
ObjCmd.Parameters.Add(ParamLoginID);
//����
SqlParameter ParamUserName=new SqlParameter("@TmpUserName",SqlDbType.VarChar,20);
ParamUserName.Value = strUserName;
ObjCmd.Parameters.Add(ParamUserName);
//����
SqlParameter ParamUserPwd=new SqlParameter("@TmpUserPwd",SqlDbType.VarChar,20);
ParamUserPwd.Value = strUserPwd;
ObjCmd.Parameters.Add(ParamUserPwd);
//�Ա�
SqlParameter ParamUserSex=new SqlParameter("@TmpUserSex",SqlDbType.VarChar,2);
ParamUserSex.Value = strUserSex;
ObjCmd.Parameters.Add(ParamUserSex);
//��������
if (strBirthday!="")
{
SqlParameter ParamBirthday=new SqlParameter("@TmpBirthday",SqlDbType.DateTime);
ParamBirthday.Value = Convert.ToDateTime(strBirthday);
ObjCmd.Parameters.Add(ParamBirthday);
}
else
{
SqlParameter ParamBirthday=new SqlParameter("@TmpBirthday",SqlDbType.DateTime);
ParamBirthday.Value = System.DBNull.Value;
ObjCmd.Parameters.Add(ParamBirthday);
}
//�������
SqlParameter ParamDeptID=new SqlParameter("@TmpDeptID",SqlDbType.Int);
ParamDeptID.Value = Convert.ToInt32(strDeptID);
ObjCmd.Parameters.Add(ParamDeptID);
//ְ��
SqlParameter ParamJobID=new SqlParameter("@TmpJobID",SqlDbType.Int);
ParamJobID.Value = Convert.ToInt32(strJobID);
ObjCmd.Parameters.Add(ParamJobID);
//�绰
SqlParameter ParamTelephone=new SqlParameter("@TmpTelephone",SqlDbType.VarChar,20);
ParamTelephone.Value = strTelephone;
ObjCmd.Parameters.Add(ParamTelephone);
//֤������
SqlParameter ParamCertType=new SqlParameter("@TmpCertType",SqlDbType.VarChar,20);
ParamCertType.Value = ObjFun.CheckString(strCertType);
ObjCmd.Parameters.Add(ParamCertType);
//֤������
SqlParameter ParamCertNum=new SqlParameter("@TmpCertNum",SqlDbType.VarChar,20);
ParamCertNum.Value = strCertNum;
ObjCmd.Parameters.Add(ParamCertNum);
//��¼IP
SqlParameter ParamLoginIP=new SqlParameter("@TmpLoginIP",SqlDbType.VarChar,20);
ParamLoginIP.Value = strLoginIP;
ObjCmd.Parameters.Add(ParamLoginIP);
//����
SqlParameter ParamUserType=new SqlParameter("@TmpUserType",SqlDbType.Int);
ParamUserType.Value = Convert.ToInt32(intUserType);
ObjCmd.Parameters.Add(ParamUserType);
//״̬
SqlParameter ParamUserState=new SqlParameter("@TmpUserState",SqlDbType.Int);
ParamUserState.Value = Convert.ToInt32(intUserState);
ObjCmd.Parameters.Add(ParamUserState);
//�����ʺ�
SqlParameter ParamJudgeUser=new SqlParameter("@TmpJudgeUser",SqlDbType.Int);
ParamJudgeUser.Value = Convert.ToInt32(intJudgeUser);
ObjCmd.Parameters.Add(ParamJudgeUser);
//��������
SqlParameter ParamJudgeTestType=new SqlParameter("@TmpJudgeTestType",SqlDbType.Int);
ParamJudgeTestType.Value = Convert.ToInt32(intJudgeTestType);
ObjCmd.Parameters.Add(ParamJudgeTestType);
//��ɫ�˵�
SqlParameter ParamRoleMenu=new SqlParameter("@TmpRoleMenu",SqlDbType.Int);
ParamRoleMenu.Value = Convert.ToInt32(intRoleMenu);
ObjCmd.Parameters.Add(ParamRoleMenu);
//�����ʺ�
SqlParameter ParamCreateUserID=new SqlParameter("@TmpCreateUserID",SqlDbType.Int);
ParamCreateUserID.Value = Convert.ToInt32(intCreateUserID);
ObjCmd.Parameters.Add(ParamCreateUserID);
//����ʱ��
SqlParameter ParamCreateDate=new SqlParameter("@TmpCreateDate",SqlDbType.DateTime);
ParamCreateDate.Value = dtmCreateDate;
ObjCmd.Parameters.Add(ParamCreateDate);
if (imgbin.Length>0)
{
SqlParameter ParamUserPhoto=new SqlParameter("@TmpUserPhoto",SqlDbType.Image);
ParamUserPhoto.Value = imgbin;
ObjCmd.Parameters.Add(ParamUserPhoto);
}
else
{
SqlParameter ParamUserPhoto=new SqlParameter("@TmpUserPhoto",SqlDbType.Image);
ParamUserPhoto.Value = System.DBNull.Value;
ObjCmd.Parameters.Add(ParamUserPhoto);
}
ObjConn.Open();
int numRowsAffected=ObjCmd.ExecuteNonQuery();
ObjConn.Close();
ObjConn.Dispose();
return numRowsAffected;
}
protected void ButInput_Click(object sender, System.EventArgs e)
{
if (txtLoginID.Text.Trim() == "")
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('帐号不能为空!')</script>");
txtLoginID.Focus();
return;
}
if (string.IsNullOrEmpty(txtUserName.Text.Trim()))
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('请填写用户名!')</script>");
txtUserName.Focus();
return;
}
if (string.IsNullOrEmpty(txtNewUserPwd.Text.Trim()))
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('请填写密码!')</script>");
txtNewUserPwd.Focus();
return;
}
if (txtNewUserPwd.Text.Trim() != txtSureUserPwd.Text.Trim())
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('两次密码不一致!')</script>");
txtNewUserPwd.Focus();
return;
}
if (RBLUserSex.SelectedIndex < 0)
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('请选择帐户性别!')</script>");
RBLUserSex.Focus();
return;
}
if (DDLDept.SelectedItem.Text == "--请选择--")
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('请选择部门!')</script>");
DDLDept.Focus();
return;
}
if (string.IsNullOrEmpty(txtCertNum.Text.Trim()))
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('请填写身份证号码!')</script>");
txtCertNum.Focus();
return;
}
if (DDLUserType.SelectedItem.Text.Trim() == "")
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('请选择帐户类型!')</script>");
return;
}
//if (DDLUserState.SelectedItem.Text.Trim()=="")
//{
// this.RegisterStartupScript("newWindow","<script language='javascript'>alert('请选择帐户状态!')</script>");
// return;
//}
string strTmp = ObjFun.GetValues("select LoginID from UserInfo where LoginID='" + ObjFun.getStr(ObjFun.CheckString(txtLoginID.Text.Trim()), 20) + "'", "LoginID");
if (strTmp.Trim() != "")
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('此" + txtLoginID.Text.Trim() + "帐号已经存在,无法注册!')</script>");
return;
}
string strLoginID = ObjFun.getStr(ObjFun.CheckString(txtLoginID.Text.Trim()), 20);
string strUserName = ObjFun.getStr(ObjFun.CheckString(txtUserName.Text.Trim()), 20);
string strUserPwd = ObjFun.getStr(ObjFun.CheckString(txtNewUserPwd.Text.Trim()), 20);
string strUserSex = RBLUserSex.SelectedItem.Text.Trim();
string strBirthday = txtBirthday.Text.Trim();
string strUserImg = UpUserPhoto.PostedFile.FileName;
string strDeptID = DDLDept.SelectedItem.Value;
string strJobID = DDLJob.SelectedItem.Value;
string strTelephone = ObjFun.getStr(ObjFun.CheckString(txtTelephone.Text.Trim()), 20);
string strCertType = ObjFun.getStr(ObjFun.CheckString(txtCertType.Text.Trim()), 20);
string strCertNum = ObjFun.getStr(ObjFun.CheckString(txtCertNum.Text.Trim()), 20);
string strLoginIP = ObjFun.getStr(txtLoginIP.Text.Trim(), 20);
int intUserType = Convert.ToInt32(DDLUserType.SelectedItem.Value);
//int intUserState=Convert.ToInt32(DDLUserState.SelectedItem.Value);
int intJudgeUser = 0;
int intJudgeTestType = 0;
int intRoleMenu = 0;
if (intUserType == 1)
{
intJudgeUser = 1;
intJudgeTestType = 1;
intRoleMenu = 1;
}
int intCreateUserID = Convert.ToInt32(ObjFun.GetValues("select UserID from UserInfo where LoginID='Admin'", "UserID"));
DateTime dtmCreateDate = Convert.ToDateTime(System.DateTime.Now.ToString("d"));
byte[] imgBinaryData;
if (strUserImg.Trim() != "")
{
string strName = strUserImg.Substring(strUserImg.Length - 4);
strTmp = ".JPG.GIF";
if (strTmp.IndexOf(strName.ToUpper()) < 0)
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('照片格式不正确!')</script>");
return;
}
Stream imgStream;
int imgLen;
imgStream = UpUserPhoto.PostedFile.InputStream;
imgLen = UpUserPhoto.PostedFile.ContentLength;
imgBinaryData = new byte[imgLen];
int n = imgStream.Read(imgBinaryData, 0, imgLen);
}
else
{
imgBinaryData = new byte[0];
}
int NumRowsAffected = MyDatabaseMethod(strLoginID, strUserName, strUserPwd, strUserSex, strBirthday, strDeptID, strJobID, strTelephone, strCertType, strCertNum, strLoginIP, intUserType, intUserState, intJudgeUser, intJudgeTestType, intRoleMenu, intCreateUserID, dtmCreateDate, imgBinaryData);
if (NumRowsAffected > 0)
{
if (intUserState == 0)
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('帐户注册成功,帐号审核后生效!');window.close();</script>");
}
else
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('帐户注册成功,帐号已经生效!');window.close();</script>");
}
}
else
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('帐户注册失败!')</script>");
}
}
protected void ButLogin_Click(object sender, System.EventArgs e)
{
string strSql = "";
string strConn = "";
strLoginID = ObjFun.CheckString(Convert.ToString(Request["LoginID"]).Trim());
strUserPwd = ObjFun.CheckString(Convert.ToString(Request["UserPwd"]).Trim());
if ((TimeRestrict() == true) && (strLoginID.ToUpper() != "ADMIN")) //判断登录时间是否受限
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('对不起,您登录的时间受限!');</script>");
return;
}
if ((IPRestrict() == true) && (strLoginID.ToUpper() != "ADMIN")) //判断登录IP是否受限
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('对不起,您登录的IP受限!');</script>");
return;
}
strSql = "select * from UserInfo where LoginID='" + strLoginID + "' and UserPwd='" + strUserPwd + "'";
strConn = ConfigurationSettings.AppSettings["strConn"];
SqlConnection ObjConn = new SqlConnection(strConn);
ObjConn.Open();
SqlCommand ObjCmd = new SqlCommand(strSql, ObjConn);
SqlDataReader ObjDR = ObjCmd.ExecuteReader(CommandBehavior.CloseConnection);
if (ObjDR.Read())
{
string strUserIP = Convert.ToString(Request.ServerVariables["HTTP_X_FORWARDED_FOR"]); //先取得代理IP
if ((strUserIP == "") || (strUserIP == null))
{
strUserIP = Convert.ToString(Request.ServerVariables["REMOTE_ADDR"]); //如果代理IP为空就取直接IP
}
if ((Convert.ToString(ObjDR["LoginIP"]) != "") && (Convert.ToString(ObjDR["LoginIP"]) != strUserIP)) //判断登录IP是否受制
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('对不起,您不是指定的登录IP!');</script>");
}
else
{
if ((Convert.ToInt32(ObjDR["UserState"]) == 0) && (strLoginID.ToUpper() != "ADMIN")) //判断帐号是否被禁用
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('对不起,此帐号已被禁用!');</script>");
}
else
{
Session["UserID"] = Convert.ToString(ObjDR["UserID"]);
Session["LoginID"] = Convert.ToString(ObjDR["LoginID"]);
Session["UserName"] = Convert.ToString(ObjDR["UserName"]);
Session["UserPwd"] = Convert.ToString(ObjDR["UserPwd"]);
string strScript = "";
strScript = strScript + "<script language='javascript'>";
strScript = strScript + "newWin=window.open('MainFrame.aspx','MainFrame','titlebar=yes,menubar=no,toolbar=no,location=no,directories=no,status=no,scrollbars=no,resizable=no,copyhistory=yes,top=0,left=0,width=screen.availWidth,height=screen.availHeight');";
strScript = strScript + "newWin.moveTo(0,0);";
strScript = strScript + "newWin.resizeTo(screen.availWidth,screen.availHeight);";
strScript = strScript + "window.opener=null;";
strScript = strScript + "window.open('','_self');";
strScript = strScript + "window.close();";
strScript = strScript + "window.parent.close();";
strScript = strScript + "</script>";
Response.Write(strScript);
}
}
}
else
{
this.RegisterStartupScript("newWindow", "<script language='javascript'>alert('对不起,帐号或密码错误!');</script>");
}
ObjDR.Close();
ObjConn.Dispose();
}