三层系统的菜单的权限问题:
所谓菜单,可以是C#做的菜单,也可以是几个js做的图片。
下面是用js做的菜单权限+js的面包屑导航
1.显示层
(1).准备三张图片:d1-1.jpg,d1-2.jpg,d1-3.jpg
用途:已登录显示一张、未登录显示一张、鼠标悬停显示一张。
///有权限的菜单:
//超链接
BB/JHDBB.aspx" target=_self on>mouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('SubjectSort','','../img/d1-2.jpg',1)">
//图片
/d1-1.jpg" width=103 border=0 on>click="return SubjectSort_onclick()" />
//无权限的菜单:
cript:window.alert('对不起,您没有权限,请联系管理员!');" on>mouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('SubjectSort0','','../img/d1-2.jpg',1)">
(2)js:改变导航
2.显示层后台
void ShowOrHide()
{
string userid = "";
CS.Demo.BLL.PopedomSort ips = new CS.Demo.BLL.PopedomSort();
if (Session["ID"] != null)
{
userid = Session["ID"].ToString();
}
if (ips.IsPopedom(userid, "413"))//
{
SubjectSortYes.Visible = true;
SubjectSortNo.Visible = false;
}
else
{
SubjectSortYes.Visible = false;
SubjectSortNo.Visible = true;
}
3.数据层:
方法:ips.IsPopedom(userid, "413")
///
/// 测试用户是否有某一功能权限
///
public bool IsPopedom(string UserID, string PopedomID) //PopedomID权限代码
{
int rowsAffected;
SqlParameter[] parameters = {
new SqlParameter("@UserID", SqlDbType.Int),
new SqlParameter("@PopedomID",SqlDbType.Int)};
parameters[0].Value = UserID;
parameters[1].Value = PopedomID;
int result = DbHelperSQL.RunProcedure("SP_IsPopedom", parameters, out rowsAffected);
if (result == 1)
{
return true;
}
else
{
return false;
}
}
4.DBHelper:
///
/// 执行存储过程,返回影响的行数
///
/// 存储过程名
/// 存储过程参数
/// 影响的行数
///
public static int RunProcedure(string storedProcName, IDataParameter[] parameters, out int rowsAffected)
{
using (SqlConnection connection = new SqlConnection(connectionString))
{
int result;
connection.Open();
SqlCommand command = BuildIntCommand(connection, storedProcName, parameters);
rowsAffected = command.ExecuteNonQuery();
result = (int)command.Parameters["ReturnValue"].Value;//返回存储过程的返回值
//Connection.Close();
return result;
}
}
///
/// 创建 SqlCommand 对象实例(用来返回一个整数值)
///
/// 存储过程名
/// 存储过程参数
/// SqlCommand 对象实例
private static SqlCommand BuildIntCommand(SqlConnection connection, string storedProcName, IDataParameter[] parameters)
{
SqlCommand command = BuildQueryCommand(connection, storedProcName, parameters);
command.Parameters.Add(new SqlParameter("ReturnValue",
SqlDbType.Int, 4, ParameterDirection.ReturnValue,
false, 0, 0, string.Empty, DataRowVersion.Default, null));
return command;
}
5.数据库中的存储过程
------------------------------------
--用途:是否已经存在
--项目名称:Finance
--说明:
--时间:2009-6-5 16:44:40
------------------------------------
CREATE PROCEDURE SP_IsPopedom
@UserID INT,
@PopedomID INT
AS
DECLARE @TempID int
SELECT @TempID = count(1) FROM [UserPopedom] WHERE UseID=@UserID AND PopID=@PopedomID
IF @TempID = 0
RETURN 0
ELSE
RETURN 1
GO
<script type="text/javascript" id="wumiiRelatedItems"> </script>