public string publicKey = "";//公钥
//需要根据不同情况建立或修改的不同学校用户和不同类型的用户,本学校用户唯一,不需要全系统唯一
protected void Page_Load(object sender, EventArgs e)
{
//if (true)//如果没对应权限,及判断用户类型是否跨界,主要防止非法篡改数据出现
//{
// Response.Write("无对应权限");
// Response.End();
//}
if (!IsPostBack)
{
//公钥
publicKey = PublicProperty.PublicKey.Replace("\r\n", ",");
//权限组的增删改
isadd = true;
isedit = true;
isdel = true;
islook = true;
//先得到操作类型
dotype = Request.Params["dotype"].ToString();
string uid = "0"; //修改时的用户ID
string uname = ""; //修改时的用户账号
if (dotype == "a") //添加
{
//根据登录人员的身份,需要得到不同的参数
if (Com.SoureSession.Souresystype == "2")//超管,两个关键参数均需要确认
{
schid = Request.Params["schid"].ToString();
systype = Request.Params["systype"].ToString();
if (string.IsNullOrEmpty(schid) || string.IsNullOrEmpty(systype))//如果没有对应参数中任意一个
{
Response.Write("学校ID为空或者添加的类型为空!");
Response.End();
}
}
else//本学校超管或本学校有权限的用户,只能操作普通用户
{
schid = Com.SoureSession.Soureschid;
systype = "0";
}
}
else if (dotype == "e")//修改,不能修改用户的类型及学校参数
{
btnname = "修改";
uid = Request.Params["uid"].ToString();
if (string.IsNullOrEmpty(uid))
{
Response.Write("无对应修改的用户!");
Response.End();
}
//获取修改的对应用户的
SchSystem.BLL.SchUserInfo userbll = new SchSystem.BLL.SchUserInfo();
SchSystem.Model.SchUserInfo usermodel = userbll.GetModel(int.Parse(uid));
if (usermodel != null && usermodel.UserId > 0)
{
//给默认的屏蔽密码,管理员不能随便修改,只能重置为123456
if (!string.IsNullOrEmpty(usermodel.PassWord)) //密码不为空
{
if (usermodel.PassWord == Com.Public.StrToMD5("123456")) //初始密码
{
usermodel.PassWord = "******";
}
else//非初始密码
{
usermodel.PassWord = "******";
}
}
else//密码为空
{
usermodel.PassWord = "";
}
umodelstr = Newtonsoft.Json.JsonConvert.SerializeObject(usermodel);
schid = usermodel.SchId.ToString();
systype = usermodel.SysType.ToString();
uname = usermodel.UserName;
}
else
{
Response.Write("无该用户!");
Response.End();
}
}
else//不在添加及修改之内,则返回
{
Response.Write("没有可供确认的操作类型!");
Response.End();
}
//判断跨界操作的可能性
/*if (!Com.Public.isVa(schid, systype))
* {
* Response.Write("出错,用户非法跨界操作!");
* Response.End();
* }*/
SchSystem.BLL.SchInfo schbll = new SchSystem.BLL.SchInfo();
schname = schbll.GetSchName(int.Parse(schid));
if (!string.IsNullOrEmpty(schid) && !string.IsNullOrEmpty(systype))
{
//获取整个学校的科目
subs = Com.Public.GetDrp("sub", schid, "1", false, "", "");
//获取整个学校的部门
SchSystem.BLL.SchDepartInfo dptbll = new SchSystem.BLL.SchDepartInfo();
DataTable dtdept = dptbll.GetList("Pid pId,DepartId id,DepartName name,'false' checked", "SchId=" + schid + " and Stat=1 Order by OrderId").Tables[0];
//获取该用户的关联部门
SchSystem.BLL.SchUserDeptV udeptvbll = new SchSystem.BLL.SchUserDeptV();
string udeptids = udeptvbll.GetIds(" UserId='" + uid + "' and stat=1 and schid=" + schid);
if (!string.IsNullOrEmpty(udeptids) && dtdept != null)
{
string[] ids = udeptids.Split(',');
for (int i = 0; i < dtdept.Rows.Count; i++)
{
string id = dtdept.Rows[i]["id"].ToString();
if (ids.Contains(id))
{
dtdept.Rows[i]["checked"] = "true";
}
}
}
depts = Newtonsoft.Json.JsonConvert.SerializeObject(dtdept);
//获取角色菜单
SchSystem.BLL.SchRole rolebll = new SchSystem.BLL.SchRole();
DataTable dtrole = rolebll.GetList("RoleId id,null pId,RoleName name,'false' checked", "Stat=1 and SchId=" + schid + " and SysType='" + systype + "' Order by RoleName").Tables[0];
if (dtrole.Rows.Count == 0)
{
//给个默认根节点
//DataRow dr = dtrole.NewRow();
//dr["id"] = "0";
//dr["pId"] = DBNull.Value;
//dr["name"] = "权限组";
//dr["checked"] = "false";
//dtrole.Rows.Add(dr);
}
//获取该用户关联的角色
SchSystem.BLL.SchUserRoleV urolevbll = new SchSystem.BLL.SchUserRoleV();
string uroleids = urolevbll.GetIds(" UserId='" + uid + "' and stat=1 and schid=" + schid);
if (!string.IsNullOrEmpty(uroleids) && dtrole != null)
{
string[] ids = uroleids.Split(',');
for (int i = 0; i < dtrole.Rows.Count; i++)
{
string id = dtrole.Rows[i]["id"].ToString();
if (ids.Contains(id))
{
dtrole.Rows[i]["checked"] = "true";
}
}
}
roles = Newtonsoft.Json.JsonConvert.SerializeObject(dtrole);
//获取功能树,查询条件需要根据用户种类和状态等,后面需要改
//根据学校拥有的子系统
SchSystem.BLL.SchAppRole schapprolebll = new SchSystem.BLL.SchAppRole();
string appstr = schapprolebll.GetAppStr(int.Parse(schid));
if (appstr != "")
{
appstr = " and (AppCode=1 or AppCode=2 or AppCode in (" + appstr + ")) ";
}
SchSystem.BLL.SchMenuInfoUserFunc funcbll = new SchSystem.BLL.SchMenuInfoUserFunc();
DataTable dtfunc = funcbll.GetList("MenuId id,Pid pId,TextName name,FuncCode funcode,'false' checked", " Stat=1 " + appstr + " Order by OrderId").Tables[0];
funcstr = Newtonsoft.Json.JsonConvert.SerializeObject(dtfunc);
//获取特殊权限功能树
SchSystem.BLL.SchMenuInfoUser smieBll = new SchSystem.BLL.SchMenuInfoUser();
DataTable dtsmie = smieBll.GetList("MenuId id,Pid pId,TextName name,FuncCode funcode,'false' checked", " Stat=1 " + appstr + " Order by OrderId").Tables[0];
MenuInfoExt = Newtonsoft.Json.JsonConvert.SerializeObject(dtsmie);
}
}
}
public static string usersave(string dotype, string schid, string systype, string userid, string usercode, string usertname, string usertel, string userpst, string usertitle, string usermobile, string username, string userpw, string usersex, string userstat, string usersub, string userdpts, string userroles)
{
//解密 RSA
RSACryptoService rsa = new RSACryptoService(PublicProperty.PrivateKey, PublicProperty.PublicKey);
if (userpw != "")
{
userpw = Com.Public.SqlEncStr(rsa.Decrypt(userpw));
}
string ret = "";
Com.DataPack.DataRsp <Com.DataPack.UserInfo> rsp = Com.Public.UserFuncSoure(Com.SoureSession.jsid, Com.SoureSession.jstoken);
if (rsp.code == "ERROR_TOKEN")
{
ret = "expire";
}
else
{
try
{
if (string.IsNullOrEmpty(schid) || schid == "0")
{
ret += "非法的学校!";
}
SchSystem.BLL.SchUserInfo userbll = new SchSystem.BLL.SchUserInfo();
SchSystem.Model.SchUserInfo usermodel = new SchSystem.Model.SchUserInfo();
if (!Com.Public.isVa(schid, ""))
{
ret += "无跨界权限;";
}
//判断编号及账号是否有重复,生成密码加密
if (dotype == "e")
{
//if (userbll.ExistsUserCode(int.Parse(userid), usercode, int.Parse(schid)))
//{
// ret += "用户编号重复!";
//}
if (username != "")
{
if (userbll.ExistsUserName(int.Parse(userid), username))
{
ret += "账号重复!";
}
else if (!userbll.ExistsUserName(0, username))
{
userbll.UpdateUserName(username, int.Parse(userid));
}
}
}
if (dotype == "a")
{
//if (userbll.ExistsUserCode(0, usercode, int.Parse(schid)))
//{
// ret += "用户编号重复!";
//}
if (username != "")
{
/*if (userbll.ExistsUserName(0, username, int.Parse(schid)))
* {
* ret += "账号重复!";
* }*/
StringBuilder sbExists = new StringBuilder();
string utname = "";
if (userbll.ExistsUserName(0, username))
{
SchSystem.BLL.SchUserDeptV bllusdpt = new SchSystem.BLL.SchUserDeptV();
DataTable dt = bllusdpt.GetList("DepartName,UserTname", "UserName='******'").Tables[0];
DataRow[] dr = dt.Select();
foreach (DataRow item in dr)
{
sbExists.Append(item["DepartName"].ToString() + "、");
utname = item["UserTname"].ToString();
}
//ret += "账号重复!";
ret += sbExists.ToString().Substring(0, sbExists.ToString().Length - 1);
ret += "," + utname;
}
}
}
if (ret == "")
{
usermodel.LastRecTime = DateTime.Now;
usermodel.LastRecUser = Com.SoureSession.Soureuserid;
usermodel.Mobile = usermobile;
usermodel.Postion = userpst;
usermodel.Sex = int.Parse(usersex);
if (!string.IsNullOrEmpty(userstat))
{
usermodel.AccStat = int.Parse(userstat);
}
else
{
usermodel.AccStat = 2;
}
usermodel.SubCode = usersub;
usermodel.SysType = int.Parse(systype);
usermodel.Telno = usertel;
usermodel.Title = usertitle;
usermodel.UserNo = usercode;
usermodel.UserTname = usertname;
if (dotype == "e")
{
if (!string.IsNullOrEmpty(userpw) && !string.IsNullOrEmpty(username))
{
userpw = Com.Public.StrToMD5(userpw);
if (userpw == Com.Public.StrToMD5("123456"))//如果重置密码时保存
{
userbll.UpdatePw(int.Parse(userid), userpw);
}
}
usermodel.UserId = int.Parse(userid);
userbll.UpdateUser(usermodel);
}
if (dotype == "a")
{
//必须有账号和密码
if (!string.IsNullOrEmpty(userpw) && !string.IsNullOrEmpty(username))
{
usermodel.PassWord = Com.Public.StrToMD5("123456"); //SchManagerInfoSystem.Common.DESEncrypt.Encrypt(userpw) ;添加时均为123456密码
}
usermodel.RecTime = DateTime.Now;
usermodel.RecUser = Com.SoureSession.Soureuserid;
usermodel.SchId = int.Parse(schid);
usermodel.UserName = username;
userid = userbll.Add(usermodel).ToString();
}
//添加或更新关联部门
SchSystem.BLL.SchUserDept userdeptbll = new SchSystem.BLL.SchUserDept();
if (userdpts == null)
{
userdpts = "0";
}
userdeptbll.DoUserDept(userid, Com.SoureSession.Soureuserid, schid, userdpts);
//添加或更新关联角色
SchSystem.BLL.SchUserRole userrolebll = new SchSystem.BLL.SchUserRole();
if (userroles == null)
{
userroles = "0";
}
userrolebll.DoUserRole(userid, Com.SoureSession.Soureuserid, schid, userroles);
ret = "success";
}
}
catch (Exception ex)
{
ret = ex.Message;
}
}
return(ret);
}
public static string udel(string schid, string id)
{
if (!Com.Public.isVa(schid, ""))
{
return("无跨界权限");
}
string ret = "";
Com.DataPack.DataRsp <Com.DataPack.UserInfo> rsp = Com.Public.UserFuncSoure(Com.SoureSession.jsid, Com.SoureSession.jstoken);
if (rsp.code == "ERROR_TOKEN")
{
ret = "expire";
}
else
{
try
{
SchSystem.BLL.SchSubLeader sslBll = new SchSystem.BLL.SchSubLeader();
bool sslBool = sslBll.ExistsClassSubLeader(schid, id);
if (sslBool)
{
ret = "success01";
}
else
{
SchSystem.BLL.SchGradeUsers sguBll = new SchSystem.BLL.SchGradeUsers();
bool sguBool = sguBll.ExistsGradeUser(schid, id);
if (sguBool)
{
ret = "success02";
}
else
{
SchSystem.BLL.SchClassUser scuBll = new SchSystem.BLL.SchClassUser();
bool scuBooll = scuBll.ExistsClassUser(schid, id);
if (scuBooll)
{
ret = "success03";
}
else
{
SchSystem.BLL.SchUserInfo bll = new SchSystem.BLL.SchUserInfo();
SchSystem.Model.SchUserInfo model = new SchSystem.Model.SchUserInfo();
model.UserId = int.Parse(id);
model.Stat = 2;
model.LastRecTime = DateTime.Now;
model.LastRecUser = Com.SoureSession.Soureuserid;
if (bll.UpdateStat(model))
{
ret = "success";
}
else
{
ret = "操作失败";
}
}
}
}
}
catch (Exception ex)
{
ret = ex.Message;
}
}
return(ret);
}
/// <summary>
/// 增加一条数据
/// </summary>
public int Add(SchSystem.Model.SchUserInfo model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("insert into SchUserInfo(");
strSql.Append("UserName,UserTname,PassWord,SchId,OrderId,Stat,DepartIds,UserLv,Mobile,Telno,Postion,ImgUrl,LoginTime,ClassMs,RecTime,RecUser,LastRecTime,LastRecUser,CopeId,RoleId)");
strSql.Append(" values (");
strSql.Append("@UserName,@UserTname,@PassWord,@SchId,@OrderId,@Stat,@DepartIds,@UserLv,@Mobile,@Telno,@Postion,@ImgUrl,@LoginTime,@ClassMs,@RecTime,@RecUser,@LastRecTime,@LastRecUser,@CopeId,@RoleId)");
strSql.Append(";select @@IDENTITY");
SqlParameter[] parameters =
{
new SqlParameter("@UserName", SqlDbType.VarChar, 30),
new SqlParameter("@UserTname", SqlDbType.VarChar, 20),
new SqlParameter("@PassWord", SqlDbType.VarChar, 20),
new SqlParameter("@SchId", SqlDbType.Int, 4),
new SqlParameter("@OrderId", SqlDbType.Int, 4),
new SqlParameter("@Stat", SqlDbType.TinyInt, 1),
new SqlParameter("@DepartIds", SqlDbType.VarChar, 500),
new SqlParameter("@UserLv", SqlDbType.TinyInt, 1),
new SqlParameter("@Mobile", SqlDbType.VarChar, 15),
new SqlParameter("@Telno", SqlDbType.VarChar, 15),
new SqlParameter("@Postion", SqlDbType.VarChar, 20),
new SqlParameter("@ImgUrl", SqlDbType.VarChar, 300),
new SqlParameter("@LoginTime", SqlDbType.DateTime),
new SqlParameter("@ClassMs", SqlDbType.VarChar, 500),
new SqlParameter("@RecTime", SqlDbType.DateTime),
new SqlParameter("@RecUser", SqlDbType.VarChar, 20),
new SqlParameter("@LastRecTime", SqlDbType.DateTime),
new SqlParameter("@LastRecUser", SqlDbType.VarChar, 20),
new SqlParameter("@CopeId", SqlDbType.Int, 4),
new SqlParameter("@RoleId", SqlDbType.Int, 4)
};
parameters[0].Value = model.UserName;
parameters[1].Value = model.UserTname;
parameters[2].Value = model.PassWord;
parameters[3].Value = model.SchId;
parameters[4].Value = model.OrderId;
parameters[5].Value = model.Stat;
parameters[6].Value = model.DepartIds;
parameters[7].Value = model.UserLv;
parameters[8].Value = model.Mobile;
parameters[9].Value = model.Telno;
parameters[10].Value = model.Postion;
parameters[11].Value = model.ImgUrl;
parameters[12].Value = model.LoginTime;
parameters[13].Value = model.ClassMs;
parameters[14].Value = model.RecTime;
parameters[15].Value = model.RecUser;
parameters[16].Value = model.LastRecTime;
parameters[17].Value = model.LastRecUser;
parameters[18].Value = model.CopeId;
parameters[19].Value = model.RoleId;
object obj = DbHelperSQL.GetSingle(strSql.ToString(), parameters);
if (obj == null)
{
return(0);
}
else
{
return(Convert.ToInt32(obj));
}
}
/// <summary>
/// 得到一个对象实体
/// </summary>
public SchSystem.Model.SchUserInfo DataRowToModel(DataRow row)
{
SchSystem.Model.SchUserInfo model = new SchSystem.Model.SchUserInfo();
if (row != null)
{
if (row["UserId"] != null && row["UserId"].ToString() != "")
{
model.UserId = int.Parse(row["UserId"].ToString());
}
if (row["UserName"] != null)
{
model.UserName = row["UserName"].ToString();
}
if (row["UserTname"] != null)
{
model.UserTname = row["UserTname"].ToString();
}
if (row["PassWord"] != null)
{
model.PassWord = row["PassWord"].ToString();
}
if (row["SchId"] != null && row["SchId"].ToString() != "")
{
model.SchId = int.Parse(row["SchId"].ToString());
}
if (row["OrderId"] != null && row["OrderId"].ToString() != "")
{
model.OrderId = int.Parse(row["OrderId"].ToString());
}
if (row["Stat"] != null && row["Stat"].ToString() != "")
{
model.Stat = int.Parse(row["Stat"].ToString());
}
if (row["DepartIds"] != null)
{
model.DepartIds = row["DepartIds"].ToString();
}
if (row["UserLv"] != null && row["UserLv"].ToString() != "")
{
model.UserLv = int.Parse(row["UserLv"].ToString());
}
if (row["Mobile"] != null)
{
model.Mobile = row["Mobile"].ToString();
}
if (row["Telno"] != null)
{
model.Telno = row["Telno"].ToString();
}
if (row["Postion"] != null)
{
model.Postion = row["Postion"].ToString();
}
if (row["ImgUrl"] != null)
{
model.ImgUrl = row["ImgUrl"].ToString();
}
if (row["LoginTime"] != null && row["LoginTime"].ToString() != "")
{
model.LoginTime = DateTime.Parse(row["LoginTime"].ToString());
}
if (row["ClassMs"] != null)
{
model.ClassMs = row["ClassMs"].ToString();
}
if (row["RecTime"] != null && row["RecTime"].ToString() != "")
{
model.RecTime = DateTime.Parse(row["RecTime"].ToString());
}
if (row["RecUser"] != null)
{
model.RecUser = row["RecUser"].ToString();
}
if (row["LastRecTime"] != null && row["LastRecTime"].ToString() != "")
{
model.LastRecTime = DateTime.Parse(row["LastRecTime"].ToString());
}
if (row["LastRecUser"] != null)
{
model.LastRecUser = row["LastRecUser"].ToString();
}
if (row["CopeId"] != null && row["CopeId"].ToString() != "")
{
model.CopeId = int.Parse(row["CopeId"].ToString());
}
if (row["RoleId"] != null && row["RoleId"].ToString() != "")
{
model.RoleId = int.Parse(row["RoleId"].ToString());
}
}
return(model);
}
/// <summary>
/// 更新一条数据
/// </summary>
public bool Update(SchSystem.Model.SchUserInfo model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("update SchUserInfo set ");
strSql.Append("UserName=@UserName,");
strSql.Append("UserTname=@UserTname,");
strSql.Append("PassWord=@PassWord,");
strSql.Append("SchId=@SchId,");
strSql.Append("OrderId=@OrderId,");
strSql.Append("Stat=@Stat,");
strSql.Append("DepartIds=@DepartIds,");
strSql.Append("UserLv=@UserLv,");
strSql.Append("Mobile=@Mobile,");
strSql.Append("Telno=@Telno,");
strSql.Append("Postion=@Postion,");
strSql.Append("ImgUrl=@ImgUrl,");
strSql.Append("LoginTime=@LoginTime,");
strSql.Append("ClassMs=@ClassMs,");
strSql.Append("RecTime=@RecTime,");
strSql.Append("RecUser=@RecUser,");
strSql.Append("LastRecTime=@LastRecTime,");
strSql.Append("LastRecUser=@LastRecUser,");
strSql.Append("CopeId=@CopeId,");
strSql.Append("RoleId=@RoleId");
strSql.Append(" where UserId=@UserId");
SqlParameter[] parameters =
{
new SqlParameter("@UserName", SqlDbType.VarChar, 30),
new SqlParameter("@UserTname", SqlDbType.VarChar, 20),
new SqlParameter("@PassWord", SqlDbType.VarChar, 20),
new SqlParameter("@SchId", SqlDbType.Int, 4),
new SqlParameter("@OrderId", SqlDbType.Int, 4),
new SqlParameter("@Stat", SqlDbType.TinyInt, 1),
new SqlParameter("@DepartIds", SqlDbType.VarChar, 500),
new SqlParameter("@UserLv", SqlDbType.TinyInt, 1),
new SqlParameter("@Mobile", SqlDbType.VarChar, 15),
new SqlParameter("@Telno", SqlDbType.VarChar, 15),
new SqlParameter("@Postion", SqlDbType.VarChar, 20),
new SqlParameter("@ImgUrl", SqlDbType.VarChar, 300),
new SqlParameter("@LoginTime", SqlDbType.DateTime),
new SqlParameter("@ClassMs", SqlDbType.VarChar, 500),
new SqlParameter("@RecTime", SqlDbType.DateTime),
new SqlParameter("@RecUser", SqlDbType.VarChar, 20),
new SqlParameter("@LastRecTime", SqlDbType.DateTime),
new SqlParameter("@LastRecUser", SqlDbType.VarChar, 20),
new SqlParameter("@CopeId", SqlDbType.Int, 4),
new SqlParameter("@RoleId", SqlDbType.Int, 4),
new SqlParameter("@UserId", SqlDbType.Int, 4)
};
parameters[0].Value = model.UserName;
parameters[1].Value = model.UserTname;
parameters[2].Value = model.PassWord;
parameters[3].Value = model.SchId;
parameters[4].Value = model.OrderId;
parameters[5].Value = model.Stat;
parameters[6].Value = model.DepartIds;
parameters[7].Value = model.UserLv;
parameters[8].Value = model.Mobile;
parameters[9].Value = model.Telno;
parameters[10].Value = model.Postion;
parameters[11].Value = model.ImgUrl;
parameters[12].Value = model.LoginTime;
parameters[13].Value = model.ClassMs;
parameters[14].Value = model.RecTime;
parameters[15].Value = model.RecUser;
parameters[16].Value = model.LastRecTime;
parameters[17].Value = model.LastRecUser;
parameters[18].Value = model.CopeId;
parameters[19].Value = model.RoleId;
parameters[20].Value = model.UserId;
int rows = DbHelperSQL.ExecuteSql(strSql.ToString(), parameters);
if (rows > 0)
{
return(true);
}
else
{
return(false);
}
}
