You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
DS7/DSWebMobileService/UserServer.asmx.cs

102 lines
5.6 KiB
C#

using System;
using System.Collections.Generic;
using System.Data;
using System.Text;
using System.Web;
using System.Web.Services;
using DSWeb.DataAccess;
namespace DSWebMobileService
{
/// <summary>
/// UserServer 的摘要说明
/// </summary>
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[System.ComponentModel.ToolboxItem(false)]
// 若要允许使用 ASP.NET AJAX 从脚本中调用此 Web 服务,请取消对下行的注释。
// [System.Web.Script.Services.ScriptService]
public class UserServer : System.Web.Services.WebService
{
[WebMethod]
public static DataTable Login(string _userName, string _password)
{
StringBuilder sql = new StringBuilder();
DataTable dt = new DataTable();
sql.AppendLine("SELECT A.GID,B.COMPANYID,A.USERNAME,A.CODENAME,A.PASSWORD,A.SHOWNAME,A.ENROLLTIME,A.CREATEUSER,A.MODIFIEDUSER,A.MODIFIEDTIME,A.ISDELETED,A.ISDISABLE ");
sql.AppendLine("FROM [user] AS A LEFT JOIN user_company as B ON A.GID = B.USERID INNER JOIN company AS C ON B.COMPANYID = C.GID WHERE A.CODENAME = '" + _userName + "' AND ");
sql.AppendLine("A.PASSWORD = '" + _password + "' AND C.CODENAME=(select F.CODENAME from [user] as D left join [user_company] as E on D.GID=E.USERID left join [company] as F on E.COMPANYID=F.GID ");
sql.AppendLine("where D.CODENAME='" + _userName + "' and D.PASSWORD='" + _password + "' and D.ISDELETED=0 and D.ISDISABLE=0) and A.ISDELETED=0 and A.ISDISABLE=0 ");
dt = SqlHelper.ExecuteSql(sql.ToString());
return dt;
}
[WebMethod]
public static DataTable LoginUserInfo(UserInfomationModule _user)
{
string username = _user.UserName;
string password = _user.Password;
DataTable dt = new DataTable();
StringBuilder sql = new StringBuilder();
sql.AppendLine("select A.GID,C.GID as COMPANYID,A.USERNAME,A.CODENAME,A.[PASSWORD],A.SHOWNAME,B.COMPANYNAME,B.DEPTNAME,B.QQ,B.MSN,B.OFFICEPHONE,B.HOMEPHONE,B.MOBILE,B.FAX, ");
sql.AppendLine("B.EMAIL1,B.EMAIL2,B.HOMEADDRESS,B.REMARK,B.EMERGUSER,B.EMERGPHONE,B.EMERGEMAIL,B.POSTCODE, ");
sql.AppendLine("(select GID from sys_dept where LINKID=C.GID and DEPTNAME=(select DEPTNAME from user_baseinfo where USERID=A.GID)) as DEPTID,(select DEPTNAME from sys_dept where LINKID=C.GID and DEPTNAME=(select DEPTNAME from user_baseinfo where USERID=A.GID)) as DEPTNAME ");
sql.AppendLine("from [dbo].[user] as A ");
sql.AppendLine("left join [dbo].[user_baseinfo] as B on A.GID=B.USERID ");
sql.AppendLine("left join [dbo].[company] as C on B.COMPANYNAME=C.NAME ");
sql.AppendLine("where A.CODENAME='" + _user.CodeName + "' and A.PASSWORD='" + _user.Password + "' and A.ISDELETED=0 and A.ISDISABLE=0 ");
dt = SqlHelper.ExecuteSql(sql.ToString());
return dt;
}
[WebMethod]
public static DataTable GetUserID(UserInfomationModule _user)
{
StringBuilder sql = new System.Text.StringBuilder();
DataTable dt = new DataTable();
sql.AppendLine("select GID from [dbo].[user] where CODENAME='" + _user.CodeName + "' and ISDELETED=0 and ISDISABLE=0 ");
dt = SqlHelper.ExecuteSql(sql.ToString());
return dt;
}
[WebMethod]
public static bool UpdateUserInfo(UserInfomationModule _user, UserInfomationModule _modify)
{
bool succ = true;
DataTable dtUser = new DataTable();
StringBuilder sqlUser = new System.Text.StringBuilder();
DataTable dtBaseInfo = new DataTable();
StringBuilder sqlBaseInfo = new System.Text.StringBuilder();
sqlBaseInfo.AppendLine("update [dbo].[user_baseinfo] set ");
sqlBaseInfo.AppendLine("QQ='" + _modify.QQ + "', ");
sqlBaseInfo.AppendLine("MSN='" + _modify.MSN + "', ");
sqlBaseInfo.AppendLine("OFFICEPHONE='" + _modify.OfficePhone + "', ");
sqlBaseInfo.AppendLine("HOMEPHONE='" + _modify.HomePhone + "', ");
sqlBaseInfo.AppendLine("MOBILE='" + _modify.Mobile + "', ");
sqlBaseInfo.AppendLine("FAX='" + _modify.Fax + "', ");
sqlBaseInfo.AppendLine("EMAIL1='" + _modify.Email + "', ");
sqlBaseInfo.AppendLine("EMAIL2='" + _modify.EmailBackup + "', ");
sqlBaseInfo.AppendLine("HOMEADDRESS='" + _modify.HomeAddress + "', ");
sqlBaseInfo.AppendLine("REMARK='" + _modify.Remark + "', ");
sqlBaseInfo.AppendLine("EMERGUSER='" + _modify.EmergUser + "', ");
sqlBaseInfo.AppendLine("EMERGPHONE='" + _modify.EmergPhone + "', ");
sqlBaseInfo.AppendLine("EMERGEMAIL='" + _modify.EmergEmail + "', ");
sqlBaseInfo.AppendLine("POSTCODE='" + _modify.PostCode + "' ");
sqlBaseInfo.AppendLine("where USERID=(select GID from [dbo].[user] where CODENAME='" + _user.CodeName + "' and PASSWORD='" + _user.Password + "' and ISDELETED=0 and ISDISABLE=0) ");
dtBaseInfo = SqlHelper.ExecuteSql(sqlBaseInfo.ToString());
sqlUser.AppendLine("update [dbo].[user] set ");
sqlUser.AppendLine("SHOWNAME='" + _modify.ShowName + "', ");
sqlUser.AppendLine("PASSWORD='" + _modify.Password + "' ");
sqlUser.AppendLine("where CODENAME='" + _user.CodeName + "' and PASSWORD='" + _user.Password + "' and ISDELETED=0 and ISDISABLE=0 ");
dtUser = SqlHelper.ExecuteSql(sqlUser.ToString());
return succ;
}
}
}