private void btblogin_Click(object sender, EventArgs e)
{
string userAccount = tbAccount.Text;
string passwords = tbPasswords.Text;
user = User.validUser(userAccount, passwords);//得到当前user
if (user != null)
this.Close(); //退出登录窗体
else
lblErrorMessage.Text = "用户名和密码不匹配";
}
private void Form1_Load(object sender, EventArgs e)
{
if (this.Validate() == true) this.Hide();
loginForm loginf = new loginForm();
//loginf.MdiParent = this;
loginf.ShowDialog();//首先调用登录窗体
user = loginf.user;
if (user == null)
this.Close();//关闭窗体,退出程序
else
setMenuStrip(); //设置对该用户可见的菜单
}
public static User validUser(string account, string passwords)
{
string sql = "select * from Account where accountId='" + account;
sql += "' and passwords = '" + passwords + "'";//查询Account表
OleDbConnection conn = CommonMethods.DBconn();
OleDbCommand cmd = new OleDbCommand(sql, conn);
try
{
conn.Open();
if (cmd.ExecuteScalar() == null)//是否查到该用户
{ return null; }
}
catch (OleDbException ex)
{ MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); }
finally
{ conn.Close(); }
User user = new User(account);//验证成功,生成新用户对象
sql = "select rightName from AccountRole ar,RoleRight rr,Rights";
sql += " where ar.roleId=rr.roleId";
sql += " and rr.rightId=Rights.rightId and accountId='" + account + "'";
cmd = new OleDbCommand(sql, conn);
try
{
conn.Open();
OleDbDataReader reader = cmd.ExecuteReader();
ArrayList alRight = new ArrayList();
while (reader.Read())
{
string rightName = reader["rightName"].ToString();
alRight.Add(rightName); //每得到一个权限,就将其加入到顺序表中
}
user.rightList = alRight; //把权限给用户
}
catch (OleDbException ex)
{ MessageBox.Show(ex.ToString(), "Error", MessageBoxButtons.OK, MessageBoxIcon.Error); }
finally
{ conn.Close(); }
return user;
}