1 using System;
2 using System.Collections.Generic;
3 using System.Text;
4 using System.Configuration;
5 using System.Data.SqlClient;
6 using System.Data;
7 using System.Collections;
8
9 namespace Common
10 {
11 /// <summary>
12 /// SqlHelper类提供很高的数据访问性能,
13 /// 使用SqlClient类的通用定义.
14 /// </summary>
15 public abstract class SqlHelper
16 {
17 //定义数据库连接串
18 public static readonly string CONN_STRING =
19 ConfigurationManager.ConnectionStrings["ConnString"].ConnectionString;
20
21 public static readonly string CONN = "server=.;uid=sa;pwd=sa;database=MyOffice";
22 // 存贮Cache缓存的Hashtable集合
23 private static Hashtable parmCache = Hashtable.Synchronized(new Hashtable());
24
25 /// <summary>
26 /// 使用连接字符串,执行一个SqlCommand命令(没有记录返回)
27 /// 使用提供的参数集.
28 /// </summary>
29 /// <param name="connectionString">一个有效的SqlConnection连接串</param>
30 /// <param name="commandType">命令类型CommandType(stored procedure, text, etc.)</param>
31 /// <param name="commandText">存贮过程名称或是一个T-SQL语句串</param>
32 /// <param name="commandParameters">执行命令的参数集</param>
33 /// <returns>受此命令影响的行数</returns>
34 public static int ExecuteNonQuery(string connectionString, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
35 {
36
37 SqlCommand cmd = new SqlCommand();
38
39 using (SqlConnection conn = new SqlConnection(connectionString))
40 {
41 PrepareCommand(cmd, conn, null, cmdType, cmdText, commandParameters);
42
43 int val = cmd.ExecuteNonQuery();
44
45 cmd.Parameters.Clear();
46
47 return val;
48 }
49 }
50
51 /// <summary>
52 /// 在一个存在的连接上执行数据库的命令操作
53 /// 使用提供的参数集.
54 /// </summary>
55 /// <param name="conn">一个存在的数据库连接对象</param>
56 /// <param name="commandType">命令类型CommandType (stored procedure, text, etc.)</param>
57 /// <param name="commandText">存贮过程名称或是一个T-SQL语句串</param>
58 /// <param name="commandParameters">执行命令的参数集</param>
59 /// <returns>受此命令影响的行数</returns>
60 public static int ExecuteNonQuery(SqlConnection connection, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
61 {
62
63 SqlCommand cmd = new SqlCommand();
64
65 PrepareCommand(cmd, connection, null, cmdType, cmdText, commandParameters);
66
67 int val = cmd.ExecuteNonQuery();
68
69 cmd.Parameters.Clear();
70
71 return val;
72
73 }
74
75
76 /// <summary>
77 /// 在一个事务的连接上执行数据库的命令操作
78 /// 使用提供的参数集.
79 /// </summary>
80 /// <param name="trans">一个存在的事务</param>
81 /// <param name="commandType">命令类型CommandType (stored procedure, text, etc.)</param>
82 /// <param name="commandText">存贮过程名称或是一个T-SQL语句串</param>
83 /// <param name="commandParameters">执行命令的参数集</param>
84 /// <returns>受此命令影响的行数</returns>
85 public static int ExecuteNonQuery(SqlTransaction trans, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
86 {
87 SqlCommand cmd = new SqlCommand();
88 PrepareCommand(cmd, trans.Connection, trans, cmdType, cmdText, commandParameters);
89
90 int val = cmd.ExecuteNonQuery();
91
92 cmd.Parameters.Clear();
93
94 return val;
95 }
96
97 /// <summary>
98 /// 在一个连接串上执行一个命令,返回一个SqlDataReader对象
99 /// 使用提供的参数.
100 /// </summary>
101 /// <param name="connectionString">一个有效的SqlConnection连接串</param>
102 /// <param name="commandType">命令类型CommandType(stored procedure, text, etc.)</param>
103 /// <param name="commandText">存贮过程名称或是一个T-SQL语句串</param>
104 /// <param name="commandParameters">执行命令的参数集</param>
105 /// <returns>一个结果集对象SqlDataReader</returns>
106 public static SqlDataReader ExecuteReader(string connectionString, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
107 {
108 SqlCommand cmd = new SqlCommand();
109
110 SqlConnection conn = new SqlConnection(connectionString);
111
112
113 // 如果不存在要查询的对象,则发生异常
114 // 连接要关闭
115 // CommandBehavior.CloseConnection在异常时不发生作用
116 try
117 {
118 PrepareCommand(cmd, conn, null, cmdType, cmdText, commandParameters);
119
120 SqlDataReader rdr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
121
122 cmd.Parameters.Clear();
123
124 return rdr;
125 }
126 catch
127 {
128 conn.Close();
129 throw;
130 }
131 }
132
133
134
135 /// <summary>
136 /// 在一个连接串上执行一个命令,返回表中第一行,第一列的值
137 /// 使用提供的参数.
138 /// </summary>
139 /// <param name="connectionString">一个有效的SqlConnection连接串</param>
140 /// <param name="commandType">命令类型CommandType(stored procedure, text, etc.)</param>
141 /// <param name="commandText">存贮过程名称或是一个T-SQL语句串</param>
142 /// <param name="commandParameters">执行命令的参数集</param>
143 /// <returns>返回的对象,在使用时记得类型转换</returns>
144 public static object ExecuteScalar(string connectionString, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
145 {
146 SqlCommand cmd = new SqlCommand();
147
148 using (SqlConnection connection = new SqlConnection(connectionString))
149 {
150 PrepareCommand(cmd, connection, null, cmdType, cmdText, commandParameters);
151
152 object val = cmd.ExecuteScalar();
153
154 cmd.Parameters.Clear();
155
156 return val;
157 }
158 }
159
160
161
162 /// <summary>
163 /// 在一个连接上执行一个命令,返回表中第一行,第一列的值
164 /// 使用提供的参数.
165 /// </summary>
166 /// <param name="connectionString">一个有效的SqlConnection连接</param>
167 /// <param name="commandType">命令类型CommandType(stored procedure, text, etc.)</param>
168 /// <param name="commandText">存贮过程名称或是一个T-SQL语句串</param>
169 /// <param name="commandParameters">执行命令的参数集</param>
170 /// <returns>返回的对象,在使用时记得类型转换</returns>
171 public static object ExecuteScalar(SqlConnection connection, CommandType cmdType, string cmdText, params SqlParameter[] commandParameters)
172 {
173 SqlCommand cmd = new SqlCommand();
174
175 PrepareCommand(cmd, connection, null, cmdType, cmdText, commandParameters);
176
177 object val = cmd.ExecuteScalar();
178
179 cmd.Parameters.Clear();
180
181 return val;
182 }
183
184 /// <summary>
185 /// 在一个连接串上执行一个命令,返回数据集
186 /// 使用提供的参数.
187 /// </summary>
188 /// <param name="connectionString">一个有效的SqlConnection连接串</param>
189 /// <param name="cmdType">命令类型CommandType(stored procedure, text, etc.)</param>
190 /// <param name="commandText">存贮过程名称或是一个T-SQL语句串</param>
191 /// <param name="commandParameters">执行命令的参数集</param>
192 /// <returns>返回数据集</returns>
193 public static DataSet ExecuteDataSet(string connectionString, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
194 {
195
196 SqlCommand cmd = new SqlCommand();
197
198 using (SqlConnection conn = new SqlConnection(connectionString))
199 {
200 PrepareCommand(cmd, conn, null, commandType, commandText, commandParameters);
201
202 SqlDataAdapter adapter = new SqlDataAdapter(cmd);
203 DataSet ds = new DataSet();
204 adapter.Fill(ds);
205
206 cmd.Parameters.Clear();
207 return ds;
208 }
209 }
210
211 /// <summary>
212 /// 在缓存中添加参数数组
213 /// </summary>
214 /// <param name="cacheKey">参数的Key</param>
215 /// <param name="cmdParms">参数数组</param>
216 public static void CacheParameters(string cacheKey, params SqlParameter[] commandParameters)
217 {
218 parmCache = commandParameters;
219 }
220
221
222
223 /// <summary>
224 /// 提取缓存的参数数组
225 /// </summary>
226 /// <param name="cacheKey">查找缓存的key</param>
227 /// <returns>返回被缓存的参数数组</returns>
228 public static SqlParameter[] GetCachedParameters(string cacheKey)
229 {
230 SqlParameter[] cachedParms = (SqlParameter[])parmCache;
231
232 if (cachedParms == null)
233 return null;
234
235 SqlParameter[] clonedParms = new SqlParameter[cachedParms.Length];
236
237 for (int i = 0, j = cachedParms.Length; i < j; i++)
238 clonedParms = (SqlParameter)((ICloneable)cachedParms).Clone();
239
240 return clonedParms;
241 }
242
243
244
245 /// <summary>
246 /// 提供一个SqlCommand对象的设置
247 /// </summary>
248 /// <param name="cmd">SqlCommand对象</param>
249 /// <param name="conn">SqlConnection 对象</param>
250 /// <param name="trans">SqlTransaction 对象</param>
251 /// <param name="cmdType">CommandType 如存贮过程,T-SQL</param>
252 /// <param name="cmdText">存贮过程名或查询串</param>
253 /// <param name="cmdParms">命令中用到的参数集</param>
254 private static void PrepareCommand(SqlCommand cmd, SqlConnection conn, SqlTransaction trans, CommandType cmdType, string cmdText, SqlParameter[] cmdParms)
255 {
256 if (conn.State != ConnectionState.Open)
257 conn.Open();
258
259 cmd.Connection = conn;
260 cmd.CommandText = cmdText;
261
262 if (trans != null)
263 cmd.Transaction = trans;
264
265 cmd.CommandType = cmdType;
266
267 if (cmdParms != null)
268 {
269 foreach (SqlParameter parm in cmdParms)
270 cmd.Parameters.Add(parm);
271 }
272 }
273 }
274 }
275
276 ----访问----
277 using System;
278 using System.Collections.Generic;
279 using System.Text;
280 using System.Data;
281 using System.Data.SqlClient;
282 using Common;
283 using team1.Model;
284
285 namespace team1.SQLServerDAL
286 {
287
288
289 /// <summary>
290 /// 员工信息表的数据访问操作
291 /// </summary>
292 public partial class UserInfoService
293 {
294
295
296 /// <summary>
297 /// 获得所有员工信息表
298 /// </summary>
299 /// <returns>员工信息表集合</returns>
300 public IList<UserInfo> GetAllUserInfos2()
301 {
302 //string sql = "SELECT UserId,UserName,Password,DepartId,Gender,UserStateId " +
303 // "FROM UserInfo";
304
305 IList<UserInfo> allUserInfos = new List<UserInfo>();
306
307 using (SqlDataReader rdr = SqlHelper.ExecuteReader(
308 SqlHelper.CONN_STRING, CommandType.StoredProcedure, ""))
309 {
310 while (rdr.Read())
311 {
312 UserInfo userInfo = new UserInfo();
313 userInfo.UserId = (string)rdr["UserId"];
314 userInfo.UserName = (string)rdr["UserName"];
315 userInfo.Password = (string)rdr["Password"];
316 userInfo.DepartId = (int)rdr["DepartId"];
317 userInfo.Gender = (int)rdr["Gender"];
318 userInfo.UserStateId = (int)rdr["UserStateId"];
319 userInfo.UserStateName = (string)rdr["UserStateName"];
320 userInfo.DepartName = (string)rdr["DepartName"];
321 userInfo.RoleName = (string)rdr["RoleName"];
322
323 allUserInfos.Add(userInfo);
324 }
325 }
326
327 return allUserInfos;
328 }
329
330
331 #region 验证用户登陆信息
332
333 public UserInfo CheckLogin(string loginID, string loginPwd)
334 {
335 SqlParameter[] pas = new SqlParameter[]
336 {
337 new SqlParameter("@userId",SqlDbType.VarChar,50),
338 new SqlParameter("@password",SqlDbType.VarChar,50)
339 };
340
341 pas[0].Value = loginID;
342 pas[1].Value = loginPwd;
343
344 using (SqlDataReader rdr = SqlHelper.ExecuteReader(
345 SqlHelper.CONN_STRING, CommandType.StoredProcedure, "", pas))
346 {
347 if (rdr.Read())
348 {
349 UserInfo userInfo = new UserInfo();
350 userInfo.UserId = (string)rdr["UserId"];
351 userInfo.UserName = (string)rdr["UserName"];
352 userInfo.Password = (string)rdr["Password"];
353 userInfo.DepartId = (int)rdr["DepartId"];
354 userInfo.Gender = (int)rdr["Gender"];
355 userInfo.UserStateId = (int)rdr["UserStateId"];
356 userInfo.DepartName = (string)rdr["DepartName"];
357 userInfo.RoleName = (string)rdr["RoleName"];
358 userInfo.RoleId = (int)rdr["RoleId"];
359 return userInfo;
360 }
361 }
362 return null;
363 }
364
365 /// <summary>
366 /// 判断用户名称是否存在
367 /// </summary>
368 /// <param name="loginID">用户登陆ID</param>
369 /// <returns></returns>
370 public bool CheckLoginByLoginId(string loginID)
371 {
372 string sql = "Select * from userInfo where UserId='" + loginID + "'";
373 using (SqlDataReader rdr = SqlHelper.ExecuteReader(
374 SqlHelper.CONN_STRING, CommandType.Text, sql))
375 {
376 if (rdr.Read())
377 {
378 return true;
379 }
380 return false;
381 }
382 }
383
384 //根据用户名称获得密码
385 public string CheckLoginByLoginPwd(string loginID)
386 {
387 string sql = "Select password from userInfo where UserId='" + loginID + "'";
388 return (string)SqlHelper.ExecuteScalar(SqlHelper.CONN_STRING, CommandType.Text, sql);
389 }
390 #endregion
391
392 /// <summary>
393 /// 根据输入用户名前缀返回相关用户名
394 /// </summary>
395 /// <param name="foreName">用户输入姓名前缀</param>
396 /// <param name="count">数量</param>
397 /// <returns></returns>
398 public IList<string> GetUsersByPreName(string foreName, int count)
399 {
400 IList<string> user = new List<string>();
401
402 string sql = "select top " + count + " * from UserInfo where UserName like '" + foreName.Trim() + "%'";
403
404 using (SqlDataReader rdr = SqlHelper.ExecuteReader(SqlHelper.CONN_STRING, CommandType.Text, sql, null))
405 {
406 int i = 0;
407 while (rdr.Read())
408 {
409
410 UserInfo userInfo = new UserInfo();
411
412 userInfo.UserId = (string)rdr["UserId"];
413 userInfo.UserName = (string)rdr["UserName"];
414
415 try
416 {
417 user.Add(userInfo.UserName);
418 }
419 catch (Exception ex)
420 {
421 Console.WriteLine(ex.Message);
422 }
423
424
425 }
426 }
427 return user;
428 }
429
430 /// <summary>
431 /// 点击搜索范围时根据条件进行查询所有用户姓名
432 /// </summary>
433 /// <param name="branchId">机构ID</param>
434 /// <param name="departId">部门ID</param>
435 /// <param name="loginId">工号</param>
436 /// <param name="userName">用户姓名</param>
437 /// <returns></returns>
438 public IList<UserInfo> GetUserInfoSearch(int branchId, int departId, string loginId, string userName)
439 {
440 string sql = "select u.userName,u.userId from userInfo u join departInfo " +
441 "d on(u.departId=d.departId) where 1=1";
442 if (branchId != 0)
443 {
444 sql += " and d.branchId=" + branchId;
445 }
446 if (departId != 0)
447 {
448 sql += " and u.departId =" + departId;
449 }
450 if (userName != null && !userName.Trim().Equals(""))
451 {
452 sql += " and u.userName = '" + userName + "'";
453 }
454
455 if (loginId != null && !"".Equals(loginId.Trim()))
456 {
457 sql += " and u.loginId='" + loginId + "'";
458 }
459
460 if (branchId == 0 && departId == 0 && loginId.Trim() == "" && userName.Trim() == "")
461 {
462 return null;
463 }
464
465 IList<UserInfo> allUserInfos = new List<UserInfo>();
466
467 using (SqlDataReader rdr = SqlHelper.ExecuteReader(
468 SqlHelper.CONN_STRING, CommandType.Text, sql))
469 {
470 while (rdr.Read())
471 {
472 UserInfo userInfo = new UserInfo();
473 userInfo.UserId = (string)rdr["UserId"];
474 userInfo.UserName = (string)rdr["UserName"];
475 allUserInfos.Add(userInfo);
476 }
477
478 return allUserInfos;
479 }
480 }
481
482
483 public IList<UserInfo> GetUserInfoByDepartId(int departId)
484 {
485 string sql = "SELECT UserId,UserName,Password,DepartId,Gender,UserStateId FROM UserInfo where departId = " + departId;
486
487 IList<UserInfo> userInfoList = new List<UserInfo>();
488
489 using (SqlDataReader rdr = SqlHelper.ExecuteReader(
490 SqlHelper.CONN_STRING, CommandType.Text, sql))
491 {
492 while (rdr.Read())
493 {
494 UserInfo userInfo = new UserInfo();
495 userInfo.UserId = (string)rdr["UserId"];
496 userInfo.UserName = (string)rdr["UserName"];
497 userInfo.Password = (string)rdr["Password"];
498 userInfo.DepartId = (int)rdr["DepartId"];
499 userInfo.Gender = (int)rdr["Gender"];
500 userInfo.UserStateId = (int)rdr["UserStateId"];
501 userInfoList.Add(userInfo);
502 }
503 }
504
505 return userInfoList;
506
507 }
508
509 /// <summary>
510 /// 根据ID查询员工信息表2
511 /// </summary>
512 /// <param name="userId">员工信息表ID</param>
513 /// <returns>员工信息表对象</returns>
514 public UserInfo GetUserInfoByUserId2(string userId)
515 {
516 SqlParameter para = new SqlParameter("@UserId", SqlDbType.VarChar, 30);
517 para.Value = userId;
518 using (SqlDataReader rdr = SqlHelper.ExecuteReader(
519 SqlHelper.CONN_STRING, CommandType.StoredProcedure, "", para))
520 {
521 if (rdr.Read())
522 {
523 UserInfo userInfo = new UserInfo();
524 userInfo.UserId = (string)rdr["UserId"];
525 userInfo.UserName = (string)rdr["UserName"];
526 userInfo.Password = (string)rdr["Password"];
527 userInfo.DepartId = (int)rdr["DepartId"];
528 userInfo.Gender = (int)rdr["Gender"];
529 userInfo.UserStateId = (int)rdr["UserStateId"];
530
531 userInfo.UserStateName = (string)rdr["UserStateName"];
532 userInfo.DepartName = (string)rdr["DepartName"];
533 userInfo.RoleName = (string)rdr["RoleName"];
534
535 return userInfo;
536 }
537 }
538
539 return null;
540 }
541
542 /// <summary>
543 /// 根据部门编号查询用户
544 /// </summary>
545 /// <param name="departId"></param>
546 /// <returns></returns>
547 public UserInfo GetUserByDepartId(int DepartId)
548 {
549 string sql = "SELECT UserId,UserName,Password,DepartId,Gender,UserStateId " +
550 "FROM UserInfo where departId = @DepartId";
551
552 SqlParameter pa = new SqlParameter("@DepartId", SqlDbType.Int, 4);
553 pa.Value = DepartId;
554
555 using (SqlDataReader rdr = SqlHelper.ExecuteReader(
556 SqlHelper.CONN_STRING, CommandType.Text, sql, pa))
557 {
558 while (rdr.Read())
559 {
560 UserInfo userInfo = new UserInfo();
561 userInfo.UserId = (string)rdr["UserId"];
562 userInfo.UserName = (string)rdr["UserName"];
563 userInfo.Password = (string)rdr["Password"];
564 userInfo.DepartId = (int)rdr["DepartId"];
565 userInfo.Gender = (int)rdr["Gender"];
566 userInfo.UserStateId = (int)rdr["UserStateId"];
567 return userInfo;
568 }
569 }
570
571 return null;
572
573 }
574 }
575 }
