protected void Page_Init(object sender, EventArgs e) { if (string.IsNullOrEmpty(Request.QueryString["id"])) { if (me.checkUserGroupRight(CUSTOMRP.Model.APPModuleID.usergroupright_company, "Add", me.LoginID) == false) { Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.accesserror, "company.aspx"); Response.End(); } this.Button2.Visible = false; } else { if (me.checkUserGroupRight(CUSTOMRP.Model.APPModuleID.usergroupright_company, "Modify", me.LoginID) == false) { Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.accesserror, "company.aspx"); Response.End(); } int id = Int32.Parse(Request.QueryString["id"]); myCompany = WebHelper.bllCompany.GetModel(me.ID, id); if (myCompany == null) { Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.parameter_error, "company.aspx"); Response.End(); } } }
/// <summary> /// 增加一条数据 /// </summary> public int Add(CUSTOMRP.Model.DATABASE model) { if (String.IsNullOrEmpty(model.HASHKEY)) { model.HASHKEY = "com"; } StringBuilder strSql = new StringBuilder(); strSql.Append("insert into [DATABASE]("); strSql.Append("APPLICATIONID,NAME,[DESC],STATUS,LASTMODIFYDATE,LASTMODIFYUSER,AUDOTIME,HASHKEY)"); strSql.Append(" values ("); strSql.Append("@APPLICATIONID,@NAME,@DESC,@STATUS,@LASTMODIFYDATE,@LASTMODIFYUSER,@AUDOTIME,@HASHKEY)"); strSql.Append(";select @@IDENTITY"); SqlParameter[] parameters = { new SqlParameter("@APPLICATIONID", SqlDbType.Int, 4), new SqlParameter("@NAME", SqlDbType.NVarChar, 50), new SqlParameter("@DESC", SqlDbType.NVarChar, 2000), new SqlParameter("@STATUS", SqlDbType.Int, 4), new SqlParameter("@LASTMODIFYDATE", SqlDbType.DateTime), new SqlParameter("@LASTMODIFYUSER", SqlDbType.Int, 4), new SqlParameter("@AUDOTIME", SqlDbType.DateTime), new SqlParameter("@HASHKEY", SqlDbType.NVarChar, 50) }; parameters[0].Value = model.APPLICATIONID; parameters[1].Value = model.NAME; parameters[2].Value = model.DESC; parameters[3].Value = model.STATUS; parameters[4].Value = model.LASTMODIFYDATE; parameters[5].Value = model.LASTMODIFYUSER; parameters[6].Value = model.AUDOTIME; parameters[7].Value = model.HASHKEY; object obj = DbHelperSQL.GetSingle(model.LASTMODIFYUSER, strSql.ToString(), parameters); if (obj == null) { return(0); } else { model.ID = Convert.ToInt32(obj); Model.AUDITLOG auditobj = model.GetAuditLogObject(null); auditobj.UserID = model.LASTMODIFYUSER; auditobj.CreateDate = DateTime.Now; auditobj.MessageType = Model.AUDITLOG.Severity.Audit; auditobj.ModuleName = "DAL.DATABASE.Add"; auditobj.Message = String.Format(AppNum.AuditMessage.DatabaseInsertSuccess, model.ID); AUDITLOG.Add(auditobj); return(model.ID); } }
/// <summary> /// 得到一个对象实体 /// </summary> public CUSTOMRP.Model.DATABASE DataRowToModel(DataRow row) { CUSTOMRP.Model.DATABASE model = new CUSTOMRP.Model.DATABASE(); if (row != null) { if (row["ID"] != null && row["ID"].ToString() != "") { model.ID = Int32.Parse(row["ID"].ToString()); } if (row["APPLICATIONID"] != null && row["APPLICATIONID"].ToString() != "") { model.APPLICATIONID = Int32.Parse(row["APPLICATIONID"].ToString()); } if (row["NAME"] != null) { model.NAME = row["NAME"].ToString(); } if (row["DESC"] != null) { model.DESC = row["DESC"].ToString(); } if (row["STATUS"] != null && row["STATUS"].ToString() != "") { model.STATUS = Int32.Parse(row["STATUS"].ToString()); } if (row["LASTMODIFYDATE"] != null && row["LASTMODIFYDATE"].ToString() != "") { model.LASTMODIFYDATE = DateTime.Parse(row["LASTMODIFYDATE"].ToString()); } if (row["LASTMODIFYUSER"] != null && row["LASTMODIFYUSER"].ToString() != "") { model.LASTMODIFYUSER = Int32.Parse(row["LASTMODIFYUSER"].ToString()); } if (row["AUDOTIME"] != null && row["AUDOTIME"].ToString() != "") { model.AUDOTIME = DateTime.Parse(row["AUDOTIME"].ToString()); } if (row["HASHKEY"] != null) { model.HASHKEY = row["HASHKEY"].ToString(); } } return(model); }
protected void Button1_Click(object sender, EventArgs e) { string name = this.TextBox1.Text.Trim(); string description = this.TextBox2.Text.Trim(); int applicationid = Int32.Parse(this.DDLSTATUS.SelectedValue); if (myCompany == null) { if (WebHelper.bllCompany.GetList(me.ID, "NAME='" + name + "'").Tables[0].Rows.Count > 0) { //Common.JScript.Alert(AppNum.Commonexits); //Common.JScript.GoHistory(-1); Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.Commonexits, "Company.aspx"); Response.End(); } CUSTOMRP.Model.DATABASE _database = new CUSTOMRP.Model.DATABASE(); _database.NAME = name; _database.DESC = description; _database.APPLICATIONID = me.APPLICATIONID; _database.STATUS = applicationid; _database.LASTMODIFYDATE = DateTime.Now; _database.AUDOTIME = DateTime.Now; WebHelper.bllCompany.Add(_database); } else { myCompany.DESC = description; myCompany.NAME = name; myCompany.STATUS = Int32.Parse(this.DDLSTATUS.SelectedValue); WebHelper.bllCompany.Update(myCompany); } Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.success, "company.aspx"); Response.End(); }
/// <summary> /// 得到一个对象实体 /// </summary> public CUSTOMRP.Model.DATABASE GetModel(int UserID, int ID) { StringBuilder strSql = new StringBuilder(); strSql.Append("select top 1 ID,APPLICATIONID,NAME,[DESC],STATUS,LASTMODIFYDATE,LASTMODIFYUSER,AUDOTIME,CONNECTIONSTRING,HASHKEY from [DATABASE] "); strSql.Append(" where ID=@ID"); SqlParameter[] parameters = { new SqlParameter("@ID", SqlDbType.Int, 4) }; parameters[0].Value = ID; CUSTOMRP.Model.DATABASE model = new CUSTOMRP.Model.DATABASE(); DataSet ds = DbHelperSQL.Query(UserID, strSql.ToString(), parameters); if (ds.Tables[0].Rows.Count > 0) { return(DataRowToModel(ds.Tables[0].Rows[0])); } else { return(null); } }
/// <summary> /// 更新一条数据 /// </summary> public bool Update(CUSTOMRP.Model.DATABASE model) { if (String.IsNullOrEmpty(model.HASHKEY)) { model.HASHKEY = "com"; } StringBuilder strSql = new StringBuilder(); strSql.Append("update [DATABASE] set "); strSql.Append("APPLICATIONID=@APPLICATIONID,"); strSql.Append("NAME=@NAME,"); strSql.Append("[DESC]=@DESC,"); strSql.Append("STATUS=@STATUS,"); strSql.Append("LASTMODIFYDATE=@LASTMODIFYDATE,"); strSql.Append("LASTMODIFYUSER=@LASTMODIFYUSER,"); strSql.Append("AUDOTIME=@AUDOTIME,"); strSql.Append("HASHKEY=@HASHKEY"); strSql.Append(" where ID=@ID"); SqlParameter[] parameters = { new SqlParameter("@APPLICATIONID", SqlDbType.Int, 4), new SqlParameter("@NAME", SqlDbType.NVarChar, 50), new SqlParameter("@DESC", SqlDbType.NVarChar, 2000), new SqlParameter("@STATUS", SqlDbType.Int, 4), new SqlParameter("@LASTMODIFYDATE", SqlDbType.DateTime), new SqlParameter("@LASTMODIFYUSER", SqlDbType.Int, 4), new SqlParameter("@AUDOTIME", SqlDbType.DateTime), new SqlParameter("@HASHKEY", SqlDbType.NVarChar, 50), new SqlParameter("@ID", SqlDbType.Int, 4) }; parameters[0].Value = model.APPLICATIONID; parameters[1].Value = model.NAME; parameters[2].Value = model.DESC; parameters[3].Value = model.STATUS; parameters[4].Value = model.LASTMODIFYDATE; parameters[5].Value = model.LASTMODIFYUSER; parameters[6].Value = model.AUDOTIME; parameters[7].Value = model.HASHKEY; parameters[8].Value = model.ID; int rows = DbHelperSQL.ExecuteSql(model.LASTMODIFYUSER, strSql.ToString(), parameters); if (rows > 0) { Model.AUDITLOG auditobj = model.GetAuditLogObject(null); auditobj.UserID = model.LASTMODIFYUSER; auditobj.CreateDate = DateTime.Now; auditobj.MessageType = Model.AUDITLOG.Severity.Audit; auditobj.ModuleName = "DAL.DATABASE.Update"; auditobj.Message = String.Format(AppNum.AuditMessage.DatabaseUpdateSuccess, model.ID); AUDITLOG.Add(auditobj); return(true); } else { return(false); } }
protected void login(string uid, string password, string DATABASE, int loginType) { CUSTOMRP.Model.USER myUser; if (loginType == 1) { myUser = WebHelper.bllUSER.GetModel(-1, uid, Int32.Parse(DATABASE), Common.Utils.MD5NET(password)); } else { //v1.1.0 - Cheong - 2016/05/18 - Make hashkey configurable CUSTOMRP.Model.DATABASE mydb = WebHelper.bllCompany.GetModel(-1, Int32.Parse(DATABASE)); string salt = (mydb != null) ? mydb.HASHKEY : "com"; //string hash = Common.Utils.MD5NET(uid + DateTime.Now.ToString("yyyyMMdd") + "com"); string hash = Common.Utils.MD5NET(uid + DateTime.Now.ToString("yyyyMMdd") + salt); if (mydb == null) { Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.FailedToConnectQueryReportDatabase, "#"); return; } if (hash == password) { myUser = WebHelper.bllUSER.GetModel(-1, uid, mydb.ID); } else { myUser = null; } } if (myUser != null) { //store user's information to cookie, CUSTOMRP.Model.DATABASE mydb = WebHelper.bllCompany.GetModel(-1, Int32.Parse(DATABASE)); HttpContext.Current.Session[AppNum.str_var_UserCookie_uid] = uid; HttpContext.Current.Session[AppNum.str_var_UserCookie_logintime] = DateTime.Now.ToString("yyyyMMddhhmm"); HttpContext.Current.Session[AppNum.str_var_UserCookie_Databaseid] = mydb.ID; HttpContext.Current.Session[AppNum.str_var_UserCookie_DatabaseName] = mydb.NAME; HttpContext.Current.Session[AppNum.str_var_UserCookie_APPLICATIONID] = mydb.APPLICATIONID; HttpContext.Current.Session[AppNum.str_var_UserSessionName] = myUser; #region Perform redirect if mode = embedded if (Request.Params["mode"] == "embedded") { //v1.0.0 - Cheong - 2015/07/21 - Modify SignIn.aspx to allow embedded mode relay to relay for "action" //Response.Redirect("~/Report/rpEmbedded.aspx?rpid=" + Request.Params["rpid"] + "rptType=" + (Request.Params["rptType"] ?? "1"), true); List <string> pList = new List <string>(); if (Request.Params["action"] != null) { pList.Add(String.Format("action={0}", Request.Params["action"])); if (Request.Params["rpid"] != null) { pList.Add(String.Format("rpid={0}", Request.Params["rpid"])); } if (Request.Params["type"] != null) { pList.Add(String.Format("type={0}", Request.Params["type"])); } } else { if (Request.Params["rpid"] != null) { pList.Add(String.Format("rpid={0}&rptType={1}", Request.Params["rpid"], (Request.Params["rptType"] ?? "1"))); } } //v1.2.0 - Cheong - 2016/07/15 - Add relay on parameter rpgrp if (Request.Params["rpgrp"] != null) { pList.Add(String.Format("rpgrp={0}", Request.Params["rpgrp"])); } Response.Redirect("~/Report/rpEmbedded.aspx?" + String.Join("&", pList), true); } #endregion Response.Redirect("~/Report/rpList.aspx"); } else { Common.JScript.AlertAndRedirect(AppNum.ErrorMsg.loginerror, "#"); } }