Embed Size (px)
Citation preview
Code Document OF Second Project (News Web Site)
Supervision of teacher: Mohamed Mike
Students Group: Abd al rahman abu nada
Osama ja3rorWesal abu el tawahen
Content
User Permission
Article Add Edit
Search About Article
Article Add Edit
Client Side Home News Home Poll
1-
2-
3-
4-
5-
Strategy and tools
Calling method from interface
Connection with procedure
Low Layer SQl Statement (Procedure)
Sql Server 2005Visual Studio 2008
Article Manage
Sql Procedure To Search About Article(Layer 1)
ALTER PROCEDURE [dbo].[SearchArticle](
@Title nvarchar(50) =null,@CategoryID int=null,
@Active bit=null,@IsMain bit=null,
@from datetime=null,@to datetime=null,@CanComment bit=null
)as
Parameters of procedure
Name of Procedure
select ID, Title,(select name from ArticleCategory where ID=CategoryID)as catogry , Active, IsMain, CanComment, insertdatefrom ArticlewhereIsDelete=0
andTitle like isnull(@Title,'%') andCategoryID =isnull(@CategoryID,CategoryID) and
Active=isnull(@Active,Active) and IsMain=isnull(@IsMain,IsMain) and
CanComment=isnull(@CanComment,CanComment)and insertdate>=isnull(@from,insertdate) and
insertdate<=isnull(@to,insertdate)
Body of procedure
Method to Search about Article(Connection(Layer 2))
public DataTable ArticleSearch(string Title, string categoryid, string active, string cancomment, string ismain, string from, string to){
SqlDataAdapter ad = new SqlDataAdapter("SearchArticle", conn); ad.SelectCommand.CommandType = CommandType.StoredProcedure;
if (Title != "")
ad.SelectCommand.Parameters.AddWithValue("@Title", "%" + Title + "%"); if(categoryid !="-1")
ad.SelectCommand.Parameters.AddWithValue("@categoryid", categoryid); if (active != "-1")
ad.SelectCommand.Parameters.AddWithValue("@active", active);
Call Name Of procedure
To Get SQL Statement From Procedure
Connect Between Parameter Of Function
And Parameter Of Procedure
If Title is “” send to procedure Null
Method to Search about Article(Connection(Layer 2))
if (cancomment != "-1") ad.SelectCommand.Parameters.AddWithValue("@cancomment", cancomment);
if (ismain != "-1") ad.SelectCommand.Parameters.AddWithValue("@ismain", ismain);
if (from != "") ad.SelectCommand.Parameters.AddWithValue("@from", from);
if (to != "") ad.SelectCommand.Parameters.AddWithValue("@to", to);
DataTable t = new DataTable;)( ad.Fill(t); return t;
}
Return Data table
Call Method in Interface(Layer 3)
protected void Button1_Click(object sender, EventArgs e){
bindgride;)(}
void bindgride)({
GridView1.DataSource = DA.ArticleSearch(TextBox1.Text, DropDownList5.SelectedValue, DropDownList2.SelectedValue, DropDownList4.SelectedValue, DropDownList3.SelectedValue, TextBox2.Text, TextBox3.Text);
GridView1.DataBind;)(}
Set Data Source And Bind Grid View
Procedure to add and edit articles (First Layer)
ALTER PROCEDURE [dbo].[ArtecalAddEdit](
@ID int =null,@Title nvarchar(100) ,
@Summary nvarchar(300),@Details ntext,@CategoryID int,
@Active bit,@IsMain bit,@ImageID int,
@CanComment bit,@UserID int
)as
Parameters of procedure
if @ID is nullbegininsert into Article(Title,Summary,Details, CategoryID, Active, IsMain, ImageID, CanComment, IsDelete, UserID, LastUpdate ,insertdate)values( @Title, @Summary, @Details, @CategoryID, @Active, @IsMain, @ImageID, @CanComment,0, @UserID,getdate(),getdate())endelsebeginupdate Article setTitle=@Title,Summary=@Summary,CategoryID=@CategoryID,Details=@Details,Active=@Active,IsMain=@IsMain,ImageID=@ImageID,CanComment=@CanComment,
UserID=@UserID
where ID=@ID
Article Add
Article edit
public int ArticleAddEdit(string ID, string Title, string Summary, string Details, string CategoryID, bool Active, bool IsMain, string ImageID, bool CanComment, string UserID){
SqlCommand cmd = new SqlCommand("ArtecalAddEdit", conn); cmd.CommandType = CommandType.StoredProcedure;
if (ID != "") cmd.Parameters.AddWithValue("@ID", ID);
cmd.Parameters.AddWithValue("@Title", Title); cmd.Parameters.AddWithValue("@Summary", Summary);
cmd.Parameters.AddWithValue("@Details", Details); cmd.Parameters.AddWithValue("@CategoryID", CategoryID);
cmd.Parameters.AddWithValue("@Active", Active); cmd.Parameters.AddWithValue("@IsMain", IsMain);
cmd.Parameters.AddWithValue("@ImageID", ImageID); cmd.Parameters.AddWithValue("@CanComment", CanComment);
cmd.Parameters.AddWithValue("@UserID", UserID); return cmd.ExecuteNonQuery;)(
}
(Second Level)
This Method Used to Add Article and edit Article
protected void Page_Load(object sender, EventArgs e){
if(!IsPostBack) {
if (Request.QueryString["id"] != null){
DropDownList1.DataBind;)( DataTable d = DA.ArticleGet(Request.QueryString["id"]);
if (d.Rows.Count != 0){
TextBox1.Text = d.Rows[0]["Title"].ToString;)( TextBox2.Text = d.Rows[0]["Summary"].ToString;)(
TextBox3.Text = d.Rows[0]["Details"].ToString;)( txtImageID.Text = d.Rows[0]["ImageID"].ToString;)(
DropDownList1.SelectedValue = d.Rows[0]["CategoryID"].ToString;)( CheckBox1.Checked = Convert.ToBoolean(d.Rows[0]["Active"].ToString()); CheckBox2.Checked = Convert.ToBoolean(d.Rows[0]["IsMain"].ToString());
CheckBox2.Checked = Convert.ToBoolean(d.Rows[0]["CanComment"].ToString()); btnadd.Text = "update;"
} } } }
This Part in Article Add Edit
This code Test if There is request id ,it will get
information about this Article if exist
protected void Button1_Click(object sender, EventArgs e){
if (btnadd.Text == "add"){ DA.ArticleAddEdit("",TextBox1.Text,TextBox2.Text,TextBox3.Text,DropDownList1.SelectedValue,CheckBox1.Checked,CheckBox2.Checked,txtImageID.Text,CheckBox3.Checked,UserID);
TextBox1.Text = TextBox2.Text = TextBox3.Text = txtImageID.Text;"" = “ بنجاح“; االضافه =Label2.Textتمت
} else
{ DA.ArticleAddEdit(Request.QueryString["id"], TextBox1.Text, TextBox2.Text,
TextBox3.Text, DropDownList1.SelectedValue, CheckBox1.Checked, CheckBox2.Checked, txtImageID.Text, CheckBox3.Checked,UserID);
TextBox1.Text = TextBox2.Text = TextBox3.Text = txtImageID.Text;"" = " بنجاح“; العملية =Label2.Textتمت
} }
Add Article
Edit Article
this part to Change Active State ofArticle
ALTER PROCEDURE [dbo].[changechecked](
@ID int,@UserID int
)asupdate Article set UserID =@UserID ,IsDelete=1 where ID=@ID
Procedure to Change Active State
Take Two Parameter ID of Article , UserID who make Change
public int AcctiveState(string ID, string UserID){
SqlCommand cc = new SqlCommand("changechecked", conn);
cc.CommandType = CommandType.StoredProcedure; cc.Parameters.AddWithValue("@ID", ID);
cc.Parameters.AddWithValue("@UserID", UserID);
return cc.ExecuteNonQuery;)(}
Call Procedure in DataAccess
Ajax
if (Request.QueryString["jop"] == "ActiveArticleCategory"){
string id = Request.QueryString["id"]; bool chec =
Convert.ToBoolean(Request.QueryString["active"]); DA. AcctiveState(id, UserID, chec);
Response.Write("1");}
This part in Ajax page to call method Active State in
(Data Access)
["($id$=cbShowInGallery.)"])click function{)( var id =$(this).attr("ID");
. $get("AJAX.aspx?jop=videoManage {," rand: Math.random,)(
ShowInGallery:$(this).attr("checked"), id:$(this).parent().attr("id")}
, function;)}{)(
;)}
From Article page ManageSend Article ID (Parameter of method Active State )To
Ajax Page to Complete Operation
Click To Chick box Active to Change
User Active
NOT : Admin Can not
Change his Permission
Component Of Permission List
User PermissionDA.UserPermissionDeleteAll(Request.QueryString["id"]);
foreach (DataListItem i in dlPermission.Items){
CheckBox cbParent = (CheckBox)i.FindControl("cbParent"); CheckBoxList cplChildren = (CheckBoxList)i.FindControl("cblChildren");
HiddenField hdn = (HiddenField)i.FindControl("hdnID") ; if (cbParent.Checked)
DA.UserPermissionAdd(Request.QueryString["id"], hdn.Value); cbParent.Checked = DA.HaveUserThisPermission(Request.QueryString["id"],
hdn.Value) ; foreach (ListItem l2 in cplChildren.Items)
{ if (l2.Selected)
{ DA.UserPermissionAdd(Request.QueryString["id"], l2.Value);
} l2.Selected = DA.HaveUserThisPermission(Request.QueryString["id"],
l2.Value);}}
Find Controller
Add Permission to this User
If has This Permission Chick
box will be checkedAdd Permission to this User
User Permission Add Procedure
ALTER PROCEDURE [dbo].[UserPermissionAdd](
@UserID int,@PermissionID int
)asinsert into UserPermission(UserID, PermissionID) values(@UserID,@PermissionID)
Take Two parameters User ID , Permission ID
Function User Permission Add
public int UserPermissionAdd(String UserID, string PermissionID){
SqlCommand cc = new SqlCommand("UserPermissionAdd", conn);
cc.CommandType = CommandType.StoredProcedure;
cc.Parameters.AddWithValue("@UserID", UserID); cc.Parameters.AddWithValue("@PermissionID", PermissionID);
return cc.ExecuteNonQuery;)(}
Return number of rows that’s affected
Procedure to Test If This User Has this Permission
ALTER PROCEDURE [dbo].[HasUserThisPermission](
@UserID int,@PermissionID int
)asselect * from UserPermission where UserID=@UserID and PermissionID=@PermissionID
Take rows of permissions From User Permission
Table
Function HasUserThisPermission public Boolean HaveUserThisPermission(String UserID, string PermissionID){
SqlDataAdapter DA = new SqlDataAdapter("HasUserThisPermission", conn);
DA.SelectCommand.CommandType = CommandType.StoredProcedure;
DA.SelectCommand.Parameters.AddWithValue("@UserID", UserID); DA.SelectCommand.Parameters.AddWithValue("@PermissionID",
PermissionID); DataTable DT = new DataTable;)(
DA.Fill(DT); return DT.Rows.Count > 0;
}
The function return number of rows
If number of rows = 0The user does not has the
PermissionIf Number of rows > 0
The User Has the permission
Control Access of Users According his permission
string CurruntPage = Request.CurrentExecutionFilePath.ToLower;)(string FolderName = System.IO.Path.GetDirectoryName(CurruntPage);
if (CurruntPage.ToLower().Contains("admin")){ if (Request.IsAuthenticated){
string[] sp = Context.User.Identity.Name.Split('\n'); UserID = sp[0];
UserName = sp[1]; Name = sp[2];
}
Test if the page that user visit in
folder Admin
Returns the name of the folder that contains the page
that the User wants to link to it
CurruntPage = System.IO.Path.GetFileName(CurruntPage); if (!DA.ThisUserHasPermission(UserID, CurruntPage))
{ Response.Redirect("~/login.aspx");
}
DataTable DT = DA.UserGet1(UserID); if (!Convert.ToBoolean(DT.Rows[0]["Active"]))
{ System.Web.Security.FormsAuthentication.SignOut;)(
Response.Redirect("~/Login.aspx"); return;
}
Get Name of Page
Test if User Has the
Permission
If User dose not has the permission or not active redirect him to
login
Client Side
Home News( $document.))ready function{ )(
'( $marquee.)')' '(. )marquee pointer mouseover function{ )(
( $this.))' '(trigger stop;.)} mouseout(function{ )( ( $this.))' '(trigger start;
;)} ;)}
/< script>
<div class=clearBoth>
<div class="mainNews floatRight>"<marquee scrollamount="2" runat="server" id="newsLine" direction=right></marquee>
To make bar news walk and stop when mouse over
Bar news
Fill News Bar From DataBase
DataTable DT = DA.GetLatestArticles;)( if (DT.Rows.Count > 0)
{ StringBuilder sb = new StringBuilder;)(
foreach (DataRow r in DT.Rows) sb.Append("<a href='NewsDetails.aspx?id=" + r["id"] +
"'>" + r["Title"] + "</a> | ");
sb.Remove(sb.Length - 3, 3); newsLine.InnerHtml = sb.ToString;)(
}
To Fill Poll From Data Base
<asp:Repeater ID="rpChoice" runat="server" onitemdatabound="rpChoice_ItemDataBound>"
< ItemTemplate>< asp:RadioButton ID="rbChoice" Text='<
%#Eval("choice") %>' runat="server>/ "< div class="result>"
< span value="<%# Eval("percent") %>">'<%# Eval("count") %>'('<%# Eval("percent")%>'%)</span>
/< div>/< ItemTemplate>
/< asp:Repeater>
Radio Button
To Draw Percent
DataTable dt = DA.pollSearch("", "1", "", ""); int i = 0;
if (dt.Rows.Count > 0) {
hdnQID.Value = dt.Rows[0]["id"].ToString;)( ltQuestion.Text = "'" + dt.Rows[0]["Question"].ToString;"'" + )(
rpChoice.DataSource = DA.GetPollChoice(dt.Rows[0]["ID"].ToString()); rpChoice.DataBind;)(
} else
pollBox.Visible = false; }protected void rpChoice_ItemDataBound(object sender, RepeaterItemEventArgs e){
RadioButton rb = (RadioButton)e.Item.FindControl("rbChoice"); if (rb != null)
{ if (Request.Cookies["qid"] != null && Request.Cookies["qid"].Value == DataBinder.Eval(e.Item.DataItem,
"QuestionID").ToString()){
rb.Enabled = false;}
rb.Attributes.Add("cid", DataBinder.Eval(e.Item.DataItem, "ID").ToString());} }
Get Poll Question From Database
Set Data Source Of rpChoice
If Client Is vote, The Choices are Disabled
Test if Client is Voted to this
Question
Store choice ID in the Parent of Chick box
Home Poll
var arrayColor=Array('red','orange','yallow','blue','green'); var i=0;
."( $result.)")each function{)(
( $this.))"> = <>/ <"(prepend div class color div; var value=$(this).children(":eq(1)").attr("value") ;
( $this.))": )0("(. )} :children eq css width) *220/100(, : ]value b ackgroundColor arrayColor i++[{(;
To Draw poll Chaises
#"($poll.)")click function{)( if($("[id$=rbChoice]").filter(":checked").size()>0)
{ var qidval=$("[id$=hdnQID]").val;)(
var idval=$("[id$=rbChoice]").filter(":checked").parent().attr("cid");
.$get("AJAX.aspx?job=vote",{rand:Math.random(),cid:cidval,qid:qidval},function(data){
if(data==0){
)" مسبقا“(; بالتصويت قمت alertلقد } ;)}}
else{
;)“ return false )" الخيارات; { احد اختيار alertالرجاء
Send Question ID and Choice ID To Ajax to Vote
if (Request.QueryString["job"] == "vote"){
string qid = Request.QueryString["qid"]; string cid = Request.QueryString["cid"];
if (Request.Cookies["qid"] != null && Request.Cookies["qid"].Value == qid){
Response.Write("0");}
else{
DA.AddOneToChoise(cid); Response.Cookies.Add(new HttpCookie("qid", qid));
Response.Cookies["qid"].Expires = DateTime.Now.AddDays(14); Response.Write("1");
} }
Return 0 if Client is voted
Return 1 if Client is voted
Thank you
