Download presentation
Presentation is loading. Please wait.
Published byJoanna Miller Modified over 9 years ago
1
Code Document OF Second Project (News Web Site) Supervision of teacher : Mohamed Mike Students Group : Abd al rahman abu nada Osama ja3ror Wesal abu el tawahen
2
Content User Permission Article Add Edit Search About Article Article Add Edit Client Side Home NewsHome Poll 1- 2- 3- 4- 5-
3
Strategy and tools Calling method from interface Connection with procedure Low Layer SQl Statement (Procedure) Sql Server 2005 Visual Studio 2008
4
Article Manage
5
Sql Procedure To Search About Article (Layer 1) ALTER PROCEDURE [dbo].[SearchArticle] ( @Title nvarchar(50) =null, @CategoryID int=null, @Active bit=null, @IsMain bit=null, @from datetime=null, @to datetime=null, @CanComment bit=null ) as Parameters of procedure Name of Procedure
6
select ID, Title,(select name from ArticleCategory where ID=CategoryID)as catogry, Active, IsMain, CanComment, insertdate from Article where IsDelete=0 and Title like isnull(@Title,'%') and CategoryID =isnull(@CategoryID,CategoryID) and Active=isnull(@Active,Active) and IsMain=isnull(@IsMain,IsMain) and CanComment=isnull(@CanComment,CanComment)and insertdate>=isnull(@from,insertdate) and insertdate<=isnull(@to,insertdate) Body of procedure
7
Method to Search about Article(Connection(Layer 2)) public DataTable ArticleSearch(string Title, string categoryid, string active, string cancomment, string ismain, string from, string to) { SqlDataAdapter ad = new SqlDataAdapter("SearchArticle", conn); ad.SelectCommand.CommandType = CommandType.StoredProcedure; if (Title != "") ad.SelectCommand.Parameters.AddWithValue("@Title", "%" + Title + "%"); if(categoryid !="-1") ad.SelectCommand.Parameters.AddWithValue("@categoryid", categoryid); if (active != "-1") ad.SelectCommand.Parameters.AddWithValue("@active", active); Call Name Of procedure To Get SQL Statement From Procedure Connect Between Parameter Of Function And Parameter Of Procedure If Title is “” send to procedure Null
8
Method to Search about Article(Connection(Layer 2)) if (cancomment != "-1") ad.SelectCommand.Parameters.AddWithValue("@cancomment", cancomment); if (ismain != "-1") ad.SelectCommand.Parameters.AddWithValue("@ismain", ismain); if (from != "") ad.SelectCommand.Parameters.AddWithValue("@from", from); if (to != "") ad.SelectCommand.Parameters.AddWithValue("@to", to); DataTable t = new DataTable(); ad.Fill(t); return t; } Return Data table
9
Call Method in Interface (Layer 3) protected void Button1_Click(object sender, EventArgs e) { bindgride(); } void bindgride() { GridView1.DataSource = DA.ArticleSearch(TextBox1.Text, DropDownList5.SelectedValue, DropDownList2.SelectedValue, DropDownList4.SelectedValue, DropDownList3.SelectedValue, TextBox2.Text, TextBox3.Text); GridView1.DataBind(); } Set Data Source And Bind Grid View
10
Procedure to add and edit articles (First Layer) ALTER PROCEDURE [dbo].[ArtecalAddEdit] ( @ID int =null, @Title nvarchar(100), @Summary nvarchar(300), @Details ntext, @CategoryID int, @Active bit, @IsMain bit, @ImageID int, @CanComment bit, @UserID int ) as Parameters of procedure
11
if @ID is null begin insert into Article(Title,Summary,Details, CategoryID, Active, IsMain, ImageID, CanComment, IsDelete, UserID, LastUpdate,insertdate) values( @Title, @Summary, @Details, @CategoryID, @Active, @IsMain, @ImageID, @CanComment,0, @UserID,getdate(),getdate()) end else begin update Article set Title=@Title, Summary=@Summary, CategoryID=@CategoryID, Details=@Details, Active=@Active, IsMain=@IsMain, ImageID=@ImageID, CanComment=@CanComment, UserID=@UserID where ID=@ID Article Add Article edit
12
public int ArticleAddEdit(string ID, string Title, string Summary, string Details, string CategoryID, bool Active, bool IsMain, string ImageID, bool CanComment, string UserID) { SqlCommand cmd = new SqlCommand("ArtecalAddEdit", conn); cmd.CommandType = CommandType.StoredProcedure; if (ID != "") cmd.Parameters.AddWithValue("@ID", ID); cmd.Parameters.AddWithValue("@Title", Title); cmd.Parameters.AddWithValue("@Summary", Summary); cmd.Parameters.AddWithValue("@Details", Details); cmd.Parameters.AddWithValue("@CategoryID", CategoryID); cmd.Parameters.AddWithValue("@Active", Active); cmd.Parameters.AddWithValue("@IsMain", IsMain); cmd.Parameters.AddWithValue("@ImageID", ImageID); cmd.Parameters.AddWithValue("@CanComment", CanComment); cmd.Parameters.AddWithValue("@UserID", UserID); return cmd.ExecuteNonQuery(); } (Second Level) This Method Used to Add Article and edit Article
14
protected void Page_Load(object sender, EventArgs e) { if(!IsPostBack) { if (Request.QueryString["id"] != null) { DropDownList1.DataBind(); DataTable d = DA.ArticleGet(Request.QueryString["id"]); if (d.Rows.Count != 0) { TextBox1.Text = d.Rows[0]["Title"].ToString(); TextBox2.Text = d.Rows[0]["Summary"].ToString(); TextBox3.Text = d.Rows[0]["Details"].ToString(); txtImageID.Text = d.Rows[0]["ImageID"].ToString(); DropDownList1.SelectedValue = d.Rows[0]["CategoryID"].ToString(); CheckBox1.Checked = Convert.ToBoolean(d.Rows[0]["Active"].ToString()); CheckBox2.Checked = Convert.ToBoolean(d.Rows[0]["IsMain"].ToString()); CheckBox2.Checked = Convert.ToBoolean(d.Rows[0]["CanComment"].ToString()); btnadd.Text = "update"; } This Part in Article Add Edit This code Test if There is request id,it will get information about this Article if exist
15
protected void Button1_Click(object sender, EventArgs e) { if (btnadd.Text == "add") { DA.ArticleAddEdit("",TextBox1.Text,TextBox2.Text,TextBox3.Text,DropDownList1.Sel ectedValue,CheckBox1.Checked,CheckBox2.Checked,txtImageID.Text,CheckBox3.Ch ecked,UserID); TextBox1.Text = TextBox2.Text = TextBox3.Text = txtImageID.Text = ""; “; تمت الاضافه بنجاح “ Label2.Text = } else { DA.ArticleAddEdit(Request.QueryString["id"], TextBox1.Text, TextBox2.Text, TextBox3.Text, DropDownList1.SelectedValue, CheckBox1.Checked, CheckBox2.Checked, txtImageID.Text, CheckBox3.Checked,UserID); TextBox1.Text = TextBox2.Text = TextBox3.Text = txtImageID.Text = ""; “; تمت العملية بنجاح " Label2.Text = } Add Article Edit Article
16
this part to Change Active State of Article ALTER PROCEDURE [dbo].[changechecked] ( @ID int, @UserID int ) as update Article set UserID =@UserID,IsDelete=1 where ID=@ID Procedure to Change Active State Take Two Parameter ID of Article, UserID who make Change
17
public int AcctiveState(string ID, string UserID) { SqlCommand cc = new SqlCommand("changechecked", conn); cc.CommandType = CommandType.StoredProcedure; cc.Parameters.AddWithValue("@ID", ID); cc.Parameters.AddWithValue("@UserID", UserID); return cc.ExecuteNonQuery(); } Call Procedure in DataAccess
18
Ajax if (Request.QueryString["jop"] == "ActiveArticleCategory") { string id = Request.QueryString["id"]; bool chec = Convert.ToBoolean(Request.QueryString["active"]); DA. AcctiveState(id, UserID, chec); Response.Write("1"); } This part in Ajax page to call method Active State in (Data Access)
19
$("[id$=cbShowInGallery]").click(function(){ var id =$(this).attr("ID"); $.get("AJAX.aspx?jop=videoManage",{ rand: Math.random(), ShowInGallery:$(this).attr("checked"), id:$(this).parent().attr("id")},function(){}); }); From Article page Manage Send Article ID (Parameter of method Active State )To Ajax Page to Complete Operation
20
Click To Chick box Active to Change User Active Click To Chick box Active to Change User Active NOT : Admin Can not Change his Permission NOT : Admin Can not Change his Permission
22
Component Of Permission List
23
User Permission DA.UserPermissionDeleteAll(Request.QueryString["id"]); foreach (DataListItem i in dlPermission.Items) { CheckBox cbParent = (CheckBox)i.FindControl("cbParent"); CheckBoxList cplChildren = (CheckBoxList)i.FindControl("cblChildren"); HiddenField hdn = (HiddenField)i.FindControl("hdnID"); if (cbParent.Checked) DA.UserPermissionAdd(Request.QueryString["id"], hdn.Value); cbParent.Checked = DA.HaveUserThisPermission(Request.QueryString["id"], hdn.Value); foreach (ListItem l2 in cplChildren.Items) { if (l2.Selected) { DA.UserPermissionAdd(Request.QueryString["id"], l2.Value); } l2.Selected = DA.HaveUserThisPermission(Request.QueryString["id"], l2.Value); }} Find Controller Add Permission to this User If has This Permission Chick box will be checked Add Permission to this User
24
User Permission Add Procedure ALTER PROCEDURE [dbo].[UserPermissionAdd] ( @UserID int, @PermissionID int ) as insert into UserPermission(UserID, PermissionID) values(@UserID,@PermissionID) Take Two parameters User ID, Permission ID
25
Function User Permission Add public int UserPermissionAdd(String UserID, string PermissionID) { SqlCommand cc = new SqlCommand("UserPermissionAdd", conn); cc.CommandType = CommandType.StoredProcedure; cc.Parameters.AddWithValue("@UserID", UserID); cc.Parameters.AddWithValue("@PermissionID", PermissionID); return cc.ExecuteNonQuery(); } Return number of rows that’s affected
26
Procedure to Test If This User Has this Permission ALTER PROCEDURE [dbo].[HasUserThisPermission] ( @UserID int, @PermissionID int ) as select * from UserPermission where UserID=@UserID and PermissionID=@PermissionID Take rows of permissions From User Permission Table
27
Function HasUserThisPermission public Boolean HaveUserThisPermission(String UserID, string PermissionID) { SqlDataAdapter DA = new SqlDataAdapter("HasUserThisPermission", conn); DA.SelectCommand.CommandType = CommandType.StoredProcedure; DA.SelectCommand.Parameters.AddWithValue("@UserID", UserID); DA.SelectCommand.Parameters.AddWithValue("@PermissionID", PermissionID); DataTable DT = new DataTable(); DA.Fill(DT); return DT.Rows.Count > 0; } The function return number of rows If number of rows = 0 The user does not has the Permission If Number of rows > 0 The User Has the permission
28
Control Access of Users According his permission string CurruntPage = Request.CurrentExecutionFilePath.ToLower(); string FolderName = System.IO.Path.GetDirectoryName(CurruntPage); if (CurruntPage.ToLower().Contains("admin")) { if (Request.IsAuthenticated) { string[] sp = Context.User.Identity.Name.Split('\n'); UserID = sp[0]; UserName = sp[1]; Name = sp[2]; } Test if the page that user visit in folder Admin Returns the name of the folder that contains the page that the User wants to link to it
29
CurruntPage = System.IO.Path.GetFileName(CurruntPage); if (!DA.ThisUserHasPermission(UserID, CurruntPage)) { Response.Redirect("~/login.aspx"); } DataTable DT = DA.UserGet1(UserID); if (!Convert.ToBoolean(DT.Rows[0]["Active"])) { System.Web.Security.FormsAuthentication.SignOut(); Response.Redirect("~/Login.aspx"); return; } Get Name of Page Test if User Has the Permission If User dose not has the permission or not active redirect him to login
30
Client Side
31
Home News $(document).ready(function () { $('marquee').marquee('pointer').mouseover(function () { $(this).trigger('stop'); }).mouseout(function () { $(this).trigger('start'); }); To make bar news walk and stop when mouse over Bar news
32
Fill News Bar From DataBase DataTable DT = DA.GetLatestArticles(); if (DT.Rows.Count > 0) { StringBuilder sb = new StringBuilder(); foreach (DataRow r in DT.Rows) sb.Append(" " + r["Title"] + " | "); sb.Remove(sb.Length - 3, 3); newsLine.InnerHtml = sb.ToString(); }
33
To Fill Poll From Data Base ' runat="server" /> ">' '(' '%) Radio Button To Draw Percent
34
DataTable dt = DA.pollSearch("", "1", "", ""); int i = 0; if (dt.Rows.Count > 0) { hdnQID.Value = dt.Rows[0]["id"].ToString(); ltQuestion.Text = "'" + dt.Rows[0]["Question"].ToString() + "'"; rpChoice.DataSource = DA.GetPollChoice(dt.Rows[0]["ID"].ToString()); rpChoice.DataBind(); } else pollBox.Visible = false; } protected void rpChoice_ItemDataBound(object sender, RepeaterItemEventArgs e) { RadioButton rb = (RadioButton)e.Item.FindControl("rbChoice"); if (rb != null) { if (Request.Cookies["qid"] != null && Request.Cookies["qid"].Value == DataBinder.Eval(e.Item.DataItem, "QuestionID").ToString()) { rb.Enabled = false; } rb.Attributes.Add("cid", DataBinder.Eval(e.Item.DataItem, "ID").ToString()); } Get Poll Question From Database Set Data Source Of rpChoice If Client Is vote, The Choices are Disabled Test if Client is Voted to this Question Store choice ID in the Parent of Chick box
35
Home Poll var arrayColor=Array('red','orange','yallow','blue','green'); var i=0; $(".result").each(function(){ $(this).prepend(" "); var value=$(this).children(":eq(1)").attr("value"); $(this).children(":eq(0)").css({width:(value*220/100),b ackgroundColor:arrayColor[i++]}); To Draw poll Chaises
36
$("#poll").click(function(){ if($("[id$=rbChoice]").filter(":checked").size()>0) { var qidval=$("[id$=hdnQID]").val(); var idval=$("[id$=rbChoice]").filter(":checked").parent().attr("cid"); $.get("AJAX.aspx?job=vote",{rand:Math.random(),cid:cidval,qid:qidval},functi on(data){ if(data==0) { “); لقد قمت بالتصويت مسبقا ") alert } }); } else { “); return false; } الرجاء اختيار احد الخيارات ") alert Send Question ID and Choice ID To Ajax to Vote
37
if (Request.QueryString["job"] == "vote") { string qid = Request.QueryString["qid"]; string cid = Request.QueryString["cid"]; if (Request.Cookies["qid"] != null && Request.Cookies["qid"].Value == qid) { Response.Write("0"); } else { DA.AddOneToChoise(cid); Response.Cookies.Add(new HttpCookie("qid", qid)); Response.Cookies["qid"].Expires = DateTime.Now.AddDays(14); Response.Write("1"); } Return 0 if Client is voted Return 1 if Client is voted
38
Thank you
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.