protected void imgLogin_Click(object sender, ImageClickEventArgs e)
{
string uid = UID.Text.Trim().ToLower().ToString();
string pw = xc.GetMd5(PW.Text.ToString());
string strSql = "select * from AdminUser where userID='" + uid + "' and UserPW='" + pw + "' and loginFlag=2 ";
DataTable dt = db.getDataTable(strSql);
if (dt.Rows.Count < 1)
{
xc.divError("登陆提示", "您的帐号或密码不正确!", 350, 150, xc.AdminFileName, "top");
}
else
{
long lgNums = xc.SafeNum(dt.Rows[0]["LoginNum"].ToString()) + 1;
string strDim = "@SessionError,@LoginNum,@LoginDate,@LoginIP";
string rndNums = xc.GetRnd("abc", 8);
Session.Add("AdminRndNums", rndNums);
string[] strValue = new string[5];
strValue[0] = xc.GetMd5(rndNums);
strValue[1] = lgNums.ToString();
strValue[2] = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
strValue[3] = xc.GetIP();
db.InsertUpdateDB("AdminUser", strDim, strValue, "userID='" + uid + "'");
xc.insertMyLog(uid, "admin", "管理员登录");
HttpCookie XabaraAdminCookies = new HttpCookie("XabaraAdmin"); //cookies写入磁盘
XabaraAdminCookies.Values.Add("AdminID", uid);
XabaraAdminCookies.Values.Add("AdminName", HttpUtility.UrlEncode(dt.Rows[0]["UserName"].ToString().Trim()));
XabaraAdminCookies.Values.Add("AdminLgNums", lgNums.ToString());
XabaraAdminCookies.Values.Add("AdminLgDate", dt.Rows[0]["LoginDate"].ToString().Trim());
XabaraAdminCookies.Values.Add("AdminLgIP", dt.Rows[0]["LoginIP"].ToString().Trim());
XabaraAdminCookies.Expires = DateTime.Now.AddDays(15d);
Response.Cookies.Add(XabaraAdminCookies);
dt.Dispose();
Response.Redirect("admin.aspx", true);
}
}
protected void Page_Load(object sender, EventArgs e)
{
XabaraCom xc = new XabaraCom();
xc.CheckAdminLogin("|adminPW|");
string idTemp = xc.SafeNum(Request["id"].Trim()).ToString();
string dimStr = "@UserPW";
string[] strValue = new string[1];
string strVlaueTemp = xc.GetRnd("abc", 1) + xc.GetRnd("abc123", 7).ToLower();
strValue[0] = xc.GetMd5(strVlaueTemp).ToString();
if (new dbDataFunction().InsertUpdateDB("AdminUser", dimStr, strValue, "Uid=" + idTemp + " and UserId<>'" + xc.adminID + "'").Equals("更新成功"))
{
xc.insertMyLog(xc.adminID, "admin", "管理员密码初始化");
xc.divError("", "新密码:" + strVlaueTemp, 350, 150, "userList.aspx", "goto");
}
else
{
xc.divError("", "不能给自己密码初始化或操作错误!", 350, 150, "userList.aspx", "goto");
}
}
protected void editAdmin_Click(object sender, EventArgs e)
{
string dimStr = "@classID,@UserName,@UserPW,@userEmail,@userTel,@userMobile,@userQQ";
string[] strValue = new string[7];
strValue[0] = adminClass.Text;
strValue[1] = adminName.Text.Trim();
string pw = adminPW.Text;
if (!string.IsNullOrEmpty(pw as string))
{
pw = xc.GetMd5(pw);
}
else
{
pw = oldPWHidden.Value;
}
strValue[2] = pw;
strValue[3] = adminMail.Text.Trim();
strValue[4] = adminTel.Text.Trim();
strValue[5] = adminMobile.Text.Trim();
strValue[6] = adminQQ.Text.Trim();
if (db.InsertUpdateDB("AdminUser", dimStr, strValue, "userID='" + xc.adminID + "'").Equals("更新成功"))
{
xc.insertMyLog(xc.adminID, "admin", "修改资料");
Session.Add("AdminRndNums", string.Empty);
xc.divError("", "更新资料成功!", 350, 150, xc.AdminFileName, "top");
}
else
{
xc.divError("", "更新资料失败!", 350, 150, "userEdit.aspx", "goto");
}
}
protected void addAdmin_Click(object sender, EventArgs e)
{
string adminIDTemp = xc.SafeSql(adminID.Text.Trim().ToLower());
string strSql = "select * from AdminUser where userID='" + adminIDTemp + "'";
if (db.getDataTable(strSql).Rows.Count > 0)
{
xc.divError("", "已存在该管理员!", 350, 150, "", "");
}
else
{
string dimStr = "@UserId,@UserName,@UserPW,@SessionError,@loginFlag,@LoginNum,@RegDate,@LoginDate,@LoginIP,@classID";
string[] strValue = new string[10];
strValue[0] = adminIDTemp;
strValue[1] = adminName.Text.Trim();
strValue[2] = xc.GetMd5(adminPW.Text.Trim());
strValue[3] = "xabara.com";
strValue[4] = "1";
strValue[5] = "0";
strValue[6] = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
strValue[7] = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
strValue[8] = xc.GetIP().ToString();
strValue[9] = adminClass.Text;
if (db.InsertUpdateDB("AdminUser", dimStr, strValue, string.Empty).Equals("发布成功"))
{
xc.insertMyLog(xc.adminID, "admin", "添加管理员:" + adminIDTemp);
xc.divError("", "添加管理员成功,需对 " + adminName.Text.Trim() + " 进行权限设置后才可以正常登陆!", 500, 200, "userPopedom.aspx?id=" + adminIDTemp, "goto");
}
else
{
xc.divError("", "添加管理员失败!", 350, 150, "", "");
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
XabaraCom xc = new XabaraCom();
xc.CheckAdminLogin("|adminPW|");
string idTemp = xc.SafeNum(Request["id"].Trim()).ToString();
string dimStr = "@UserPW";
string[] strValue = new string[1];
string strVlaueTemp = xc.GetRnd("abc", 1) + xc.GetRnd("abc123", 7).ToLower();
strValue[0] = xc.GetMd5(strVlaueTemp).ToString();
if (new dbDataFunction().InsertUpdateDB("AdminUser", dimStr, strValue, "Uid=" + idTemp + " and UserId<>'" + xc.adminID + "'").Equals("更新成功"))
{
xc.insertMyLog(xc.adminID, "admin", "管理员密码初始化");
xc.divError("", "新密码:" + strVlaueTemp, 350, 150, "userList.aspx", "goto");
}
else
{
xc.divError("", "不能给自己密码初始化或操作错误!", 350, 150, "userList.aspx", "goto");
}
}