<%@ WebHandler Language="C#" Class="userData" %> using System; using System.Web; using System.Runtime.Serialization.Json; using Newtonsoft.Json; using Newtonsoft.Json.Linq; using System.Web.Services.Protocols; using System.Security.Cryptography; using System.Text; using System.Web.SessionState; using System.Data; public class userData : IHttpHandler, IReadOnlySessionState { public void ProcessRequest (HttpContext context) { result objRet = new result(); DataContractJsonSerializer json = new DataContractJsonSerializer(objRet.GetType()); context.Response.ContentType = "application/json;charset=utf-8"; context.Response.AddHeader("Access-Control-Allow-Origin", "*"); authPermission objAuth = new authPermission(); if (!objAuth.isLogin()) { objRet.ret = "no"; objRet.err_code = "0001"; objRet.message = "尚未登入，請登入後使用"; json.WriteObject(context.Response.OutputStream, objRet); return; } if (objAuth.user_perm != "A" && objAuth.user_perm != "P") { objRet.ret = "no"; objRet.err_code = "0002"; objRet.message = "權限不足，無法使用"; json.WriteObject(context.Response.OutputStream, objRet); return; } string method = (context.Request["method"] == null) ? "" : context.Request["method"].ToString(); string type = (context.Request["type"] == null) ? "" : context.Request["type"].ToString(); string elab_select = (context.Request["elab_select"] == null) ? "" : context.Request["elab_select"].ToString(); string sys_name = (context.Request["sys_name"] == null) ? "" : context.Request["sys_name"].ToString(); string sys_id = (context.Request["sys_id"] == null) ? "" : context.Request["sys_id"].ToString(); string sys_email = (context.Request["sys_email"] == null) ? "" : context.Request["sys_email"].ToString(); string sys_pwd = (context.Request["sys_pwd"] == null) ? "" : context.Request["sys_pwd"].ToString(); string user_perm = (context.Request["user_perm"] == null) ? "" : context.Request["user_perm"].ToString(); string user_uid = (context.Request["uid"] == null) ? "" : context.Request["uid"].ToString(); autoBindDataTable userSQL; userdata userObj; if (method == "") { objRet.ret = "no"; objRet.err_code = "0999"; objRet.message = "沒有Method，無法使用"; json.WriteObject(context.Response.OutputStream, objRet); return; } if (method == "delete") { string disableSQL = string.Format("update users set user_onjob = 'N' where user_uid = '{0}'", user_uid); autoExecSQL delSQL = new autoExecSQL(disableSQL); if (delSQL.effectDataCount > 0) { objRet.ret = "yes"; } else { objRet.ret = "no"; objRet.message = "無任何資料被刪除!"; } json.WriteObject(context.Response.OutputStream, objRet); return; } if (method == "edit") { userObj = new userdata(user_uid); userObj.user_type = type; if (sys_pwd != "") { userObj.user_pwd = sys_pwd; } if (type == "Y") { userObj.user_email = sys_email; } userObj.user_perm = user_perm; try { userObj.updateData(); objRet.ret = "yes"; objRet.data = userObj; } catch (Exception ex) { objRet.ret = "no"; objRet.err_code = "0099"; objRet.message = ex.Message; } json.WriteObject(context.Response.OutputStream, objRet); return; } if (method == "get") { try { userObj = new userdata(user_uid); objRet.ret = "yes"; objRet.data = userObj; } catch (Exception ex) { objRet.ret = "no"; objRet.err_code = "0044"; objRet.message = ex.Message; } json.WriteObject(context.Response.OutputStream, objRet); return; } if (method == "add") { if (type == "N") { userSQL = new autoBindDataTable(string.Format("select * from users where user_id = '{0}'", elab_select)); if (userSQL.dataRows.Count > 0) { if (userSQL.dataRows[0]["user_onjob"].ToString() == "Y") { objRet.ret = "no"; objRet.err_code = "0010"; objRet.message = "此帳號已經存在! "; json.WriteObject(context.Response.OutputStream, objRet); return; } else { userObj = new userdata(userSQL.dataRows[0]["user_uid"].ToString()); userObj.user_onjob = "Y"; userObj.user_type = type; } } else { autoBindElab elabObj = new autoBindElab(string.Format("select * from new_userdata where onjob = 0 and userid = '{0}'", elab_select)); if (elabObj.dataRows.Count == 0) { objRet.ret = "no"; objRet.err_code = "0011"; objRet.message = "E白板無此帳號! "; json.WriteObject(context.Response.OutputStream, objRet); return; } userObj = new userdata(); userObj.user_id = elab_select; userObj.user_onjob = "Y"; userObj.user_type = type; userObj.user_name = elabObj.dataRows[0]["username"].ToString(); userObj.user_email = elabObj.dataRows[0]["mail"].ToString(); } } else { userSQL = new autoBindDataTable(string.Format("select * from users where user_id = '{0}'", sys_id)); if (userSQL.dataRows.Count > 0) { if (userSQL.dataRows[0]["user_onjob"].ToString() == "Y") { objRet.ret = "no"; objRet.err_code = "0010"; objRet.message = "此帳號已經存在! "; json.WriteObject(context.Response.OutputStream, objRet); return; } else { userObj = new userdata(userSQL.dataRows[0]["user_uid"].ToString()); userObj.user_onjob = "Y"; userObj.user_type = type; } } else { userObj = new userdata(); userObj.user_id = sys_id; userObj.user_onjob = "Y"; userObj.user_name = sys_name; userObj.user_email = sys_email; userObj.user_pwd = sys_pwd; userObj.user_type = type; } } userObj.user_perm = user_perm; try { userObj.updateData(); objRet.ret = "yes"; objRet.data = userObj; } catch (Exception ex) { objRet.ret = "no"; objRet.err_code = "0099"; objRet.message = ex.Message; } json.WriteObject(context.Response.OutputStream, objRet); return; } } public class result { public string ret = "no"; public string err_code = "0000"; public string message = ""; public userdata data = new userdata(); } public bool IsReusable { get { return false; } } }