default.aspx.cs

一个实用的高校教师档案管理系统

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

public partial class _Default : System.Web.UI.Page 
{
    DBClass dbObj=new DBClass() ;
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            //Random randobj = new Random();
            //lbValidate.Text = randobj.Next(1000, 10000).ToString();
            lbValidate.Text = new randomCode().RandomNum(4);   //产生验证码
            //利用GetConfigInfo方法获取系统配置信息
            GetConfigInfo(); 
           
        }
    }
    //登录按钮
    protected void imgbtnLoad_Click(object sender, ImageClickEventArgs e)
    {
        if (txtUserName.Text.Trim() == "" && txtPassWord.Text.Trim() == "")
        {
            Response.Write("<script>alert('对不起，请输入用户名和密码！');location='javascript:history.go(-1)';</script>");
            return;
        }
        else if (txtValidate.Text == "" || txtValidate.Text != lbValidate.Text)
            {
                Response.Write("<script>alert('验证码不正确');location='javascript:history.go(-1)';</script>");
                return;
            }
       else
            {
                //利用GetUserInfo方法，判断用户是否正确登录。
                //如果正确登录，则修改用户表信息，并跳转到Index.aspx页
                GetUserInfo(txtUserName.Text.Trim());
            }
    }
    /// <summary>
    /// 获取系统配置信息
    /// </summary>
    public void GetConfigInfo()
    {
        Session["isOpen"] = "";
        Session["isSearch"] = "";
        SqlConnection myConn = dbObj.GetConnection();
        SqlCommand myCmd = new SqlCommand("Proc_GetConfigInfo", myConn);
        myCmd.CommandType = CommandType.StoredProcedure;
        //执行过程
        myConn.Open();
        SqlDataReader rd = myCmd.ExecuteReader();
        if (rd.Read())
        {
            Session["isOpen"]=rd["isOpen"];
            Session["isSearch"] = rd["isSearch"];
        }
        else
        {
            Response.Write("<script>alert('对不起，系统发生未知错误，请重新登录！');location='javascript:history.go(-1)';</script>");
        
        }
        rd.Close();
        myCmd.Dispose();
        myConn.Close();
    }
    /// <summary>
    /// 获取用户登录信息
    /// </summary>
    /// <param name="P_Str_userId">唯一标志</param>
    public void GetUserInfo(string P_Str_userId)
    {
        Session["UID"] = "";
        Session["Username"] = "";
        Session["UserpowerID"] = "";
        Session["Userpower"] = "";
        Session["Admin"] = -1;
        SqlConnection myConn = dbObj.GetConnection();
        SqlCommand myCmd = new SqlCommand("Proc_GetUserInfo", myConn);
        myCmd.CommandType = CommandType.StoredProcedure;
        //添加参数
        SqlParameter userId = new SqlParameter("@userid", SqlDbType.NVarChar, 50);
        userId.Value = P_Str_userId;
        myCmd.Parameters.Add(userId);
        //执行过程
        myConn.Open();
        SqlDataReader rd = myCmd.ExecuteReader();
        if (rd.Read())
        {
            if (txtPassWord.Text.Trim() != rd["userpass"].ToString())
            {

                Response.Write("<script>alert('对不起，您输入的密码不正确！');location='javascript:history.go(-1)';</script>");

            }
            else
                if (((chkbtnPower.Checked == false) && (Convert.ToInt32(rd["userpower"].ToString()) == 1)) || ((chkbtnPower.Checked == true ) && (Convert.ToInt32(rd["userpower"].ToString()) == 0)))
                {

                    Response.Write("<script>alert('对不起，您登录的身份不对！');location='javascript:history.go(-1)';</script>");

                }
                else
                {
                    Session["UID"] = rd["id"];
                    Session["Username"] = rd["userid"];
                    Session["UserpowerID"] = rd["userpower"];
                    if (chkbtnPower.Checked == true)
                    {
                        Session["Userpower"] = "管理员";

                    }
                    else
                    { 
                     Session["Userpower"] = "教师";
                    
                    }
                   
                    if (Convert.ToInt32(rd["userpower"].ToString()) == 1)
                    {
                        Session["Admin"] = 1;

                    }
                    dbObj.UpdateUserInfo(Convert.ToString(Session["UID"]));
                    Response.Redirect("~/Frame/Index.aspx");
                }
        }
        else
        {

            Response.Write("<script>alert('对不起，您输入的用户名不存在！');location='javascript:history.go(-1)';</script>");
        }
        rd.Close();
        myCmd.Dispose();
        myConn.Close();
    }
  
}