public static DataTable GetOrgChildren(string oId) { var sql = "select * from [SYS_DepartmentInfo] where Dpt_ParentId=@Dpt_ParentId "; var paramsStr = new StringBuilder(); paramsStr.Append("@Dpt_ParentId int"); Database db = DatabaseFactory.CreateDatabase(); var command = SQLServerUtiles.Get_SP_ExecuteSQL(db, sql, paramsStr.ToString()); db.AddInParameter(command, "Dpt_ParentId", DbType.Int32, oId); return(db.ExecuteDataSet(command).Tables[0]); }
public static DataTable GetUserFunction(string userId) { var sql = "select * from [SYS_RoleForPage] rfp join [SYS_PageConfig] pc on pc.[PC_Id]=rfp.[PC_Id] and rfp.[Role_Id] in (select [Role_Id] from [SYS_UserForRole] where [Adn_Id]=@Adn_Id) "; DataTable mtable; Database db = DatabaseFactory.CreateDatabase(); var paramsStr = new StringBuilder(); paramsStr.Append("@Adn_Id int"); var command = SQLServerUtiles.Get_SP_ExecuteSQL(db, sql, paramsStr.ToString()); db.AddInParameter(command, "Adn_Id", DbType.Int32, userId); mtable = db.ExecuteDataSet(command).Tables[0]; return(mtable); }
public static bool VerifyFunctionForEmpl(int userId, string DesiredFunction) { var sql = "select 1 from [SYS_RoleForPage] rfp join [SYS_PageConfig] pc on pc.[PC_Id]=rfp.[PC_Id] and rfp.[Role_Id] in (select [Role_Id] from [SYS_UserForRole] where [Adn_Id]=@Adn_Id) and [PC_Name]=@PC_Name "; Database db = DatabaseFactory.CreateDatabase(); var paramsStr = new StringBuilder(); paramsStr.Append("@Adn_Id int,@PC_Name nvarchar(100)"); var command = SQLServerUtiles.Get_SP_ExecuteSQL(db, sql, paramsStr.ToString()); db.AddInParameter(command, "Adn_Id", DbType.Int32, userId); db.AddInParameter(command, "PC_Name", DbType.AnsiString, DesiredFunction); var res = db.ExecuteScalar(command); return(res != null && res != DBNull.Value); }
/// <summary> /// 用户登录 返回空""成功,否则返回失败信息 /// </summary> /// <param name="userName"></param> /// <param name="userPassword"></param> /// <returns></returns> public static string Login(string userName, string userPassword) { try { var res = string.Empty; const string sqlUserName = "******"; var paramsStr = new StringBuilder(); paramsStr.Append("@Adn_UserName nvarchar(50)"); Database db = DatabaseFactory.CreateDatabase(); var command = SQLServerUtiles.Get_SP_ExecuteSQL(db, sqlUserName, paramsStr.ToString()); db.AddInParameter(command, "Adn_UserName", DbType.AnsiString, userName); var name = db.ExecuteScalar(command); if (name == null || name == DBNull.Value) { const string sqlFacName = "SELECT * FROM FactroyInfo WHERE ConCell = @Adn_UserName"; var paramsStrFac = new StringBuilder(); paramsStrFac.Append("@Adn_UserName nvarchar(50)"); Database dbFac = DatabaseFactory.CreateDatabase(); var commandFac = SQLServerUtiles.Get_SP_ExecuteSQL(dbFac, sqlFacName, paramsStrFac.ToString()); dbFac.AddInParameter(commandFac, "Adn_UserName", DbType.AnsiString, userName); var nameFac = dbFac.ExecuteScalar(commandFac); if (nameFac == null || nameFac == DBNull.Value) { res = "用户名有误或不存在!"; } else { const string sqlFac = "SELECT * FROM FactroyInfo WHERE ConCell = @Adn_UserName and PassWord=@Adn_Password"; paramsStrFac.Append(",@Adn_Password nvarchar(50)"); Database dbFacInfo = DatabaseFactory.CreateDatabase(); var commandFacInfo = SQLServerUtiles.Get_SP_ExecuteSQL(dbFacInfo, sqlFac, paramsStrFac.ToString()); dbFacInfo.AddInParameter(commandFacInfo, "Adn_UserName", DbType.AnsiString, userName); dbFacInfo.AddInParameter(commandFacInfo, "Adn_Password", DbType.AnsiString, userPassword); var dataReader = dbFacInfo.ExecuteReader(commandFacInfo); if (dataReader.Read()) { HttpContext.Current.Session["CurrentFacUser"] = new FactroyInfo().ReaderBind(dataReader); } else { res = "密码输入错误!"; } } } else { const string sqlUser = "******"; paramsStr.Append(",@Adn_Password nvarchar(50)"); Database dbUser = DatabaseFactory.CreateDatabase(); var commandUser = SQLServerUtiles.Get_SP_ExecuteSQL(dbUser, sqlUser, paramsStr.ToString()); dbUser.AddInParameter(commandUser, "Adn_UserName", DbType.AnsiString, userName); dbUser.AddInParameter(commandUser, "Adn_Password", DbType.AnsiString, userPassword); var dataReader = dbUser.ExecuteReader(commandUser); if (dataReader.Read()) { var orgUsersDal = new OrgUsers(); var user = orgUsersDal.ReaderBind(dataReader); user.LastLoginTime = DateTime.Now; orgUsersDal.Update(user); HttpContext.Current.Session["CurrentUser"] = user; } else { res = "用户名或密码输入错误!"; } } return(res); } catch (Exception) { return("登录失败"); } }