1.展示人员列表
htm文件:
<a href="PersonEditAddNew.ashx?action=addnew">添加</a> </p> <table border="1" cellpadding="0" cellspacing="0"> <thead> <tr> <th>用户名</th> <th>密码</th> <th>删除</th> <th>编辑</th> </tr> </thead> @personList </table>
ashx文件:
/// <summary> /// 展示数据库内容 /// </summary> /// <param name="context"></param> public void ProcessRequest(HttpContext context) { context.Response.ContentType = "text/html"; DataTable table = SQLHelper.ExecuteReader("select * from user_table"); StringBuilder sb = new StringBuilder(); //将数据库的数据内容拼接到sb中 //编辑时将action和id提交到服务器是为了后续的判断选择(用context.Request["action"]可获取到提交的值) foreach (DataRow row in table.Rows) { sb.Append("<tr><td>" + row["name"] + "</td><td>" + row["pwd"] + "</td><td><a onclick='return confirm("你真的要删除吗?")' href='PersonDelete.ashx?id=" + row["id"] + "'>删除</a></td>" + "<td><a href='PersonEditAddNew.ashx?action=edit&id=" + row["id"] + "'>编辑</a></td></tr>"); } //获取服务器上的html文件并转换成本地路径 string fileName = context.Server.MapPath("~/PersonList.htm"); //读取html内容 string html = File.ReadAllText(fileName); //替换html部分内容 html = html.Replace("@personList", sb.ToString()); //展示内容 context.Response.Write(html); }
2.删除人员
ashx文件:
/// <summary> /// 删除数据库内容 /// </summary> /// <param name="context"></param> public void ProcessRequest(HttpContext context) { context.Response.ContentType = "text/html"; //获取提交给服务器的id值 int id = Convert.ToInt32(context.Request["id"]); //执行SQL删除语句 SQLHelper.ExecuteNonQuery("delete from user_table where id=@id", new SqlParameter { ParameterName = "@id", Value = id }); //重定向到PersonList context.Response.Redirect("PersonList.ashx"); }
3.增加与修改
htm文件:
<head> <title>@actionName</title> </head> <body> <form action="PersonSave.ashx" method="post"> <input type="hidden" name="editAddNew" value="@action" /> <input type="hidden" name="id" value="@id" /> 用户名:<input type="text" name="name" value="@name" /> 密码:<input type="text" name="pwd" value="@pwd" /> </p> <input type="submit" name="btnOK" value="保存" /> </form> </body>
ashx文件:
/// <summary> /// 编辑与新增人员 /// </summary> /// <param name="context"></param> public void ProcessRequest(HttpContext context) { context.Response.ContentType = "text/html"; //获取提交表单时action的值 string action = context.Request["action"]; //如果是编辑 if (action == "edit") { int id = Convert.ToInt32(context.Request["id"]);//获取提交表单时id的值 //根据id值获得name和pwd值 DataTable table = SQLHelper.ExecuteReader("select name,pwd from user_table where id=@id", new SqlParameter { ParameterName = "@id", Value = id }); //逻辑判断,提高程序安全性 if (table.Rows.Count <= 0) { context.Response.Write("<font size='5' color='red'>没有找到id=" + id + "的人员</font>"); return; } if (table.Rows.Count > 1) { context.Response.Write("<font size='5' color='red'>找到了多条id=" + id + "的人员</font>"); return; } //值name和pwd存到DataRow中 DataRow row = table.Rows[0]; string name = (string)row["name"]; string pwd = (string)row["pwd"]; //读取PersonEditAddNew.htm内容 string html = CommonHelper.ReadHtml("~/PersonEditAddNew.htm"); //将三个隐藏字段和name、pwd替换相应值,为编辑时将@action替换为editPerson html = html.Replace("@actionName", "编辑人员").Replace("@action", "editPerson") .Replace("@id",id.ToString()).Replace("@name", name).Replace("@pwd", pwd); context.Response.Write(html);//输出替换后的值 } //如果是新增 else if (action == "addnew") { string html = CommonHelper.ReadHtml("~/PersonEditAddNew.htm"); //将name和pwd替换成空值,为新增时将@action替换为addPerson html = html.Replace("@actionName", "新增人员").Replace("@action", "addPerson") .Replace("@name", "").Replace("@pwd", ""); context.Response.Write(html); } //加上else是为了当找不到action值,有人故意在网页地址栏中改变action的值 else { context.Response.Write("action错误"); } }
4.保存人员
ashx文件:
/// <summary> /// 保存新增或修改人员 /// </summary> /// <param name="context"></param> public void ProcessRequest(HttpContext context) { context.Response.ContentType = "text/html"; string editAddNew = context.Request["editAddNew"]; string name = context.Request["name"]; string pwd = context.Request["pwd"]; if (string.IsNullOrEmpty(name)) { context.Response.Write("<font size='5' color='red'>姓名必填</fonr>"); return; } if (string.IsNullOrEmpty(pwd)) { context.Response.Write("<font size='5' color='red'>密码必填</fonr>"); return; } //编辑时,在PersonEditAddNew.ashx中已将PersonEditAddNew.htm的隐藏字段@action替换为editPerson if (editAddNew == "editPerson") { //此处获取到的id值是PersonEditAddNew.htm页面隐藏字段的id,并非GET请求的id值 int id = Convert.ToInt32(context.Request["id"]); SQLHelper.ExecuteNonQuery("update user_table set name=@name,pwd=@pwd where id=@id", new SqlParameter { ParameterName = "@name", Value = name }, new SqlParameter { ParameterName = "@pwd", Value = pwd }, new SqlParameter { ParameterName = "@id", Value = id }); context.Response.Redirect("PersonList.ashx"); } //新增时,在PersonEditAddNew.ashx中已将PersonEditAddNew.htm的隐藏字段@action替换为addPerson else if (editAddNew == "addPerson") { SQLHelper.ExecuteNonQuery("insert into user_table(name,pwd) values(@name,@pwd)", new SqlParameter { ParameterName = "@name", Value = name }, new SqlParameter { ParameterName = "@pwd", Value = pwd }); context.Response.Redirect("PersonList.ashx"); } { context.Response.Write("<font size='5' color='red'>服务器出错</fonr>"); } }
5.封装的类CommonHelper:
/// <summary> /// 返回HTML文件内容 /// </summary> /// <param name="fileName">HTML文件</param> /// <returns></returns> public static string ReadHtml(string fileName) { HttpContext context = HttpContext.Current; string fullpath = context.Server.MapPath(fileName); string html = File.ReadAllText(fullpath); return html; }