示例#1
0
        protected void Page_Load(object sender, EventArgs e)
        {
            StatusCheck.loginStatusCheck(Session, Response, "admin");

            List <String[]> teacherList = new List <string[]>();
            SqlConnection   connection  = new SqlConnection(ConfigurationManager.ConnectionStrings["SQLServerConnection"].ToString());
            string          sql         = "SELECT id,username,fullname,password,email,is_activated FROM dotnetexp.dbo.student WHERE is_deleted=0";
            SqlDataAdapter  adapter     = new SqlDataAdapter(sql, connection);
            DataSet         dataSet     = new DataSet();

            adapter.Fill(dataSet, "student");
            showStudentList.DataSource = dataSet.Tables[0];
            showStudentList.DataBind();

            connection = new SqlConnection(ConfigurationManager.ConnectionStrings["SQLServerConnection"].ToString());
            sql        = "SELECT id,username,fullname,password,email,is_activated FROM dotnetexp.dbo.teacher WHERE is_deleted=0";
            adapter    = new SqlDataAdapter(sql, connection);
            dataSet    = new DataSet();
            adapter.Fill(dataSet, "teacher");
            for (int i = 0; i < dataSet.Tables[0].Rows.Count; i++)
            {
                string[] teacherRow = new string[dataSet.Tables[0].Rows[i].ItemArray.Length];
                for (int j = 0; j < dataSet.Tables[0].Rows[i].ItemArray.Length; j++)
                {
                    teacherRow[j] = (dataSet.Tables[0].Rows[i].ItemArray[j].ToString());
                }

                teacherList.Add(teacherRow);
            }
            Session["teacherList"] = teacherList;
        }
示例#2
0
        protected void Page_Load(object sender, EventArgs e)
        {
            StatusCheck.loginStatusCheck(Session, Response, "student");

            if (Request.Files.Count > 0)
            {
                try
                {
                    HttpPostedFile file = Request.Files[0];

                    string filePath = Server.MapPath("../upload/student/" + file.FileName);
                    file.SaveAs(filePath);

                    Response.Write("{\"msg\":\"Success\",\"data\":\"" + file.FileName + "\"}");
                }
                catch
                {
                    Response.Write("{\"msg\":\"Error when saving the upload file\"}");
                }
            }
            else
            {
                Response.Write("{\"msg\":\"Error: No files uploaded\"}");
            }
        }
示例#3
0
        protected void Page_Load(object sender, EventArgs e)
        {
            StatusCheck.loginStatusCheck(Session, Response, "admin");

            if (Request["Request_Method"] == "POST")
            {
                if (Request["username"] == "")
                {
                    ClientScript.RegisterStartupScript(GetType(), "教工号为空", "<script language='javascript'>alert('对不起,您输入的教工号为空,请重新输入!')</script>");
                }
                else if (Request["fullname"] == "")
                {
                    ClientScript.RegisterStartupScript(GetType(), "姓名为空", "<script language='javascript'>alert('对不起,您输入的姓名为空,请重新输入!')</script>");
                }
                else if (!Request["password"].Equals(Request["password2"]))
                {
                    ClientScript.RegisterStartupScript(GetType(), "密码不一致", "<script language='javascript'>alert('对不起,您输入的密码不一致,请重新输入!')</script>");
                }
                else if (!Request["type"].Equals("teacher") && !Request["type"].Equals("student"))
                {
                    ClientScript.RegisterStartupScript(GetType(), "用户类型错误", "<script language='javascript'>alert('对不起,您输入的用户类型错误,请重新输入!')</script>");
                }
                else
                {
                    SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["SQLServerConnection"].ToString());
                    String        username   = Request["username"];
                    String        type       = Request["type"];

                    string         sql     = "select * from dotnetexp.dbo." + type + " where username='******';";
                    SqlDataAdapter adapter = new SqlDataAdapter(sql, connection);
                    DataSet        dataSet = new DataSet();
                    adapter.Fill(dataSet, "teacher");
                    if (dataSet.Tables[0].Rows.Count > 0)
                    {
                        ClientScript.RegisterStartupScript(GetType(), "教工号已存在", "<script language='javascript'>alert('对不起,您输入的教工号已存在,请重新输入!')</script>");
                        return;
                    }
                    String fullname = Request["fullname"];
                    String password = Request["password"];
                    if (password == "")
                    {
                        password = "******";
                    }
                    String          email       = Request["email"];
                    List <String[]> teacherList = new List <string[]>();

                    sql = "INSERT INTO dotnetexp.dbo." + type + "(username, fullname, password, email, is_deleted, is_activated) VALUES('" + username + "','" + fullname + "','" + password + "','" + email + "', 0 , 0);";
                    if (connection.State == ConnectionState.Closed)
                    {
                        connection.Open();
                    }
                    SqlCommand cmd = new SqlCommand(sql, connection);
                    object     obj = cmd.ExecuteNonQuery();
                    if (obj != null)
                    {
                        //Success
                    }
                    else
                    {
                        //Fail
                    }
                    Response.Redirect("accountAdmin.aspx");
                }
            }
        }
示例#4
0
        protected void Page_Load(object sender, EventArgs e)
        {
            StatusCheck.loginStatusCheck(Session, Response, "admin");

            if (Request["Request_Method"] == "POST")
            {
                if (Request["id"] != null && (Request["type"].Equals("teacher") || Request["type"].Equals("student")) &&
                    (Request["delete"] == null || !Request["delete"].Equals("1")) &&
                    (Request["reset"] == null || !Request["reset"].Equals("1")))
                {
                    if (Request["username"] == "")
                    {
                        ClientScript.RegisterStartupScript(GetType(), "教工号为空", "<script language='javascript'>alert('对不起,您输入的教工号为空,请重新输入!')</script>");
                    }
                    else if (Request["fullname"] == "")
                    {
                        ClientScript.RegisterStartupScript(GetType(), "姓名为空", "<script language='javascript'>alert('对不起,您输入的姓名为空,请重新输入!')</script>");
                    }
                    else if (!Request["password"].Equals(Request["password2"]))
                    {
                        ClientScript.RegisterStartupScript(GetType(), "密码不一致", "<script language='javascript'>alert('对不起,您输入的密码不一致,请重新输入!')</script>");
                    }
                    else
                    {
                        SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["SQLServerConnection"].ToString());
                        string        username   = Request["username"];
                        string        fullname   = Request["fullname"];
                        string        password   = Request["password"];
                        string        email      = Request["email"];
                        string        type       = Request["type"];

                        string         sql     = "SELECT * FROM dotnetexp.dbo." + type + " WHERE username='******' AND id!=" + Request["id"] + ";";
                        SqlDataAdapter adapter = new SqlDataAdapter(sql, connection);
                        DataSet        dataSet = new DataSet();
                        adapter.Fill(dataSet, "teacher");
                        if (dataSet.Tables[0].Rows.Count > 0)
                        {
                            ClientScript.RegisterStartupScript(GetType(), "教工号已存在", "<script language='javascript'>alert('对不起,您修改的教工号已存在,请重新输入!')</script>");
                        }
                        else
                        {
                            sql = "UPDATE dotnetexp.dbo." + type + " SET username='******', fullname='" + fullname + "', password='******',email='" + email + "' WHERE is_deleted=0 AND id=" + Request["id"] + ";";
                            if (connection.State == ConnectionState.Closed)
                            {
                                connection.Open();
                            }
                            SqlCommand cmd = new SqlCommand(sql, connection);
                            object     obj = cmd.ExecuteNonQuery();
                            if (obj != null)
                            {
                                //Success
                            }
                            else
                            {
                                //Fail
                            }
                            Response.Redirect("accountAdmin.aspx");
                        }
                    }
                }
            }
            else if (Request["id"] != null && (Request["type"].Equals("teacher") || Request["type"].Equals("student")) && Request["delete"] == "1")
            {
                SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["SQLServerConnection"].ToString());
                string        type       = Request["type"];

                string         sql     = "select * from dotnetexp.dbo." + type + " where id='" + Request["id"] + "';";
                SqlDataAdapter adapter = new SqlDataAdapter(sql, connection);
                DataSet        dataSet = new DataSet();
                adapter.Fill(dataSet, "teacher");
                if (dataSet.Tables[0].Rows.Count == 0)
                {
                    ClientScript.RegisterStartupScript(GetType(), "用户不存在", "<script language='javascript'>alert('对不起,用户不存在!')</script>");
                    return;
                }

                sql = "UPDATE dotnetexp.dbo." + type + " SET is_deleted=1 WHERE id=" + Request["id"];
                if (connection.State == ConnectionState.Closed)
                {
                    connection.Open();
                }
                SqlCommand cmd = new SqlCommand(sql, connection);
                object     obj = cmd.ExecuteNonQuery();
                if (obj != null)
                {
                    //Success
                }
                else
                {
                    //Fail
                }

                Response.Redirect("accountAdmin.aspx");
            }
            else if (Request["id"] != null && (Request["type"].Equals("teacher") || Request["type"].Equals("student")) && Request["reset"] == "1")
            {
                SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["SQLServerConnection"].ToString());
                string        type       = Request["type"];

                string         sql     = "select * from dotnetexp.dbo." + type + " where id='" + Request["id"] + "';";
                SqlDataAdapter adapter = new SqlDataAdapter(sql, connection);
                DataSet        dataSet = new DataSet();
                adapter.Fill(dataSet, "user");
                if (dataSet.Tables[0].Rows.Count == 0)
                {
                    ClientScript.RegisterStartupScript(GetType(), "用户不存在", "<script language='javascript'>alert('对不起,用户不存在!')</script>");
                    return;
                }

                sql = "UPDATE dotnetexp.dbo." + type + " SET password='******', is_activated=0 WHERE id=" + Request["id"];
                if (connection.State == ConnectionState.Closed)
                {
                    connection.Open();
                }
                SqlCommand cmd = new SqlCommand(sql, connection);
                object     obj = cmd.ExecuteNonQuery();
                if (obj != null)
                {
                    //Success
                }
                else
                {
                    //Fail
                }

                Response.Redirect("accountAdmin.aspx");
            }

            else if (Request["Request_Method"] == "GET" && Request["id"] != null && (Request["type"].Equals("teacher") || Request["type"].Equals("student")))
            {
                string         type       = Request["type"];
                SqlConnection  connection = new SqlConnection(ConfigurationManager.ConnectionStrings["SQLServerConnection"].ToString());
                string         sql        = "SELECT username,fullname,password,email FROM dotnetexp.dbo." + type + " WHERE is_deleted=0 AND id=" + Request["id"];
                SqlDataAdapter adapter    = new SqlDataAdapter(sql, connection);
                DataSet        dataSet    = new DataSet();
                adapter.Fill(dataSet, "user");
                Session["id"]       = Request["id"];
                Session["username"] = dataSet.Tables[0].Rows[0].ItemArray[0].ToString();
                Session["fullname"] = dataSet.Tables[0].Rows[0].ItemArray[1].ToString();
                Session["password"] = dataSet.Tables[0].Rows[0].ItemArray[2].ToString();
                Session["email"]    = dataSet.Tables[0].Rows[0].ItemArray[3].ToString();
            }
        }
示例#5
0
        protected void Page_Load(object sender, EventArgs e)
        {
            StatusCheck.loginStatusCheck(Session, Response, "user");

            if (Request["Request_Method"] == "POST")
            {
                if (Request["username"] == "")
                {
                    ClientScript.RegisterStartupScript(GetType(), "教工号为空", "<script language='javascript'>alert('对不起,您输入的教工号为空,请重新输入!')</script>");
                }
                else if (Request["fullname"] == "")
                {
                    ClientScript.RegisterStartupScript(GetType(), "姓名为空", "<script language='javascript'>alert('对不起,您输入的姓名为空,请重新输入!')</script>");
                }
                else if (!Request["password"].Equals(Request["password2"]))
                {
                    ClientScript.RegisterStartupScript(GetType(), "密码不一致", "<script language='javascript'>alert('对不起,您输入的密码不一致,请重新输入!')</script>");
                }
                else
                {
                    SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["SQLServerConnection"].ToString());
                    string        username   = Request["username"];
                    string        fullname   = Request["fullname"];
                    string        password   = Request["password"];
                    string        email      = Request["email"];
                    string        usertype   = Session["cur_type"].ToString();



                    string sql = "UPDATE dotnetexp.dbo." + usertype + " SET fullname='" + fullname + "', password='******',email='" + email + "' WHERE is_deleted=0 AND id=" + Session["cur_id"] + ";";
                    if (connection.State == ConnectionState.Closed)
                    {
                        connection.Open();
                    }

                    SqlCommand cmd = new SqlCommand(sql, connection);
                    object     obj = cmd.ExecuteNonQuery();
                    if (obj != null)
                    {
                        //Success
                    }
                    else
                    {
                        //Fail
                    }

                    if (usertype == "teacher")
                    {
                        Response.Redirect("teacher/dashboard.aspx");
                    }
                    else
                    {
                        Response.Redirect("student/dashboard.aspx");
                    }
                }
            }

            else if (Request["Request_Method"] == "GET")
            {
                string         type       = Session["cur_type"].ToString();
                SqlConnection  connection = new SqlConnection(ConfigurationManager.ConnectionStrings["SQLServerConnection"].ToString());
                string         sql        = "SELECT username,fullname,password,email FROM dotnetexp.dbo." + type + " WHERE is_deleted=0 AND id=" + Session["cur_id"];
                SqlDataAdapter adapter    = new SqlDataAdapter(sql, connection);
                DataSet        dataSet    = new DataSet();
                adapter.Fill(dataSet, "user");
                Session["id"]       = Session["cur_id"];
                Session["username"] = dataSet.Tables[0].Rows[0].ItemArray[0].ToString();
                Session["fullname"] = dataSet.Tables[0].Rows[0].ItemArray[1].ToString();
                Session["password"] = dataSet.Tables[0].Rows[0].ItemArray[2].ToString();
                Session["email"]    = dataSet.Tables[0].Rows[0].ItemArray[3].ToString();
            }
        }