完善用户注册,增加写入通知表,数据库结构和存储过程有修改

This commit is contained in:
liuchun_0206@163.com 2016-11-11 09:09:41 +08:00
parent 1dc2eebda8
commit d022d959d3
2 changed files with 67 additions and 15 deletions

View File

@ -126,29 +126,31 @@ namespace Bootstrap.DataAccess
/// <returns></returns>
public static bool SaveUser(User p)
{
string type = "";
if (p == null) throw new ArgumentNullException("p");
bool ret = false;
if (p.UserName.Length > 50) p.UserName.Substring(0, 50);
p.PassSalt = LgbCryptography.GenerateSalt();
p.Password = LgbCryptography.ComputeHash(p.Password, p.PassSalt);
if (p.ID == 0 && p.Description.Length > 500) p.Description.Substring(0, 500);
string sql = p.ID == 0 ?
"Insert Into Users (UserName, Password, PassSalt, DisplayName, RegisterTime, ApprovedTime, Description) Values (@UserName, @Password, @PassSalt, @DisplayName, GetDate(), @ApprovedTime, @Description)" :
"Update Users set UserName = @UserName, Password = @Password, PassSalt = @PassSalt, DisplayName = @DisplayName where ID = @ID";
if ((p.ApprovedTime == null) || (p.ApprovedTime == DateTime.MinValue))
type = "0";
else
type = "1";
bool ret = false;
try
{
using (DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.Text, sql))
using (DbCommand cmd = DBAccessManager.SqlDBAccess.CreateCommand(CommandType.StoredProcedure, "Proc_SaveUsers"))
{
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@ID", p.ID, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@UserName", p.UserName, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@Password", p.Password, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@PassSalt", p.PassSalt, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@DisplayName", p.DisplayName, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@ApprovedTime", DBAccess.ToDBValue(p.ApprovedTime), ParameterDirection.Input));
if (p.ID == 0) cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@Description", p.Description, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@id", p.ID, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@userName", p.UserName, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@password", p.Password, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@passSalt", p.PassSalt, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@displayName", p.DisplayName, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@description", p.Description, ParameterDirection.Input));
cmd.Parameters.Add(DBAccessManager.SqlDBAccess.CreateParameter("@type", type, ParameterDirection.Input));
DBAccessManager.SqlDBAccess.ExecuteNonQuery(cmd);
}
CacheCleanUtility.ClearCache(userIds: p.ID == 0 ? "" : p.ID.ToString());
CacheCleanUtility.ClearCache(userIds: p.ID.ToString());
ret = true;
}
catch (DbException ex)
@ -330,7 +332,6 @@ namespace Bootstrap.DataAccess
/// <returns></returns>
public static bool RegisterUser(string userName, string displayName, string password, string description)
{
//TODO未完成并通知管理员组有新用户注册需要批复。
if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(displayName) || string.IsNullOrEmpty(password) || string.IsNullOrEmpty(description))
return false;
return SaveUser(new User() { UserName = userName, DisplayName = displayName, Password = password, Description = description });

View File

@ -154,3 +154,54 @@ BEGIN
) nav on n.ID = nav.NavigationID
END
GO
/****** Object: StoredProcedure [dbo].[Proc_SaveUsers] Script Date: 11/11/2016 08:51:44 ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
-- =============================================
-- Author: LiuChun
-- Create date: 2016-11-10
-- Description:
-- =============================================
CREATE PROCEDURE [dbo].[Proc_SaveUsers]
-- Add the parameters for the stored procedure here
@id int,
@userName varchar(max),
@password varchar(max),
@passSalt varchar(max),
@displayName varchar(max),
@description varchar(max),
--type=0type=1
@type varchar(max)
WITH ENCRYPTION
AS
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
SET NOCOUNT ON;
SET XACT_ABORT ON;
-- Insert statements for procedure here
if @id=0
begin
if @type='0'
begin
Insert Into Users (UserName, Password, PassSalt, DisplayName, RegisterTime, Description)values(@userName,@password,@passSalt,@displayName,GETDATE(),@description)
insert into Notifications(Category,Title,Content,RegisterTime,Status)values(0,@userName,@description,GETDATE(),1)
end
else
begin
Insert Into Users (UserName, Password, PassSalt, DisplayName, RegisterTime,ApprovedTime,Description)values(@userName,@password,@passSalt,@displayName,GETDATE(),GETDATE(),@description)
end
end
else
begin
Update Users set UserName =@userName, Password =@password, PassSalt =@passSalt, DisplayName =@displayName where ID = @id
end
END
GO