Presentation is loading. Please wait.

Presentation is loading. Please wait.

Code Document OF Second Project (News Web Site) Supervision of teacher : Mohamed Mike Students Group : Abd al rahman abu nada Osama ja3ror Wesal abu el.

Similar presentations

Presentation on theme: "Code Document OF Second Project (News Web Site) Supervision of teacher : Mohamed Mike Students Group : Abd al rahman abu nada Osama ja3ror Wesal abu el."— Presentation transcript:

1 Code Document OF Second Project (News Web Site) Supervision of teacher : Mohamed Mike Students Group : Abd al rahman abu nada Osama ja3ror Wesal abu el tawahen

2 Content User Permission Article Add Edit Search About Article Article Add Edit Client Side Home NewsHome Poll 1- 2- 3- 4- 5-

3 Strategy and tools Calling method from interface Connection with procedure Low Layer SQl Statement (Procedure) Sql Server 2005 Visual Studio 2008

4 Article Manage

5 Sql Procedure To Search About Article (Layer 1) ALTER PROCEDURE [dbo].[SearchArticle] ( @Title nvarchar(50) =null, @CategoryID int=null, @Active bit=null, @IsMain bit=null, @from datetime=null, @to datetime=null, @CanComment bit=null ) as Parameters of procedure Name of Procedure

6 select ID, Title,(select name from ArticleCategory where ID=CategoryID)as catogry, Active, IsMain, CanComment, insertdate from Article where IsDelete=0 and Title like isnull(@Title,'%') and CategoryID =isnull(@CategoryID,CategoryID) and Active=isnull(@Active,Active) and IsMain=isnull(@IsMain,IsMain) and CanComment=isnull(@CanComment,CanComment)and insertdate>=isnull(@from,insertdate) and insertdate<=isnull(@to,insertdate) Body of procedure

7 Method to Search about Article(Connection(Layer 2)) public DataTable ArticleSearch(string Title, string categoryid, string active, string cancomment, string ismain, string from, string to) { SqlDataAdapter ad = new SqlDataAdapter("SearchArticle", conn); ad.SelectCommand.CommandType = CommandType.StoredProcedure; if (Title != "") ad.SelectCommand.Parameters.AddWithValue("@Title", "%" + Title + "%"); if(categoryid !="-1") ad.SelectCommand.Parameters.AddWithValue("@categoryid", categoryid); if (active != "-1") ad.SelectCommand.Parameters.AddWithValue("@active", active); Call Name Of procedure To Get SQL Statement From Procedure Connect Between Parameter Of Function And Parameter Of Procedure If Title is “” send to procedure Null

8 Method to Search about Article(Connection(Layer 2)) if (cancomment != "-1") ad.SelectCommand.Parameters.AddWithValue("@cancomment", cancomment); if (ismain != "-1") ad.SelectCommand.Parameters.AddWithValue("@ismain", ismain); if (from != "") ad.SelectCommand.Parameters.AddWithValue("@from", from); if (to != "") ad.SelectCommand.Parameters.AddWithValue("@to", to); DataTable t = new DataTable(); ad.Fill(t); return t; } Return Data table

9 Call Method in Interface (Layer 3) protected void Button1_Click(object sender, EventArgs e) { bindgride(); } void bindgride() { GridView1.DataSource = DA.ArticleSearch(TextBox1.Text, DropDownList5.SelectedValue, DropDownList2.SelectedValue, DropDownList4.SelectedValue, DropDownList3.SelectedValue, TextBox2.Text, TextBox3.Text); GridView1.DataBind(); } Set Data Source And Bind Grid View

10 Procedure to add and edit articles (First Layer) ALTER PROCEDURE [dbo].[ArtecalAddEdit] ( @ID int =null, @Title nvarchar(100), @Summary nvarchar(300), @Details ntext, @CategoryID int, @Active bit, @IsMain bit, @ImageID int, @CanComment bit, @UserID int ) as Parameters of procedure

11 if @ID is null begin insert into Article(Title,Summary,Details, CategoryID, Active, IsMain, ImageID, CanComment, IsDelete, UserID, LastUpdate,insertdate) values( @Title, @Summary, @Details, @CategoryID, @Active, @IsMain, @ImageID, @CanComment,0, @UserID,getdate(),getdate()) end else begin update Article set Title=@Title, Summary=@Summary, CategoryID=@CategoryID, Details=@Details, Active=@Active, IsMain=@IsMain, ImageID=@ImageID, CanComment=@CanComment, UserID=@UserID where ID=@ID Article Add Article edit

12 public int ArticleAddEdit(string ID, string Title, string Summary, string Details, string CategoryID, bool Active, bool IsMain, string ImageID, bool CanComment, string UserID) { SqlCommand cmd = new SqlCommand("ArtecalAddEdit", conn); cmd.CommandType = CommandType.StoredProcedure; if (ID != "") cmd.Parameters.AddWithValue("@ID", ID); cmd.Parameters.AddWithValue("@Title", Title); cmd.Parameters.AddWithValue("@Summary", Summary); cmd.Parameters.AddWithValue("@Details", Details); cmd.Parameters.AddWithValue("@CategoryID", CategoryID); cmd.Parameters.AddWithValue("@Active", Active); cmd.Parameters.AddWithValue("@IsMain", IsMain); cmd.Parameters.AddWithValue("@ImageID", ImageID); cmd.Parameters.AddWithValue("@CanComment", CanComment); cmd.Parameters.AddWithValue("@UserID", UserID); return cmd.ExecuteNonQuery(); } (Second Level) This Method Used to Add Article and edit Article


14 protected void Page_Load(object sender, EventArgs e) { if(!IsPostBack) { if (Request.QueryString["id"] != null) { DropDownList1.DataBind(); DataTable d = DA.ArticleGet(Request.QueryString["id"]); if (d.Rows.Count != 0) { TextBox1.Text = d.Rows[0]["Title"].ToString(); TextBox2.Text = d.Rows[0]["Summary"].ToString(); TextBox3.Text = d.Rows[0]["Details"].ToString(); txtImageID.Text = d.Rows[0]["ImageID"].ToString(); DropDownList1.SelectedValue = d.Rows[0]["CategoryID"].ToString(); CheckBox1.Checked = Convert.ToBoolean(d.Rows[0]["Active"].ToString()); CheckBox2.Checked = Convert.ToBoolean(d.Rows[0]["IsMain"].ToString()); CheckBox2.Checked = Convert.ToBoolean(d.Rows[0]["CanComment"].ToString()); btnadd.Text = "update"; } This Part in Article Add Edit This code Test if There is request id,it will get information about this Article if exist

15 protected void Button1_Click(object sender, EventArgs e) { if (btnadd.Text == "add") { DA.ArticleAddEdit("",TextBox1.Text,TextBox2.Text,TextBox3.Text,DropDownList1.Sel ectedValue,CheckBox1.Checked,CheckBox2.Checked,txtImageID.Text,CheckBox3.Ch ecked,UserID); TextBox1.Text = TextBox2.Text = TextBox3.Text = txtImageID.Text = ""; “; تمت الاضافه بنجاح “ Label2.Text = } else { DA.ArticleAddEdit(Request.QueryString["id"], TextBox1.Text, TextBox2.Text, TextBox3.Text, DropDownList1.SelectedValue, CheckBox1.Checked, CheckBox2.Checked, txtImageID.Text, CheckBox3.Checked,UserID); TextBox1.Text = TextBox2.Text = TextBox3.Text = txtImageID.Text = ""; “; تمت العملية بنجاح " Label2.Text = } Add Article Edit Article

16 this part to Change Active State of Article ALTER PROCEDURE [dbo].[changechecked] ( @ID int, @UserID int ) as update Article set UserID =@UserID,IsDelete=1 where ID=@ID Procedure to Change Active State Take Two Parameter ID of Article, UserID who make Change

17 public int AcctiveState(string ID, string UserID) { SqlCommand cc = new SqlCommand("changechecked", conn); cc.CommandType = CommandType.StoredProcedure; cc.Parameters.AddWithValue("@ID", ID); cc.Parameters.AddWithValue("@UserID", UserID); return cc.ExecuteNonQuery(); } Call Procedure in DataAccess

18 Ajax if (Request.QueryString["jop"] == "ActiveArticleCategory") { string id = Request.QueryString["id"]; bool chec = Convert.ToBoolean(Request.QueryString["active"]); DA. AcctiveState(id, UserID, chec); Response.Write("1"); } This part in Ajax page to call method Active State in (Data Access)

19 $("[id$=cbShowInGallery]").click(function(){ var id =$(this).attr("ID"); $.get("AJAX.aspx?jop=videoManage",{ rand: Math.random(), ShowInGallery:$(this).attr("checked"), id:$(this).parent().attr("id")},function(){}); }); From Article page Manage Send Article ID (Parameter of method Active State )To Ajax Page to Complete Operation

20 Click To Chick box Active to Change User Active Click To Chick box Active to Change User Active NOT : Admin Can not Change his Permission NOT : Admin Can not Change his Permission


22 Component Of Permission List

23 User Permission DA.UserPermissionDeleteAll(Request.QueryString["id"]); foreach (DataListItem i in dlPermission.Items) { CheckBox cbParent = (CheckBox)i.FindControl("cbParent"); CheckBoxList cplChildren = (CheckBoxList)i.FindControl("cblChildren"); HiddenField hdn = (HiddenField)i.FindControl("hdnID"); if (cbParent.Checked) DA.UserPermissionAdd(Request.QueryString["id"], hdn.Value); cbParent.Checked = DA.HaveUserThisPermission(Request.QueryString["id"], hdn.Value); foreach (ListItem l2 in cplChildren.Items) { if (l2.Selected) { DA.UserPermissionAdd(Request.QueryString["id"], l2.Value); } l2.Selected = DA.HaveUserThisPermission(Request.QueryString["id"], l2.Value); }} Find Controller Add Permission to this User If has This Permission Chick box will be checked Add Permission to this User

24 User Permission Add Procedure ALTER PROCEDURE [dbo].[UserPermissionAdd] ( @UserID int, @PermissionID int ) as insert into UserPermission(UserID, PermissionID) values(@UserID,@PermissionID) Take Two parameters User ID, Permission ID

25 Function User Permission Add public int UserPermissionAdd(String UserID, string PermissionID) { SqlCommand cc = new SqlCommand("UserPermissionAdd", conn); cc.CommandType = CommandType.StoredProcedure; cc.Parameters.AddWithValue("@UserID", UserID); cc.Parameters.AddWithValue("@PermissionID", PermissionID); return cc.ExecuteNonQuery(); } Return number of rows that’s affected

26 Procedure to Test If This User Has this Permission ALTER PROCEDURE [dbo].[HasUserThisPermission] ( @UserID int, @PermissionID int ) as select * from UserPermission where UserID=@UserID and PermissionID=@PermissionID Take rows of permissions From User Permission Table

27 Function HasUserThisPermission public Boolean HaveUserThisPermission(String UserID, string PermissionID) { SqlDataAdapter DA = new SqlDataAdapter("HasUserThisPermission", conn); DA.SelectCommand.CommandType = CommandType.StoredProcedure; DA.SelectCommand.Parameters.AddWithValue("@UserID", UserID); DA.SelectCommand.Parameters.AddWithValue("@PermissionID", PermissionID); DataTable DT = new DataTable(); DA.Fill(DT); return DT.Rows.Count > 0; } The function return number of rows If number of rows = 0 The user does not has the Permission If Number of rows > 0 The User Has the permission

28 Control Access of Users According his permission string CurruntPage = Request.CurrentExecutionFilePath.ToLower(); string FolderName = System.IO.Path.GetDirectoryName(CurruntPage); if (CurruntPage.ToLower().Contains("admin")) { if (Request.IsAuthenticated) { string[] sp = Context.User.Identity.Name.Split('\n'); UserID = sp[0]; UserName = sp[1]; Name = sp[2]; } Test if the page that user visit in folder Admin Returns the name of the folder that contains the page that the User wants to link to it

29 CurruntPage = System.IO.Path.GetFileName(CurruntPage); if (!DA.ThisUserHasPermission(UserID, CurruntPage)) { Response.Redirect("~/login.aspx"); } DataTable DT = DA.UserGet1(UserID); if (!Convert.ToBoolean(DT.Rows[0]["Active"])) { System.Web.Security.FormsAuthentication.SignOut(); Response.Redirect("~/Login.aspx"); return; } Get Name of Page Test if User Has the Permission If User dose not has the permission or not active redirect him to login

30 Client Side

31 Home News $(document).ready(function () { $('marquee').marquee('pointer').mouseover(function () { $(this).trigger('stop'); }).mouseout(function () { $(this).trigger('start'); }); To make bar news walk and stop when mouse over Bar news

32 Fill News Bar From DataBase DataTable DT = DA.GetLatestArticles(); if (DT.Rows.Count > 0) { StringBuilder sb = new StringBuilder(); foreach (DataRow r in DT.Rows) sb.Append(" " + r["Title"] + " | "); sb.Remove(sb.Length - 3, 3); newsLine.InnerHtml = sb.ToString(); }

33 To Fill Poll From Data Base ' runat="server" /> ">' '(' '%) Radio Button To Draw Percent

34 DataTable dt = DA.pollSearch("", "1", "", ""); int i = 0; if (dt.Rows.Count > 0) { hdnQID.Value = dt.Rows[0]["id"].ToString(); ltQuestion.Text = "'" + dt.Rows[0]["Question"].ToString() + "'"; rpChoice.DataSource = DA.GetPollChoice(dt.Rows[0]["ID"].ToString()); rpChoice.DataBind(); } else pollBox.Visible = false; } protected void rpChoice_ItemDataBound(object sender, RepeaterItemEventArgs e) { RadioButton rb = (RadioButton)e.Item.FindControl("rbChoice"); if (rb != null) { if (Request.Cookies["qid"] != null && Request.Cookies["qid"].Value == DataBinder.Eval(e.Item.DataItem, "QuestionID").ToString()) { rb.Enabled = false; } rb.Attributes.Add("cid", DataBinder.Eval(e.Item.DataItem, "ID").ToString()); } Get Poll Question From Database Set Data Source Of rpChoice If Client Is vote, The Choices are Disabled Test if Client is Voted to this Question Store choice ID in the Parent of Chick box

35 Home Poll var arrayColor=Array('red','orange','yallow','blue','green'); var i=0; $(".result").each(function(){ $(this).prepend(" "); var value=$(this).children(":eq(1)").attr("value"); $(this).children(":eq(0)").css({width:(value*220/100),b ackgroundColor:arrayColor[i++]}); To Draw poll Chaises

36 $("#poll").click(function(){ if($("[id$=rbChoice]").filter(":checked").size()>0) { var qidval=$("[id$=hdnQID]").val(); var idval=$("[id$=rbChoice]").filter(":checked").parent().attr("cid"); $.get("AJAX.aspx?job=vote",{rand:Math.random(),cid:cidval,qid:qidval},functi on(data){ if(data==0) { “); لقد قمت بالتصويت مسبقا ") alert } }); } else { “); return false; } الرجاء اختيار احد الخيارات ") alert Send Question ID and Choice ID To Ajax to Vote

37 if (Request.QueryString["job"] == "vote") { string qid = Request.QueryString["qid"]; string cid = Request.QueryString["cid"]; if (Request.Cookies["qid"] != null && Request.Cookies["qid"].Value == qid) { Response.Write("0"); } else { DA.AddOneToChoise(cid); Response.Cookies.Add(new HttpCookie("qid", qid)); Response.Cookies["qid"].Expires = DateTime.Now.AddDays(14); Response.Write("1"); } Return 0 if Client is voted Return 1 if Client is voted

38 Thank you

Download ppt "Code Document OF Second Project (News Web Site) Supervision of teacher : Mohamed Mike Students Group : Abd al rahman abu nada Osama ja3ror Wesal abu el."

Similar presentations

Ads by Google