Hospital/web/Common/BasePage.cs

using System;
using System.Data;
using System.Configuration;
//using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
//using System.Xml.Linq;

namespace Com.Jpsoft.Hospital.Web.Common
{
    public enum PageFuntionType
    {
        Insert = 1, Delete, Update, List, Detail, Print, Confirm, Input, Export
    }

    public class BasePage : System.Web.UI.Page
    {
        protected override void OnInit(EventArgs e)
        {
            if (!IsPostBack)
            {
                CheckRight();
            }

            base.OnInit(e);
        }

        private bool _autoCheckRight;
        /// <summary>
        /// 是否自动判断权限
        /// </summary>
        protected bool AutoCheckRight
        {
            get { return _autoCheckRight; }
            set { _autoCheckRight = value; }
        }
        private PageFuntionType _checkRightParam;
        /// <summary>
        /// 权限判断参数 
        /// </summary>
        public PageFuntionType CheckRightParam
        {
            get { return _checkRightParam; }
            set { _checkRightParam = value; }
        }

        private string TransEnumType(PageFuntionType type)
        {
            if (type.ToString() != "0")
                return type.ToString().ToLower() + ".aspx";
            else
                return "";
        }

        public bool IsAdmin()
        {
            int uid = 0;
            if (!GetSession(out uid))
            {
                HttpContext.Current.Response.Redirect("~/Module/Sys/MsgBox/NoLogin.htm");
            }
            Com.Jpsoft.Hospital.BLL.jp_sys_userEx user = new Com.Jpsoft.Hospital.BLL.jp_sys_userEx();
            Com.Jpsoft.Hospital.Model.jp_sys_user model = user.GetModel(uid);
            if (model == null)
                return false;
            if (model.user_islock)
                return false;
            if (model.user_isadmin)
                return true;
            return false;
        }

        protected void CheckRight()
        {
            int uid = 0;
            string url = HttpContext.Current.Request.ServerVariables["SCRIPT_NAME"];
            string appPath = HttpContext.Current.Request.ApplicationPath;
            if (appPath.Length == 1)
            {
                url = url.Substring(appPath.Length);        //网站在根目录(网站)下
            }
            else
            {
                url = url.Substring(appPath.Length + 1);    //网站在虚拟目录下
            }
            SetCheckRightParam(url);
            Com.Jpsoft.Hospital.BLL.jp_sys_user user = new Com.Jpsoft.Hospital.BLL.jp_sys_user();
            Com.Jpsoft.Hospital.BLL.jp_sys_userrole re_userrole = new Com.Jpsoft.Hospital.BLL.jp_sys_userrole();
            Com.Jpsoft.Hospital.BLL.jp_sys_rightEx right = new Com.Jpsoft.Hospital.BLL.jp_sys_rightEx();

            //判断Session是否为空
            //if (Session["uid"] == null)
            //{
            //    HttpContext.Current.Response.Redirect("~/Module/Sys/MsgBox/NoLogin.htm");
            //}

            ////判断Session是否有效
            //if (!int.TryParse(Session["uid"].ToString(), out uid))
            //{
            //    HttpContext.Current.Response.Redirect("~/Module/Sys/MsgBox/NoLogin.htm");
            //}

            if (!GetSession(out uid))
            {
                HttpContext.Current.Response.Redirect("~/Module/Sys/MsgBox/NoLogin.htm");
                return;
            }

            if (!right.IsHavRight(uid, url, TransEnumType(CheckRightParam)))
            {
                HttpContext.Current.Response.Redirect("~/Module/Sys/MsgBox/NoRight.htm");
            }
        }

        private void SetCheckRightParam(string url)
        {
            if (url.IndexOf("/") > 0)
            {
                url = url.Substring(url.LastIndexOf("/") + 1);
                switch (url)
                {
                    case "Insert.aspx":
                        CheckRightParam = PageFuntionType.Insert;
                        break;
                    case "Delete.aspx":
                        CheckRightParam = PageFuntionType.Delete;
                        break;
                    case "Update.aspx":
                        CheckRightParam = PageFuntionType.Update;
                        break;
                    case "List.aspx":
                        CheckRightParam = PageFuntionType.List;
                        break;
                    case "Detail.aspx":
                        CheckRightParam = PageFuntionType.Detail;
                        break;
                    case "Print.aspx":
                        CheckRightParam = PageFuntionType.Print;
                        break;
                    case "Confirm.aspx":
                        CheckRightParam = PageFuntionType.Confirm;
                        break;
                    case "Input.aspx":
                        CheckRightParam = PageFuntionType.Input;
                        break;
                    case "Export.aspx":
                        CheckRightParam = PageFuntionType.Export;
                        break;
                }
            }
        }

        protected bool CheckRightByFun(Com.Jpsoft.Hospital.Web.Common.PageFuntionType fun)
        {
            Com.Jpsoft.Hospital.BLL.jp_sys_user user = new Com.Jpsoft.Hospital.BLL.jp_sys_user();
            Com.Jpsoft.Hospital.BLL.jp_sys_userrole re_userrole = new Com.Jpsoft.Hospital.BLL.jp_sys_userrole();
            Com.Jpsoft.Hospital.BLL.jp_sys_rightEx right = new Com.Jpsoft.Hospital.BLL.jp_sys_rightEx();
            int uid = 0;
            if (!GetSession(out uid))
            {
                HttpContext.Current.Response.Redirect("~/Module/Sys/MsgBox/NoLogin.htm");
            }
            if (!right.IsHavRight(uid, TransEnumType(fun)))
            {
                return false;
            }
            return true;
        }

        #region 操作Session

        public static void SetSession(int uid)
        {
            HttpContext.Current.Session["uid"] = uid;
        }

        /// <summary>
        /// 取Session值
        /// </summary>
        /// <param name="uid"></param>
        /// <returns>成功，返回一个Session值，失败，返回0</returns>
        public static bool GetSession(out int uid)
        {
            if (HttpContext.Current.Session["uid"] != null)
            {
                uid = Convert.ToInt32(HttpContext.Current.Session["uid"]);
                return true;
            }
            uid = 0;
            return false;
        }

        public static void ClearSession()
        {
            //HttpContext.Current.Session["uid"] == null;
        }
        #endregion

        #region 取QueryString
        public static bool FetchQueryString(string key, out string value)
        {

            if (HttpContext.Current.Request.QueryString[key] != null && HttpContext.Current.Request.QueryString[key] != string.Empty)
            {
                value = HttpContext.Current.Request.QueryString[key];

                return true;
            }
            else
            {
                value = String.Empty;

                return false;
            }
        }

        public static bool FetchQueryString(string key, out int value)
        {

            if (HttpContext.Current.Request.QueryString[key] != null && HttpContext.Current.Request.QueryString[key] != string.Empty)
            {
                string _value = HttpContext.Current.Request.QueryString[key];

                if (int.TryParse(_value, out value))
                {

                    return true;
                }
                else
                {
                    return false;
                }
            }
            else
            {
                value = 0;

                return false;
            }
        }
        #endregion

        #region 获取安全sql
        /// <summary>
        /// 获取安全sql
        /// </summary>
        /// <param name="str"></param>
        /// <returns></returns>
        public static string GetSafeSql(string str)
        {
            return str.Replace("'", "''");
        }
        #endregion
    }
}