示例#1
0
        protected override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            string username = System.Web.HttpContext.Current.Request.Cookies.Get("UserName").Value;

            conn.OpenConnection();
            string sql = "SELECT * FROM UserRole WHERE UserID IN (SELECT ID FROM [User] WHERE UserName= '******')";

            DataTable dt         = conn.Detail(sql);
            string    get_roleid = dt.Rows[0][1].ToString();

            conn.CloseConnection();


            //fcinfo = new filterContextInfo(filterContext);
            //fcinfo.actionName;//获取域名
            //fcinfo.controllerName;获取 controllerName 名称

            //bool isstate = true;
            //islogin = false;
            if (get_roleid != "")//如果满足
            {
                //filterContext.Result = new ContentResult { Content = @"您的角色ID是:" + get_roleid };
                //filterContext.Result = new HttpUnauthorizedResult("../Admin/Index");//直接URL输入的页面地址跳转到登陆页
                //filterContext.Result = new RedirectResult("../Admin/Index");//也可以跳到别的站点
                //filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "../Admin", action = "Index" }));
                filterContext.HttpContext.Response.Redirect("../Admin/Index");//重定向
            }
            else
            {
                filterContext.Result = new ContentResult {
                    Content = @"<script>alert('空!');</script>"
                };
                //filterContext.Result = new ContentResult { Content = @"抱歉,你不具有当前操作的权限!" };
            }
        }
        //首页
        public ActionResult Index()
        {
            conn.OpenConnection();
            string  sql = "select top 3 * from [Article] order by CreateTime desc";
            DataSet ds  = conn.Ds_List(sql);

            ViewBag.Data = ds.Tables[0];

            string  sql1 = "select * from [Carousel]";
            DataSet ds1  = conn.Ds_List(sql1);

            ViewBag.Data1 = ds1.Tables[0];

            conn.CloseConnection();
            return(View(ViewBag.Data));
        }
示例#3
0
        public ActionResult Index()
        {
            conn.OpenConnection();
            string sql_UserCount         = "select COUNT(*) from [User]";
            int    usercount             = conn.Select(sql_UserCount);
            string sql_TaskCount         = "select COUNT(*) from [Task]";
            int    taskcount             = conn.Select(sql_TaskCount);
            string sql_ArticleCount      = "select COUNT(*) from [Article]";
            int    articlecount          = conn.Select(sql_ArticleCount);
            string sql_FinishedTaskCount = "select COUNT(*) from [Task] where IsValid = 'True'";
            int    finishedtaskcount     = conn.Select(sql_FinishedTaskCount);

            ViewBag.UserCount         = usercount;
            ViewBag.TaskCount         = taskcount;
            ViewBag.ArticleCount      = articlecount;
            ViewBag.FinishedTaskCount = finishedtaskcount;

            string  sql = "select top 5 * from [Article] order by CreateTime desc";
            DataSet ds  = conn.Ds_List(sql);

            ViewBag.Data = ds.Tables[0];

            conn.CloseConnection();
            return(View(ViewBag.Data));
        }
 protected void Page_OnUnload(object sender, EventArgs e)
 {
     Conn.CloseConnection();
 }
示例#5
0
        public ActionResult Install(string action)
        {
            string sqlUser =
                "******" +
                "ID int identity(1,1) primary key," +
                "UserName varchar(50)," +
                "RealName varchar(50)," +
                "Password varchar(200)," +
                "CreateTime varchar(50)," +
                "LastEditTime varchar(50)," +
                "Phone varchar(50)," +
                "Email varchar(50)," +
                "Birthday varchar(50)," +
                "IsValid bit);";

            string sqlUserRole =
                "create table UserRole (" +
                "ID int identity(1,1) primary key," +
                "UserID int," +
                "RoleID int);";

            string sqlRole =
                "create table Role (" +
                "ID int identity(1,1) primary key," +
                "Name varchar(50)," +
                "Description varchar(200));";

            string sqlArticle =
                "create table Article (" +
                "ID int identity(1,1) primary key," +
                "Title varchar(50)," +
                "Content text," +
                "UserID int," +
                "CreateTime varchar(50)," +
                "LastEditTime varchar(50)," +
                "ArticleClassID int," +
                "AttachmentPath varchar(200)," +
                "TitleImgPath varchar(200)," +
                "IsValid bit);";

            string sqlTableIsValid =
                "create table TableIsValid (" +
                "ID int identity(1,1) primary key," +
                "TableName varchar(50)," +
                "IsValid bit);";

            string sqlArticleClass =
                "create table ArticleClass (" +
                "ID int identity(1,1) primary key," +
                "ClassName varchar(20)," +
                "CreateTime varchar(50)," +
                "LastEditTime varchar(50)," +
                "IsValid bit);";

            string sqlControllerActionRole =
                "create table ControllerActionRole (" +
                "ID int identity(1,1) primary key," +
                "IsAllowed bit," +
                "RoleID int," +
                "Controller varchar(50)," +
                "Action varchar(50));";

            string sqlLoginRecord =
                "create table LoginRecord (" +
                "ID int identity(1,1) primary key," +
                "LoginTime varchar(50)," +
                "UserID int," +
                "UserIP varchar(50));";

            string sqlTask =
                "create table Task (" +
                "ID int identity(1,1) primary key," +
                "Title varchar(50)," +
                "Content text," +
                "PublisherID int," +
                "Developers varchar(200)," +  //参与开发人员
                "BudgetTime int," +           //预算完成时长
                "TurnoverTime varchar(50)," + //项目交付时间
                "CreateTime varchar(50)," +
                "LastEditTime varchar(50)," +
                "IsValid bit); ";

            string sqlTaskSchedule =
                "create table TaskSchedule (" +
                "ID int identity(1,1) primary key," +
                "Content text," +
                "TaskID int," +
                "PublisherID int," +
                "CreateTime varchar(50)," +
                "LastEditTime varchar(50)," +
                "IsValid bit); ";

            string sqlModule =
                "create table Module (" +
                "ID int identity(1,1) primary key," +
                "ModuleName varchar(50)," +
                "TableName varchar(50)," +
                "IsValid bit); ";

            string sqlCarousel =
                "create table Carousel (" +
                "ID int identity(1,1) primary key," +
                "CarouselPath varchar(200));";

            string sqlInsertUser =
                "******" +
                "superadmin','姓名1','123456','2017/12/16 13:03:09','2017/12/16 13:03:09','13000000000','*****@*****.**','1997-12-16',1)," +
                "('admin','姓名2','123456','2017/12/16 13:03:09','2017/12/16 13:03:09','13000000001','*****@*****.**','1997-12-16',1)," +
                "('teacher','姓名3','123456','2017/12/16 13:03:09','2017/12/16 13:03:09','13000000002','*****@*****.**','1997-12-16',1)," +
                "('student','姓名4','123456','2017/12/16 13:03:09','2017/12/16 13:03:09','13000000003','*****@*****.**','1997-12-16',1)";

            string sqlInsertRole =
                "insert into [Role] VALUES ('" +
                "超级管理员','超级管理员')," +
                "('管理员','管理员')," +
                "('教师','教师')," +
                "('学生','学生');";

            string sqlInsertUserRole =
                "insert into [UserRole] VALUES (" +
                "1,1)," +
                "(2,2)," +
                "(3,3)," +
                "(4,4);";

            string sqlInsertPermission =
                "insert into [ControllerActionRole] VALUES " +
                "(1,1,'Admin','Article')," +
                "(1,1,'Admin','Article_Add')," +
                "(1,1,'Admin','Article_Detail')," +
                "(1,1,'Admin','Article_Edit')," +
                "(1,1,'Admin','Article_Remove')," +
                "(1,1,'Admin','Class')," +
                "(1,1,'Admin','Class_Edit')," +
                "(1,1,'Admin','Permission_Add')," +
                "(1,1,'Admin','PermissionSet')," +
                "(1,1,'Admin','Role')," +
                "(1,1,'Admin','Role_Remove')," +
                "(1,1,'Admin','Task')," +
                "(1,1,'Admin','Task_Add')," +
                "(1,1,'Admin','Task_Detail')," +
                "(1,1,'Admin','Task_Edit')," +
                "(1,1,'Admin','Task_Remove')," +
                "(1,1,'Admin','TaskSchedule')," +
                "(1,1,'Admin','TaskSchedule_Add')," +
                "(1,1,'Admin','TaskSchedule_Detail')," +
                "(1,1,'Admin','TaskSchedule_Edit')," +
                "(1,1,'Admin','TaskSchedule_Remove')," +
                "(1,1,'Admin','UserTable')," +
                "(1,1,'Admin','UserTable_Detail')," +
                "(1,1,'Admin','UserTable_Edit')," +
                "(1,1,'Admin','UserTable_Remove')," +
                "(1,1,'Admin','Index')," +
                "(1,1,'Admin','LoginRecord')," +
                "(1,1,'Admin','UserCenter')," +
                "(1,2,'Admin','Article_Add')," +
                "(1,2,'Admin','Article_Detail')," +
                "(1,2,'Admin','Article_Edit')," +
                "(1,2,'Admin','Article_Remove')," +
                "(1,2,'Admin','Class')," +
                "(1,2,'Admin','Class_Edit')," +
                "(1,2,'Admin','Permission_Add')," +
                "(1,2,'Admin','PermissionSet')," +
                "(1,2,'Admin','Role')," +
                "(1,2,'Admin','Role_Remove')," +
                "(1,2,'Admin','Task')," +
                "(1,2,'Admin','Task_Add')," +
                "(1,2,'Admin','Task_Detail')," +
                "(1,2,'Admin','Task_Edit')," +
                "(1,2,'Admin','Task_Remove')," +
                "(1,2,'Admin','TaskSchedule')," +
                "(1,2,'Admin','TaskSchedule_Add')," +
                "(1,2,'Admin','TaskSchedule_Detail')," +
                "(1,2,'Admin','TaskSchedule_Edit')," +
                "(1,2,'Admin','TaskSchedule_Remove')," +
                "(1,2,'Admin','UserTable')," +
                "(1,2,'Admin','UserTable_Detail')," +
                "(1,2,'Admin','UserTable_Edit')," +
                "(1,2,'Admin','UserTable_Remove')," +
                "(1,2,'Admin','Index')," +
                "(1,2,'Admin','LoginRecord')," +
                "(1,2,'Admin','UserCenter');";

            string sqlInsertModule =
                "insert into [Module] VALUES ('" +
                "文章','Article','1')," +
                "('投票','Vote','1')," +
                "('问卷','Survey','1')";


            conn.OpenConnection();
            if (action == "Drop tables")
            {
                string sql =
                    "declare @sql varchar(8000) " +
                    "while (select count(*) from sysobjects where type='U')>0 " +
                    "begin SELECT @sql='drop table [' + name+']' FROM sysobjects WHERE (type = 'U') ORDER BY 'drop table [' + name+']' " +
                    "exec(@sql) " +
                    "end ";
                int drop = conn.Drop(sql);
                if (drop != 0)
                {
                    ViewBag.Result = "Drop tables successfully.";
                }
                else
                {
                    ViewBag.Result = "Failed to drop tables.";
                }
            }
            if (action == "Create tables")
            {
                int result = conn.CreateTable(sqlUser
                                              + sqlUserRole
                                              + sqlRole
                                              + sqlArticle
                                              + sqlArticleClass
                                              + sqlControllerActionRole
                                              + sqlLoginRecord
                                              + sqlTask
                                              + sqlTaskSchedule
                                              + sqlInsertPermission
                                              + sqlTableIsValid
                                              + sqlModule
                                              + sqlCarousel
                                              );

                if (result != 0)
                {
                    ViewBag.Result = "Create tables succuss.";
                    conn.CloseConnection();
                    return(View());
                }
                conn.CloseConnection();
                return(View());
            }
            if (action == "Initialized Data")
            {
                int result = conn.InsertData(sqlInsertUser + sqlInsertRole + sqlInsertUserRole + sqlInsertModule);
                if (result != 0)
                {
                    ViewBag.Result = "InsertData success.";
                }
                else
                {
                    ViewBag.Result = "Fail to InsertData.";
                }
            }
            return(View());
        }
示例#6
0
        //[HttpPost]
        public ActionResult Register(FormCollection collection, string action)
        {
            string username = collection["username"];
            string password = collection["password"];
            string realname = collection["realname"];
            string phone    = collection["phone"];
            string email    = collection["email"];

            //验证用户名格式
            string usernameStr = @"^[a-zA-Z][a-zA-Z0-9_]{4,15}$";
            Regex  usernameReg = new Regex(usernameStr);
            //验证密码格式
            string passwordStr = @"^[\w\W]{6,}$";
            Regex  passwordReg = new Regex(passwordStr);
            //验证真实名字格式
            string realnameStr = @"^[\u4e00-\u9fa5]{0,}$";
            Regex  realnameReg = new Regex(realnameStr);
            //验证手机号码格式
            string phoneStr = @"^(13[0-9]|14[5|7]|15[0|1|2|3|5|6|7|8|9]|18[0|1|2|3|5|6|7|8|9])\d{8}$";
            Regex  phoneReg = new Regex(phoneStr);
            //验证邮箱地址格式
            string emailStr = @"^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,5})+$";
            Regex  emailReg = new Regex(emailStr);

            if (action == "注册")
            {
                conn.OpenConnection();
                string sql_reg = "INSERT INTO [User](UserName,RealName,Password,CreateTime,LastEditTime,Phone,Email,Birthday,IsValid) VALUES('" + collection["username"] + "','" + collection["realname"] + "','" + collection["password"] + "','" + DateTime.Now + "','" + DateTime.Now + "','" + collection["phone"] + "','" + collection["email"] + "','" + collection["birthday"] + "','1')";
                string sql     = sql_reg;

                string sql_check = "select Count(*) from [User] where UserName = '******'";
                int    count     = conn.Select(sql_check);

                if (count > 0)
                {
                    ViewBag.Result = "该用户名已注册";
                }
                else
                {
                    if (!usernameReg.IsMatch(username.Trim()))
                    {
                        ViewBag.Result = "注册失败,用户名有误 (Tips:字母开头,允许5-16字节,允许字母数字下划线)";
                    }
                    else
                    {
                        if (!passwordReg.IsMatch(password.Trim()))
                        {
                            ViewBag.Result = "注册失败,密码必须6位或以上";
                        }
                        else
                        {
                            if (!realnameReg.IsMatch(realname.Trim()))
                            {
                                ViewBag.Result = "注册失败,真实名字有误";
                            }
                            else
                            {
                                if (!phoneReg.IsMatch(phone.Trim()))
                                {
                                    ViewBag.Result = "注册失败,手机号码有误";
                                }
                                else
                                {
                                    if (!emailReg.IsMatch(email.Trim()))
                                    {
                                        ViewBag.Result = "注册失败,邮箱有误";
                                    }
                                    else
                                    {
                                        int result = conn.InsertData(sql);
                                        //分配默认角色
                                        string  sql_uid = "SELECT * FROM [User] WHERE UserName='******'";
                                        DataSet ds      = conn.Ds_List(sql_uid);
                                        foreach (DataRow item in ds.Tables[0].Rows)
                                        {
                                            //查询新增用户ID
                                            int ID = int.Parse(item["ID"].ToString());

                                            //给新增用户分配默认角色
                                            string user_role = "INSERT INTO [UserRole] (UserID,RoleID) VALUES(" + ID + ",4)";
                                            int    result1   = conn.InsertData(user_role);
                                            if (result > 0)
                                            {
                                                conn.CloseConnection();
                                                return(Content("<script>alert('注册成功!');window.location.href='Login'</script>"));
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
            return(View());
        }