protected void Page_Load(object sender, EventArgs e)
{
/******************judege the role*************************/
string s_role = Session["loginRole"].ToString();
string s_staffID = Session["loginID"].ToString();
if (s_role != "rep" && s_role != "emp")
{
Response.Redirect("Login.aspx"); //it should alert() or redirect to an error page;
}
/******************Judge if the url query is empty***********************/
int reqID = Int32.Parse(Request.QueryString["reqID"]);
if (reqID.ToString() == null)
{
Response.Redirect("Emp_MyRequisition.aspx");
}
this.reqID = reqID;
/****************judge the staffID************************/
RequisitionDAO rdao = new RequisitionDAO();
string url_staffID = rdao.getStaffIDByReqID(reqID);
if (url_staffID == null)
{
Response.Redirect("Emp_MyRequisition");
}
if (url_staffID != s_staffID)
{
Response.Redirect("Login.aspx"); //it should alert() or redirect to an error page;
}
reSubmit.Enabled = true;
RequisitionItemDAO ridao = new RequisitionItemDAO();
string status = rdao.getStatusByReqID(reqID); //get status
if (status == null) //this requisition doesn't exist
{
Response.Redirect("Emp_MyRequisition.aspx");
}
else if (status == "pending")
{
reSubmit.Enabled = false;
}
this.status = status;
initPendingDataGrid();
}
