ChrisCompleteCodeTrunk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Data;
using System.Data.Sql;
using System.Data.SqlClient;
using System.Text.RegularExpressions;
using System.Configuration;
namespace CRMPortal
{
public partial class AdminDeleteUser : System.Web.UI.Page
{
private SqlConnection sql = null;
private ConnectionStringSettings sqlString = ConfigurationManager.ConnectionStrings["actionsql1"];
public int uid;
public bool uidExists;
public string realname;
protected void Page_Load(object sender, EventArgs e)
{
//if (!siteAdmin.Equals(Page.User.Identity.Name.ToUpper()))
if (!Logic.isAdmin(Page.User.Identity.Name))
{
Response.Write("You are not authorized to access this page.");
Response.Redirect("~/NotAllowed.html");
return;
}
if (Request.QueryString.Count > 0 && !int.TryParse(Request.QueryString["U"], out uid)) uid = 0;
if (!Page.IsPostBack)
{
if (Request.QueryString.Count > 0)
{
System.Collections.Specialized.NameValueCollection qs = Request.QueryString;
if (qs["U"] != null)
{
sqlConnect();
string query = "USE CRM; SELECT TOP 1 * FROM dbo.Users WHERE UserID=@UID";
SqlCommand cmd = new SqlCommand(query, sql);
cmd.Parameters.Add(new SqlParameter("@UID", uid));
SqlDataReader reader = cmd.ExecuteReader();
DataTable d = new DataTable();
d.Load(reader);
reader.Close();
cmd.Dispose();
reader.Dispose();
sqlDisconnect();
if (d.Rows.Count < 1)
{
uidExists = false;
return;
}
DataRow r = d.Rows[0];
ViewState["realname"] = r["Name"].ToString();
ViewState["userid"] = r["UserID"].ToString();
lblName.Text = "Delete User: "+r["Name"].ToString();
}
}
}
else
{
uid = Convert.ToInt32((string)ViewState["userid"]);
lblName.Text = (string)ViewState["realname"];
}
}
public void sqlConnect()
{
sql = new SqlConnection(sqlString.ConnectionString);
sql.Open();
}
public void sqlDisconnect()
{
sql.Close();
}
protected void updateRecord()
{
}
protected void btnDelete_Click(object sender, EventArgs e)
{
string query = "UPDATE dbo.Prospects SET Owner='-100' WHERE Owner=@UID;UPDATE dbo.Customers SET Owner='-100' WHERE Owner=@UID;DELETE FROM dbo.Users WHERE UserID=@UID";
sqlConnect();
SqlCommand cmd = new SqlCommand(query, sql);
cmd.Parameters.Add(new SqlParameter("@UID", uid));
cmd.ExecuteNonQuery();
sqlDisconnect();
Response.Redirect("~/Admin.aspx");
}
protected void btnCancel_Click(object sender, EventArgs e)
{
Response.Redirect("~/Admin.aspx");
}
}
}
|
Revision |
Author |
Commited |
Message |
1
|
BBDSCHRIS
|
Wed 22 Aug, 2018 20:08:03 +0000 |
|