1.数据库设计
2.配置web.config
<configuration>
<appSetting>
<add key = "ConnectionString" value = "server=LGL\MR;database = db_Student;"/>
</appSetting>
...
</configuration>
3.公共类编写
class DB
{
//连接数据库
public SqlConnection GetCon()
{
return new SqlConnection(ConfigurationManager.AppSettings["ConnectionString"].ToString());
}
//执行SQL语句
public int sqlEx(string cmdstr)
{
SqlConnection con = GetCon();
con.Open();
SqlCommand cmd = new SqlCommand(cmdstr,con);
try
{
cmd.ExecuteNonQuery();
return 1;//执行SQL语句并返回受影响的行数
}
catch(Exception e)
{
return 0;
}
finally
{
con.Dispose();
}
}
//执行SQL查询语句
public DataTable reDt(string cmdstr)
{
SqlConnection con = GetCon();
SqlDataApadpter da = new SqlDataAdapter(cmdstr,con);
DataSet ds = new DataSet();
da.Fill(ds);
return(ds.Tables[0]);
}
//执行SQL查询语句
public SqlDataReader reDr(string str)
{
SqlConnection conn = GetCon();
conn.Open();
SqlCommand com = com.ExcuteReader(CommandBehavior.CloseConnection);
return dr;
}
}
4.模块设计说明
4.1 登录页面(Login.aspx)实现过程
//登录按钮
protected void btnLogin_Click(object sender,EventArgs e)
{
DB db = new DB();
string userName = this.txtUserName.Text.Trim();
string passWord = db.GetMD5(this.txtPwd.Text.Trim());
string num = this.txtValidateNum.Text.Trim();
if(Session["ValidateNum"].ToString() == num.ToUpper())
{
SqlDataReader dr = db.reDr("select * from tb_User where UserName +'"userName"' and PassWord = +'"password + "'");
dr.Read();
if(dr.HasRows)
{
Session["UserID"] = dr.GetValue(0);
Session["Role"] = dr.GetValue(4);
Response.Redirect("-/UserManagement.aspx");
}
else
{
Response.Write("<script>alert("登录失败,请返回找原因");location = 'Login.aspx'</script>");
}
dr.Close();
}
else
{
Response.Write("<script>alert("验证码输入错误");location = 'Login.aspx'</script>");
}
}
//注册按钮
protected void btnRegister_Click(object sender,EventArgs e)
{
Response.Redirect("-/Register.aspx");
}
4.2注册用户页面实现过程
int reValue;//-1:用户名存在;0:失败;1:成功;2:用户名不存在
//省略Page_Load事件
//注册新用户
protected void btnOk_Click(object sender,EventArgs e)
{
reValue = CheckName();
if(reValue == -1)
{
Response.Write(<script>alert('用户名存在!');</script>);
}
else
{
DB db = new DB();
string UserName = this.txtUserName.Text;
string PassWord = db.GetMD5(this.txtPwd.Text.ToString());
string Email = this.txtEmail.Text;
string cmdstr = "insert into tb_User(UserName,PassWord,Email) values('"+UserName+"','" + PassWord+ "','" + Email + "')";
try
{
reValue = db.sqlEx(cmdstr);
if(reValue == 1)
{
Response.Write(<script>alert('注册成功!');</script>);
Clear();//清空文本框
}
else if(reValue == 0)
{
Response.Write(<script>alert('注册失败!');</script>);
}
}
catch(Exception ee)
{
Response.Write(<script>alert('注册失败!');</script>);
}
}
}
//检查用户是否存在
protected void lnkbtnCheck(object sender,EventArgs e)
{
reValue = CheckName();
if(reValue == -1)
{
Response.Write(<script>alert('用户名存在!');</script>);
this.txtUserName.Focus();
}
else if(reValue == 2)
{
Response.Write(<script>alert('恭喜您!该用户名尚未注册');</script>);
this.txtUserName.Focus();
}
}
public int CheckName()
{
DB db = new DB();
string str = "select count(*) from tb_User where UserName = '" + this.txtUserName.Text+"'";
try
{
DataTable dt = db.reDt(str);
if(dt.Rows[0][0].ToString() != 0)
{
return -1;//用户名已经存在
}
else
{
return 2;//该用户名尚未注册
}
}
catch(Expection ee)
{
return 0;
}
}
4.3用户管理页面
在页的初始化事件Page_Load中,主要实现根据用户的权限设置相应的查询条件,并调用DataListBind()方法显示用户信息。
public static string selVal;//设置查询条件
protected void Page_Load(object sender,EventArgs e)
{
if(!IsPostBack)
{
if(Convert.ToBoolean(Session["Role"]))
selVal = "";
else
{
selVal = "where UserID =" + Session["UserID"].ToString();
}
}
}
public void DataListBind()
{
DB db = new DB();
string sqlstr = "select * from tb_User" + selVal;
DataTable dt = db.reDt(sqlstr);
DataList1.DataSource = dt;
DataList1.DataBind();
}
ItemCommand事件是在选择与绑定项目关联的命令时发生。
protected void DataList1_ItemCommand(object source ,DataListCommandEvevtArgs e)
{
//1.1单击用户信息列表中显示用户名的按钮(LinkButton)时,将显示该用户的用户名和email信息.
// 将触发DataList控件的ItemCommand事件,显示SelectedItemTemplate模板中用户的详细信息
if(e.CommmandName == "select")
{
DataList1.SelectedIndex = e.Item.ItemIndex;
DataListBind();
}
//1.2单击SelectedItemTemplate模板中的“修改用户信息”按钮,也会触发DataList控件的ItemCommand事件
//CommandName属性为updateName,CommandArgument属性与数据库中的UserID绑定。
if(e.CommmandName == "updataName")
{
string userName = ((TextBox)e.Item.FindControl("txtUserName")).Text;
string email = ((TextBox))e.Item.FindControl("txtEmail").Text;
string userID = e.CommandArgument.ToString();
string sqlStr = "update tb_User set UserName = '"+ userName + "',Email = '"+email+"'where UserID =" + userID;//手动高亮
int reValue = db.sqlEx(sqlStr);
if(reValue == 0)
Response.Write("<script>('用户信息修改失败!');</script>")
DataList1.SelectedIndex = e.Item.ItemIndex;
DataListBind();
}
//1.3单击SelectItemTemplate模板中的“取消”按钮
if(e.CommmandName == "cancel")
{
DataList1.SelectedIndex = -1;
DataListBind();
}
}
//2.1单击用户信息中的“编辑”按钮时,将显示要修改的用户密码信息。按钮的CommandName属性为edit
protected void DataList1_EditCommand(object source ,DataListCommandEvevtArgs e)
{
DataList1.SelectedIndex = e.Item.ItemIndex;
DataListBind();
}
图
//2.2单击修改密码按钮和取消按扭,分别触发UpdateCommand事件和CancelCommand事件
protected void DataList1_UpdateCommand(object source ,DataListCommandEvevtArgs e)
{
DB db = new DB();
string userName = ((Label)e.Item.FindControl("lblUserName")).Text;
string oldpassWord = ((TextBox))e.Item.FindControl("txtOldpwd").Text;
string newpassWord = ((TextBox))e.Item.FindControl("txtNewpwd").Text;
if(db.GetMD5(oldpassWord) == e.CommandArgument.ToString())//手动高亮
{
string sqlStr = "update tb_User set PassWord = '"+ db.MD5(newpassword) + "'where UserName =" + userName + "'";//手动高亮
int reValue = db.sqlEx(sqlStr);
if(reValue == 0)
Response.Write("<script>('密码修改失败!');</script>")
else
Response.Write("<script>('您的密码已经成功修改!');</script>")
DataList1.EditItemIndex = -1;//手动高亮
DataListBind();
}
else
{
Response.Write("<script>('您输入的旧密码不正确,您的密码没有被更改');</script>")
}
}
protected void DataList1_CancelCommand(object source ,DataListCommandEvevtArgs e)
{
DataList1.EditItemIndex = -1;
DataListBind();
}
//3.1删除按钮
protected void DataList1_DeleteCommand(object source ,DataListCommandEvevtArgs e)
{
DB db = new DB();
string userID = e.CommandArgument.ToString();
string sqlStr = "delete from tb_USer where UserID = " + userID;//手动高亮
int reValue = db.sqlEx(sqlStr);
if(reValue == 0)
Response.Write("<script>('删除失败');</script>")
DataListBind();
}
//3.1在Button控件的btnDelete_Load事件中编写代码以弹出确认对话框
protected void btnDelete_Load(object sender,EventArgs e)
{
((Button)sender).Attributes["onclick"] = "javascript:return confirm('你确认要删除该条记录吗?')";
}
//DataList控件中的删除按钮的代码如下
<asp:Button ID= "btnDelete" runat = "server" CommandName = "delete" Text="删除"
CommandArgument ='<%# DataBinder.Eval(Container.DataItem,"UserID")%>'>
//4.1设置用户权限
if(e.CommandName == "setRole")
{
string userID = e.CommandArgument.ToString();
string roleText = ((Button)e.Item.FindControl("btnSetRole")).Text;
bool role = (roleText == "取消管理员权限"? false : true);
string sqlStr = "update tb_User set Role =" + role + "where UserID=" + userID;
if(reValue == 0)
Response.Write("<script>('管理员设置失败');</script>")
DataListBind();
}