protected void btnUpdateKey_Click(object sender, System.EventArgs e) { if (txtKey.Text.Trim() != txtKeyConfirm.Text.Trim()) { Response.Write(MyUtility.Alert("两次输入密码不相符合")); return; } string sql = "update Student set SKey = '" + MyUtility.MD5(txtKey.Text.Trim()) + "' where SId = '" + Session["Id"].ToString() + "'"; if (Db.ExecuteSql(sql) == 1) { Response.Write(MyUtility.Alert("修改成功!")); } else { Response.Write(MyUtility.Alert("修改失败!")); }; }
protected void btnAddStudent_Click(object sender, System.EventArgs e) { if (txtSId.Text.Trim() == "") { Response.Write(MyUtility.Alert("请输入学生学号!")); return; } if (txtSName.Text.Trim() == "") { Response.Write(MyUtility.Alert("请输入学生姓名!")); return; } string sql = "insert into Student(SId,SKey,SName,SCredit,SLocked) values('" + txtSId.Text.Trim() + "','" + MyUtility.MD5(txtSId.Text.Trim()) + "','" + txtSName.Text.Trim() + "',0,0)"; try { if (Db.ExecuteSql(sql) == 1) { sql = "select * from Student"; DataSet ds1 = Db.ExecuteSelectSql(sql); if (ds1 != null && ds1.Tables.Count > 0) { dgViewS.DataSource = ds1.Tables[0]; dgViewS.DataBind(); } } else { Response.Write(MyUtility.Alert("添加失败-_-,请检查学号是否已经存在!")); return; } } catch { Response.Write(MyUtility.Alert("添加失败-_-,请检查学号是否已经存在!")); return; } }
protected void btnAddTearcher_Click(object sender, System.EventArgs e) { if (txtTId.Text.Trim() == "") { Response.Write(MyUtility.Alert("请输入教师编号!")); return; } if (txtTName.Text.Trim() == "") { Response.Write(MyUtility.Alert("请输入教师姓名!")); return; } string sql = "insert into Teacher(TId,TKey,TName) values('" + txtTId.Text.Trim() + "','" + MyUtility.MD5(txtTId.Text.Trim()) + "','" + txtTName.Text.Trim() + "')"; try { if (Db.ExecuteSql(sql) == 1) { sql = "select * from Teacher"; DataSet ds1 = Db.ExecuteSelectSql(sql); if (ds1 != null && ds1.Tables.Count > 0) { dgViewT.DataSource = ds1.Tables[0]; dgViewT.DataBind(); } } else { Response.Write(MyUtility.Alert("添加失败-_-,请检查编号是否已经存在!")); return; } } catch { Response.Write(MyUtility.Alert("添加失败-_-,请检查编号是否已经存在!")); return; } }
protected void btnLogin_Click(object sender, System.EventArgs e) { int type = Int32.Parse(ddlType.SelectedItem.Value); string user = txtUser.Text.Trim(); string inputkey = txtKey.Text.Trim(); string key = ""; string sql = ""; DataSet ds; switch (type) { case 1: //学生 sql = "select SKey from Student where SId like '" + user + "'"; ds = Db.ExecuteSelectSql(sql); if (ds != null && ds.Tables.Count > 0 && ds.Tables[0].Rows.Count > 0 && !ds.Tables[0].Rows[0].IsNull(0)) { key = ds.Tables[0].Rows[0][0].ToString(); if (MyUtility.MD5(inputkey) == key) //密码正确登陆成功 { Session["Id"] = user; Session["Type"] = type; //Response.Write(MyUtility.Alert("学生"+user+"登陆成功")); Response.Redirect("StudentMain.aspx"); } else //密码错误 { Response.Redirect("Error.aspx?code=" + ErrorInfo.ERR_KEYERROR.ToString()); } } else //不存在该学生 { Response.Redirect("Error.aspx?code=" + ErrorInfo.ERR_NOSTUDENT.ToString()); } break; case 2: //教师 sql = "select TKey from Teacher where TId like '" + user + "'"; ds = Db.ExecuteSelectSql(sql); if (ds != null && ds.Tables.Count > 0 && ds.Tables[0].Rows.Count > 0 && !ds.Tables[0].Rows[0].IsNull(0)) { key = ds.Tables[0].Rows[0][0].ToString(); if (MyUtility.MD5(inputkey) == key) //密码正确登陆成功 { Session["Id"] = user; Session["Type"] = type; //Response.Write(MyUtility.Alert("教师"+user+"登陆成功")); Response.Redirect("TeacherMain.aspx"); } else { Response.Redirect("Error.aspx?code=" + ErrorInfo.ERR_KEYERROR.ToString()); } } else { Response.Redirect("Error.aspx?code=" + ErrorInfo.ERR_NOTEACHER.ToString()); } break; case 3: //系统管理员 sql = "select AKey from Admin where AId like '" + user + "'"; ds = Db.ExecuteSelectSql(sql); if (ds != null && ds.Tables.Count > 0 && ds.Tables[0].Rows.Count > 0 && !ds.Tables[0].Rows[0].IsNull(0)) { key = ds.Tables[0].Rows[0][0].ToString(); if (MyUtility.MD5(inputkey) != key) //密码正确登陆成功 { Session["Id"] = user; Session["Type"] = type; // Response.Write(MyUtility.Alert("系统管理员"+user+"登陆成功")); Response.Redirect("Admin.aspx"); } else //密码错误 { Response.Redirect("Error.aspx?code=" + ErrorInfo.ERR_KEYERROR.ToString()); //Console.WriteLine(MyUtility.MD5(inputkey)); } } else //不存在该系统管理员 { Response.Redirect("Error.aspx?code=" + ErrorInfo.ERR_NOADMIN.ToString()); } break; default: break; } }