Exemplo n.º 1
0
        /// <summary>
        /// 用户注册
        /// 0:成功注册
        /// 1:用户已存在
        /// </summary>
        /// <param name="name"></param>
        /// <param name="password"></param>
        /// <param name="customersex"></param>
        /// <param name="securityquestion"></param>
        /// <param name="securityquestionanswer"></param>
        /// <returns></returns>
        public int Register()
        {
            SqlConnection sql           = DataBaseOperations.CreateConnection();             //建立数据库连接
            string        cmdText       = "select * from Users where Name='" + Name + "'";
            SqlDataReader sqlDataReader = DataBaseOperations.GetSqlDataReader(cmdText, sql); //查询数据库中是否有该用户

            if (sqlDataReader.HasRows)                                                       //搜索结果中有数据,说明已经注册
            {
                sqlDataReader.Close();                                                       //关闭sqlDataReader(必要操作!!)
                sql.Close();                                                                 //关闭sql连接
                return(1);                                                                   //用户名已经存在,返回1,共前台使用
            }
            //将用户信息写入数据库
            else
            {
                sqlDataReader.Close();//关闭sqlDataReader(必要操作!!)
                //将用户信息写入User表
                cmdText = "insert into Users (Name,Password,Power,LegalityState) values ('" + Name + "','" + Password +
                          "','" + Powers + "','" + legalityState + "')";
                DataBaseOperations.ReviseDataToDataBase(cmdText, sql);

                //将用户信息写入Customer表
                cmdText =
                    "insert into Customer (Name,Password,CustomerSex,SecurityQuestion,SecurityQuestionAnswer,LegalityState) values('" +
                    Name + "','" + Password + "','" + customerSex + "','" +
                    securityQuestion + "','" + securityQuestionAnswer + "','" + legalityState +
                    "')";
                DataBaseOperations.ReviseDataToDataBase(cmdText, sql); //执行插入操作
                sql.Close();                                           //关闭sql连接
                return(0);                                             //操作成功返回0,供前台使用
            }
        }
Exemplo n.º 2
0
        /// <summary>
        /// 用户登录
        /// </summary>
        /// <returns>0:用户密码正确,账号未被冻结,并且提取相应的权限值</returns>
        /// <returns>1:用户密码错误</returns>
        /// <returns>2:用户尚未注册</returns>
        /// <returns>3:账号被冻结</returns>
        public int Login()
        {
            SqlConnection sql           = DataBaseOperations.CreateConnection();
            string        cmdText       = "select * from Users where Name='" + Name + "'";
            SqlDataReader sqlDataReader = DataBaseOperations.GetSqlDataReader(cmdText, sql);

            //如果查询到该用户,匹配用户名/密码
            if (sqlDataReader.HasRows) //根据查询结果里面的行数判断是否有该用户
            {
                sqlDataReader.Close(); //关闭sqlDataReader,必要操作
                SqlDataAdapter sqlDataAdapter = DataBaseOperations.GetSqlDataAdapter(cmdText, sql);
                DataSet        dataSet        = DataBaseOperations.GetDataSet(sqlDataAdapter);

                //对用户密码进行匹配
                if (dataSet.Tables[0].Rows[0]["Password"].ToString() == Password)
                {
                    string power = dataSet.Tables[0].Rows[0]["Power"].ToString();//获取数据库中用户权限(string)
                    //将string权限转换为Power类型
                    switch (power)
                    {
                    case "Customer":
                        Powers = Power.Customer;
                        break;

                    case "Manager":
                        Powers = Power.Manager;
                        break;
                    }
                    if (Convert.ToInt32(dataSet.Tables[0].Rows[0]["LegalityState"]) == 0)
                    {
                        sql.Close(); //关闭sql连接
                        return(0);   //用户密码正确,账号未被冻结,提示前台进行相应的操作
                    }
                    else
                    {
                        sql.Close(); //关闭sql连接
                        return(3);   //账号被冻结,提示前台进行相应的操作
                    }
                }
                else
                {
                    sql.Close(); //关闭sql连接
                    return(1);   //用户密码错误,提示前台进行相应的操作
                }
            }
            sql.Close(); //关闭sql连接
            return(2);   //用户名不存在,提示用户注册
        }