user.cs

网上购物系统源代码加毕业设计论文

using System;
using System.Data;
using System.Data.SqlClient;

namespace eshop.BLL


{


	public class UserInfo
	{
		public string userRealName;
		public string zipcode;
		public string email;
		public string sex;
		public string address;
	}
	/// <summary>
	/// User 的摘要说明。
	/// </summary>
	public class User
	{
		public User()
		{
			
		}
		public int SignIn(string userName, string userPwd)
		{
			SqlParameter[] signInPara = {
										   new SqlParameter("@userName", userName),
										   new SqlParameter("@userPwd", userPwd)
									   };
			//返回userId的值，如果不存在记录，返回为0
			return Convert.ToInt32(DAL.SQLHelper.ExecuteScalar(DAL.SQLHelper.CONN_STRING, 
				CommandType.StoredProcedure, "SignIn", signInPara));
		}

		public int ChangePassword (string oldPassword, string newPassword, int userId)
		{
			object m_DBNull = Convert.DBNull;

			SqlParameter[] para = {
									  new SqlParameter("@userId", userId),
									  new SqlParameter("@oldPassword", oldPassword),
									  new SqlParameter("@newPassword", newPassword),
									  new SqlParameter("@result", SqlDbType.Int, 8, ParameterDirection.Output,
									  true, 0, 0, "", DataRowVersion.Default, m_DBNull)
								  };
			try
			{
				DAL.SQLHelper.ExecuteNonQuery(DAL.SQLHelper.CONN_STRING, CommandType.StoredProcedure, "ChangePassword", para);
			}
			catch
			{
				throw;
			}

			return Convert.ToInt32(para[3].Value);
		}

		public UserInfo GetUserInfo(string userId)
		{
			SqlParameter[] para = {
									  new SqlParameter("@userId", int.Parse(userId))
								  };
			
			SqlDataReader dr = DAL.SQLHelper.ExecuteReader(DAL.SQLHelper.CONN_STRING, CommandType.StoredProcedure, "GetUserInfo", para);

			dr.Read();

			UserInfo userInfo = new UserInfo();
			userInfo.userRealName = dr["UserRealName"].ToString();
			userInfo.zipcode = dr["zipcode"].ToString();
			userInfo.address = dr["address"].ToString();
			userInfo.email = dr["email"].ToString();
			userInfo.sex = dr["sex"].ToString();

			return userInfo;
		}
			
		public int ChangeProfile(string userId, string userRealName, string address, 
			string zipCode, string email ,string sex)
		{

			SqlParameter[] para = {
									  new SqlParameter("@userId", int.Parse(userId)),
									  new SqlParameter("@userRealName", userRealName),
									  new SqlParameter("@address", address),
									  new SqlParameter("@zipcode", zipCode),
									  new SqlParameter("@email", email),
									  new SqlParameter("@sex", sex)
								  };

			return DAL.SQLHelper.ExecuteNonQuery(DAL.SQLHelper.CONN_STRING, CommandType.StoredProcedure, 
				"EditAcount", para);
		}

		public int AddNewUser(string userName, string password, string question, string answer)
		{
			object m_DBNull = Convert.DBNull;

			SqlParameter[] para = {
									  new SqlParameter("@userName", userName),
									  new SqlParameter("@Password", password),
									  new SqlParameter("@question", question),
									  new SqlParameter("@answer", answer),
									  new SqlParameter("@result", SqlDbType.Int, 8, ParameterDirection.Output,
									  true, 0, 0, "", DataRowVersion.Default, m_DBNull)
								  };

			try
			{
				DAL.SQLHelper.ExecuteNonQuery(DAL.SQLHelper.CONN_STRING, CommandType.StoredProcedure,
					"AddNewUser", para);
			}
			catch
			{
				throw;
			}

			return Convert.ToInt32(para[4].Value);
		}


		public int GetBackPassword(string userName, string question, string answer, string email)
		{
			object m_DBNull = Convert.DBNull;
			//获得新的随机密码
			string newPassword = MakePassword(6);
			//定义存储过程参数 
			SqlParameter[] para = {
									  new SqlParameter("@userName", userName),
									  new SqlParameter("@question", question),
									  new SqlParameter("@answer", answer),
									  new SqlParameter("@newPassword", newPassword),
									  new SqlParameter("@result", SqlDbType.Int, 8, ParameterDirection.Output,
									  true, 0, 0, "", DataRowVersion.Default, m_DBNull)
								  };
			
			//执行存储过程
			try
			{
				DAL.SQLHelper.ExecuteNonQuery(DAL.SQLHelper.CONN_STRING, CommandType.StoredProcedure,
					"GetBackPwd", para);
			}
			catch
			{
				throw new Exception("邮件无法发送！");
			}
			//获得输出参数的值
			int result = Convert.ToInt32(para[4].Value);
			//如果密码保护资料填写正确
			if (result == 1)
			{
				//从Web.config获取发信人地址、邮件标题、邮件用户名和密码以及SmtpServer
				string sender = System.Configuration.ConfigurationSettings.AppSettings["mainSender"];
				string title = System.Configuration.ConfigurationSettings.AppSettings["mailTitle"];
				string mailUser =  System.Configuration.ConfigurationSettings.AppSettings["mailUser"];
				string mailPwd = System.Configuration.ConfigurationSettings.AppSettings["mailPwd"];
				string smtpServer = System.Configuration.ConfigurationSettings.AppSettings["mailSmtpServer"];
				//发信
				try
				{
					Mail.CDOsendmail(sender, email, title, "您在eshop的密码已找回,新密码为"+newPassword 
						, mailUser, mailPwd, smtpServer);
				}
				catch(Exception ex)
				{
					throw new Exception(ex.Message);
				}
			}

			return result;
		}


		//随机生成密码
		private static string MakePassword(int pwdLength)
		{
			//声明要返回的字符串
			string tmpstr = "";
			//密码中包含的字符数组
			string pwdchars="abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
			//数组索引随机数
			int iRandNum;
			//随机数生成器
			Random rnd = new Random();
			for(int i=0;i<pwdLength;i++)
			{
				//Random类的Next方法生成一个指定范围的随机数
				iRandNum = rnd.Next(pwdchars.Length);
				//tmpstr随机添加一个字符
				tmpstr += pwdchars[iRandNum];
			}
			return tmpstr;
		}
		
			
	}
}