protected void btnInsert_Click(object sender, EventArgs e)
{
if (Validate(0))
{
String sqlText =
"INSERT INTO nhanvien(nhanvien_ten) VALUES( " +
"@nhanvien_ten);";
clsConnect cn = new clsConnect();
int Nparameter = 1;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
name[0] = "@nhanvien_ten";
value[0] = txtTen.Text.Trim();
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
String strURL = "sys_employee.aspx?add=1";
Response.Redirect(strURL);
}
}
private void createMenuItem(DataTable table)
{
clsConnect cn = new clsConnect();
foreach (DataRow row in table.Rows)
{
string[] strValuepath = row["menu_valuepath"].ToString().Split('/');
string valuepathParent = "";
for (int i = 0; i < strValuepath.Length; i++)
{
DataRow temp = cn.LoadData("select * from Menu where Menu_ID=" + strValuepath[i]).Rows[0];
MenuItem item = new MenuItem();
if (i == 0 || i == 1)
{
valuepathParent = strValuepath[0];
}
else
{
valuepathParent += "/" + strValuepath[i - 1];
}
item = mnuTools.FindItem(temp["menu_valuepath"].ToString());
if (item == null)
{
MenuItem itemtemp = new MenuItem();
itemtemp.Text = temp["Menu_title"].ToString();
itemtemp.Value = temp["Menu_ID"].ToString();
itemtemp.NavigateUrl = temp["menu_url"].ToString();
itemtemp.ToolTip = temp["menu_description"].ToString();
if (i == 0)
{
mnuTools.Items.Add(itemtemp);
}
else
{
//itemtemp.Text = "<img src='../images/menu/icon-16-menu.png'/>" + temp["menu_title"].ToString();
mnuTools.FindItem(valuepathParent).ChildItems.Add(itemtemp);
}
}
}
}
cn.close();
}
protected void btnDelAll_Click(object sender, EventArgs e)
{
clsConnect cn = new clsConnect();
string sql = "delete from quyen where quyen_ma=@quyen_ma";
for (int i = 0; i < gridauthority.Items.Count; i++)
{
bool check = ((CheckBox)gridauthority.Items[i].FindControl("chkDel")).Checked;
if (check)
{
int Nparameter = 1;
string[] name = new string[Nparameter];
name[0] = "@quyen_ma";
object[] value = new object[Nparameter];
value[0] = ((Label)gridauthority.Items[i].FindControl("lblID")).Text;
cn.UpdateData(sql, name, value, Nparameter);
}
}
cn.close();
Response.Redirect("sys_authority.aspx");
}
protected void btnUpdate_Click(object sender, EventArgs e)
{
int id = 0;
try
{
id = Convert.ToInt32(Request.QueryString["id"]);
}
catch (Exception ex) { }
if (Validate(id))
{
String sqlText =
"UPDATE TaiKhoan SET username = @username,password=@password,nhanvien_ma=@nhanvien_ma, " +
" quyen_ma=@quyen_ma,tu_donvi=@tu_donvi,den_donvi=@den_donvi " +
"WHERE id = @id";
clsConnect cn = new clsConnect();
int Nparameter = 7;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
name[0] = "@username";
name[1] = "@password";
name[2] = "@quyen_ma";
name[3] = "@nhanvien_ma";
name[4] = "@tu_donvi";
name[5] = "@den_donvi";
name[6] = "@id";
value[0] = txtTen.Text.Trim();
value[1] = txtMatKhau.Text.Trim();
value[2] = ddlQuyen.Text;
value[3] = ddlNhanVien.Text;
value[4] = txtFrom.Text.Trim();
value[5] = txtTo.Text.Trim();
value[6] = id;
cn.UpdateData(sqlText, name, value, Nparameter);
cn.close();
String strURL = "sys_sercurity.aspx?save=1";
Response.Redirect(strURL);
}
}
private void dislayTremenu()
{
clsConnect cn = new clsConnect();
try
{
string sql = "SELECT * FROM Menu where menu_parent_id = 0 ORDER BY menu_parent_id, menu_order, menu_id";
foreach (DataRow row in cn.LoadData(sql).Rows)
{
TreeNode root = new TreeNode(row["Menu_title"].ToString() + " (" + row["menu_order"].ToString() + ")", row["Menu_ID"].ToString());
root.NavigateUrl = "menu.aspx?menu_id=" + row["Menu_ID"].ToString();
root.ToolTip = row["menu_description"].ToString();
tremenu.Nodes.Add(root);
CreateNodeChild(root, cn);
}
}
catch (Exception)
{
}
cn.close();
}
private void deletemenu(string menu_id)
{
clsConnect cn = new clsConnect();
string sql = "DELETE FROM menu WHERE menu_id = @menu_id";
int Nparameter = 1;
string[] name = new string[Nparameter];
name[0] = "@menu_id";
object[] value = new object[Nparameter];
value[0] = menu_id;
cn.UpdateData(sql, name, value, Nparameter);
sql = "SELECT menu_id FROM menu where menu_parent_id = @menu_id";
DataTable dt = cn.LoadData(sql, name, value, Nparameter);
if (dt.Rows.Count > 0)
{
foreach (DataRow row in dt.Rows)
{
deletemenu(row[0].ToString());
}
}
cn.close();
}
protected void btnDelAllmenu_Click(object sender, EventArgs e)
{
clsConnect cn = new clsConnect();
string sql = "delete from chitietquyen where quyen_ma=@quyen_ma and menu_id=@menu_id";
for (int i = 0; i < rptquyenDetail.Items.Count; i++)
{
bool check = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkSelect")).Checked;
if (check)
{
int Nparameter = 2;
string[] name = new string[Nparameter];
name[0] = "@quyen_ma";
name[1] = "@menu_id";
object[] value = new object[Nparameter];
value[0] = Request.QueryString["quyen_ma"];
value[1] = ((Label)rptquyenDetail.Items[i].FindControl("lblMenuID")).Text;
cn.UpdateData(sql, name, value, Nparameter);
}
}
cn.close();
Response.Redirect("sys_authority.aspx?quyen_ma=" + Request.QueryString["quyen_ma"]);
}
protected void btnSave_Click(object sender, EventArgs e)
{
if (!SearchPassword())
{
return;
}
clsConnect cn = new clsConnect();
string sql = "UPDATE taikhoan SET password=@password WHERE nhanvien_ma=@nhanvien_ma";
int parameter = 2;
string[] name = new string[parameter];
object[] value = new object[parameter];
name[0] = "@password";
name[1] = "@nhanvien_ma";
value[0] = txtPassWordNew.Text.Trim();
value[1] = Session["nhanvien_ma"].ToString();
cn.UpdateData(sql, name, value, parameter);
cn.close();
lblMsg.Text = "Bạn đã đổi mật khẩu thành công!";
lblMsg.ForeColor = System.Drawing.Color.Blue;
txtPassWord.Text = "";
txtPassWordNew.Text = "";
txtPassWordReNew.Text = "";
}
protected void btnUpdate_Click1(object sender, EventArgs e)
{
if (ddlServiceType.Text != "")
{
clsConnect cn = new clsConnect();
int Nparameter = 11;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
string sql = "";
//upload file vao thu muc thuvien/taptin
//try
//{
if (FileUpLoad1.FileName != "")
{
string path = Server.MapPath("~/thuvien/taptin/") + FileUpLoad1.FileName;
FileUpLoad1.SaveAs(path);
Nparameter = 11;
sql = "UPDATE information SET service_id=?service_id,title=?title,date_post=?date_post,human_post=?human_post,source_link=?source_link, " +
"content=?content,heading_text=?heading_text,file=?file,status_id=?status_id , id=?id " +
"WHERE information_id=?information_id";
name[0] = "?service_id";
name[1] = "?title";
name[2] = "?date_post";
name[3] = "?human_post";
name[4] = "?source_link";
name[5] = "?content";
name[6] = "?heading_text";
name[7] = "?file";
name[8] = "?status_id";
name[9] = "?information_id";
name[10] = "?id";
value[0] = ddlService.Text;
value[1] = txtTitle.Text.Trim();
value[2] = DateTime.Now;
value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
value[4] = txtSource.Text.Trim();
value[5] = txtContent.Value;
value[6] = lblHeadingText.Text.Trim();
value[7] = FileUpLoad1.FileName;
//lay id chuyen muc, gan cho trang thai
if (rbtChoise.SelectedValue == "0")
{
value[8] = "0";
}
if (rbtChoise.SelectedValue == "1")
{
value[8] = "1";
}
if (rbtChoise.SelectedValue == "2")
{
value[8] = "2";
}
value[9] = Request.QueryString["content_id"];
value[10] = ddlMon.SelectedIndex.ToString();
cn.UpdateData(sql, name, value, Nparameter);
}
else
{
Nparameter = 9;
sql = "UPDATE information SET service_id=?service_id,title=?title,date_post=?date_post,human_post=?human_post,source_link=?source_link, " +
"content=?content,heading_text=?heading_text,status_id=?status_id " +
"WHERE information_id=?information_id";
name[0] = "?service_id";
name[1] = "?title";
name[2] = "?date_post";
name[3] = "?human_post";
name[4] = "?source_link";
name[5] = "?content";
name[6] = "?heading_text";
name[7] = "?status_id";
name[8] = "?information_id";
value[0] = ddlService.Text;
value[1] = txtTitle.Text.Trim();
value[2] = DateTime.Now;
value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
value[4] = txtSource.Text.Trim();
value[5] = txtContent.Value;
value[6] = lblHeadingText.Text.Trim();
//lay id chuyen muc, gan cho trang thai
if (rbtChoise.SelectedValue == "0")
{
value[7] = "0";
}
if (rbtChoise.SelectedValue == "1")
{
value[7] = "1";
}
if (rbtChoise.SelectedValue == "2")
{
value[7] = "2";
}
value[8] = Request.QueryString["content_id"];
cn.UpdateData(sql, name, value, Nparameter);
}
cn.close();
Response.Redirect("web_send.aspx");
}
}
void UploadTinGioithieu()
{
clsConnect cn = new clsConnect();
int Nparameter = 10;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
string sql = "";
//upload file vao thu muc thuvien/taptin
//try
//{
if (FileUpLoad1.FileName != "")
{
string path = Server.MapPath("~/thuvien/taptin/") + FileUpLoad1.FileName;
FileUpLoad1.SaveAs(path);
Nparameter = 10;
sql = "INSERT INTO information(service_id,title,date_post,human_post,source_link,content,heading_text,file,status_id,id)VALUES( " +
"?service_id,?title,?date_post,?human_post,?source_link,?content,?heading_text,?file,?status_id,?id)";
name[0] = "?service_id";
name[1] = "?title";
name[2] = "?date_post";
name[3] = "?human_post";
name[4] = "?source_link";
name[5] = "?content";
name[6] = "?heading_text";
name[7] = "?file";
name[8] = "?status_id";
name[9] = "?id";
value[0] = ddlService.Text;
value[1] = txtTitle.Text.Trim();
value[2] = DateTime.Now;
value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
value[4] = txtSource.Text.Trim();
value[5] = txtContent.Value;
value[6] = lblHeadingText.Text.Trim();
value[7] = FileUpLoad1.FileName;
//lay id chuyen muc, gan cho trang thai
if (rbtChoise.SelectedValue == "0")
{
value[8] = "0";
}
if (rbtChoise.SelectedValue == "1")
{
value[8] = "1";
}
if (rbtChoise.SelectedValue == "2")
{
value[8] = "2";
}
value[9] = ddlMon.SelectedIndex.ToString();
cn.UpdateData(sql, name, value, Nparameter);
}
else
{
Nparameter = 9;
sql = "INSERT INTO information(service_id,title,date_post,human_post,source_link,content,heading_text,status_id,id)VALUES( " +
"?service_id,?title,?date_post,?human_post,?source_link,?content,?heading_text,?status_id,?id)";
name[0] = "?service_id";
name[1] = "?title";
name[2] = "?date_post";
name[3] = "?human_post";
name[4] = "?source_link";
name[5] = "?content";
name[6] = "?heading_text";
name[7] = "?status_id";
name[8] = "?id";
value[0] = ddlService.Text;
value[1] = txtTitle.Text.Trim();
value[2] = DateTime.Now;
value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
value[4] = txtSource.Text.Trim();
value[5] = txtContent.Value;
value[6] = lblHeadingText.Text.Trim();
if (rbtChoise.SelectedValue == "0")
{
value[7] = "0";
}
if (rbtChoise.SelectedValue == "1")
{
value[7] = "1";
}
if (rbtChoise.SelectedValue == "2")
{
value[7] = "2";
}
value[8] = ddlMon.SelectedIndex.ToString();
cn.UpdateData(sql, name, value, Nparameter);
}
cn.close();
}
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
{
return;
}
if (Request.QueryString["add"] != null && !Request.QueryString["add"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1 chuyên mục [" + Request.QueryString["add"].ToString() + "] đã được thêm thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
if (Request.QueryString["save"] != null && !Request.QueryString["save"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>Thông tin chuyên mục [" + Request.QueryString["save"].ToString() + "] đã được cập nhật thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
if (Request.QueryString["delete"] != null && !Request.QueryString["delete"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1(nhiều) chuyên mục đã được xóa thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
clsConnect cn = new clsConnect();
DataTable dt = new DataTable();
int Nparameter = 10;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
if (Request.QueryString["content_id"] != null && !Request.QueryString["content_id"].Equals(""))
{
string sqlText = "SELECT * FROM information A, service B, service_type C WHERE " +
"A.service_id=B.service_id AND B.service_type_id=C.service_type_id AND information_id=?information_id";
Nparameter = 1;
name[0] = "?information_id";
value[0] = Request.QueryString["content_id"].ToString();
dt = cn.LoadData(sqlText, name, value, Nparameter);
if (dt.Rows.Count > 0)
{
DataRow row = dt.Rows[0];
//ddlService.SelectedValue = row["service_id"].ToString();
ddlServiceType.Text = row["service_type_id"].ToString();
//ddlServiceType_SelectedIndexChanged(sender, e);
txtTitle.Text = row["tieude"].ToString();
txtSource.Text = row["nguontrichdan"].ToString();
txtContent.Value = row["noidung"].ToString();
lblHeadingText.Text = row["diengiai"].ToString();
//FileUpLoad1.FileName =row["file"].ToString();
btnSave.Visible = false;
btnUpdate.Visible = true;
btnDeleteAll.Visible = false;
btnCancel.Visible = true;
}
}
else
{
btnSave.Visible = true;
btnCancel.Visible = true;
}
//loai chuyen muc
ddlServiceType.DataSource = cn.LoadData("SELECT * FROM service_type");
ddlServiceType.DataBind();
ddlServiceType.Items.Insert(0, new ListItem("Chọn loại chuyên mục", "0"));
/*
#region phan quyen trang
* try
* {
* sqlText = "select * from ctquyen CT JOIN menu M ON CT.menu_id=M.menu_id " +
* "WHERE quyen_ma=?quyen_ma AND menu_url=?menu";
* Nparameter = 2;
* name[0] = "?quyen_ma";
* name[1] = "?menu";
* value[0] = Session["quyen_ma"];
* value[1] = Request.Url.Segments[Request.Url.Segments.Length - 1].ToString();
* DataTable dt3 = cn.LoadData(sqlText, name, value, Nparameter);
* //kiem tra xem url nhap vao co chinh xac khong
* if (dt3.Rows.Count == 0)
* {
* Response.Redirect("access_denied.aspx");
* }
* }
* catch (Exception)
* {
* }
*
#endregion*/
cn.close();
Page.SetFocus(ddlServiceType);
}
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
{
return;
}
if (Request.QueryString["add"] != null && !Request.QueryString["add"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1 thông tin [" + Request.QueryString["add"].ToString() + "] đã được thêm thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
if (Request.QueryString["save"] != null && !Request.QueryString["update"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>Thông tin thông tin [" + Request.QueryString["save"].ToString() + "] đã được cập nhật thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
if (Request.QueryString["delete"] != null && !Request.QueryString["delete"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1(nhiều) thông tin đã được xóa thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
clsConnect cn = new clsConnect();
DataTable dt = new DataTable();
int Nparameter = 10;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
string sqlText = "";
if (Request.QueryString["info_id"] != null && !Request.QueryString["info_id"].Equals(""))
{
}
else
{
btnCancel.Visible = true;
}
HienThiDS_Tieude();
//loai chuyen muc
ddlDichvu.DataSource = cn.LoadData("SELECT * FROM loaidv");
ddlDichvu.DataBind();
ddlDichvu.Items.Insert(0, new ListItem("Chọn loại dich vụ", "0"));
#region phan quyen trang
try
{
sqlText = "select * from chitietquyen CT JOIN menu M ON CT.menu_id=M.menu_id " +
"WHERE quyen_ma=?quyen_ma AND menu_url=?menu";
Nparameter = 2;
name[0] = "?quyen_ma";
name[1] = "?menu";
value[0] = Session["quyen_ma"];
value[1] = Request.Url.Segments[Request.Url.Segments.Length - 1].ToString();
DataTable dt3 = cn.LoadData(sqlText, name, value, Nparameter);
//kiem tra xem url nhap vao co chinh xac khong
if (dt3.Rows.Count == 0)
{
Response.Redirect("access_denied.aspx");
}
}
catch (Exception)
{
}
#endregion
cn.close();
Page.SetFocus(ddlDichvu);
}
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
{
return;
}
if (Request.QueryString["add"] != null && !Request.QueryString["add"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1 tài khoản [" + Request.QueryString["add"].ToString() + "] đã được thêm thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
if (Request.QueryString["save"] != null && !Request.QueryString["save"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>Thông tin tài khoản [" + Request.QueryString["save"].ToString() + "] đã được cập nhật thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
if (Request.QueryString["delete"] != null && !Request.QueryString["delete"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1(nhiều) tài khoản đã được xóa thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
clsConnect cn = new clsConnect();
int Nparameter = 10;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
string sqlText = "SELECT * FROM TaiKhoan DN " +
"LEFT JOIN Quyen Q ON DN.quyen_ma=Q.quyen_ma " +
"LEFT JOIN nhanvien NV ON DN.nhanvien_ma=NV.nhanvien_ma WHERE id!=0";
Nparameter = 0;
if (Request.QueryString["id"] != null && !Request.QueryString["id"].Equals(""))
{
string sqlText1 = "SELECT * FROM TaiKhoan DN " +
"LEFT JOIN quyen Q ON DN.quyen_ma=Q.quyen_ma " +
"LEFT JOIN nhanvien NV ON DN.nhanvien_ma=NV.nhanvien_ma WHERE id!=0 AND id = @id;";
Nparameter = 1;
name[0] = "@id";
value[0] = Request.QueryString["id"];
DataTable dt = cn.LoadData(sqlText1, name, value, Nparameter);
if (dt.Rows.Count > 0)
{
DataRow row = dt.Rows[0];
txtTen.Text = row["username"].ToString();
txtMatKhau.Text = row["password"].ToString();
txtFrom.Text = row["tu_donvi"].ToString();
txtTo.Text = row["den_donvi"].ToString();
if (row["nhanvien_ma"].ToString() != "")
{
ddlNhanVien.Text = row["nhanvien_ma"].ToString();
}
if (row["quyen_ma"].ToString() != "")
{
ddlQuyen.Text = row["quyen_ma"].ToString();
}
btnInsert.Visible = false;
btnUpdate.Visible = true;
btnDelete.Visible = false;
btnCancel.Visible = true;
}
}
else
{
btnInsert.Visible = true;
}
rptQuyen.DataSource = cn.LoadData(sqlText, name, value, Nparameter);
rptQuyen.DataBind();
//Nhan vien
sqlText = "SELECT * FROM nhanvien";
ddlNhanVien.DataSource = cn.LoadData(sqlText);
ddlNhanVien.DataBind();
//quyen
sqlText = "SELECT * FROM quyen";
ddlQuyen.DataSource = cn.LoadData(sqlText);
ddlQuyen.DataBind();
#region phan quyen trang
try
{
sqlText = "select * from chitietquyen CT JOIN menu M ON CT.menu_id=M.menu_id " +
"WHERE quyen_ma=@quyen_ma AND menu_url=@menu";
Nparameter = 2;
name[0] = "@quyen_ma";
name[1] = "@menu";
value[0] = Session["quyen_ma"];
value[1] = Request.Url.Segments[Request.Url.Segments.Length - 1].ToString();
DataTable dt3 = cn.LoadData(sqlText, name, value, Nparameter);
//kiem tra xem url nhap vao co chinh xac khong
if (dt3.Rows.Count == 0)
{
Response.Redirect("access_denied.aspx");
}
}
catch (Exception)
{
Response.Redirect("login.aspx");
}
#endregion
cn.close();
Page.SetFocus(txtTen);
}
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
{
return;
}
if (Request.QueryString["add"] != null && !Request.QueryString["add"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1 loại dịch vụ [" + Request.QueryString["add"].ToString() + "] đã được thêm thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
if (Request.QueryString["save"] != null && !Request.QueryString["save"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>Thông tin loại dịch vụ [" + Request.QueryString["save"].ToString() + "] đã được cập nhật thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
if (Request.QueryString["delete"] != null && !Request.QueryString["delete"].Equals(""))
{
lblMessageStatus.Text = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1(nhiều) loại dịch vụ đã được xóa thành công</li></ul></dd></dl>";
lblMessageStatus.Visible = true;
}
clsConnect cn = new clsConnect();
int Nparameter = 10;
string[] name = new string[Nparameter];
object[] value = new object[Nparameter];
string sqlText = "SELECT * FROM service_type ";
rptProduct.DataSource = cn.LoadData(sqlText);
rptProduct.DataBind();
if (Request.QueryString["service_type_id"] != null && !Request.QueryString["service_type_id"].Equals(""))
{
sqlText = "SELECT * FROM service_type WHERE service_type_id = @service_type_id;";
Nparameter = 1;
name[0] = "@service_type_id";
value[0] = Request.QueryString["service_type_id"];
DataTable dt = cn.LoadData(sqlText, name, value, Nparameter);
if (dt.Rows.Count > 0)
{
DataRow row = dt.Rows[0];
txtTen.Text = row["service_type_name"].ToString();
btnInsert.Visible = false;
btnUpdate.Visible = true;
btnDelete.Visible = false;
btnCancel.Visible = true;
}
}
else
{
btnInsert.Visible = true;
}
// lay thong tin dang nhap
sqlText = "SELECT * FROM taikhoan WHERE username=@username";
Nparameter = 1;
name[0] = "@username";
value[0] = Session["username"].ToString();
DataTable dt_login = cn.LoadData(sqlText, name, value, Nparameter);
if (dt_login.Rows.Count > 0)
{
DataRow row = dt_login.Rows[0];
quyen = row["quyen_ma"].ToString();
}
#region phan quyen trang
try
{
sqlText = "select * from chitietquyen CT JOIN menu M ON CT.menu_id=M.menu_id " +
"WHERE quyen_ma=@quyen_ma AND menu_url=@menu";
Nparameter = 2;
name[0] = "@quyen_ma";
name[1] = "@menu";
value[0] = Session["quyen_ma"];
value[1] = Request.Url.Segments[Request.Url.Segments.Length - 1].ToString();
DataTable dt3 = cn.LoadData(sqlText, name, value, Nparameter);
//kiem tra xem url nhap vao co chinh xac khong
if (dt3.Rows.Count == 0)
{
Response.Redirect("access_denied.aspx");
}
}
catch (Exception)
{
}
#endregion
cn.close();
Page.SetFocus(txtTen);
}