/// <summary> /// 查询是否有权限 /// </summary> /// <param name="TabID">菜单ID</param> /// <param name="RoleID">角色ID</param> /// <param name="PermissionKey">权限Key(全部为大写 如添加为ADD,修改为UPDATE,删除为DELETE,查看为VIEW)</param> /// <returns></returns> public bool GetPermission(int TabID, int RoleID, string PermissionKey) { string sql = "select * from TabPermission where PermissionID in(" + "select PermissionID from Permission where PermissionKey=@PermissionKey and PermissionCode='SYSTEM_TAB'" + ") and roleid=@RoleID and (TabID=@TabID or TabID=0)"; bool b = false; try { SqlParameter[] paras = new SqlParameter[] { new SqlParameter("@TabID", SqlDbType.Int), new SqlParameter("@RoleID", SqlDbType.Int), new SqlParameter("@PermissionKey", SqlDbType.VarChar, 50), }; paras[0].Value = TabID; paras[1].Value = RoleID; paras[2].Value = PermissionKey; using (SqlDataReader dr = SQLHelper.DataReader(Config.SqlConnection, sql, CommandType.Text, paras)) { if (dr.Read()) { b = true; } } } catch { } return(b); }
public List <int> GetTabIDsByTabKey(string TabKey) { if (TabKey != null && TabKey.Length > 0) { List <int> list = new List <int>(); string sql = "SELECT TabID FROM Tabs WHERE TabKey=@TabKey"; try { SqlParameter[] paras = new SqlParameter[] { new SqlParameter("@TabKey", SqlDbType.VarChar, 50), }; paras[0].Value = TabKey; //object obj = new SqlDbHelper().ExecuteScalar(sql, CommandType.Text, paras); //return Convert.ToInt32(obj); using (SqlDataReader dr = SQLHelper.DataReader(Config.SqlConnection, sql, CommandType.Text, paras)) { while (dr.Read()) { list.Add(dr["TabID"] != DBNull.Value ? Convert.ToInt32(dr["TabID"]) : 0); } } } catch { } return(list); } return(null); }
/// <summary> /// 用户登录 /// </summary> /// <param name="UserName"></param> /// <param name="PassWord"></param> /// <returns></returns> public Model.UserInfo Login(string UserName, string PassWord) { try { string sql = "select * from users where username=@UserName and PassWord=@PassWord"; SqlParameter[] parameter = new SqlParameter[] { new SqlParameter("@UserName", SqlDbType.NVarChar, 100), new SqlParameter("@PassWord", SqlDbType.NVarChar, 50), }; parameter[0].Value = UserName; parameter[1].Value = PassWord; Model.UserInfo info = new Model.UserInfo(); using (SqlDataReader dr = SQLHelper.DataReader(Config.SqlConnection, sql, CommandType.Text, parameter)) { if (dr.Read()) { //info = GetInfoByDr(dr); info = BS.Components.Data.Entity.EntityHelper.GetDataReaderObject <UserInfo>("*", dr); } } return(info); } catch { } return(null); }