Code Document OF Second Project (News Web Site) Supervision of teacher : Mohamed Mike Students Group : Abd al rahman abu nada Osama ja3ror Wesal abu el.

Code Document OF Second Project (News Web Site) Supervision of teacher : Mohamed Mike Students Group : Abd al rahman abu nada Osama ja3ror Wesal abu el tawahen

Content User Permission Article Add Edit Search About Article Article Add Edit Client Side Home NewsHome Poll 1- 2- 3- 4- 5-

Strategy and tools Calling method from interface Connection with procedure Low Layer SQl Statement (Procedure) Sql Server 2005 Visual Studio 2008

Article Manage

Sql Procedure To Search About Article (Layer 1) ALTER PROCEDURE [dbo].[SearchArticle] ( @Title nvarchar(50) =null, @CategoryID int=null, @Active bit=null, @IsMain bit=null, @from datetime=null, @to datetime=null, @CanComment bit=null ) as Parameters of procedure Name of Procedure

select ID, Title,(select name from ArticleCategory where ID=CategoryID)as catogry, Active, IsMain, CanComment, insertdate from Article where IsDelete=0 and Title like isnull(@Title,'%') and CategoryID =isnull(@CategoryID,CategoryID) and Active=isnull(@Active,Active) and IsMain=isnull(@IsMain,IsMain) and CanComment=isnull(@CanComment,CanComment)and insertdate>=isnull(@from,insertdate) and insertdate<=isnull(@to,insertdate) Body of procedure

Method to Search about Article(Connection(Layer 2)) public DataTable ArticleSearch(string Title, string categoryid, string active, string cancomment, string ismain, string from, string to) { SqlDataAdapter ad = new SqlDataAdapter("SearchArticle", conn); ad.SelectCommand.CommandType = CommandType.StoredProcedure; if (Title != "") ad.SelectCommand.Parameters.AddWithValue("@Title", "%" + Title + "%"); if(categoryid !="-1") ad.SelectCommand.Parameters.AddWithValue("@categoryid", categoryid); if (active != "-1") ad.SelectCommand.Parameters.AddWithValue("@active", active); Call Name Of procedure To Get SQL Statement From Procedure Connect Between Parameter Of Function And Parameter Of Procedure If Title is “” send to procedure Null

Method to Search about Article(Connection(Layer 2)) if (cancomment != "-1") ad.SelectCommand.Parameters.AddWithValue("@cancomment", cancomment); if (ismain != "-1") ad.SelectCommand.Parameters.AddWithValue("@ismain", ismain); if (from != "") ad.SelectCommand.Parameters.AddWithValue("@from", from); if (to != "") ad.SelectCommand.Parameters.AddWithValue("@to", to); DataTable t = new DataTable(); ad.Fill(t); return t; } Return Data table

Call Method in Interface (Layer 3) protected void Button1_Click(object sender, EventArgs e) { bindgride(); } void bindgride() { GridView1.DataSource = DA.ArticleSearch(TextBox1.Text, DropDownList5.SelectedValue, DropDownList2.SelectedValue, DropDownList4.SelectedValue, DropDownList3.SelectedValue, TextBox2.Text, TextBox3.Text); GridView1.DataBind(); } Set Data Source And Bind Grid View

Procedure to add and edit articles (First Layer) ALTER PROCEDURE [dbo].[ArtecalAddEdit] ( @ID int =null, @Title nvarchar(100), @Summary nvarchar(300), @Details ntext, @CategoryID int, @Active bit, @IsMain bit, @ImageID int, @CanComment bit, @UserID int ) as Parameters of procedure

if @ID is null begin insert into Article(Title,Summary,Details, CategoryID, Active, IsMain, ImageID, CanComment, IsDelete, UserID, LastUpdate,insertdate) values( @Title, @Summary, @Details, @CategoryID, @Active, @IsMain, @ImageID, @CanComment,0, @UserID,getdate(),getdate()) end else begin update Article set Title=@Title, Summary=@Summary, CategoryID=@CategoryID, Details=@Details, Active=@Active, IsMain=@IsMain, ImageID=@ImageID, CanComment=@CanComment, UserID=@UserID where ID=@ID Article Add Article edit

public int ArticleAddEdit(string ID, string Title, string Summary, string Details, string CategoryID, bool Active, bool IsMain, string ImageID, bool CanComment, string UserID) { SqlCommand cmd = new SqlCommand("ArtecalAddEdit", conn); cmd.CommandType = CommandType.StoredProcedure; if (ID != "") cmd.Parameters.AddWithValue("@ID", ID); cmd.Parameters.AddWithValue("@Title", Title); cmd.Parameters.AddWithValue("@Summary", Summary); cmd.Parameters.AddWithValue("@Details", Details); cmd.Parameters.AddWithValue("@CategoryID", CategoryID); cmd.Parameters.AddWithValue("@Active", Active); cmd.Parameters.AddWithValue("@IsMain", IsMain); cmd.Parameters.AddWithValue("@ImageID", ImageID); cmd.Parameters.AddWithValue("@CanComment", CanComment); cmd.Parameters.AddWithValue("@UserID", UserID); return cmd.ExecuteNonQuery(); } (Second Level) This Method Used to Add Article and edit Article

protected void Page_Load(object sender, EventArgs e) { if(!IsPostBack) { if (Request.QueryString["id"] != null) { DropDownList1.DataBind(); DataTable d = DA.ArticleGet(Request.QueryString["id"]); if (d.Rows.Count != 0) { TextBox1.Text = d.Rows[0]["Title"].ToString(); TextBox2.Text = d.Rows[0]["Summary"].ToString(); TextBox3.Text = d.Rows[0]["Details"].ToString(); txtImageID.Text = d.Rows[0]["ImageID"].ToString(); DropDownList1.SelectedValue = d.Rows[0]["CategoryID"].ToString(); CheckBox1.Checked = Convert.ToBoolean(d.Rows[0]["Active"].ToString()); CheckBox2.Checked = Convert.ToBoolean(d.Rows[0]["IsMain"].ToString()); CheckBox2.Checked = Convert.ToBoolean(d.Rows[0]["CanComment"].ToString()); btnadd.Text = "update"; } This Part in Article Add Edit This code Test if There is request id,it will get information about this Article if exist

protected void Button1_Click(object sender, EventArgs e) { if (btnadd.Text == "add") { DA.ArticleAddEdit("",TextBox1.Text,TextBox2.Text,TextBox3.Text,DropDownList1.Sel ectedValue,CheckBox1.Checked,CheckBox2.Checked,txtImageID.Text,CheckBox3.Ch ecked,UserID); TextBox1.Text = TextBox2.Text = TextBox3.Text = txtImageID.Text = ""; “; تمت الاضافه بنجاح “ Label2.Text = } else { DA.ArticleAddEdit(Request.QueryString["id"], TextBox1.Text, TextBox2.Text, TextBox3.Text, DropDownList1.SelectedValue, CheckBox1.Checked, CheckBox2.Checked, txtImageID.Text, CheckBox3.Checked,UserID); TextBox1.Text = TextBox2.Text = TextBox3.Text = txtImageID.Text = ""; “; تمت العملية بنجاح " Label2.Text = } Add Article Edit Article

this part to Change Active State of Article ALTER PROCEDURE [dbo].[changechecked] ( @ID int, @UserID int ) as update Article set UserID =@UserID,IsDelete=1 where ID=@ID Procedure to Change Active State Take Two Parameter ID of Article, UserID who make Change

public int AcctiveState(string ID, string UserID) { SqlCommand cc = new SqlCommand("changechecked", conn); cc.CommandType = CommandType.StoredProcedure; cc.Parameters.AddWithValue("@ID", ID); cc.Parameters.AddWithValue("@UserID", UserID); return cc.ExecuteNonQuery(); } Call Procedure in DataAccess

Ajax if (Request.QueryString["jop"] == "ActiveArticleCategory") { string id = Request.QueryString["id"]; bool chec = Convert.ToBoolean(Request.QueryString["active"]); DA. AcctiveState(id, UserID, chec); Response.Write("1"); } This part in Ajax page to call method Active State in (Data Access)

$("[id$=cbShowInGallery]").click(function(){ var id =$(this).attr("ID"); $.get("AJAX.aspx?jop=videoManage",{ rand: Math.random(), ShowInGallery:$(this).attr("checked"), id:$(this).parent().attr("id")},function(){}); }); From Article page Manage Send Article ID (Parameter of method Active State )To Ajax Page to Complete Operation

Click To Chick box Active to Change User Active Click To Chick box Active to Change User Active NOT : Admin Can not Change his Permission NOT : Admin Can not Change his Permission

Component Of Permission List

User Permission DA.UserPermissionDeleteAll(Request.QueryString["id"]); foreach (DataListItem i in dlPermission.Items) { CheckBox cbParent = (CheckBox)i.FindControl("cbParent"); CheckBoxList cplChildren = (CheckBoxList)i.FindControl("cblChildren"); HiddenField hdn = (HiddenField)i.FindControl("hdnID"); if (cbParent.Checked) DA.UserPermissionAdd(Request.QueryString["id"], hdn.Value); cbParent.Checked = DA.HaveUserThisPermission(Request.QueryString["id"], hdn.Value); foreach (ListItem l2 in cplChildren.Items) { if (l2.Selected) { DA.UserPermissionAdd(Request.QueryString["id"], l2.Value); } l2.Selected = DA.HaveUserThisPermission(Request.QueryString["id"], l2.Value); }} Find Controller Add Permission to this User If has This Permission Chick box will be checked Add Permission to this User

User Permission Add Procedure ALTER PROCEDURE [dbo].[UserPermissionAdd] ( @UserID int, @PermissionID int ) as insert into UserPermission(UserID, PermissionID) values(@UserID,@PermissionID) Take Two parameters User ID, Permission ID

Function User Permission Add public int UserPermissionAdd(String UserID, string PermissionID) { SqlCommand cc = new SqlCommand("UserPermissionAdd", conn); cc.CommandType = CommandType.StoredProcedure; cc.Parameters.AddWithValue("@UserID", UserID); cc.Parameters.AddWithValue("@PermissionID", PermissionID); return cc.ExecuteNonQuery(); } Return number of rows that’s affected

Procedure to Test If This User Has this Permission ALTER PROCEDURE [dbo].[HasUserThisPermission] ( @UserID int, @PermissionID int ) as select * from UserPermission where UserID=@UserID and PermissionID=@PermissionID Take rows of permissions From User Permission Table

Function HasUserThisPermission public Boolean HaveUserThisPermission(String UserID, string PermissionID) { SqlDataAdapter DA = new SqlDataAdapter("HasUserThisPermission", conn); DA.SelectCommand.CommandType = CommandType.StoredProcedure; DA.SelectCommand.Parameters.AddWithValue("@UserID", UserID); DA.SelectCommand.Parameters.AddWithValue("@PermissionID", PermissionID); DataTable DT = new DataTable(); DA.Fill(DT); return DT.Rows.Count > 0; } The function return number of rows If number of rows = 0 The user does not has the Permission If Number of rows > 0 The User Has the permission

Control Access of Users According his permission string CurruntPage = Request.CurrentExecutionFilePath.ToLower(); string FolderName = System.IO.Path.GetDirectoryName(CurruntPage); if (CurruntPage.ToLower().Contains("admin")) { if (Request.IsAuthenticated) { string[] sp = Context.User.Identity.Name.Split('\n'); UserID = sp[0]; UserName = sp[1]; Name = sp[2]; } Test if the page that user visit in folder Admin Returns the name of the folder that contains the page that the User wants to link to it

CurruntPage = System.IO.Path.GetFileName(CurruntPage); if (!DA.ThisUserHasPermission(UserID, CurruntPage)) { Response.Redirect("~/login.aspx"); } DataTable DT = DA.UserGet1(UserID); if (!Convert.ToBoolean(DT.Rows[0]["Active"])) { System.Web.Security.FormsAuthentication.SignOut(); Response.Redirect("~/Login.aspx"); return; } Get Name of Page Test if User Has the Permission If User dose not has the permission or not active redirect him to login

Client Side

Home News $(document).ready(function () { $('marquee').marquee('pointer').mouseover(function () { $(this).trigger('stop'); }).mouseout(function () { $(this).trigger('start'); }); To make bar news walk and stop when mouse over Bar news

Fill News Bar From DataBase DataTable DT = DA.GetLatestArticles(); if (DT.Rows.Count > 0) { StringBuilder sb = new StringBuilder(); foreach (DataRow r in DT.Rows) sb.Append(" " + r["Title"] + " | "); sb.Remove(sb.Length - 3, 3); newsLine.InnerHtml = sb.ToString(); }

To Fill Poll From Data Base ' runat="server" /> ">' '(' '%) Radio Button To Draw Percent

DataTable dt = DA.pollSearch("", "1", "", ""); int i = 0; if (dt.Rows.Count > 0) { hdnQID.Value = dt.Rows[0]["id"].ToString(); ltQuestion.Text = "'" + dt.Rows[0]["Question"].ToString() + "'"; rpChoice.DataSource = DA.GetPollChoice(dt.Rows[0]["ID"].ToString()); rpChoice.DataBind(); } else pollBox.Visible = false; } protected void rpChoice_ItemDataBound(object sender, RepeaterItemEventArgs e) { RadioButton rb = (RadioButton)e.Item.FindControl("rbChoice"); if (rb != null) { if (Request.Cookies["qid"] != null && Request.Cookies["qid"].Value == DataBinder.Eval(e.Item.DataItem, "QuestionID").ToString()) { rb.Enabled = false; } rb.Attributes.Add("cid", DataBinder.Eval(e.Item.DataItem, "ID").ToString()); } Get Poll Question From Database Set Data Source Of rpChoice If Client Is vote, The Choices are Disabled Test if Client is Voted to this Question Store choice ID in the Parent of Chick box

Home Poll var arrayColor=Array('red','orange','yallow','blue','green'); var i=0; $(".result").each(function(){ $(this).prepend(" "); var value=$(this).children(":eq(1)").attr("value"); $(this).children(":eq(0)").css({width:(value*220/100),b ackgroundColor:arrayColor[i++]}); To Draw poll Chaises

$("#poll").click(function(){ if($("[id$=rbChoice]").filter(":checked").size()>0) { var qidval=$("[id$=hdnQID]").val(); var idval=$("[id$=rbChoice]").filter(":checked").parent().attr("cid"); $.get("AJAX.aspx?job=vote",{rand:Math.random(),cid:cidval,qid:qidval},functi on(data){ if(data==0) { “); لقد قمت بالتصويت مسبقا ") alert } }); } else { “); return false; } الرجاء اختيار احد الخيارات ") alert Send Question ID and Choice ID To Ajax to Vote

if (Request.QueryString["job"] == "vote") { string qid = Request.QueryString["qid"]; string cid = Request.QueryString["cid"]; if (Request.Cookies["qid"] != null && Request.Cookies["qid"].Value == qid) { Response.Write("0"); } else { DA.AddOneToChoise(cid); Response.Cookies.Add(new HttpCookie("qid", qid)); Response.Cookies["qid"].Expires = DateTime.Now.AddDays(14); Response.Write("1"); } Return 0 if Client is voted Return 1 if Client is voted

Thank you

Code Document OF Second Project (News Web Site) Supervision of teacher : Mohamed Mike Students Group : Abd al rahman abu nada Osama ja3ror Wesal abu el.

Similar presentations

Presentation on theme: "Code Document OF Second Project (News Web Site) Supervision of teacher : Mohamed Mike Students Group : Abd al rahman abu nada Osama ja3ror Wesal abu el."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Code Document OF Second Project (News Web Site) Supervision of teacher : Mohamed Mike Students Group : Abd al rahman abu nada Osama ja3ror Wesal abu el.

Similar presentations

Presentation on theme: "Code Document OF Second Project (News Web Site) Supervision of teacher : Mohamed Mike Students Group : Abd al rahman abu nada Osama ja3ror Wesal abu el."— Presentation transcript:

Similar presentations

About project

Feedback