// GET: Admin/DetailUser
public ActionResult ViewUser()
{
try
{
TblUserDao tblUserDao = new TblUserDao();
// lấy user_id từ request
int user_id = Common.ConvertToInteger(Request.QueryString["user_id"], 0);
// nếu user_id lớn 0 và tồn tại trong db
if (user_id > 0 && tblUserDao.CheckExistedUserID(user_id))
{
Tbl_user userInfor = new Tbl_user();
userInfor = tblUserDao.GetUserByUserID(user_id);
ViewBag.userInfor = userInfor;
ViewBag.user_id = user_id;
return(View());
}
else
{
// chuyển về màn hình lỗi
return(new RedirectResult(@"~\SystemError\SystemError?error=ER013"));
}
}
catch
{
// chuyển sang màn hình thông báo lỗi hệ thống
return(RedirectToAction("Error", "Error"));
}
}
private async void BtnLogin_Clicked(object sender, System.EventArgs e)
{
userstatic.US_Username = txt_username.Text;
userstatic.US_PassWord = GetMD5(txt_password.Text);
HttpClient client = new HttpClient();
string json = JsonConvert.SerializeObject(userstatic);
var content = new StringContent(json, Encoding.UTF8, "application/json");
var kq = await client.PostAsync("https://sadt.nvah.net/api/user/Login", content);
if (kq.StatusCode == System.Net.HttpStatusCode.OK)
{
if (kq.Content != null)
{
string responseContent = await kq.Content.ReadAsStringAsync();
userstatic = JsonConvert.DeserializeObject <Tbl_user>(responseContent);
Settings.Jsonuser = responseContent;
Application.Current.MainPage = new PageDashBoard();
}
}
else
{
await DisplayAlert("LOGIN FAIL", "SAI TEN hoặc mật khẩu", "OK");
}
}
public Int32 eliminarUser(Tbl_user tus)
{
int eliminado;
sb.Clear();
sb.Append("USE `hotel`;");
sb.Append("UPDATE tbl_user SET estado = 3 WHERE id_user = "******"");
try
{
con.AbrirConexion();
eliminado = con.Ejecutar(CommandType.Text, sb.ToString());
Console.WriteLine(eliminado);
Console.WriteLine(sb.ToString());
return(eliminado);
}
catch (Exception e)
{
ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Error,
ButtonsType.Ok, e.Message);
ms.Run();
ms.Destroy();
throw;
}
finally
{
con.CerrarConexion();
}
}
public bool existeUser(Tbl_user tus)
{
bool existe = false;
IDataReader idr = null;
sb.Append("USE `hotel`;");
sb.Append("SELECT * FROM tbl_user WHERE user = "******"'" + tus.User + "';");
try
{
con.AbrirConexion();
idr = con.Leer(CommandType.Text, sb.ToString());
if (idr.Read())
{
existe = true;
}
return(existe);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
Console.WriteLine(e.StackTrace);
idr.Close();
throw;
}
finally
{
con.CerrarConexion();
}
}
public bool GuardarUsuario(Tbl_user tus)
{
bool guardado = false;
int x = 0;
sb.Append("INSERT INTO tbl_user");
sb.Append("(user,pwd, nombres, apellidos, email, pwd_temp, estado)");
sb.Append("Values('" + tus.User + "','" + tus.Pwd + "','" + tus.Nombres + "','" + tus.Apellidos + "','" + tus.Email + "','" + tus.Pwd_temp + "','" + 1 + "')");
try
{
con.AbrirConexion();
x = con.Ejecutar(CommandType.Text, sb.ToString());
if (x > 0)
{
guardado = true;
}
return(guardado);
}
catch (Exception e)
{
ms = new MessageDialog(null, DialogFlags.Modal,
MessageType.Error, ButtonsType.Ok, e.Message);
ms.Run();
ms.Destroy();
throw;
}
finally
{
con.CerrarConexion();
}
}
public bool VerificarPermisos(Tbl_user tus, String rol)
{
if (dtus.VerificarPermiso(tus, rol))
{
return(true);
}
else
{
return(false);
}
}
//public bool ngGuardarUser(Tbl_user tus)
//{
// MessageDialog ms = null;
// bool guardado = false;
// try
// {
// //bool existe = false;
// //dtUsuario dtus = new dtUsuario();
// //existe = ;
// if(dtus.existeUser(tus))
// {
// ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Error,
// ButtonsType.Ok, "El usuario ya existe!");
// ms.Run();
// ms.Destroy();
// return guardado;
// }
// if (dtus.existeEmail(tus))
// {
// ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Error,
// ButtonsType.Ok, "El correo ya existe!");
// ms.Run();
// ms.Destroy();
// return guardado;
// }
// else
// {
// guardado = dtus.GuardarUsuario(tus);
// if(guardado)
// {
// Console.WriteLine("NG: EL usuario se guardo exitosamente");
// return guardado;
// }
// else
// {
// return guardado;
// }
// }
// }
// catch(Exception e)
// {
// Console.WriteLine("NG: Error: " + e.Message);
// Console.WriteLine("NG: Error: " + e.StackTrace);
// ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Error,
// ButtonsType.Ok, "Por favor, verifique los datos nuevamente");
// ms.Run();
// ms.Destroy();
// Console.WriteLine("NG: ERROR, NO SE PUEDE GUARDAR");
// throw;
// }
//}
public bool Autenticar(Tbl_user tus)
{
dtUsuario dtu = new dtUsuario();
if (dtu.ComprobarCredenciales(tus))
{
return(true);
}
return(false);
}
public bool ngGuardarUser(Tbl_user tus)
{
MessageDialog ms = null;
bool guardado = false;
try
{
//bool existe = false;
dtUsuario dtus = new dtUsuario();
//existe = dtus.existeUser(tus);
if (dtus.existeUser(tus))
{
ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Error,
ButtonsType.Ok, "El usuario ingresado ya existe");
ms.Run();
ms.Destroy();
return(guardado);
}
if (dtus.existeEmail(tus))
{
ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Error,
ButtonsType.Ok, "El correo electrónico ingresado ya existe");
ms.Run();
ms.Destroy();
return(guardado);
}
else
{
guardado = dtus.GuardarUsuario(tus);
if (guardado)
{
Console.WriteLine("NG: El Usuario se guardo exitosamente");
return(guardado);
}
else
{
ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Error,
ButtonsType.Ok, "Por favor verifique sus datos e intente nuevamente");
ms.Run();
ms.Destroy();
Console.WriteLine("NG: ERROR AL GUARDAR, VERIFICAR EL METODO");
return(guardado);
}
}
}
catch (Exception e)
{
Console.WriteLine("NG: ERROR=" + e.Message);
Console.WriteLine("NG: ERROR=" + e.StackTrace);
throw;
//return guardado;
}
}
/// <summary>
/// get data userInfor theo user)id
/// Create by ThuanTV 11/27/2019
/// </summary>
/// <param name="user_id"></param>
/// <returns></returns>
public Tbl_user GetUserByUserID(int user_id)
{
Tbl_user userInfor = new Tbl_user();
try
{
if (OpenConnection() != null)
{
StringBuilder query = new StringBuilder();
query.Append("SELECT u.user_id, u.email, u.full_name, u.tel, u.birthday, u.address_user, u.role");
query.Append(" FROM tbl_user as u ");
query.Append(" WHERE u.user_id= @user_id ;");
using (SqlCommand command = new SqlCommand(query.ToString(), conn))
{
command.Parameters.AddWithValue("@user_id", user_id);
_sqlReader = command.ExecuteReader();
while (_sqlReader.Read())
{
userInfor._user_id = (int)_sqlReader["user_id"];
userInfor._email = _sqlReader["email"].ToString().Trim();
userInfor._full_name = _sqlReader["full_name"].ToString().Trim();
userInfor._tel = _sqlReader["tel"].ToString().Trim();
userInfor._birthday = (DateTime)_sqlReader["birthday"];
userInfor._address_user = _sqlReader["address_user"].ToString().Trim();
userInfor._role = (int)_sqlReader["role"];
}
}
}
}
catch (SqlException e)
{
Console.WriteLine(e.StackTrace);
}
finally
{
CloseConnection();
}
return(userInfor);
}
}//fin del metodo
public List <Tbl_user> cbxUsuarios()
{
List <Tbl_user> listUser = new List <Tbl_user>();
IDataReader idr = null;
sb.Clear();
sb.Append("Use `hotel`;");
sb.Append("SELECT id_user, user FROM tbl_user WHERE estado <> '3';");
try
{
con.AbrirConexion();
idr = con.Leer(CommandType.Text, sb.ToString());
while (idr.Read())
{
Tbl_user tus = new Tbl_user()
{
Id_user = (Int32)idr["id_user"],
User = idr["user"].ToString(),
};
listUser.Add(tus);
}
idr.Close();
return(listUser);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
Console.WriteLine(e.StackTrace);
}
finally
{
con.CerrarConexion();
}
return(listUser);
}
public bool ActualizarUser(Tbl_user tus)
{
bool actualizado = false;
int x = 0;
sb.Clear();
sb.Append("UPDATE tbl_user SET user = '******',");
sb.Append("pwd = '" + tus.Pwd + "',");
sb.Append("nombres = '" + tus.Nombres + "',");
sb.Append("apellidos = '" + tus.Apellidos + "',");
sb.Append("email = '" + tus.Email + "',");
sb.Append("estado = '" + tus.Estado + "'");
sb.Append("WHERE id_user = "******";");
try
{
con.AbrirConexion();
x = con.Ejecutar(CommandType.Text, sb.ToString());
if (x > 0)
{
actualizado = true;
}
//actualizado = cone.Ejecutar(CommandType.Text,sb.ToString());
return(actualizado);
}
catch (Exception e)
{
ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Error,
ButtonsType.Ok, e.Message);
ms.Run();
ms.Destroy();
throw;
}
finally
{
con.CerrarConexion();
}
}
protected void onBtnGuardarClicked(object sender, EventArgs e)
{
Tbl_user tus = new Tbl_user();
tus.Nombres = this.txtNombre.Text;
tus.Apellidos = this.txtApellidos.Text;
tus.User = this.txtUsuario.Text;
tus.Email = this.txtEmail.Text;
if (this.txtClave.Text.Trim().Equals(this.txtRepitaClave.Text.Trim()))
{
tus.Pwd = this.txtClave.Text;
}
else
{
MessageDialog ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Info, ButtonsType.Ok, "Las claves no coinciden...");
ms.Run();
ms.Destroy();
}
if (dtus.GuardarUsuario(tus))
{
MessageDialog ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Error, ButtonsType.Ok, "Se guardo el usuario con exito...");
ms.Run();
ms.Destroy();
LimpiarCuadros_de_texto();
tvwUsuario1.Model = dtus.listar_usuarios();
}
else
{
MessageDialog ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Info, ButtonsType.Ok, "Ocurrio un error..");
ms.Run();
ms.Destroy();
}
}
public bool ComprobarCredenciales(Tbl_user tus)
{
bool valido = false;
IDataReader idr = null;
//StringBuilder sb = new StringBuilder();
sb.Clear();
sb.Append("USE `hotel`;");
sb.Append("SELECT * FROM tbl_user WHERE (estado <> 3) AND ((user = '******' OR email ='" + tus.User + "') and pwd = '"
+ tus.Pwd + "');");
try
{
con.AbrirConexion();
idr = con.Leer(CommandType.Text, sb.ToString());
if (idr.Read())
{
valido = true;
}
return(valido);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
Console.WriteLine(e.StackTrace);
idr.Close();
return(valido);
throw;
}
finally
{
con.CerrarConexion();
}
}
public bool GuardarUsuario(Tbl_user tus)
{
bool guardado = false;
int x = 0;
MessageDialog ms = null;
StringBuilder sb = new StringBuilder();
sb.Append("INSERT INTO tbl_user");
sb.Append("(user, pwd, nombres, apellidos, email, estado)");
sb.Append("VALUES ('" + tus.User + "','" + tus.Pwd + "','" + tus.Nombres + "','" + tus.Apellidos + "','" + tus.Email + "','" + 1 + "')");
try
{
con.AbrirCOnexion();
x = con.Ejecutar(CommandType.Text, sb.ToString());
if (x > 0)
{
guardado = true;
/*ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Info, ButtonsType.Ok, "Se guardo el usuario con exito");
* ms.Run();
* ms.Destroy();*/
}
return(guardado);
}catch (Exception e)
{
ms = new MessageDialog(null, DialogFlags.Modal, MessageType.Info, ButtonsType.Ok, e.Message);
ms.Run();
ms.Destroy();
}
return(guardado);
}
public bool VerificarPermiso(Tbl_user tus, String rol)
{
bool acceder = false;
IDataReader idr = null;
//StringBuilder sb = new StringBuilder();
sb.Clear();
sb.Append("USE `hotel`;");
sb.Append("SELECT * FROM vw_usuarios WHERE id_user = "******" AND rol = '" + rol + "';");
try
{
con.AbrirConexion();
idr = con.Leer(CommandType.Text, sb.ToString());
if (idr.Read())
{
acceder = true;
}
return(acceder);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
Console.WriteLine(e.StackTrace);
idr.Close();
return(acceder);
throw;
}
finally
{
con.CerrarConexion();
}
}
/// <summary>
/// Hàm lấy ra tất cả user không phải là admin
/// Create by ThuanTV 11/27/2019
/// </summary>
/// <returns></returns>
public List <Tbl_user> GetAllUser(int offset, int limit, string full_name, string sortType, string sortByFullName)
{
List <Tbl_user> listUserInfor = new List <Tbl_user>();
try
{
if (OpenConnection() != null)
{
StringBuilder builder = new StringBuilder();
builder.Append("SELECT u.user_id, u.email, u.full_name, u.tel, u.birthday, u.address_user ");
builder.Append(" FROM tbl_user u ");
builder.Append(" WHERE u.role = @rule ");
//kiểm tra full_name khác rỗng
if (!string.IsNullOrEmpty(full_name))
{
builder.Append(" AND full_name LIKE @full_name ESCAPE '!' ");
}
//điều kiện sort
List <string> whiteList = new List <string>();
whiteList = GetColumnDB();
if (whiteList.Contains(sortType))
{
if ("full_name".Equals(sortType))
{
builder.Append(" ORDER BY u.full_name ");
builder.Append(sortByFullName);
}
}
// add limit và offset
builder.Append(" OFFSET @offset");
builder.Append(" ROWS FETCH NEXT @limit");
builder.Append(" ROW ONLY;");
builder.ToString();
using (SqlCommand command = new SqlCommand(builder.ToString(), conn))
{
command.Parameters.AddWithValue("@rule", Constants.RULE_USER);
if (!string.IsNullOrEmpty(full_name))
{
command.Parameters.AddWithValue("@full_name", "%" + Common.ReplaceWildCard(full_name) + "%");
}
command.Parameters.AddWithValue("@limit", limit);
command.Parameters.AddWithValue("@offset", offset);
_sqlReader = command.ExecuteReader();
while (_sqlReader.Read())
{
Tbl_user user = new Tbl_user();
user._user_id = (int)_sqlReader["user_id"];
user._email = _sqlReader["email"].ToString();
user._full_name = _sqlReader["full_name"].ToString();
user._tel = _sqlReader["tel"].ToString();
user._birthday = (DateTime)_sqlReader["birthday"];
user._address_user = _sqlReader["address_user"].ToString();
listUserInfor.Add(user);
}
}
}
}
catch (SqlException e)
{
Console.WriteLine("TblUserDao : GetAllUser " + e.StackTrace);
}
finally
{
CloseConnection();
}
return(listUserInfor);
}
