1.展示人员列表
htm文件:
<a href="PersonEditAddNew.ashx?action=addnew">添加</a>
</p>
<table border="1" cellpadding="0" cellspacing="0">
<thead>
<tr>
<th>用户名</th>
<th>密码</th>
<th>删除</th>
<th>编辑</th>
</tr>
</thead>
@personList
</table>
ashx文件:
/// <summary>
/// 展示数据库内容
/// </summary>
/// <param name="context"></param>
public void ProcessRequest(HttpContext context)
{
context.Response.ContentType = "text/html";
DataTable table = SQLHelper.ExecuteReader("select * from user_table");
StringBuilder sb = new StringBuilder();
//将数据库的数据内容拼接到sb中
//编辑时将action和id提交到服务器是为了后续的判断选择(用context.Request["action"]可获取到提交的值)
foreach (DataRow row in table.Rows)
{
sb.Append("<tr><td>" + row["name"] + "</td><td>" + row["pwd"]
+ "</td><td><a onclick='return confirm(\"你真的要删除吗?\")' href='PersonDelete.ashx?id="
+ row["id"] + "'>删除</a></td>" +
"<td><a href='PersonEditAddNew.ashx?action=edit&id=" + row["id"] + "'>编辑</a></td></tr>");
}
//获取服务器上的html文件并转换成本地路径
string fileName = context.Server.MapPath("~/PersonList.htm");
//读取html内容
string html = File.ReadAllText(fileName);
//替换html部分内容
html = html.Replace("@personList", sb.ToString());
//展示内容
context.Response.Write(html);
}
2.删除人员
ashx文件:
/// <summary>
/// 删除数据库内容
/// </summary>
/// <param name="context"></param>
public void ProcessRequest(HttpContext context)
{
context.Response.ContentType = "text/html";
//获取提交给服务器的id值
int id = Convert.ToInt32(context.Request["id"]);
//执行SQL删除语句
SQLHelper.ExecuteNonQuery("delete from user_table where id=@id",
new SqlParameter { ParameterName = "@id", Value = id });
//重定向到PersonList
context.Response.Redirect("PersonList.ashx");
}
3.增加与修改
htm文件:
<head>
<title>@actionName</title>
</head>
<body>
<form action="PersonSave.ashx" method="post">
<input type="hidden" name="editAddNew" value="@action" />
<input type="hidden" name="id" value="@id" />
用户名:<input type="text" name="name" value="@name" />
密码:<input type="text" name="pwd" value="@pwd" />
</p>
<input type="submit" name="btnOK" value="保存" />
</form>
</body>
ashx文件:
/// <summary>
/// 编辑与新增人员
/// </summary>
/// <param name="context"></param>
public void ProcessRequest(HttpContext context)
{
context.Response.ContentType = "text/html";
//获取提交表单时action的值
string action = context.Request["action"];
//如果是编辑
if (action == "edit")
{
int id = Convert.ToInt32(context.Request["id"]);//获取提交表单时id的值
//根据id值获得name和pwd值
DataTable table = SQLHelper.ExecuteReader("select name,pwd from user_table where id=@id",
new SqlParameter { ParameterName = "@id", Value = id });
//逻辑判断,提高程序安全性
if (table.Rows.Count <= )
{
context.Response.Write("<font size='5' color='red'>没有找到id=" + id + "的人员</font>");
return;
}
if (table.Rows.Count > )
{
context.Response.Write("<font size='5' color='red'>找到了多条id=" + id + "的人员</font>");
return;
}
//值name和pwd存到DataRow中
DataRow row = table.Rows[];
string name = (string)row["name"];
string pwd = (string)row["pwd"];
//读取PersonEditAddNew.htm内容
string html = CommonHelper.ReadHtml("~/PersonEditAddNew.htm");
//将三个隐藏字段和name、pwd替换相应值,为编辑时将@action替换为editPerson
html = html.Replace("@actionName", "编辑人员").Replace("@action", "editPerson")
.Replace("@id",id.ToString()).Replace("@name", name).Replace("@pwd", pwd);
context.Response.Write(html);//输出替换后的值
}
//如果是新增
else if (action == "addnew")
{
string html = CommonHelper.ReadHtml("~/PersonEditAddNew.htm");
//将name和pwd替换成空值,为新增时将@action替换为addPerson
html = html.Replace("@actionName", "新增人员").Replace("@action", "addPerson")
.Replace("@name", "").Replace("@pwd", "");
context.Response.Write(html);
}
//加上else是为了当找不到action值,有人故意在网页地址栏中改变action的值
else
{
context.Response.Write("action错误");
}
}
4.保存人员
ashx文件:
/// <summary>
/// 保存新增或修改人员
/// </summary>
/// <param name="context"></param>
public void ProcessRequest(HttpContext context)
{
context.Response.ContentType = "text/html";
string editAddNew = context.Request["editAddNew"];
string name = context.Request["name"];
string pwd = context.Request["pwd"];
if (string.IsNullOrEmpty(name))
{
context.Response.Write("<font size='5' color='red'>姓名必填</fonr>");
return;
}
if (string.IsNullOrEmpty(pwd))
{
context.Response.Write("<font size='5' color='red'>密码必填</fonr>");
return;
}
//编辑时,在PersonEditAddNew.ashx中已将PersonEditAddNew.htm的隐藏字段@action替换为editPerson
if (editAddNew == "editPerson")
{
//此处获取到的id值是PersonEditAddNew.htm页面隐藏字段的id,并非GET请求的id值
int id = Convert.ToInt32(context.Request["id"]);
SQLHelper.ExecuteNonQuery("update user_table set name=@name,pwd=@pwd where id=@id",
new SqlParameter { ParameterName = "@name", Value = name },
new SqlParameter { ParameterName = "@pwd", Value = pwd },
new SqlParameter { ParameterName = "@id", Value = id });
context.Response.Redirect("PersonList.ashx");
}
//新增时,在PersonEditAddNew.ashx中已将PersonEditAddNew.htm的隐藏字段@action替换为addPerson
else if (editAddNew == "addPerson")
{
SQLHelper.ExecuteNonQuery("insert into user_table(name,pwd) values(@name,@pwd)",
new SqlParameter { ParameterName = "@name", Value = name },
new SqlParameter { ParameterName = "@pwd", Value = pwd });
context.Response.Redirect("PersonList.ashx");
}
{
context.Response.Write("<font size='5' color='red'>服务器出错</fonr>");
}
}
5.封装的类CommonHelper:
/// <summary>
/// 返回HTML文件内容
/// </summary>
/// <param name="fileName">HTML文件</param>
/// <returns></returns>
public static string ReadHtml(string fileName)
{
HttpContext context = HttpContext.Current;
string fullpath = context.Server.MapPath(fileName);
string html = File.ReadAllText(fullpath);
return html;
}