using System; using System.Collections; using System.Configuration; using System.Data; using System.Web; using System.Web.Security; using System.Web.UI; using System.Web.UI.HtmlControls; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Data.SqlClient; public partial class AddUser : System.Web.UI.Page { SqlConnection con = new SqlConnection(ConfigurationManager.ConnectionStrings["CMSConnectionString"].ToString()); protected void Page_Load(object sender, EventArgs e) { string xadmin = "False"; if (Session["admin"] != null) xadmin = Session["admin"].ToString(); if (!IsPostBack) { if ((xadmin == "False") || (Session["admin"] == null)) Response.Redirect("Home.aspx"); } } protected void btnAdd_Click(object sender, EventArgs e) { if (Page.IsValid) { string xadmin = Session["admin"].ToString(); if (xadmin == "True") { SqlCommand cmd = new SqlCommand("Select Code From Users where User_name=N'" + txtUser.Text + "'", con); if (con.State == ConnectionState.Closed) con.Open(); SqlDataReader dr = cmd.ExecuteReader(); dr.Read(); if (dr.HasRows) { lblerror.Text = "إسم المستخدم موجود من قبل "; ; dr.Close(); con.Close(); return; } dr.Close(); con.Close(); try { SqlCommand cmdInsert = new SqlCommand("insert into Users (User_name , PassWord , NameD,Tele,Email,Dep) " + " Values(N'" + txtUser.Text + "' , N'" + txtPass.Text + "', N'" + txtName.Text + "' ,N'" + txtTele.Text + "' " + ",N'" + txtEmail.Text + "' ," + DrpDepartment.SelectedValue + ")", con); if (con.State == ConnectionState.Closed) con.Open(); cmdInsert.ExecuteNonQuery(); } catch { return; } SqlCommand cmd2 = new SqlCommand("Select Code From Users where User_name=N'" + txtUser.Text + "' ", con); if (con.State == ConnectionState.Closed) con.Open(); SqlDataReader dr2 = cmd2.ExecuteReader(); dr2.Read(); if (dr2.HasRows) { int mycode = Convert.ToInt16(dr2[0]); int sd = 0, yd = 0, dawaa = 0, Pedit = 0, padd = 0, pdelete = 0, porder = 0; if (ChkAdmin.Checked = true) { sd = 1; yd = 1; dawaa = 1; Pedit = 1; padd = 1; pdelete = 1; porder = 1; } else { sd = 0; if (Show.Checked == true) yd = 1; else yd = 0; if (Dawa.Checked == true) dawaa = 1; else dawaa = 0; if (chkAddNew.Checked == true) padd = 1; else padd = 0; if (chkEdit.Checked == true) Pedit = 1; else Pedit = 0; if (chkP_Delete.Checked == true) pdelete = 1; else pdelete = 0; if (chkP_Order.Checked == true) porder = 1; else porder = 0; } dr2.Close(); SqlCommand cmdInsert2 = new SqlCommand("insert into Permit (Code ,Admin , Report, dawa,Edit,AddNew,P_Delete,P_Order) " + " Values(" + mycode + " , " + sd + ", " + yd + " , " + dawaa + ", " + Pedit + ", " + padd + ", " + pdelete + ", " + porder + ")", con); cmdInsert2.ExecuteNonQuery(); lblerror.Text = "تم إضافة المستخدم"; txtName.Text = ""; txtUser.Text = ""; txtEmail.Text = ""; txtTele.Text = ""; ChkAdmin.Checked = false; chkAddNew.Checked = false; chkEdit.Checked = false; chkP_Delete.Checked = false; chkP_Order.Checked = false; Dawa.Checked = false; DrpDepartment.ClearSelection(); } dr2.Close(); con.Close(); } else Response.Redirect("Home.aspx"); } } }