You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

178 lines
6.0 KiB

  1. using MySql.Data.MySqlClient;
  2. using System.Data;
  3. using System.Windows.Forms;
  4. namespace StuMgmLib.MyNameSpace
  5. {
  6. /// <summary>
  7. /// 数据操作
  8. /// </summary>
  9. public class DataAnalyze
  10. {
  11. private enum verifyCode : short
  12. {
  13. error = -1,
  14. notFound = -2,
  15. admin = 1,
  16. teacher = 2,
  17. student = 3,
  18. }
  19. private const string conStr = "data source=localhost; initial catalog=xinje; user id=root; pwd=980505;charset = utf8";
  20. /* Recv: ___________________________________________________________________
  21. * | Account | Password | (SqlOperate) |
  22. * |___short_____string______string[]________________________________________|
  23. * Analyze:
  24. * Account Permission (SqlOperate)
  25. *
  26. * Send: ____________________________________________________________________
  27. * | Permission | DataSet |
  28. * |___short________DS___________________________________________________|
  29. *
  30. */
  31. /// <summary>
  32. /// 解析ClientSend
  33. /// </summary>
  34. public static Info.ServerSend ClientSendAnalyze(Info.ClientSend cs)
  35. {
  36. Info.ServerSend ss = new Info.ServerSend();
  37. ss.permission = loginVerify(cs.account, cs.password); // 验证身份
  38. if (ss.permission < 0) // 小于0,则权限有误
  39. {
  40. ss.ds = null;
  41. return ss;
  42. }
  43. string[] tbName;
  44. bool stuFlag = false;
  45. switch (ss.permission)
  46. {
  47. case (short)verifyCode.admin:
  48. tbName = new string[] { "user_info", "course_info", "user" };
  49. break;
  50. case (short)verifyCode.teacher:
  51. tbName = new string[] { "user_info", "course_info" };
  52. break;
  53. case (short)verifyCode.student:
  54. tbName = new string[] { "user_info", "course_info" };
  55. stuFlag = true; break;
  56. default:
  57. tbName = null;
  58. break;
  59. }
  60. ss.sqlSucceed = false;
  61. if (cs.sqlStr != null) // sql语句为空,则表示仅登录验证;若不为空,则取数据库操作返回值,并返回SS;
  62. {
  63. ss.sqlSucceed = mySqlModify(tbName, cs.sqlStr);
  64. return ss;
  65. }
  66. ss.ds = getDataSet(tbName, stuFlag, cs.account);
  67. return ss;
  68. }
  69. /// <summary>
  70. /// 登录验证,若失败,则返回错误码;若身份验证成功,则返回用户权限;
  71. /// </summary>
  72. private static short loginVerify(short account, string psw)
  73. {
  74. short notFound = -1;
  75. short error = -2;
  76. string qStu = "select * from user where account = " + account + " and password = '" + psw + "'";
  77. MySqlConnection con = new MySqlConnection(conStr);
  78. try
  79. {
  80. con.Open();
  81. MySqlCommand mCmd = new MySqlCommand(qStu, con);
  82. MySqlDataReader mReader = mCmd.ExecuteReader();
  83. if (mReader.HasRows)
  84. {
  85. mReader.Read();
  86. return mReader.GetInt16("permission");
  87. }
  88. else
  89. return notFound;
  90. }
  91. catch (MySqlException)
  92. {
  93. return error;
  94. }
  95. finally
  96. {
  97. con.Close();
  98. }
  99. }
  100. /// <summary>
  101. /// 改
  102. /// </summary>
  103. private static bool mySqlModify(string[] tbName, string[] sqlStr) // Need to change ......
  104. {
  105. MySqlConnection con = new MySqlConnection(conStr);
  106. try
  107. {
  108. con.Open();
  109. int len = sqlStr.Length;
  110. for (int index = 0; index < len; index++)
  111. {
  112. MySqlCommand mCmd = new MySqlCommand(sqlStr[index], con); // 优化:所操作数据表是否匹配权限
  113. mCmd.ExecuteNonQuery();
  114. }
  115. return true;
  116. }
  117. catch
  118. {
  119. return false;
  120. }
  121. finally
  122. {
  123. con.Close();
  124. }
  125. }
  126. /// <summary>
  127. /// 查 将各表填入dataset
  128. /// </summary>
  129. private static DataSet getDataSet(string[] tbName, bool stuFlag, int account)
  130. {
  131. string str = "select * from ";
  132. MySqlConnection con = new MySqlConnection(conStr);
  133. try
  134. {
  135. con.Open();
  136. DataSet ds = new DataSet();
  137. for (int index = 0; index < tbName.Length; index++)
  138. {
  139. string newStr = str + " " + tbName[index];
  140. if ((stuFlag == true) && (tbName[index] == "user_info"))
  141. {
  142. newStr += "where job_id = " + account.ToString();
  143. }
  144. MySqlCommand mCmd = new MySqlCommand(newStr, con);
  145. MySqlDataReader mReader = mCmd.ExecuteReader();
  146. DataTable dt = new DataTable();
  147. dt.Load(mReader);
  148. dt.TableName = tbName[index];
  149. ds.Tables.Add(dt);
  150. }
  151. return ds;
  152. }
  153. catch (MySqlException mySqlEx)
  154. {
  155. MessageBox.Show(mySqlEx.Message);
  156. return null;
  157. }
  158. finally
  159. {
  160. con.Close();
  161. }
  162. }
  163. }
  164. }