📄 administrator.vb
字号:
'
' Copyright(C)2006,济南大学材料科学与工程学院
' All right reserved.
'
' 文件名称:SqlDataAccess.vb
' 文件标识:
' 摘 要:SQL数据库引擎代码
'
' 当前版本:1.0.0
' 作 者:梁 海
' 完成日期:2006-10-3
'
' 取代版本:
' 原作者 :
' 完成日期:
'
' 修改历史:
'
Imports System.Web.Security
Imports System.Data.SqlClient
'
' 类 名:Administrator
' 摘 要:实现对后台管理员的管理
' 1.判断用户是否存在
' 2.验证密码
' 3.用户添加
' 4.用户删除
' 5.密码修改
'
Public Class Administrator
Private _ID As Integer '用户编号
Private _Name As String '用户名
Private _Password As String '用户密码
Private _Power As Integer '用户权限
Private _IsLogin As Boolean '标记--是否登陆成功 True为成功 False 为不成功
Private _Op_SQL As SqlDataAccess 'SQL数据库操作对象SqlDataAccess类
'
' 构造函数
'
Sub New()
_ID = Nothing
_Name = Nothing
_Password = Nothing
_Power = Nothing
_IsLogin = False
_Op_SQL = New SqlDataAccess
End Sub
'
' 构造函数
' 摘要:Name:用户登陆名;Password用户密码
'
Sub New(ByVal Name As String, ByVal Password As String)
_ID = Nothing
If Name.Length > 32 Then
Name = Name.Substring(0, 32) '用户名限制为32位
End If
_Name = FilterText(Name)
_Password = EnCode(Password)
_Power = Nothing
_IsLogin = False
_Op_SQL = New SqlDataAccess
End Sub
'
' 属性名称:ID()
' 摘 要:只读,用户编号,
'
Public ReadOnly Property ID() As Integer
Get
Return _ID
End Get
End Property
'
' 属性名称:Name()
' 摘 要:只读,用户登陆名,
'
Public Property Name() As String
Get
Return _Name
End Get
Set(ByVal Value As String)
If Value.Length > 32 Then
Value = Value.Substring(0, 32) '用户名限制为32位
End If
_Name = FilterText(Value)
End Set
End Property
'
' 属性名称:Password()
' 摘 要:只读,用户密码,
' 返回的是经过SHA1加密后的密文
'
Public Property Password() As String
Get
Return _Password
End Get
Set(ByVal Value As String)
_Password = EnCode(Value)
End Set
End Property
'
' 属性名称:Power()
' 摘 要:只读,用户权限
'
Public Property Power() As Integer
Get
Return _Power
End Get
Set(ByVal Value As Integer)
_Power = Value
End Set
End Property
'
' 属性名称:IsLogin()
' 摘 要:只读,登陆是否成功
'
Public ReadOnly Property IsLogin() As Boolean
Get
Return _IsLogin
End Get
End Property
'
' 方法名称:EnCode()
' 摘 要:对用户密码进行SHA1加密方式
' 返回加密后的密文
'
Private Function EnCode(ByVal s As String) As String
'截取前32位
If s.Length > 32 Then
s = s.Substring(0, 32)
End If
Return FormsAuthentication.HashPasswordForStoringInConfigFile(s, "SHA1")
End Function
'
' 方法名称:FilterText()
' 摘 要:对用户名称进行特殊符号过滤
' 返回过滤后的名称
'
Private Function FilterText(ByVal s As String) As String
s = s.Replace("'", "")
s = s.Replace(",", "")
s = s.Replace(";", "")
s = s.Replace("?", "")
s = s.Replace("@", "")
s = s.Replace("!", "")
s = s.Replace("#", "")
s = s.Replace("$", "")
s = s.Replace("^", "")
s = s.Replace("&", "")
s = s.Replace("|", "")
s = s.Replace("--", "")
s = s.Replace("<", "")
s = s.Replace(">", "")
s = s.Replace("=", "")
s = s.Replace("%", "")
s = s.Replace("*", "")
s = s.Replace("+", "")
s = s.Replace("-", "")
s = s.Replace("*", "")
s = s.Replace("/", "")
s = s.Replace("\", "")
s = s.Replace("[", "")
s = s.Replace("]", "")
s = s.Replace("{", "")
s = s.Replace("}", "")
s = s.Replace("[", "")
s = s.Replace("]", "")
Return s
End Function
'
' 方法名称:Exists()
' 摘 要:判断用户是否存在
'
Public Function Exists() As Boolean
Dim strSql As String
Dim blnExists As Boolean
If Me._Name = Nothing Then
Return False
End If
strSql = "SELECT COUNT(*) FROM [Administrator] WHERE (Name='" & Me._Name & "')"
_Op_SQL.Sql = strSql
If CInt(_Op_SQL.ExecuteScalar()) = 1 Then
blnExists = True
Else
blnExists = False
End If
Return blnExists
End Function
'
' 方法名称:CheckPassword()
' 摘 要:判断用户密码是否正确
'
Public Function CheckPassword() As Boolean
Dim oReader As SqlDataReader
Dim blnPass As Boolean = False
Dim strSql As String
If Exists() Then
strSql = "SELECT ID,Name,[Password],Power FROM [Administrator] WHERE " & _
"(Name='" & Me._Name & "' AND [Password]='" & Me._Password & "')"
_Op_SQL.Sql = strSql
oReader = _Op_SQL.DataReader()
oReader.Read()
If oReader.HasRows() Then
Me._Power = CType(oReader.Item("Power"), Integer)
Me._ID = CType(oReader.Item("ID"), Integer)
Me._IsLogin = True
blnPass = True
Else
blnPass = False
End If
Else
blnPass = False
End If
Return blnPass
End Function
'
' 方法名称:Add()
' 摘 要:添加用户
'
Public Function Add() As Boolean
Dim strSql As String
Dim intCount As Integer
Dim IsAdd As Boolean
If Me._Name = Nothing Or Me._Password = Nothing Then
Return False
Exit Function
End If
If Not Exists() Then
strSql = "INSERT INTO [Administrator](Name,[Password],Power) VALUES('" & _
Me._Name & "','" & Me._Password & "','" & Me._Power & "')"
_Op_SQL.Sql = strSql
intCount = _Op_SQL.ExecuteNonQuery()
If intCount = 1 Then
IsAdd = True
Else
IsAdd = False
End If
Else
IsAdd = False
End If
Return IsAdd
End Function
'
' 方法名称:Delete()
' 摘 要:删除用户
'
Public Function Delete() As Boolean
Dim strSql As String
Dim IsDel As Boolean
Dim intCount As Integer
If Exists() Then
strSql = "DELETE FROM [Administrator] WHERE (Name='" & Me._Name & "')"
_Op_SQL.Sql = strSql
If 1 = _Op_SQL.ExecuteNonQuery() Then
IsDel = True
Else
IsDel = False
End If
Else
IsDel = False
End If
Return IsDel
End Function
'
' 方法名称:ModifyPassword()
' 摘 要:修改用户密码
'
Public Function ModifyPassword(ByVal NewPassword As String) As Boolean
Dim strSql As String
Dim IsModify As Boolean
If (Exists() And CheckPassword()) Then
strSql = "UPDATE [Administrator] SET [Password]='" & _
EnCode(NewPassword) & "' WHERE (Name='" & Me._Name & "')"
_Op_SQL.Sql = strSql
If 1 = _Op_SQL.ExecuteNonQuery Then
IsModify = True
Else
IsModify = False
End If
Else
IsModify = False
End If
Return IsModify
End Function
'
' 析构函数
'
Protected Overrides Sub Finalize()
Me._Op_SQL = Nothing
System.GC.Collect()
End Sub
End Class
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -