/
ADLogin.aspx.cs
134 lines (123 loc) · 5.14 KB
/
ADLogin.aspx.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
public partial class ADLogin1 : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
if (!IsPostBack)
{
//WindowsPrincipal wp = new WindowsPrincipal(WindowsIdentity.GetCurrent());
//string[] cADName = wp.Identity.Name.Split(new Char[] { '\\' });
string cADName = User.Identity.Name.Split(new Char[] { '\\' })[1].Trim().ToUpper();
//如果帳號不是這三個開頭的就轉去註冊頁面
if (!cADName.StartsWith("TA") && !cADName.StartsWith("itap") && !cADName.StartsWith("TOO"))
{
Response.Redirect("Login.aspx", true);
}
string userID = null;
/*#region 檢查使用者是否在白名單之中
* using (SqlConnection conn = new SqlConnection(DBTools.ConnectionString))
{
conn.Open();
using (SqlCommand cmd = new SqlCommand("SELECT userID FROM WhiteList Where userID=@userID", conn))
{
cmd.Parameters.Add("@userID", SqlDbType.VarChar, 10);
cmd.Parameters[0].Value = cADName;
userID = (string)cmd.ExecuteScalar();
}
}
if (userID == null)
{
Response.End();
}
#endregion*/
#region 檢查該使用者存不存在,存在就進入首頁,不存在就註冊
using (SqlConnection conn = new SqlConnection(DBTools.ConnectionString))
{
conn.Open();
using (SqlCommand cmd = new SqlCommand("SELECT UserID FROM UserData WHERE UserID=@UserID", conn))
{
cmd.Parameters.Add("@UserID", SqlDbType.VarChar, 10);
cmd.Parameters[0].Value = cADName;
userID = cmd.ExecuteScalar() as string;
cmd.Cancel();
}
}
if (userID != null)
{
Session.Add("userID", cADName);
Response.Redirect("Index.aspx", true);
}
else
{
ViewState.Add("userID", cADName);
NickName.Attributes["placeholder"] = "可以輸入任何名稱,中英文都可以,只要別人認得就行";
NickName.Attributes["required"] = "";
NickName.Attributes["autofocus"] = "";
Department.Items.Add(new ListItem("請選擇您的部門"));
using (SqlConnection conn = new SqlConnection(DBTools.ConnectionString))
{
conn.Open();
using (SqlCommand cmd = new SqlCommand("SELECT DepartmentName,DepartmentID FROM Department", conn))
{
using (SqlDataReader dr = cmd.ExecuteReader())
{
while (dr.Read())
Department.Items.Add(new ListItem(dr.GetString(0), dr.GetByte(1).ToString()));
}
cmd.Cancel();
}
}
}
#endregion
}
}
private void Alert(string ErrorMessage)
{
string blockjs = @"alert('" + ErrorMessage + "');";
if (ScriptManager.GetCurrent(this.Page) == null)
Page.ClientScript.RegisterStartupScript(this.Page.GetType(), "buttonStartup", blockjs, true);
else
ScriptManager.RegisterStartupScript(this.Page, this.Page.GetType(), "buttonStartupBySM", blockjs, true);
}
protected void Register_Click(object sender, EventArgs e)
{
if (NickName.Text.Trim().Length > 10)
{
Alert("暱稱不得大於10個字!");
return;
}
if (Department.SelectedIndex == 0)
{
Alert("請選擇您的部門!");
return;
}
using (SqlConnection conn = new SqlConnection(DBTools.ConnectionString))
{
conn.Open();
using (SqlCommand cmd = new SqlCommand("INSERT INTO UserData (UserID,UserName,DepartmentID) VALUES (@UserID,@UserName,@DepartmentID)", conn))
{
cmd.Parameters.Add(new SqlParameter("@UserID", SqlDbType.VarChar, 10));
cmd.Parameters[0].Value = ViewState["userID"];
cmd.Parameters.Add(new SqlParameter("@UserName", SqlDbType.NVarChar, 10));
cmd.Parameters[1].Value = NickName.Text.Trim();
cmd.Parameters.Add("@DepartmentID", SqlDbType.TinyInt);
cmd.Parameters[2].Value = Department.SelectedValue;
cmd.ExecuteNonQuery();
}
}
Session.Add("userID", ViewState["userID"].ToString());
Response.Redirect("Index.aspx", true);
}
protected override void Render(HtmlTextWriter writer)
{
ClientScript.RegisterForEventValidation(Register.UniqueID);
base.Render(writer);
}
}