protected void Page_Load(object sender, EventArgs e) { DatabaseAccess da = new DatabaseAccess(); string action = Request["action"]; int id = Convert.ToInt32(Request["id"]); string reason = Request["reason"]; //注意下面这个参数 string Role = Request["roletype"]; //Role 前台必须传和数据库一致的英文名称 string Userid = Request["userid"]; int pass = DEFAULT_PARA; if (action.Equals(CONFIRM_REQUEST_STR)) { pass = CONFIRM_REQUEST_PARA; if(!RoleManage.ChangeUserRoleByUserIDWithRoleEngName(Userid, Role)) { Response.Write(@"出现错误,请稍后重试"); return; } } else if (action.Equals(REJECT_REQUEST_STR)) pass = REJECT_REQUEST_PARA; ApplyManage am = new ApplyManage(); Response.Write(am.approvalApplication(id.ToString(), pass.ToString(), reason)); }
/// <summary> /// 添加通知信息 /// </summary> /// <param name="infoTitle">通知文头</param> /// <param name="context">通知内容</param> /// <param name="teamID">关联的teamID</param> /// <returns>添加成功与否,成功返回true,否则返回false</returns> public bool addInfo(string infoTitle , string context , string[] teamID ,string adduser , string type , string endtime) { infoTitle = infoTitle.Replace(@"'", "''"); context = context.Replace(@"'", "''"); bool isFinished = true; DatabaseAccess da = new DatabaseAccess(); foreach(string teamid in teamID) { string sqlStr = string.Empty; if (teamid == @"0") { sqlStr = string.Format(@"INSERT WEB_INFO(INFOTITLE , INFODETAIL , TEAMID , ADDUSER , TYPE , ENDTIME) VALUES (N'{0}',N'{1}',NULL,N'{3}' , N'{4}' , N'{5}')", infoTitle, context, teamid, adduser,type ,endtime); } else { sqlStr = string.Format(@"INSERT WEB_INFO(INFOTITLE , INFODETAIL , TEAMID , ADDUSER , TYPE, ENDTIME) VALUES (N'{0}',N'{1}',N'{2}',N'{3}', N'{4}', N'{5}')", infoTitle, context, teamid, adduser, type , endtime); } int vat = da.ExcuteSql(sqlStr); if(vat != 1) { isFinished = false; break; } } return isFinished; }
/// <summary> /// 根据用户ID去修改其角色 /// 根据需求可改数据库以及参数介绍 /// </summary> /// <param name="userid">用户的网站id</param> /// <param name="roleid"> ///0 admin 管理员 ///1 staff 项目成员 ///2 coordinator 协调员 ///3 RA 协调助理 ///4 partner 参赛者 ///5 webGuest 网页用户 /// </param> /// <returns>修改成功返回true</returns> public static bool ChangeUserRoleByUserIDWithRoleEngName(string userid , string roleEngname) { string queryStr = string.Format(@"SELECT ID FROM WEB_USER_ROLE WHERE ROLEENGNAME = N'{0}'", roleEngname); DatabaseAccess da = new DatabaseAccess(); string roleid = da.queryDatatable(queryStr).Rows[0][0].ToString(); return ChangeUserRoleByUserIDWithRoleID(userid, roleid); }
public static string packJson(string countStr, string queryStr) { //string jsonHead = "{\"total\":"; //string jsonMid = ",\"rows\":"; //string jsonTail = "}"; //DatabaseAccess da = new DatabaseAccess(); //int count = da.queryCount(countStr); //StringBuilder rJsonVal = new StringBuilder(); //rJsonVal.Append(jsonHead); //rJsonVal.Append(count); //rJsonVal.Append(jsonMid); //DataTable dt = da.queryDatatable(queryStr); //string mainJsonBody = JsonHelper.DataTableToJSON(dt); //rJsonVal.Append(mainJsonBody); //rJsonVal.Append(jsonTail); //return rJsonVal.ToString(); //version2 DatabaseAccess da = new DatabaseAccess(); int count = da.queryCount(countStr); DataTable dt = da.queryDatatable(queryStr); return JsonHelper.ToEasyUIJson(dt, count); }
/// <summary> /// 查询该人是否曾经加入到其它队伍 /// </summary> /// <param name="userID">参与者的ID</param> /// <returns>bool值,若找到相关记录则为真</returns> public bool hasAlreadyJoined(string userID) { string queryStr = string.Format("SELECT COUNT(*) FROM WEB_TEAM_MEMBER WHERE usercode=N'{0}'", userID); DatabaseAccess da = new DatabaseAccess(); return (da.queryCount(queryStr) > 0); }
private void _blindDataForProvince() { DatabaseAccess da = new DatabaseAccess(); DataTable dt = da.queryDatatable(@"SELECT * FROM WEB_PROVINCE ORDER BY PROVINCEID "); Province.DataSource = dt; Province.DataTextField = "provinceName"; Province.DataValueField = "provinceID"; Province.DataBind(); }
/// <summary> /// 查询团队细节 /// </summary> /// <param name="usercode">查询人的ID</param> /// <returns>返回一个DATATABLE,【中文名称,电话号码,性别,email,团队角色,队伍ID,队伍名称】</returns> public DataTable GetTeamUserDetail(string usercode) { string queryStr = string.Format(@"SELECT T2.USERNAME , T2.PHONE , T2.GENDER , T2.EMAIL , T1.ROLENAME , T1.TEAMID ,T3.TEAMNAME FROM WEB_TEAM_MEMBER T1 LEFT JOIN WEB_USERPROFILE T2 ON T1.USERCODE = T2.USERID LEFT JOIN WEB_TEAM_PROFILE T3 ON T1.TEAMID = T3.TEAMID WHERE T1.TEAMID IN (SELECT T3.TEAMID FROM WEB_TEAM_MEMBER T3 WHERE T3.USERCODE = N'{0}') ORDER BY T1.TEAMID ", usercode); DatabaseAccess da = new DatabaseAccess(); return da.queryDatatable(queryStr); }
/// <summary> /// 根据用户id删除团队加入信息 /// </summary> /// <param name="userid"></param> /// <returns></returns> public bool deleteTeamMemberByUserid(string userid) { string sqlStr = string.Format(@"DELETE FROM WEB_TEAM_MEMBER WHERE USERCODE = N'{0}'", userid); DatabaseAccess da = new DatabaseAccess(); int vat = da.ExcuteSql(sqlStr); if(vat >= 0) { return true; } return false; }
/// <summary> /// 根据团队创建人删除团队信息 /// 该函数存在安全隐患(数据库关联隐患,请谨慎使用) /// </summary> /// <param name="usercode">创建人ID</param> /// <returns></returns> public bool deleteTeamByTeamLeaderUsercode(string usercode) { string sqlStr = string.Format(@"DELETE FROM WEB_TEAM_PROFILE WHERE LEADER = N'{0}'",usercode); DatabaseAccess da = new DatabaseAccess(); int vat = da.ExcuteSql(sqlStr); if (vat >= 0) { return true; } return false; }
public int saveFeedback(string userName, string type, string url, string teamID, string askey) { string strSql = string.Empty; if (string.IsNullOrEmpty(teamID)) strSql = string.Format(@"INSERT INTO WEB_FEEDBACK (userName, feedbackType, url,ASKEY) VALUES(N'{0}', N'{1}', N'{2}',{3})", userName, type, url, string.IsNullOrEmpty(askey)?@"NULL" : "N'"+askey+"'"); else strSql = string.Format(@"INSERT INTO WEB_FEEDBACK (userName, feedbackType, url, teamID,ASKEY) VALUES(N'{0}', N'{1}', N'{2}', N'{3}',{4})", userName, type, url, teamID, string.IsNullOrEmpty(askey) ? @"NULL" : "N'" + askey + "'"); DatabaseAccess da = new DatabaseAccess(); return (da.ExcuteSql(strSql)); }
/// <summary> /// 根据userid删除该用户的所有申请 /// </summary> /// <param name="userid">用户ID</param> /// <returns>如果删除成功返回true;否则返回false</returns> public bool DeleteApplyByUserID(string userid) { string sqlStr = string.Format(@"DELETE FROM WEB_APPLY WHERE USERID = N'{0}'", userid); DatabaseAccess da = new DatabaseAccess(); int vat = da.ExcuteSql(sqlStr); if(vat >= 0) { return true; } else { return false; } }
/// <summary> /// 根据用户ID去修改其角色 /// 根据需求可改数据库以及参数介绍 /// </summary> /// <param name="userid">用户的网站id</param> /// <param name="roleid"> ///0 admin 管理员 ///1 staff 项目成员 ///2 coordinator 协调员 ///3 RA 协调助理 ///4 partner 参赛者 ///5 webGuest 网页用户 /// </param> /// <returns>修改成功返回true</returns> public static bool ChangeUserRoleByUserIDWithRoleID(string userid, string roleid) { string sqlStr = string.Format(@"UPDATE WEB_USERPROFILE SET ROLEID = N'{0}' WHERE USERID = N'{1}'",roleid,userid); DatabaseAccess DA = new DatabaseAccess(); int vat = DA.ExcuteSql(sqlStr); if(vat == 1) { return true; } else { return false; } }
/// <summary> /// 优化过的查询方式,返回easyUI的格式 /// </summary> /// <param name="countStr">查询总数量语句,SELECT COUNT</param> /// <param name="queryStr">查询语句</param> /// <param name="pageNum">页数</param> /// <param name="rows">每页容量</param> /// <returns></returns> public static string packJson(string countStr, string queryStr,int pageNum ,int rows) { DatabaseAccess da = new DatabaseAccess(); int count = da.queryCount(countStr); string sqlStr = string.Format(@"select top {0} TABLE_TEMP.* from ( select row_number() over(order by (select 0)) as rownumber,* from ( {1} )AS TEMP ) AS TABLE_TEMP WHERE rownumber>={2}", rows.ToString(), queryStr, ((pageNum-1) * rows + 1).ToString()); DataTable dt = da.queryDatatable(sqlStr); return JsonHelper.ToEasyUIJson(dt, count); }
/// <summary> /// 添加一个申请记录 /// </summary> /// <param name="applyID">申请项目的ID</param> /// <param name="userID">申请人用户ID</param> /// <param name="message">留言内容</param> /// <returns>生成成功返回true,否则false</returns> public bool AddApplication(string applyID , string userID,string message , string detail) { message = Util.commonTool.checkStrForSql(message); if(!String.IsNullOrEmpty(detail)) { detail = Util.commonTool.checkStrForSql(detail); } string sqlStr = string.Format(@"INSERT INTO WEB_APPLY(USERID , WEB_APPLICATION_ID,MESSAGE , DETAILPOSITION) VALUES(N'{0}',N'{1}',N'{2}',{3})", userID, applyID, message, detail == null ? "NULL" : "N'" + detail + "'"); DatabaseAccess da = new DatabaseAccess(); int row = da.ExcuteSql(sqlStr); if (row == 1) return true; else return false; }
public bool deleteInfo(string infoid) { string sqlStr = string.Format(@"DELETE FROM WEB_FEEDBACK WHERE ASKEY=N'{0}' ", infoid); DatabaseAccess DA = new DatabaseAccess(); int vat = DA.ExcuteSql(sqlStr); if (vat >= 0) { sqlStr = string.Format(@"DELETE FROM WEB_INFO WHERE SYSID = N'{0}'", infoid); vat = DA.ExcuteSql(sqlStr); if (vat == 1) return true; } return false; }
/// <summary> /// 对用户申请进行审批 /// </summary> /// <param name="ID"></param> /// <param name="action"></param> /// <param name="feedback"></param> /// <returns></returns> public string approvalApplication(string ID , string action , string feedback) { DatabaseAccess da = new DatabaseAccess(); string sqlStr = string.Format(@"UPDATE WEB_APPLY SET PASS = N'{0}', FEEDBACK = N'{1}' WHERE ID = N'{2}'", action, feedback, ID); int vat = da.ExcuteSql(sqlStr); if(vat == 1) { return @"审批成功"; } else { return @"后台出现逻辑错误,请联系管理员"; } }
protected void Page_Load(object sender, EventArgs e) { if(isAuth && !string.IsNullOrEmpty(user)) { //只有在认证登录的情况下才能进行 DatabaseAccess da = new DatabaseAccess(); if (UserManage.isFullProfile(user)) { //如果存在信息则直接加载 //先绑定Province数据 this._blindDataForProvince(); this._blindDataForForm(); } else { //如果不存在则开始新建,绑定Province的数据集 this._blindDataForProvince(); } } }
public string queryTeamID(string teamName) { string queryStr = string.Format("SELECT TEAMID FROM WEB_TEAM_PROFILE WHERE TEAMNAME=N'{0}'", teamName); DatabaseAccess da = new DatabaseAccess(); return da.queryCount(queryStr).ToString(); }
/// <summary> /// 判断申请是否重复提交 /// </summary> /// <param name="applyID">申请的ID</param> /// <param name="userID">用户ID</param> /// <returns>若重复则返回true , 若不重复则返回false</returns> public bool isRepeat(string applyID , string userID) { string sqlStr = string.Format(@"SELECT COUNT(*) FROM WEB_APPLY WHERE WEB_APPLICATION_ID = N'{0}' AND USERID = N'{1}'", applyID, userID); DatabaseAccess da = new DatabaseAccess(); return da.isExist(sqlStr); }
/// <summary> /// 获取个人申请记录 /// </summary> /// <param name="userID">申请人信息</param> /// <returns>返回一个datatable row形式为【申请名称,是否通过[0,1,2]】</returns> public DataTable GetApplication(string userID) { DatabaseAccess da = new DatabaseAccess(); string queryStr = string.Format(@"SELECT T2.WEB_APPLICATION_NAME ,T1.PASS,T1.FEEDBACK FROM WEB_APPLY T1 LEFT JOIN WEB_APPLICATION T2 ON T1.WEB_APPLICATION_ID = T2.WEB_APPLICATION_ID WHERE T1.USERID = N'{0}'", userID); return da.queryDatatable(queryStr); }
/// <summary> /// 判断Team是否重名 /// </summary> /// <param name="teamName"></param> /// <returns>如果重名返回true, 否则返回false</returns> public bool isTeamRepeat(string teamName, string userCode) { DatabaseAccess da = new DatabaseAccess(); string queryStr_1 = string.Format(@"SELECT COUNT(*) FROM WEB_TEAM_PROFILE WHERE TEAMNAME = N'{0}'", teamName); string queryStr_2 = string.Format(@"SELECT COUNT(*) FROM WEB_TEAM_PROFILE WHERE LEADER = N'{0}'", userCode); return (da.isExist(queryStr_1) || da.isExist(queryStr_2)); }
/// <summary> /// 查询团队名称及(或)ID是否合法 /// </summary> /// <param name="teamID">团队ID</param> /// <param name="teamName">团队名称</param> /// <returns>bool值,合法与否</returns> public bool isTeamValid(string teamID, string teamName) { string queryStr = @"SELECT COUNT(*) FROM WEB_TEAM_PROFILE WHERE "; string strID = string.Format("teamID=N'{0}'", teamID); string strName = string.Format("teamName=N'{0}'", teamName); if (!string.IsNullOrEmpty(teamID)) { queryStr += strID; if (!string.IsNullOrEmpty(teamName)) queryStr += " AND " + strName; } else queryStr += strName; DatabaseAccess da = new DatabaseAccess(); return (da.queryCount(queryStr) == 1); }
/// <summary> /// 查询参加的团队名称 /// </summary> /// <param name="userID">登录名</param> /// <returns>一个表格正常情况下只取第一行,数据为[团队ID,团队名称,参与角色]</returns> public DataTable GetTeamInfo(string userID) { DatabaseAccess da = new DatabaseAccess(); string queryStr = string.Format(@"SELECT T2.TEAMID,T2.TEAMNAME,T1.ROLENAME FROM WEB_TEAM_MEMBER T1 LEFT JOIN WEB_TEAM_PROFILE T2 ON T1.TEAMID = T2.TEAMID WHERE T1.USERCODE = N'{0}'", userID); return da.queryDatatable(queryStr); }
public bool joinTeam(string teamID, string userID,string teamRole) { string queryStr = string.Empty; if (!string.IsNullOrEmpty(teamID)) queryStr = string.Format("INSERT WEB_TEAM_MEMBER(usercode, teamID, roleName) VALUES(N'{0}', N'{1}', N'{2}')", userID, teamID, teamRole); else queryStr = string.Format("INSERT WEB_TEAM_MEMBER(usercode, roleName) VALUES(N'{0}', N'{1}')", userID, teamRole); DatabaseAccess da = new DatabaseAccess(); return (da.ExcuteSql(queryStr) == 1); }
public bool updateTeamMember(string sysid, string teamID) { string queryStr = string.Format("UPDATE WEB_TEAM_MEMBER SET TEAMID=N'{0}' WHERE SYSID=N'{1}'", teamID, sysid); DatabaseAccess da = new DatabaseAccess(); return (da.ExcuteSql(queryStr) == 1); }
/// <summary> /// 插入一条团队信息 /// </summary> /// <param name="teamProfile">团队信息的内容</param> /// <param name="userID">插入人的ID</param> /// <returns>返回插入的ID号</returns> public string SavaTeamInfo(Dictionary<string, string> teamProfile, string userID) { string sqlStr = string.Format(@"INSERT WEB_TEAM_PROFILE(PROVINCEID,TEAMNAME,LEADER) VALUES(N'{0}' , N'{1}',N'{2}')", teamProfile["Province"], teamProfile["teamName"], userID); DatabaseAccess da = new DatabaseAccess(); int vat = da.ExcuteSql(sqlStr); if (vat == 1) { string queryStr = string.Format(@"SELECT TEAMID FROM WEB_TEAM_PROFILE WHERE TEAMNAME = N'{0}'", teamProfile["teamName"]); DataTable dt = da.queryDatatable(queryStr); string teamID = dt.Rows[0][0].ToString(); sqlStr = string.Format(@"INSERT WEB_TEAM_MEMBER(USERCODE,TEAMID,ROLENAME) VALUES(N'{0}',N'{1}',N'队长')", userID, teamID); vat = da.ExcuteSql(sqlStr); RoleManage.ChangeUserRoleByUserIDWithRoleID(userID, "4"); if (vat == 1) { return teamID; } } return @"数据库操作失败"; }