protected void btnInsert_Click(object sender, EventArgs e)
 {
     if (Validate(0))
     {
         String sqlText =
             "INSERT INTO nhanvien(nhanvien_ten) VALUES( " +
             "@nhanvien_ten);";
         clsConnect cn         = new clsConnect();
         int        Nparameter = 1;
         string[]   name       = new string[Nparameter];
         object[]   value      = new object[Nparameter];
         name[0]  = "@nhanvien_ten";
         value[0] = txtTen.Text.Trim();
         cn.UpdateData(sqlText, name, value, Nparameter);
         cn.close();
         String strURL = "sys_employee.aspx?add=1";
         Response.Redirect(strURL);
     }
 }
    private void createMenuItem(DataTable table)
    {
        clsConnect cn = new clsConnect();

        foreach (DataRow row in table.Rows)
        {
            string[] strValuepath    = row["menu_valuepath"].ToString().Split('/');
            string   valuepathParent = "";
            for (int i = 0; i < strValuepath.Length; i++)
            {
                DataRow  temp = cn.LoadData("select * from Menu where Menu_ID=" + strValuepath[i]).Rows[0];
                MenuItem item = new MenuItem();
                if (i == 0 || i == 1)
                {
                    valuepathParent = strValuepath[0];
                }
                else
                {
                    valuepathParent += "/" + strValuepath[i - 1];
                }
                item = mnuTools.FindItem(temp["menu_valuepath"].ToString());
                if (item == null)
                {
                    MenuItem itemtemp = new MenuItem();
                    itemtemp.Text        = temp["Menu_title"].ToString();
                    itemtemp.Value       = temp["Menu_ID"].ToString();
                    itemtemp.NavigateUrl = temp["menu_url"].ToString();
                    itemtemp.ToolTip     = temp["menu_description"].ToString();
                    if (i == 0)
                    {
                        mnuTools.Items.Add(itemtemp);
                    }
                    else
                    {
                        //itemtemp.Text = "<img src='../images/menu/icon-16-menu.png'/>" + temp["menu_title"].ToString();
                        mnuTools.FindItem(valuepathParent).ChildItems.Add(itemtemp);
                    }
                }
            }
        }
        cn.close();
    }
示例#3
0
    protected void btnDelAll_Click(object sender, EventArgs e)
    {
        clsConnect cn  = new clsConnect();
        string     sql = "delete from quyen where quyen_ma=@quyen_ma";

        for (int i = 0; i < gridauthority.Items.Count; i++)
        {
            bool check = ((CheckBox)gridauthority.Items[i].FindControl("chkDel")).Checked;
            if (check)
            {
                int      Nparameter = 1;
                string[] name       = new string[Nparameter];
                name[0] = "@quyen_ma";
                object[] value = new object[Nparameter];
                value[0] = ((Label)gridauthority.Items[i].FindControl("lblID")).Text;
                cn.UpdateData(sql, name, value, Nparameter);
            }
        }
        cn.close();
        Response.Redirect("sys_authority.aspx");
    }
示例#4
0
    protected void btnUpdate_Click(object sender, EventArgs e)
    {
        int id = 0;

        try
        {
            id = Convert.ToInt32(Request.QueryString["id"]);
        }
        catch (Exception ex) { }
        if (Validate(id))
        {
            String sqlText =
                "UPDATE TaiKhoan SET username = @username,password=@password,nhanvien_ma=@nhanvien_ma, " +
                " quyen_ma=@quyen_ma,tu_donvi=@tu_donvi,den_donvi=@den_donvi " +
                "WHERE id = @id";
            clsConnect cn         = new clsConnect();
            int        Nparameter = 7;
            string[]   name       = new string[Nparameter];
            object[]   value      = new object[Nparameter];
            name[0]  = "@username";
            name[1]  = "@password";
            name[2]  = "@quyen_ma";
            name[3]  = "@nhanvien_ma";
            name[4]  = "@tu_donvi";
            name[5]  = "@den_donvi";
            name[6]  = "@id";
            value[0] = txtTen.Text.Trim();
            value[1] = txtMatKhau.Text.Trim();
            value[2] = ddlQuyen.Text;
            value[3] = ddlNhanVien.Text;
            value[4] = txtFrom.Text.Trim();
            value[5] = txtTo.Text.Trim();
            value[6] = id;
            cn.UpdateData(sqlText, name, value, Nparameter);
            cn.close();
            String strURL = "sys_sercurity.aspx?save=1";
            Response.Redirect(strURL);
        }
    }
    private void dislayTremenu()
    {
        clsConnect cn = new clsConnect();

        try
        {
            string sql = "SELECT * FROM Menu where menu_parent_id = 0 ORDER BY menu_parent_id, menu_order, menu_id";
            foreach (DataRow row in cn.LoadData(sql).Rows)
            {
                TreeNode root = new TreeNode(row["Menu_title"].ToString() + " (" + row["menu_order"].ToString() + ")", row["Menu_ID"].ToString());
                root.NavigateUrl = "menu.aspx?menu_id=" + row["Menu_ID"].ToString();
                root.ToolTip     = row["menu_description"].ToString();
                tremenu.Nodes.Add(root);
                CreateNodeChild(root, cn);
            }
        }
        catch (Exception)
        {
        }

        cn.close();
    }
    private void deletemenu(string menu_id)
    {
        clsConnect cn         = new clsConnect();
        string     sql        = "DELETE FROM menu WHERE menu_id = @menu_id";
        int        Nparameter = 1;

        string[] name = new string[Nparameter];
        name[0] = "@menu_id";
        object[] value = new object[Nparameter];
        value[0] = menu_id;
        cn.UpdateData(sql, name, value, Nparameter);
        sql = "SELECT menu_id FROM menu where menu_parent_id = @menu_id";
        DataTable dt = cn.LoadData(sql, name, value, Nparameter);

        if (dt.Rows.Count > 0)
        {
            foreach (DataRow row in dt.Rows)
            {
                deletemenu(row[0].ToString());
            }
        }
        cn.close();
    }
示例#7
0
    protected void btnDelAllmenu_Click(object sender, EventArgs e)
    {
        clsConnect cn  = new clsConnect();
        string     sql = "delete from chitietquyen where quyen_ma=@quyen_ma and menu_id=@menu_id";

        for (int i = 0; i < rptquyenDetail.Items.Count; i++)
        {
            bool check = ((CheckBox)rptquyenDetail.Items[i].FindControl("chkSelect")).Checked;
            if (check)
            {
                int      Nparameter = 2;
                string[] name       = new string[Nparameter];
                name[0] = "@quyen_ma";
                name[1] = "@menu_id";
                object[] value = new object[Nparameter];
                value[0] = Request.QueryString["quyen_ma"];
                value[1] = ((Label)rptquyenDetail.Items[i].FindControl("lblMenuID")).Text;
                cn.UpdateData(sql, name, value, Nparameter);
            }
        }
        cn.close();
        Response.Redirect("sys_authority.aspx?quyen_ma=" + Request.QueryString["quyen_ma"]);
    }
    protected void btnSave_Click(object sender, EventArgs e)
    {
        if (!SearchPassword())
        {
            return;
        }
        clsConnect cn        = new clsConnect();
        string     sql       = "UPDATE taikhoan SET password=@password WHERE nhanvien_ma=@nhanvien_ma";
        int        parameter = 2;

        string[] name  = new string[parameter];
        object[] value = new object[parameter];
        name[0]  = "@password";
        name[1]  = "@nhanvien_ma";
        value[0] = txtPassWordNew.Text.Trim();
        value[1] = Session["nhanvien_ma"].ToString();
        cn.UpdateData(sql, name, value, parameter);
        cn.close();
        lblMsg.Text           = "Bạn đã đổi mật khẩu thành công!";
        lblMsg.ForeColor      = System.Drawing.Color.Blue;
        txtPassWord.Text      = "";
        txtPassWordNew.Text   = "";
        txtPassWordReNew.Text = "";
    }
示例#9
0
    protected void btnUpdate_Click1(object sender, EventArgs e)
    {
        if (ddlServiceType.Text != "")
        {
            clsConnect cn         = new clsConnect();
            int        Nparameter = 11;
            string[]   name       = new string[Nparameter];
            object[]   value      = new object[Nparameter];
            string     sql        = "";
            //upload file vao thu muc thuvien/taptin
            //try
            //{
            if (FileUpLoad1.FileName != "")
            {
                string path = Server.MapPath("~/thuvien/taptin/") + FileUpLoad1.FileName;
                FileUpLoad1.SaveAs(path);
                Nparameter = 11;
                sql        = "UPDATE information SET service_id=?service_id,title=?title,date_post=?date_post,human_post=?human_post,source_link=?source_link, " +
                             "content=?content,heading_text=?heading_text,file=?file,status_id=?status_id , id=?id " +
                             "WHERE information_id=?information_id";

                name[0]  = "?service_id";
                name[1]  = "?title";
                name[2]  = "?date_post";
                name[3]  = "?human_post";
                name[4]  = "?source_link";
                name[5]  = "?content";
                name[6]  = "?heading_text";
                name[7]  = "?file";
                name[8]  = "?status_id";
                name[9]  = "?information_id";
                name[10] = "?id";
                value[0] = ddlService.Text;
                value[1] = txtTitle.Text.Trim();
                value[2] = DateTime.Now;
                value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
                value[4] = txtSource.Text.Trim();
                value[5] = txtContent.Value;
                value[6] = lblHeadingText.Text.Trim();
                value[7] = FileUpLoad1.FileName;
                //lay id chuyen muc, gan cho trang thai
                if (rbtChoise.SelectedValue == "0")
                {
                    value[8] = "0";
                }
                if (rbtChoise.SelectedValue == "1")
                {
                    value[8] = "1";
                }
                if (rbtChoise.SelectedValue == "2")
                {
                    value[8] = "2";
                }
                value[9]  = Request.QueryString["content_id"];
                value[10] = ddlMon.SelectedIndex.ToString();
                cn.UpdateData(sql, name, value, Nparameter);
            }
            else
            {
                Nparameter = 9;
                sql        = "UPDATE information SET service_id=?service_id,title=?title,date_post=?date_post,human_post=?human_post,source_link=?source_link, " +
                             "content=?content,heading_text=?heading_text,status_id=?status_id " +
                             "WHERE information_id=?information_id";

                name[0]  = "?service_id";
                name[1]  = "?title";
                name[2]  = "?date_post";
                name[3]  = "?human_post";
                name[4]  = "?source_link";
                name[5]  = "?content";
                name[6]  = "?heading_text";
                name[7]  = "?status_id";
                name[8]  = "?information_id";
                value[0] = ddlService.Text;
                value[1] = txtTitle.Text.Trim();
                value[2] = DateTime.Now;
                value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
                value[4] = txtSource.Text.Trim();
                value[5] = txtContent.Value;
                value[6] = lblHeadingText.Text.Trim();
                //lay id chuyen muc, gan cho trang thai
                if (rbtChoise.SelectedValue == "0")
                {
                    value[7] = "0";
                }
                if (rbtChoise.SelectedValue == "1")
                {
                    value[7] = "1";
                }
                if (rbtChoise.SelectedValue == "2")
                {
                    value[7] = "2";
                }
                value[8] = Request.QueryString["content_id"];
                cn.UpdateData(sql, name, value, Nparameter);
            }
            cn.close();
            Response.Redirect("web_send.aspx");
        }
    }
示例#10
0
    void UploadTinGioithieu()
    {
        clsConnect cn         = new clsConnect();
        int        Nparameter = 10;

        string[] name  = new string[Nparameter];
        object[] value = new object[Nparameter];
        string   sql   = "";

        //upload file vao thu muc thuvien/taptin
        //try
        //{
        if (FileUpLoad1.FileName != "")
        {
            string path = Server.MapPath("~/thuvien/taptin/") + FileUpLoad1.FileName;
            FileUpLoad1.SaveAs(path);
            Nparameter = 10;
            sql        = "INSERT INTO information(service_id,title,date_post,human_post,source_link,content,heading_text,file,status_id,id)VALUES( " +
                         "?service_id,?title,?date_post,?human_post,?source_link,?content,?heading_text,?file,?status_id,?id)";

            name[0]  = "?service_id";
            name[1]  = "?title";
            name[2]  = "?date_post";
            name[3]  = "?human_post";
            name[4]  = "?source_link";
            name[5]  = "?content";
            name[6]  = "?heading_text";
            name[7]  = "?file";
            name[8]  = "?status_id";
            name[9]  = "?id";
            value[0] = ddlService.Text;
            value[1] = txtTitle.Text.Trim();
            value[2] = DateTime.Now;
            value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
            value[4] = txtSource.Text.Trim();
            value[5] = txtContent.Value;
            value[6] = lblHeadingText.Text.Trim();
            value[7] = FileUpLoad1.FileName;
            //lay id chuyen muc, gan cho trang thai
            if (rbtChoise.SelectedValue == "0")
            {
                value[8] = "0";
            }
            if (rbtChoise.SelectedValue == "1")
            {
                value[8] = "1";
            }
            if (rbtChoise.SelectedValue == "2")
            {
                value[8] = "2";
            }
            value[9] = ddlMon.SelectedIndex.ToString();
            cn.UpdateData(sql, name, value, Nparameter);
        }
        else
        {
            Nparameter = 9;
            sql        = "INSERT INTO information(service_id,title,date_post,human_post,source_link,content,heading_text,status_id,id)VALUES( " +
                         "?service_id,?title,?date_post,?human_post,?source_link,?content,?heading_text,?status_id,?id)";

            name[0]  = "?service_id";
            name[1]  = "?title";
            name[2]  = "?date_post";
            name[3]  = "?human_post";
            name[4]  = "?source_link";
            name[5]  = "?content";
            name[6]  = "?heading_text";
            name[7]  = "?status_id";
            name[8]  = "?id";
            value[0] = ddlService.Text;
            value[1] = txtTitle.Text.Trim();
            value[2] = DateTime.Now;
            value[3] = cn.LoadData("select nhanvien_ten FROM nhanvien WHERE nhanvien_ma=" + Session["nhanvien_ma"].ToString()).Rows[0][0].ToString();
            value[4] = txtSource.Text.Trim();
            value[5] = txtContent.Value;
            value[6] = lblHeadingText.Text.Trim();
            if (rbtChoise.SelectedValue == "0")
            {
                value[7] = "0";
            }
            if (rbtChoise.SelectedValue == "1")
            {
                value[7] = "1";
            }
            if (rbtChoise.SelectedValue == "2")
            {
                value[7] = "2";
            }
            value[8] = ddlMon.SelectedIndex.ToString();
            cn.UpdateData(sql, name, value, Nparameter);
        }
        cn.close();
    }
示例#11
0
    protected void Page_Load(object sender, EventArgs e)
    {
        if (IsPostBack)
        {
            return;
        }

        if (Request.QueryString["add"] != null && !Request.QueryString["add"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1 chuyên mục [" + Request.QueryString["add"].ToString() + "] đã được thêm thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        if (Request.QueryString["save"] != null && !Request.QueryString["save"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>Thông tin chuyên mục [" + Request.QueryString["save"].ToString() + "] đã được cập nhật thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        if (Request.QueryString["delete"] != null && !Request.QueryString["delete"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1(nhiều) chuyên mục đã được xóa thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        clsConnect cn         = new clsConnect();
        DataTable  dt         = new DataTable();
        int        Nparameter = 10;

        string[] name  = new string[Nparameter];
        object[] value = new object[Nparameter];
        if (Request.QueryString["content_id"] != null && !Request.QueryString["content_id"].Equals(""))
        {
            string sqlText = "SELECT * FROM information A, service B, service_type C WHERE " +
                             "A.service_id=B.service_id AND B.service_type_id=C.service_type_id AND information_id=?information_id";
            Nparameter = 1;
            name[0]    = "?information_id";
            value[0]   = Request.QueryString["content_id"].ToString();
            dt         = cn.LoadData(sqlText, name, value, Nparameter);
            if (dt.Rows.Count > 0)
            {
                DataRow row = dt.Rows[0];

                //ddlService.SelectedValue = row["service_id"].ToString();
                ddlServiceType.Text = row["service_type_id"].ToString();
                //ddlServiceType_SelectedIndexChanged(sender, e);
                txtTitle.Text       = row["tieude"].ToString();
                txtSource.Text      = row["nguontrichdan"].ToString();
                txtContent.Value    = row["noidung"].ToString();
                lblHeadingText.Text = row["diengiai"].ToString();
                //FileUpLoad1.FileName =row["file"].ToString();
                btnSave.Visible      = false;
                btnUpdate.Visible    = true;
                btnDeleteAll.Visible = false;
                btnCancel.Visible    = true;
            }
        }
        else
        {
            btnSave.Visible   = true;
            btnCancel.Visible = true;
        }


        //loai chuyen muc
        ddlServiceType.DataSource = cn.LoadData("SELECT * FROM service_type");
        ddlServiceType.DataBind();
        ddlServiceType.Items.Insert(0, new ListItem("Chọn loại chuyên mục", "0"));

        /*
         #region phan quyen trang
         * try
         * {
         *  sqlText = "select * from ctquyen CT JOIN menu M ON CT.menu_id=M.menu_id " +
         *         "WHERE quyen_ma=?quyen_ma AND menu_url=?menu";
         *  Nparameter = 2;
         *  name[0] = "?quyen_ma";
         *  name[1] = "?menu";
         *  value[0] = Session["quyen_ma"];
         *  value[1] = Request.Url.Segments[Request.Url.Segments.Length - 1].ToString();
         *  DataTable dt3 = cn.LoadData(sqlText, name, value, Nparameter);
         *  //kiem tra xem url nhap vao co chinh xac khong
         *  if (dt3.Rows.Count == 0)
         *  {
         *      Response.Redirect("access_denied.aspx");
         *  }
         * }
         * catch (Exception)
         * {
         * }
         *
         #endregion*/
        cn.close();
        Page.SetFocus(ddlServiceType);
    }
    protected void Page_Load(object sender, EventArgs e)
    {
        if (IsPostBack)
        {
            return;
        }

        if (Request.QueryString["add"] != null && !Request.QueryString["add"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1 thông tin [" + Request.QueryString["add"].ToString() + "] đã được thêm thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        if (Request.QueryString["save"] != null && !Request.QueryString["update"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>Thông tin thông tin [" + Request.QueryString["save"].ToString() + "] đã được cập nhật thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        if (Request.QueryString["delete"] != null && !Request.QueryString["delete"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1(nhiều) thông tin đã được xóa thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        clsConnect cn         = new clsConnect();
        DataTable  dt         = new DataTable();
        int        Nparameter = 10;

        string[] name    = new string[Nparameter];
        object[] value   = new object[Nparameter];
        string   sqlText = "";

        if (Request.QueryString["info_id"] != null && !Request.QueryString["info_id"].Equals(""))
        {
        }
        else
        {
            btnCancel.Visible = true;
        }

        HienThiDS_Tieude();
        //loai chuyen muc
        ddlDichvu.DataSource = cn.LoadData("SELECT * FROM loaidv");
        ddlDichvu.DataBind();
        ddlDichvu.Items.Insert(0, new ListItem("Chọn loại dich vụ", "0"));

        #region phan quyen trang
        try
        {
            sqlText = "select * from chitietquyen CT JOIN menu M ON CT.menu_id=M.menu_id " +
                      "WHERE quyen_ma=?quyen_ma AND menu_url=?menu";
            Nparameter = 2;
            name[0]    = "?quyen_ma";
            name[1]    = "?menu";
            value[0]   = Session["quyen_ma"];
            value[1]   = Request.Url.Segments[Request.Url.Segments.Length - 1].ToString();
            DataTable dt3 = cn.LoadData(sqlText, name, value, Nparameter);
            //kiem tra xem url nhap vao co chinh xac khong
            if (dt3.Rows.Count == 0)
            {
                Response.Redirect("access_denied.aspx");
            }
        }
        catch (Exception)
        {
        }

        #endregion
        cn.close();
        Page.SetFocus(ddlDichvu);
    }
示例#13
0
    protected void Page_Load(object sender, EventArgs e)
    {
        if (IsPostBack)
        {
            return;
        }

        if (Request.QueryString["add"] != null && !Request.QueryString["add"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1 tài khoản [" + Request.QueryString["add"].ToString() + "] đã được thêm thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        if (Request.QueryString["save"] != null && !Request.QueryString["save"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>Thông tin tài khoản [" + Request.QueryString["save"].ToString() + "] đã được cập nhật thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        if (Request.QueryString["delete"] != null && !Request.QueryString["delete"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1(nhiều) tài khoản đã được xóa thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        clsConnect cn         = new clsConnect();
        int        Nparameter = 10;

        string[] name    = new string[Nparameter];
        object[] value   = new object[Nparameter];
        string   sqlText = "SELECT * FROM TaiKhoan DN " +
                           "LEFT JOIN Quyen Q ON DN.quyen_ma=Q.quyen_ma " +
                           "LEFT JOIN nhanvien NV ON DN.nhanvien_ma=NV.nhanvien_ma WHERE id!=0";

        Nparameter = 0;
        if (Request.QueryString["id"] != null && !Request.QueryString["id"].Equals(""))
        {
            string sqlText1 = "SELECT * FROM TaiKhoan DN " +
                              "LEFT JOIN quyen Q ON DN.quyen_ma=Q.quyen_ma " +
                              "LEFT JOIN nhanvien NV ON DN.nhanvien_ma=NV.nhanvien_ma WHERE id!=0 AND  id = @id;";
            Nparameter = 1;
            name[0]    = "@id";
            value[0]   = Request.QueryString["id"];
            DataTable dt = cn.LoadData(sqlText1, name, value, Nparameter);
            if (dt.Rows.Count > 0)
            {
                DataRow row = dt.Rows[0];
                txtTen.Text     = row["username"].ToString();
                txtMatKhau.Text = row["password"].ToString();
                txtFrom.Text    = row["tu_donvi"].ToString();
                txtTo.Text      = row["den_donvi"].ToString();
                if (row["nhanvien_ma"].ToString() != "")
                {
                    ddlNhanVien.Text = row["nhanvien_ma"].ToString();
                }
                if (row["quyen_ma"].ToString() != "")
                {
                    ddlQuyen.Text = row["quyen_ma"].ToString();
                }
                btnInsert.Visible = false;
                btnUpdate.Visible = true;
                btnDelete.Visible = false;
                btnCancel.Visible = true;
            }
        }
        else
        {
            btnInsert.Visible = true;
        }

        rptQuyen.DataSource = cn.LoadData(sqlText, name, value, Nparameter);
        rptQuyen.DataBind();
        //Nhan vien
        sqlText = "SELECT * FROM nhanvien";
        ddlNhanVien.DataSource = cn.LoadData(sqlText);
        ddlNhanVien.DataBind();
        //quyen
        sqlText             = "SELECT * FROM quyen";
        ddlQuyen.DataSource = cn.LoadData(sqlText);
        ddlQuyen.DataBind();

        #region phan quyen trang
        try
        {
            sqlText = "select * from chitietquyen CT JOIN menu M ON CT.menu_id=M.menu_id " +
                      "WHERE quyen_ma=@quyen_ma AND menu_url=@menu";
            Nparameter = 2;
            name[0]    = "@quyen_ma";
            name[1]    = "@menu";
            value[0]   = Session["quyen_ma"];
            value[1]   = Request.Url.Segments[Request.Url.Segments.Length - 1].ToString();
            DataTable dt3 = cn.LoadData(sqlText, name, value, Nparameter);
            //kiem tra xem url nhap vao co chinh xac khong
            if (dt3.Rows.Count == 0)
            {
                Response.Redirect("access_denied.aspx");
            }
        }
        catch (Exception)
        {
            Response.Redirect("login.aspx");
        }

        #endregion
        cn.close();
        Page.SetFocus(txtTen);
    }
示例#14
0
    protected void Page_Load(object sender, EventArgs e)
    {
        if (IsPostBack)
        {
            return;
        }

        if (Request.QueryString["add"] != null && !Request.QueryString["add"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1 loại dịch vụ [" + Request.QueryString["add"].ToString() + "] đã được thêm thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        if (Request.QueryString["save"] != null && !Request.QueryString["save"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>Thông tin loại dịch vụ [" + Request.QueryString["save"].ToString() + "] đã được cập nhật thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        if (Request.QueryString["delete"] != null && !Request.QueryString["delete"].Equals(""))
        {
            lblMessageStatus.Text    = "<dl id=\"system-message\"><dd class=\"message message fade\"><ul><li>1(nhiều) loại dịch vụ đã được xóa thành công</li></ul></dd></dl>";
            lblMessageStatus.Visible = true;
        }
        clsConnect cn         = new clsConnect();
        int        Nparameter = 10;

        string[] name  = new string[Nparameter];
        object[] value = new object[Nparameter];

        string sqlText = "SELECT * FROM service_type ";

        rptProduct.DataSource = cn.LoadData(sqlText);
        rptProduct.DataBind();
        if (Request.QueryString["service_type_id"] != null && !Request.QueryString["service_type_id"].Equals(""))
        {
            sqlText    = "SELECT * FROM service_type WHERE service_type_id = @service_type_id;";
            Nparameter = 1;
            name[0]    = "@service_type_id";
            value[0]   = Request.QueryString["service_type_id"];
            DataTable dt = cn.LoadData(sqlText, name, value, Nparameter);
            if (dt.Rows.Count > 0)
            {
                DataRow row = dt.Rows[0];
                txtTen.Text       = row["service_type_name"].ToString();
                btnInsert.Visible = false;
                btnUpdate.Visible = true;
                btnDelete.Visible = false;
                btnCancel.Visible = true;
            }
        }
        else
        {
            btnInsert.Visible = true;
        }
        // lay thong tin dang nhap
        sqlText    = "SELECT * FROM taikhoan WHERE username=@username";
        Nparameter = 1;
        name[0]    = "@username";
        value[0]   = Session["username"].ToString();
        DataTable dt_login = cn.LoadData(sqlText, name, value, Nparameter);

        if (dt_login.Rows.Count > 0)
        {
            DataRow row = dt_login.Rows[0];
            quyen = row["quyen_ma"].ToString();
        }
        #region phan quyen trang
        try
        {
            sqlText = "select * from chitietquyen CT JOIN menu M ON CT.menu_id=M.menu_id " +
                      "WHERE quyen_ma=@quyen_ma AND menu_url=@menu";
            Nparameter = 2;
            name[0]    = "@quyen_ma";
            name[1]    = "@menu";
            value[0]   = Session["quyen_ma"];
            value[1]   = Request.Url.Segments[Request.Url.Segments.Length - 1].ToString();
            DataTable dt3 = cn.LoadData(sqlText, name, value, Nparameter);
            //kiem tra xem url nhap vao co chinh xac khong
            if (dt3.Rows.Count == 0)
            {
                Response.Redirect("access_denied.aspx");
            }
        }
        catch (Exception)
        {
        }

        #endregion
        cn.close();
        Page.SetFocus(txtTen);
    }