public bool changepwd(XHD.Model.hr_employee model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("update hr_employee set ");
strSql.Append("pwd=@pwd");
strSql.Append(" where ID=@ID");
SqlParameter[] parameters =
{
new SqlParameter("@pwd", SqlDbType.VarChar, 50),
new SqlParameter("@ID", SqlDbType.Int, 4)
};
parameters[0].Value = model.pwd;
parameters[1].Value = model.ID;
int rows = DbHelperSQL.ExecuteSql(strSql.ToString(), parameters);
if (rows > 0)
{
return(true);
}
else
{
return(false);
}
}
//初始化
protected void Page_Init(object sender, EventArgs e)
{
var cookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie != null)
{
var ticket = FormsAuthentication.Decrypt(cookie.Value);
string CoockiesID = ticket.UserData;
XHD.BLL.hr_employee emp = new XHD.BLL.hr_employee();
int emp_id = int.Parse(CoockiesID);
empId = CoockiesID;
XHD.Model.hr_employee employeeModel = emp.GetModel(emp_id); //当前员工
if (employeeModel != null)
{
empname = employeeModel.name; //员工姓名
uid = employeeModel.uid; //员工Uid
depid = employeeModel.d_id.ToString(); //员工所在部门
factory_Id = employeeModel.factory_Id; //员工所属工厂
roletype = employeeModel.roletype.ToString();
}
}
else
{
Response.Write("<script>window.location='../login_ssn.aspx'</script>");
}
}
public XHD.Model.hr_employee GetEmpModel(HttpRequest Request)
{
XHD.BLL.hr_employee emp = new XHD.BLL.hr_employee();
var cookie = Request.Cookies[FormsAuthentication.FormsCookieName];
var ticket = FormsAuthentication.Decrypt(cookie.Value);
string CoockiesID = ticket.UserData;
string name = ticket.Name;
int emp_id = int.Parse(CoockiesID);
string empname = string.Empty;
string uid = string.Empty;
string factory_Id = string.Empty;
string d_id = string.Empty;
string dname = string.Empty;
XHD.Model.hr_employee empModel = emp.GetModel(Convert.ToInt32(emp_id));
return(empModel);
}
/// <summary>
/// 更新岗位
/// </summary>
public bool UpdatePost(XHD.Model.hr_employee model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("update hr_employee set ");
strSql.Append("d_id=@d_id,");
strSql.Append("dname=@dname,");
strSql.Append("postid=@postid,");
strSql.Append("post=@post,");
strSql.Append("zhiwuid=@zhiwuid,");
strSql.Append("zhiwu=@zhiwu");
strSql.Append(" where ID=@ID");
SqlParameter[] parameters =
{
new SqlParameter("@d_id", SqlDbType.Int, 4),
new SqlParameter("@dname", SqlDbType.VarChar, 50),
new SqlParameter("@postid", SqlDbType.Int, 4),
new SqlParameter("@post", SqlDbType.VarChar, 250),
new SqlParameter("@zhiwuid", SqlDbType.Int, 4),
new SqlParameter("@zhiwu", SqlDbType.VarChar, 50),
new SqlParameter("@ID", SqlDbType.Int, 4)
};
parameters[0].Value = model.d_id;
parameters[1].Value = model.dname;
parameters[2].Value = model.postid;
parameters[3].Value = model.post;
parameters[4].Value = model.zhiwuid;
parameters[5].Value = model.zhiwu;
parameters[6].Value = model.ID;
int rows = DbHelperSQL.ExecuteSql(strSql.ToString(), parameters);
if (rows > 0)
{
return(true);
}
else
{
return(false);
}
}
/// <summary>
/// �õ�һ������ʵ��
/// </summary>
public XHD.Model.hr_employee GetModel(int ID)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("select top 1 ID,uid,pwd,name,idcard,birthday,d_id,dname,postid,post,email,sex,tel,status,zhiwuid,zhiwu,sort,EntryDate,address,remarks,education,level,professional,schools,title,isDelete,Delete_time,portal,theme,canlogin from hr_employee ");
strSql.Append(" where ID=@ID");
SqlParameter[] parameters = {
new SqlParameter("@ID", SqlDbType.Int,4)
};
parameters[0].Value = ID;
XHD.Model.hr_employee model = new XHD.Model.hr_employee();
DataSet ds = DbHelperSQL.Query(strSql.ToString(), parameters);
if (ds.Tables[0].Rows.Count > 0)
{
if (ds.Tables[0].Rows[0]["ID"] != null && ds.Tables[0].Rows[0]["ID"].ToString() != "")
{
model.ID = int.Parse(ds.Tables[0].Rows[0]["ID"].ToString());
}
if (ds.Tables[0].Rows[0]["uid"] != null && ds.Tables[0].Rows[0]["uid"].ToString() != "")
{
model.uid = ds.Tables[0].Rows[0]["uid"].ToString();
}
if (ds.Tables[0].Rows[0]["pwd"] != null && ds.Tables[0].Rows[0]["pwd"].ToString() != "")
{
model.pwd = ds.Tables[0].Rows[0]["pwd"].ToString();
}
if (ds.Tables[0].Rows[0]["name"] != null && ds.Tables[0].Rows[0]["name"].ToString() != "")
{
model.name = ds.Tables[0].Rows[0]["name"].ToString();
}
if (ds.Tables[0].Rows[0]["idcard"] != null && ds.Tables[0].Rows[0]["idcard"].ToString() != "")
{
model.idcard = ds.Tables[0].Rows[0]["idcard"].ToString();
}
if (ds.Tables[0].Rows[0]["birthday"] != null && ds.Tables[0].Rows[0]["birthday"].ToString() != "")
{
model.birthday = ds.Tables[0].Rows[0]["birthday"].ToString();
}
if (ds.Tables[0].Rows[0]["d_id"] != null && ds.Tables[0].Rows[0]["d_id"].ToString() != "")
{
model.d_id = int.Parse(ds.Tables[0].Rows[0]["d_id"].ToString());
}
if (ds.Tables[0].Rows[0]["dname"] != null && ds.Tables[0].Rows[0]["dname"].ToString() != "")
{
model.dname = ds.Tables[0].Rows[0]["dname"].ToString();
}
if (ds.Tables[0].Rows[0]["postid"] != null && ds.Tables[0].Rows[0]["postid"].ToString() != "")
{
model.postid = int.Parse(ds.Tables[0].Rows[0]["postid"].ToString());
}
if (ds.Tables[0].Rows[0]["post"] != null && ds.Tables[0].Rows[0]["post"].ToString() != "")
{
model.post = ds.Tables[0].Rows[0]["post"].ToString();
}
if (ds.Tables[0].Rows[0]["email"] != null && ds.Tables[0].Rows[0]["email"].ToString() != "")
{
model.email = ds.Tables[0].Rows[0]["email"].ToString();
}
if (ds.Tables[0].Rows[0]["sex"] != null && ds.Tables[0].Rows[0]["sex"].ToString() != "")
{
model.sex = ds.Tables[0].Rows[0]["sex"].ToString();
}
if (ds.Tables[0].Rows[0]["tel"] != null && ds.Tables[0].Rows[0]["tel"].ToString() != "")
{
model.tel = ds.Tables[0].Rows[0]["tel"].ToString();
}
if (ds.Tables[0].Rows[0]["status"] != null && ds.Tables[0].Rows[0]["status"].ToString() != "")
{
model.status = ds.Tables[0].Rows[0]["status"].ToString();
}
if (ds.Tables[0].Rows[0]["zhiwuid"] != null && ds.Tables[0].Rows[0]["zhiwuid"].ToString() != "")
{
model.zhiwuid = int.Parse(ds.Tables[0].Rows[0]["zhiwuid"].ToString());
}
if (ds.Tables[0].Rows[0]["zhiwu"] != null && ds.Tables[0].Rows[0]["zhiwu"].ToString() != "")
{
model.zhiwu = ds.Tables[0].Rows[0]["zhiwu"].ToString();
}
if (ds.Tables[0].Rows[0]["sort"] != null && ds.Tables[0].Rows[0]["sort"].ToString() != "")
{
model.sort = int.Parse(ds.Tables[0].Rows[0]["sort"].ToString());
}
if (ds.Tables[0].Rows[0]["EntryDate"] != null && ds.Tables[0].Rows[0]["EntryDate"].ToString() != "")
{
model.EntryDate = ds.Tables[0].Rows[0]["EntryDate"].ToString();
}
if (ds.Tables[0].Rows[0]["address"] != null && ds.Tables[0].Rows[0]["address"].ToString() != "")
{
model.address = ds.Tables[0].Rows[0]["address"].ToString();
}
if (ds.Tables[0].Rows[0]["remarks"] != null && ds.Tables[0].Rows[0]["remarks"].ToString() != "")
{
model.remarks = ds.Tables[0].Rows[0]["remarks"].ToString();
}
if (ds.Tables[0].Rows[0]["education"] != null && ds.Tables[0].Rows[0]["education"].ToString() != "")
{
model.education = ds.Tables[0].Rows[0]["education"].ToString();
}
if (ds.Tables[0].Rows[0]["level"] != null && ds.Tables[0].Rows[0]["level"].ToString() != "")
{
model.level = ds.Tables[0].Rows[0]["level"].ToString();
}
if (ds.Tables[0].Rows[0]["professional"] != null && ds.Tables[0].Rows[0]["professional"].ToString() != "")
{
model.professional = ds.Tables[0].Rows[0]["professional"].ToString();
}
if (ds.Tables[0].Rows[0]["schools"] != null && ds.Tables[0].Rows[0]["schools"].ToString() != "")
{
model.schools = ds.Tables[0].Rows[0]["schools"].ToString();
}
if (ds.Tables[0].Rows[0]["title"] != null && ds.Tables[0].Rows[0]["title"].ToString() != "")
{
model.title = ds.Tables[0].Rows[0]["title"].ToString();
}
if (ds.Tables[0].Rows[0]["isDelete"] != null && ds.Tables[0].Rows[0]["isDelete"].ToString() != "")
{
model.isDelete = int.Parse(ds.Tables[0].Rows[0]["isDelete"].ToString());
}
if (ds.Tables[0].Rows[0]["Delete_time"] != null && ds.Tables[0].Rows[0]["Delete_time"].ToString() != "")
{
model.Delete_time = DateTime.Parse(ds.Tables[0].Rows[0]["Delete_time"].ToString());
}
if (ds.Tables[0].Rows[0]["portal"] != null && ds.Tables[0].Rows[0]["portal"].ToString() != "")
{
model.portal = ds.Tables[0].Rows[0]["portal"].ToString();
}
if (ds.Tables[0].Rows[0]["theme"] != null && ds.Tables[0].Rows[0]["theme"].ToString() != "")
{
model.theme = ds.Tables[0].Rows[0]["theme"].ToString();
}
if (ds.Tables[0].Rows[0]["canlogin"] != null && ds.Tables[0].Rows[0]["canlogin"].ToString() != "")
{
model.canlogin = int.Parse(ds.Tables[0].Rows[0]["canlogin"].ToString());
}
return model;
}
else
{
return null;
}
}
public void ProcessRequest(HttpContext context)
{
context.Response.ContentType = "text/plain";
HttpRequest request = context.Request;
XHD.BLL.ssn_art_menu menu = new XHD.BLL.ssn_art_menu();
XHD.BLL.sys_info info = new XHD.BLL.sys_info();
var cookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];
var ticket = FormsAuthentication.Decrypt(cookie.Value);
string CoockiesID = ticket.UserData;
XHD.BLL.hr_employee emp = new XHD.BLL.hr_employee();
int emp_id = int.Parse(CoockiesID);
DataSet dsemp = emp.GetList("id=" + emp_id);
XHD.Model.hr_employee employeeModel = emp.GetModel(emp_id); //当前员工
string empname = string.Empty;
string uid = string.Empty;
string depid = string.Empty;
string roletype = string.Empty;
string factory_Id = string.Empty;
if (employeeModel != null)
{
empname = employeeModel.name; //员工姓名
uid = employeeModel.uid; //员工Uid
depid = employeeModel.d_id.ToString(); //员工所在部门
factory_Id = employeeModel.factory_Id; //员工所属工厂
roletype = employeeModel.roletype.ToString();
}
#region GetSysApp
if (request["Action"] == "GetSysApp")
{
DataSet ds = null;
int appid = int.Parse(request["appid"]);
if (dsemp.Tables[0].Rows.Count > 0)
{
if (dsemp.Tables[0].Rows[0]["uid"].ToString() == "admin")
{
ds = menu.GetList(0, "App_id=" + appid, "Menu_order");
}
else
{
DataSSN.SSN_GetAuthorityByUid getauth = new DataSSN.SSN_GetAuthorityByUid();
string menus = getauth.GetAuthority(emp_id.ToString(), "Menus");
//ds = menu.GetList(0, "App_id=" + appid + " and Menu_id in " + menus + " and menu_type='aft'", "Menu_order");
ds = menu.GetList(0, "App_id=" + appid + " and Id in " + menus + " ", "Menu_order");
}
}
string strRe = string.Empty;
//==============整理返回==============================================
strRe = "[" + GetTasksString(emp_id.ToString(), empname, factory_Id, 0, ds.Tables[0]) + "]";
context.Response.Write(strRe);
}
#endregion
#region getUserTree
else if (request["Action"] == "getUserTree")
{
XHD.BLL.Sys_online sol = new XHD.BLL.Sys_online();
XHD.Model.Sys_online model = new XHD.Model.Sys_online();
model.UserName = PageValidate.InputText(empname, 250);
model.UserID = emp_id;
model.LastLogTime = DateTime.Now;
DataSet ds1 = sol.GetList(" UserID=" + emp_id);
//添加当前用户信息
if (ds1.Tables[0].Rows.Count > 0)
{
sol.Update(model, " UserID=" + emp_id);
}
else
{
sol.Add(model);
}
//删除超时用户
//2分钟用户失效,删除 --Robert 2015-11-24
sol.Delete(" LastLogTime<date_sub(now(), interval 2 minute)");
XHD.BLL.hr_department dep = new XHD.BLL.hr_department();
XHD.BLL.hr_post hp = new XHD.BLL.hr_post();
DataSet ds = dep.GetList(0, "factory_Id='" + factory_Id + "'", "d_order");
StringBuilder str = new StringBuilder();
str.Append("[");
str.Append(GetTreeString(0, ds.Tables[0], 1, "1=1"));
str.Replace(",", "", str.Length - 1, 1);
str.Append("]");
context.Response.Write(str);
}
#endregion
#region GetUserInfo
else if (request["Action"] == "GetUserInfo")
{
string dt = XHD.Common.DataToJson.DataToJSON(dsemp);
context.Response.Write(dt);
}
#endregion
#region GetOnline
else if (request["Action"] == "GetOnline")
{
XHD.BLL.Sys_online sol = new XHD.BLL.Sys_online();
XHD.Model.Sys_online model = new XHD.Model.Sys_online();
model.UserName = empname;
model.UserID = emp_id;
model.LastLogTime = DateTime.Now;
DataSet ds1 = sol.GetList(" UserID=" + emp_id);
//添加当前用户信息
if (ds1.Tables[0].Rows.Count > 0)
{
sol.Update(model, " UserID=" + emp_id);
}
else
{
sol.Add(model);
}
//}
//删除超时用户
//2分钟用户失效,删除 --Robert 2015-11-24
sol.Delete(" LastLogTime<date_sub(now(), interval 2 minute)");
context.Response.Write(XHD.Common.GetGridJSON.DataTableToJSON(sol.GetAllList().Tables[0]));
}
#endregion
#region getinfo
else if (request["Action"] == "getinfo")
{
DataSet ds = info.GetList(" id=2 or id=3");
context.Response.Write(XHD.Common.GetGridJSON.DataTableToJSON(ds.Tables[0]));
}
#endregion
#region changepwd
else if (request["Action"] == "changepwd")
{
DataSet ds = emp.GetPWD(emp_id);
XHD.Model.hr_employee model = new XHD.Model.hr_employee();
string oldpwd = FormsAuthentication.HashPasswordForStoringInConfigFile(request["T_oldpwd"], "MD5");
string newpwd = FormsAuthentication.HashPasswordForStoringInConfigFile(request["T_newpwd"], "MD5");
if (ds.Tables[0].Rows[0]["pwd"].ToString() == oldpwd)
{
model.pwd = newpwd;
model.ID = (emp_id);
emp.changepwd(model);
context.Response.Write("true");
}
else
{
context.Response.Write("false");
}
}
#endregion
#region form
else if (request["Action"] == "form")
{
string eid = PageValidate.InputText(request["id"], 50);
if (eid == "epu")
{
eid = emp_id.ToString();
}
DataSet ds = emp.GetList("id=" + int.Parse(eid));
string dt = XHD.Common.DataToJson.DataToJSON(ds);
context.Response.Write(dt);
}
#endregion
#region PersonalUpdate保存修改信息
else if (request["Action"] == "PersonalUpdate")
{
XHD.Model.hr_employee model = new XHD.Model.hr_employee();
model.email = PageValidate.InputText(request["T_email"], 255);
model.name = PageValidate.InputText(request["T_name"], 255);
model.birthday = PageValidate.InputText(request["T_birthday"], 255);
model.sex = PageValidate.InputText(request["T_sex"], 255);
model.idcard = PageValidate.InputText(request["T_idcard"], 255);
model.tel = PageValidate.InputText(request["T_tel"], 255);
model.address = PageValidate.InputText(request["T_Adress"], 255);
model.schools = PageValidate.InputText(request["T_school"], 255);
model.education = PageValidate.InputText(request["T_edu"], 255);
model.professional = PageValidate.InputText(request["T_professional"], 255);
model.remarks = PageValidate.InputText(request["T_remarks"], 255);
model.title = PageValidate.InputText(request["headurl"], 255);
DataRow dr = dsemp.Tables[0].Rows[0];
model.ID = emp_id;
bool isup = emp.PersonalUpdate(model);
if (isup)
{
context.Response.Write("true");
}
else
{
context.Response.Write("false");
}
C_Sys_log log = new C_Sys_log();
int UserID = emp_id;
string UserName = empname;
string IPStreet = request.UserHostAddress;
string EventTitle = model.name;
string EventType = "个人信息修改";
int EventID = emp_id;
if (dr["email"].ToString() != request["T_email"])
{
log.Add_log(UserID, UserName, IPStreet, EventTitle, EventType, EventID, "邮箱", dr["email"].ToString(), request["T_email"], factory_Id);
}
if (dr["name"].ToString() != request["T_name"])
{
log.Add_log(UserID, UserName, IPStreet, EventTitle, EventType, EventID, "员工姓名", dr["name"].ToString(), request["T_name"], factory_Id);
}
if (dr["birthday"].ToString() != request["T_birthday"])
{
log.Add_log(UserID, UserName, IPStreet, EventTitle, EventType, EventID, "员工生日", dr["birthday"].ToString(), request["T_birthday"], factory_Id);
}
if (dr["sex"].ToString() != request["T_sex"])
{
log.Add_log(UserID, UserName, IPStreet, EventTitle, EventType, EventID, "员工性别", dr["sex"].ToString(), request["T_sex"], factory_Id);
}
if (dr["idcard"].ToString() != request["T_idcard"])
{
log.Add_log(UserID, UserName, IPStreet, EventTitle, EventType, EventID, "身份证", dr["idcard"].ToString(), request["T_idcard"], factory_Id);
}
if (dr["tel"].ToString() != request["T_tel"])
{
log.Add_log(UserID, UserName, IPStreet, EventTitle, EventType, EventID, "手机", dr["tel"].ToString(), request["T_tel"], factory_Id);
}
if (dr["address"].ToString() != request["T_Adress"])
{
log.Add_log(UserID, UserName, IPStreet, EventTitle, EventType, EventID, "地址", dr["address"].ToString(), request["T_Adress"], factory_Id);
}
if (dr["schools"].ToString() != request["T_school"])
{
log.Add_log(UserID, UserName, IPStreet, EventTitle, EventType, EventID, "毕业学校", dr["schools"].ToString(), request["T_school"], factory_Id);
}
if (dr["education"].ToString() != request["T_edu"])
{
log.Add_log(UserID, UserName, IPStreet, EventTitle, EventType, EventID, "学历", dr["education"].ToString(), request["T_edu"], factory_Id);
}
if (dr["professional"].ToString() != request["T_professional"])
{
log.Add_log(UserID, UserName, IPStreet, EventTitle, EventType, EventID, "专业", dr["professional"].ToString(), request["T_professional"], factory_Id);
}
}
#endregion
#region tree
else if (request["Action"] == "tree")
{
string serchtxt = " 1=1 and factory_Id = '" + factory_Id + "'";
//string authtxt = PageValidate.InputText(request["auth"], 50);
//if (!string.IsNullOrEmpty(authtxt))
//{
// Data.GetDataAuth dataauth = new Data.GetDataAuth();
// string txt = dataauth.GetDataAuthByid(authtxt, "Sys_add", emp_id.ToString(), factory_Id);
// string[] arr = txt.Split(':');
// switch (arr[0])
// {
// case "my":
// case "dep":
// string did = dsemp.Tables[0].Rows[0]["d_id"].ToString();
// if (string.IsNullOrEmpty(did))
// did = "0";
// authtxt = did;
// break;
// case "all":
// authtxt = "0";
// break;
// case "depall":
// DataSet dsdep = dep.GetList("factory_Id='" + factory_Id + "'");
// string deptask = GetDepTask(int.Parse(arr[1]), dsdep.Tables[0]);
// string intext = arr[1] + "," + deptask;
// authtxt = intext.TrimEnd(',');
// break;
// }
//}
//context.Response.Write(authtxt);
XHD.BLL.hr_department dep = new XHD.BLL.hr_department();
DataSet ds = dep.GetList(0, serchtxt, " d_order");
StringBuilder str = new StringBuilder();
str.Append("[");
str.Append(GetTreeString(0, ds.Tables[0], "0"));
str.Replace(",", "", str.Length - 1, 1);
str.Append("]");
context.Response.Write(str);
}
#endregion
}
public void ProcessRequest(HttpContext context)
{
context.Response.ContentType = "text/plain";
HttpRequest request = context.Request;
var cookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];
XHD.BLL.ssn_art_menu menu = new XHD.BLL.ssn_art_menu();
XHD.BLL.ssn_visit _visit = new XHD.BLL.ssn_visit();
XHD.BLL.ssn_art _art = new XHD.BLL.ssn_art();
//判断是否登录
if (cookie == null)
{
DataSet ds = new DataSet();
ds = menu.GetList("1=2");
string strRe = XHD.Common.GetGridJSON.DataTableToJSON(ds.Tables[0]);
context.Response.Write(strRe);
return;
}
var ticket = FormsAuthentication.Decrypt(cookie.Value);
string CoockiesID = ticket.UserData;
XHD.BLL.hr_employee emp = new XHD.BLL.hr_employee();
int emp_id = int.Parse(CoockiesID);
DataSet dsemp = emp.GetList("id=" + emp_id);
XHD.Model.hr_employee employeeModel = emp.GetModel(emp_id); //当前员工
string empname = string.Empty;
string uid = string.Empty;
string depid = string.Empty;
string roletype = string.Empty;
string factory_Id = string.Empty;
if (employeeModel != null)
{
empname = employeeModel.name; //员工姓名
uid = employeeModel.uid; //员工Uid
depid = employeeModel.d_id.ToString(); //员工所在部门
factory_Id = employeeModel.factory_Id; //员工所属工厂
roletype = employeeModel.roletype.ToString();
}
//获取一级菜单
if (request["Action"] == "GetSysMenu1")
{
#region
DataSet ds = new DataSet();
int appid = int.Parse(request["appid"]);
if (dsemp.Tables[0].Rows.Count > 0)
{
if (dsemp.Tables[0].Rows[0]["uid"].ToString() == "admin")
{
ds = menu.GetList(0, "App_id=" + appid + " and parentid=0", "Menu_order");
}
else
{
DataSSN.SSN_GetAuthorityByUid getauth = new DataSSN.SSN_GetAuthorityByUid();
string menus = getauth.GetAuthority(emp_id.ToString(), "Menus");
//ds = menu.GetList(0, "App_id=" + appid + " and Menu_id in " + menus + " and menu_type='aft'", "Menu_order");
ds = menu.GetList(0, "App_id=" + appid + " and Id in " + menus + " and parentid=0", "Menu_order");
}
}
string strRe = XHD.Common.GetGridJSON.DataTableToJSON(ds.Tables[0]);
context.Response.Write(strRe);
#endregion
}
//获取二级级菜单
if (request["Action"] == "GetSysMenu2")
{
#region
DataSet ds = new DataSet();
int appid = int.Parse(request["appid"]);
int pid = int.Parse(request["pid"]);
if (dsemp.Tables[0].Rows.Count > 0)
{
if (dsemp.Tables[0].Rows[0]["uid"].ToString() == "admin")
{
ds = menu.GetList(0, "App_id=" + appid + " and parentid=" + pid, "Menu_order");
}
else
{
DataSSN.SSN_GetAuthorityByUid getauth = new DataSSN.SSN_GetAuthorityByUid();
string menus = getauth.GetAuthority(emp_id.ToString(), "Menus");
//ds = menu.GetList(0, "App_id=" + appid + " and Menu_id in " + menus + " and menu_type='aft'", "Menu_order");
ds = menu.GetList(0, "App_id=" + appid + " and Id in " + menus + " and parentid=" + pid, "Menu_order");
}
}
string strRe = XHD.Common.GetGridJSON.DataTableToJSON(ds.Tables[0]);
context.Response.Write(strRe);
#endregion
}
//获取某个菜单下的值
else if (request["Action"] == "grid")
{
DataSet dk = new DataSet();
string title = request["title"];
string strWhere = string.Empty;
bool num = true;
string atr_id = "";
if (!string.IsNullOrEmpty(request["menuid"]))
{
string menuId = request["menuid"];
if (menuId == "-1")
{
strWhere = "factory_Id='" + factory_Id + "' and is_del=0";
dk = _visit.GetListAtrId("r.empID='" + emp_id + "' ");
}
else
{
strWhere = "factory_Id='" + factory_Id + "' and Art_Menu_Id='" + menuId + "' and is_del=0";
dk = _visit.GetListAtrId("r.empID='" + emp_id + "'and v.Menu_ids='" + menuId + "' ");
}
if (uid != "admin")
{
foreach (DataRow row in dk.Tables[0].Rows)
{
//获取能访问的文章的id
atr_id += PageValidate.InputText(row["Art_id"].ToString(), int.MaxValue).Replace("a", "");
//string Menu_ids = row["Menu_ids"].ToString();
//if (!string.IsNullOrEmpty(Menu_ids))
//{
// string[] listMenu = Menu_ids.Split(',');
// foreach (var item in listMenu)
// {
// if (menuId == item)
// {
// num = true;
// break;
// }
// }
//}
}
//准备查询条件
if (num == true)
{
if (atr_id != "")
{
atr_id = atr_id.Substring(0, atr_id.Length - 1);
strWhere += " and Id in(" + atr_id + ")";
}
else
{
strWhere += " and 1=2";
}
}
else
{
strWhere += " and Id='-1'";
}
}
if (!string.IsNullOrEmpty(title))
{
List <string> strList = new List <string>();
char[] charList = title.ToArray();
for (int i = 0; i < charList.Length; i++)
{
if (i == 0)
{
strWhere += " and Art_title like '%" + charList[i] + "%'";
}
else
{
strWhere += " or Art_title like '%" + charList[i] + "%'";
}
if (!strList.Contains(charList[i].ToString()))
{
strList.Add(charList[i].ToString());
}
}
Segment seg = new Segment();
seg.InitWordDics();
seg.EnablePrefix = true;
seg.Separator = " ";
string Seg_Title = seg.SegmentText(title, false).Trim();
string[] titleArray = Seg_Title.Split(' ');
for (int i = 0; i < titleArray.Length; i++)
{
strWhere += " or Art_title like '%" + titleArray[i] + "%'";
//if (!strList.Contains(titleArray[i]))
//{
// strList.Add(titleArray[i]);
//}
}
//strWhere += " and Art_title like '%" + title + "%'";
DataSet ds = _art.GetList(strWhere);
for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
{
string temStr = ds.Tables[0].Rows[i]["Art_Title"].ToString();
for (int j = 0; j < strList.Count; j++)
{
if (temStr.Contains(strList[j]))
{
ds.Tables[0].Rows[i]["Art_Title"] = ds.Tables[0].Rows[i]["Art_Title"].ToString().Replace(strList[j], "<span style='color:red' >" + strList[j] + "</span>");
}
}
}
string strRe = XHD.Common.GetGridJSON.DataTableToJSON(ds.Tables[0]);
context.Response.Write(strRe);
}
else
{
DataSet ds = _art.GetList(strWhere);
string strRe = XHD.Common.GetGridJSON.DataTableToJSON(ds.Tables[0]);
context.Response.Write(strRe);
}
}
}
//获取文章内容
if (request["Action"] == "form")
{
string urlList = string.Empty;
if (!string.IsNullOrEmpty(request["flag"]))
{
DataSet ds = _art.GetList("factory_Id='" + factory_Id + "' and Id=" + int.Parse(request["flag"]));
string dt = XHD.Common.DataToJson.DataToJSON(ds);
context.Response.Write(dt);
}
}
}
/// <summary>
/// 增加一条数据
/// </summary>
public int Add(XHD.Model.hr_employee model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("insert into hr_employee(");
strSql.Append("uid,pwd,name,idcard,birthday,d_id,dname,postid,post,email,sex,tel,status,zhiwuid,zhiwu,sort,EntryDate,address,remarks,education,level,professional,schools,title,isDelete,Delete_time,portal,theme,canlogin)");
strSql.Append(" values (");
strSql.Append("@uid,@pwd,@name,@idcard,@birthday,@d_id,@dname,@postid,@post,@email,@sex,@tel,@status,@zhiwuid,@zhiwu,@sort,@EntryDate,@address,@remarks,@education,@level,@professional,@schools,@title,@isDelete,@Delete_time,@portal,@theme,@canlogin)");
strSql.Append(";select @@IDENTITY");
SqlParameter[] parameters =
{
new SqlParameter("@uid", SqlDbType.VarChar, 50),
new SqlParameter("@pwd", SqlDbType.VarChar, 50),
new SqlParameter("@name", SqlDbType.VarChar, 50),
new SqlParameter("@idcard", SqlDbType.VarChar, 50),
new SqlParameter("@birthday", SqlDbType.VarChar, 50),
new SqlParameter("@d_id", SqlDbType.Int, 4),
new SqlParameter("@dname", SqlDbType.VarChar, 50),
new SqlParameter("@postid", SqlDbType.Int, 4),
new SqlParameter("@post", SqlDbType.VarChar, 250),
new SqlParameter("@email", SqlDbType.VarChar, 50),
new SqlParameter("@sex", SqlDbType.VarChar, 50),
new SqlParameter("@tel", SqlDbType.VarChar, 50),
new SqlParameter("@status", SqlDbType.VarChar, 50),
new SqlParameter("@zhiwuid", SqlDbType.Int, 4),
new SqlParameter("@zhiwu", SqlDbType.VarChar, 50),
new SqlParameter("@sort", SqlDbType.Int, 4),
new SqlParameter("@EntryDate", SqlDbType.VarChar, 50),
new SqlParameter("@address", SqlDbType.VarChar, 255),
new SqlParameter("@remarks", SqlDbType.VarChar, 255),
new SqlParameter("@education", SqlDbType.VarChar, 50),
new SqlParameter("@level", SqlDbType.VarChar, 50),
new SqlParameter("@professional", SqlDbType.VarChar, 50),
new SqlParameter("@schools", SqlDbType.VarChar, 50),
new SqlParameter("@title", SqlDbType.VarChar, 50),
new SqlParameter("@isDelete", SqlDbType.Int, 4),
new SqlParameter("@Delete_time", SqlDbType.DateTime),
new SqlParameter("@portal", SqlDbType.VarChar, 250),
new SqlParameter("@theme", SqlDbType.VarChar, 250),
new SqlParameter("@canlogin", SqlDbType.Int, 4)
};
parameters[0].Value = model.uid;
parameters[1].Value = model.pwd;
parameters[2].Value = model.name;
parameters[3].Value = model.idcard;
parameters[4].Value = model.birthday;
parameters[5].Value = model.d_id;
parameters[6].Value = model.dname;
parameters[7].Value = model.postid;
parameters[8].Value = model.post;
parameters[9].Value = model.email;
parameters[10].Value = model.sex;
parameters[11].Value = model.tel;
parameters[12].Value = model.status;
parameters[13].Value = model.zhiwuid;
parameters[14].Value = model.zhiwu;
parameters[15].Value = model.sort;
parameters[16].Value = model.EntryDate;
parameters[17].Value = model.address;
parameters[18].Value = model.remarks;
parameters[19].Value = model.education;
parameters[20].Value = model.level;
parameters[21].Value = model.professional;
parameters[22].Value = model.schools;
parameters[23].Value = model.title;
parameters[24].Value = model.isDelete;
parameters[25].Value = model.Delete_time;
parameters[26].Value = model.portal;
parameters[27].Value = model.theme;
parameters[28].Value = model.canlogin;
object obj = DbHelperSQL.GetSingle(strSql.ToString(), parameters);
if (obj == null)
{
return(0);
}
else
{
return(Convert.ToInt32(obj));
}
}
/// <summary>
/// 得到一个对象实体
/// </summary>
public XHD.Model.hr_employee GetModel(int ID)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("select top 1 ID,uid,pwd,name,idcard,birthday,d_id,dname,postid,post,email,sex,tel,status,zhiwuid,zhiwu,sort,EntryDate,address,remarks,education,level,professional,schools,title,isDelete,Delete_time,portal,theme,canlogin from hr_employee ");
strSql.Append(" where ID=@ID");
SqlParameter[] parameters =
{
new SqlParameter("@ID", SqlDbType.Int, 4)
};
parameters[0].Value = ID;
XHD.Model.hr_employee model = new XHD.Model.hr_employee();
DataSet ds = DbHelperSQL.Query(strSql.ToString(), parameters);
if (ds.Tables[0].Rows.Count > 0)
{
if (ds.Tables[0].Rows[0]["ID"] != null && ds.Tables[0].Rows[0]["ID"].ToString() != "")
{
model.ID = int.Parse(ds.Tables[0].Rows[0]["ID"].ToString());
}
if (ds.Tables[0].Rows[0]["uid"] != null && ds.Tables[0].Rows[0]["uid"].ToString() != "")
{
model.uid = ds.Tables[0].Rows[0]["uid"].ToString();
}
if (ds.Tables[0].Rows[0]["pwd"] != null && ds.Tables[0].Rows[0]["pwd"].ToString() != "")
{
model.pwd = ds.Tables[0].Rows[0]["pwd"].ToString();
}
if (ds.Tables[0].Rows[0]["name"] != null && ds.Tables[0].Rows[0]["name"].ToString() != "")
{
model.name = ds.Tables[0].Rows[0]["name"].ToString();
}
if (ds.Tables[0].Rows[0]["idcard"] != null && ds.Tables[0].Rows[0]["idcard"].ToString() != "")
{
model.idcard = ds.Tables[0].Rows[0]["idcard"].ToString();
}
if (ds.Tables[0].Rows[0]["birthday"] != null && ds.Tables[0].Rows[0]["birthday"].ToString() != "")
{
model.birthday = ds.Tables[0].Rows[0]["birthday"].ToString();
}
if (ds.Tables[0].Rows[0]["d_id"] != null && ds.Tables[0].Rows[0]["d_id"].ToString() != "")
{
model.d_id = int.Parse(ds.Tables[0].Rows[0]["d_id"].ToString());
}
if (ds.Tables[0].Rows[0]["dname"] != null && ds.Tables[0].Rows[0]["dname"].ToString() != "")
{
model.dname = ds.Tables[0].Rows[0]["dname"].ToString();
}
if (ds.Tables[0].Rows[0]["postid"] != null && ds.Tables[0].Rows[0]["postid"].ToString() != "")
{
model.postid = int.Parse(ds.Tables[0].Rows[0]["postid"].ToString());
}
if (ds.Tables[0].Rows[0]["post"] != null && ds.Tables[0].Rows[0]["post"].ToString() != "")
{
model.post = ds.Tables[0].Rows[0]["post"].ToString();
}
if (ds.Tables[0].Rows[0]["email"] != null && ds.Tables[0].Rows[0]["email"].ToString() != "")
{
model.email = ds.Tables[0].Rows[0]["email"].ToString();
}
if (ds.Tables[0].Rows[0]["sex"] != null && ds.Tables[0].Rows[0]["sex"].ToString() != "")
{
model.sex = ds.Tables[0].Rows[0]["sex"].ToString();
}
if (ds.Tables[0].Rows[0]["tel"] != null && ds.Tables[0].Rows[0]["tel"].ToString() != "")
{
model.tel = ds.Tables[0].Rows[0]["tel"].ToString();
}
if (ds.Tables[0].Rows[0]["status"] != null && ds.Tables[0].Rows[0]["status"].ToString() != "")
{
model.status = ds.Tables[0].Rows[0]["status"].ToString();
}
if (ds.Tables[0].Rows[0]["zhiwuid"] != null && ds.Tables[0].Rows[0]["zhiwuid"].ToString() != "")
{
model.zhiwuid = int.Parse(ds.Tables[0].Rows[0]["zhiwuid"].ToString());
}
if (ds.Tables[0].Rows[0]["zhiwu"] != null && ds.Tables[0].Rows[0]["zhiwu"].ToString() != "")
{
model.zhiwu = ds.Tables[0].Rows[0]["zhiwu"].ToString();
}
if (ds.Tables[0].Rows[0]["sort"] != null && ds.Tables[0].Rows[0]["sort"].ToString() != "")
{
model.sort = int.Parse(ds.Tables[0].Rows[0]["sort"].ToString());
}
if (ds.Tables[0].Rows[0]["EntryDate"] != null && ds.Tables[0].Rows[0]["EntryDate"].ToString() != "")
{
model.EntryDate = ds.Tables[0].Rows[0]["EntryDate"].ToString();
}
if (ds.Tables[0].Rows[0]["address"] != null && ds.Tables[0].Rows[0]["address"].ToString() != "")
{
model.address = ds.Tables[0].Rows[0]["address"].ToString();
}
if (ds.Tables[0].Rows[0]["remarks"] != null && ds.Tables[0].Rows[0]["remarks"].ToString() != "")
{
model.remarks = ds.Tables[0].Rows[0]["remarks"].ToString();
}
if (ds.Tables[0].Rows[0]["education"] != null && ds.Tables[0].Rows[0]["education"].ToString() != "")
{
model.education = ds.Tables[0].Rows[0]["education"].ToString();
}
if (ds.Tables[0].Rows[0]["level"] != null && ds.Tables[0].Rows[0]["level"].ToString() != "")
{
model.level = ds.Tables[0].Rows[0]["level"].ToString();
}
if (ds.Tables[0].Rows[0]["professional"] != null && ds.Tables[0].Rows[0]["professional"].ToString() != "")
{
model.professional = ds.Tables[0].Rows[0]["professional"].ToString();
}
if (ds.Tables[0].Rows[0]["schools"] != null && ds.Tables[0].Rows[0]["schools"].ToString() != "")
{
model.schools = ds.Tables[0].Rows[0]["schools"].ToString();
}
if (ds.Tables[0].Rows[0]["title"] != null && ds.Tables[0].Rows[0]["title"].ToString() != "")
{
model.title = ds.Tables[0].Rows[0]["title"].ToString();
}
if (ds.Tables[0].Rows[0]["isDelete"] != null && ds.Tables[0].Rows[0]["isDelete"].ToString() != "")
{
model.isDelete = int.Parse(ds.Tables[0].Rows[0]["isDelete"].ToString());
}
if (ds.Tables[0].Rows[0]["Delete_time"] != null && ds.Tables[0].Rows[0]["Delete_time"].ToString() != "")
{
model.Delete_time = DateTime.Parse(ds.Tables[0].Rows[0]["Delete_time"].ToString());
}
if (ds.Tables[0].Rows[0]["portal"] != null && ds.Tables[0].Rows[0]["portal"].ToString() != "")
{
model.portal = ds.Tables[0].Rows[0]["portal"].ToString();
}
if (ds.Tables[0].Rows[0]["theme"] != null && ds.Tables[0].Rows[0]["theme"].ToString() != "")
{
model.theme = ds.Tables[0].Rows[0]["theme"].ToString();
}
if (ds.Tables[0].Rows[0]["canlogin"] != null && ds.Tables[0].Rows[0]["canlogin"].ToString() != "")
{
model.canlogin = int.Parse(ds.Tables[0].Rows[0]["canlogin"].ToString());
}
return(model);
}
else
{
return(null);
}
}
/// <summary>
/// 更新一条数据
/// </summary>
public bool Update(XHD.Model.hr_employee model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("update hr_employee set ");
strSql.Append("uid=@uid,");
strSql.Append("name=@name,");
strSql.Append("idcard=@idcard,");
strSql.Append("birthday=@birthday,");
strSql.Append("d_id=@d_id,");
strSql.Append("dname=@dname,");
strSql.Append("postid=@postid,");
strSql.Append("post=@post,");
strSql.Append("email=@email,");
strSql.Append("sex=@sex,");
strSql.Append("tel=@tel,");
strSql.Append("status=@status,");
strSql.Append("zhiwuid=@zhiwuid,");
strSql.Append("zhiwu=@zhiwu,");
strSql.Append("sort=@sort,");
strSql.Append("EntryDate=@EntryDate,");
strSql.Append("address=@address,");
strSql.Append("remarks=@remarks,");
strSql.Append("education=@education,");
strSql.Append("level=@level,");
strSql.Append("professional=@professional,");
strSql.Append("schools=@schools,");
strSql.Append("title=@title,");
strSql.Append("isDelete=@isDelete,");
strSql.Append("Delete_time=@Delete_time,");
strSql.Append("portal=@portal,");
strSql.Append("theme=@theme,");
strSql.Append("canlogin=@canlogin");
strSql.Append(" where ID=@ID");
SqlParameter[] parameters =
{
new SqlParameter("@uid", SqlDbType.VarChar, 50),
new SqlParameter("@name", SqlDbType.VarChar, 50),
new SqlParameter("@idcard", SqlDbType.VarChar, 50),
new SqlParameter("@birthday", SqlDbType.VarChar, 50),
new SqlParameter("@d_id", SqlDbType.Int, 4),
new SqlParameter("@dname", SqlDbType.VarChar, 50),
new SqlParameter("@postid", SqlDbType.Int, 4),
new SqlParameter("@post", SqlDbType.VarChar, 250),
new SqlParameter("@email", SqlDbType.VarChar, 50),
new SqlParameter("@sex", SqlDbType.VarChar, 50),
new SqlParameter("@tel", SqlDbType.VarChar, 50),
new SqlParameter("@status", SqlDbType.VarChar, 50),
new SqlParameter("@zhiwuid", SqlDbType.Int, 4),
new SqlParameter("@zhiwu", SqlDbType.VarChar, 50),
new SqlParameter("@sort", SqlDbType.Int, 4),
new SqlParameter("@EntryDate", SqlDbType.VarChar, 50),
new SqlParameter("@address", SqlDbType.VarChar, 255),
new SqlParameter("@remarks", SqlDbType.VarChar, 255),
new SqlParameter("@education", SqlDbType.VarChar, 50),
new SqlParameter("@level", SqlDbType.VarChar, 50),
new SqlParameter("@professional", SqlDbType.VarChar, 50),
new SqlParameter("@schools", SqlDbType.VarChar, 50),
new SqlParameter("@title", SqlDbType.VarChar, 50),
new SqlParameter("@isDelete", SqlDbType.Int, 4),
new SqlParameter("@Delete_time", SqlDbType.DateTime),
new SqlParameter("@portal", SqlDbType.VarChar, 250),
new SqlParameter("@theme", SqlDbType.VarChar, 250),
new SqlParameter("@canlogin", SqlDbType.Int, 4),
new SqlParameter("@ID", SqlDbType.Int, 4)
};
parameters[0].Value = model.uid;
parameters[1].Value = model.name;
parameters[2].Value = model.idcard;
parameters[3].Value = model.birthday;
parameters[4].Value = model.d_id;
parameters[5].Value = model.dname;
parameters[6].Value = model.postid;
parameters[7].Value = model.post;
parameters[8].Value = model.email;
parameters[9].Value = model.sex;
parameters[10].Value = model.tel;
parameters[11].Value = model.status;
parameters[12].Value = model.zhiwuid;
parameters[13].Value = model.zhiwu;
parameters[14].Value = model.sort;
parameters[15].Value = model.EntryDate;
parameters[16].Value = model.address;
parameters[17].Value = model.remarks;
parameters[18].Value = model.education;
parameters[19].Value = model.level;
parameters[20].Value = model.professional;
parameters[21].Value = model.schools;
parameters[22].Value = model.title;
parameters[23].Value = model.isDelete;
parameters[24].Value = model.Delete_time;
parameters[25].Value = model.portal;
parameters[26].Value = model.theme;
parameters[27].Value = model.canlogin;
parameters[28].Value = model.ID;
int rows = DbHelperSQL.ExecuteSql(strSql.ToString(), parameters);
if (rows > 0)
{
return(true);
}
else
{
return(false);
}
}
public void ProcessRequest(HttpContext context)
{
context.Response.ContentType = "text/plain";
context.Response.Charset = "utf-8";
HttpRequest request = context.Request;
if (request["Action"] == "login")
{
XHD.BLL.hr_employee emp = new XHD.BLL.hr_employee();
XHD.BLL.Sys_FactoryInfo fty = new XHD.BLL.Sys_FactoryInfo();
string username = PageValidate.InputText(request["username"], 255);
//string password = FormsAuthentication.HashPasswordForStoringInConfigFile(request["password"], "MD5");
string password = PageValidate.InputText(request["password"], 255);
string validate = PageValidate.InputText(request["validate"], 255);
//SQL注入式攻击过滤===========================================================================================
string path = context.Server.MapPath(@"../file/SQLFile.txt");
if (CommonData.getSQLPercolation(username.ToUpper(), path))
{
context.Response.Write("999");//系统错误
return;
}
//============================================================================================================
if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
{
//if (validate == context.Session["CheckCode"].ToString() || validate.ToLower() == context.Session["CheckCode"].ToString().ToLower())
//{
//DataSet ds = emp.GetList(" uid='" + username + "' and pwd='" + password + "'");
XHD.Model.hr_employee empModel = emp.LoginUser(username);
//IP 限制====================================================================================================
string vrip = GetClientIPv4Address();
List <string> lstIp = new List <string>();
lstIp.Add("219.146.197.91"); //电信IP地址
lstIp.Add("60.213.50.226"); //联通IP地址
lstIp.Add("172.178.1.118"); //本地(邢荣)
lstIp.Add("172.178.1.211"); //本地(陈伟)
lstIp.Add("172.178.1.100"); //本地(陈伟)
lstIp.Add("172.178.1.203"); //本地(robert)
lstIp.Add("172.178.1.201"); //本地(李明)
lstIp.Add("172.178.1.79"); //本地(王德胜)
lstIp.Add("172.178.1.117"); //本地(王立全)
lstIp.Add("172.178.1.243"); //本地(王虎)
lstIp.Add("172.178.1.56"); //本地(马萧)
lstIp.Add("172.178.1.29"); //本地(张杰)
lstIp.Add("172.178.1.45"); //本地(张顾严)
lstIp.Add("172.178.1.133"); //本地(吴瑞曾)
//if (!lstIp.Contains(vrip))
//{
// //修改:robert, 2016-06-04 过滤特殊人群,当前:王频频wpp6274========
// if (username.Trim() != "wpp6274" && username.Trim() != "gjc1010")
// {
// context.Response.Write("6");//ip受限制
// return;
// }
// //=======================================================================
//}
//============================================================================================================
if (empModel != null && empModel.pwd == password.ToUpper())
{
//存在该 uid的用户,并且 pwd-密码正确;执行以下内容
//if (ds.Tables[0].Rows.Count > 0)
//{
if (empModel.uid.Trim() == "admin")
{
#region
//string userid = empModel.ID.ToString();
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
empModel.uid,
DateTime.Now,
DateTime.Now.AddMinutes(20),
true,
empModel.ID.ToString(),
"/"
);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
cookie.HttpOnly = true;
context.Response.Cookies.Add(cookie);
//FormsAuthentication.SetAuthCookie(userid, true);
//日志
XHD.BLL.Sys_log log = new XHD.BLL.Sys_log();
XHD.Model.Sys_log modellog = new XHD.Model.Sys_log();
modellog.EventType = "系统登录";
modellog.EventDate = DateTime.Now;
modellog.UserID = empModel.ID;
modellog.UserName = empModel.name;
modellog.IPStreet = request.UserHostAddress;
modellog.Factory_Id = empModel.factory_Id;
log.Add(modellog);
//online
XHD.BLL.Sys_online sol = new XHD.BLL.Sys_online();
XHD.Model.Sys_online model = new XHD.Model.Sys_online();
model.UserName = empModel.name;
model.UserID = empModel.ID;
model.LastLogTime = DateTime.Now;
DataSet ds1 = sol.GetList(" UserID=" + empModel.ID);
//添加当前用户信息
if (ds1.Tables[0].Rows.Count > 0)
{
sol.Update(model, " UserID=" + empModel.ID);
}
else
{
sol.Add(model);
}
//删除超时用户
//2分钟用户失效,删除 --Robert 2015-11-24
sol.Delete(" LastLogTime<date_sub(now(), interval 2 minute)");
//验证完毕,允许登录
context.Response.Write("2");
#endregion
}
else
{
#region
DataSet dsfty = fty.GetList("Factory_Id='" + empModel.factory_Id + "'");
string isDelete = dsfty.Tables[0].Rows[0]["IsDelete"].ToString();
if (int.Parse(isDelete) == 0)
{
if (empModel.canlogin.ToString() == "1")
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
username,
DateTime.Now,
DateTime.Now.AddMinutes(20),
true,
empModel.ID.ToString(),
"/"
);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
cookie.HttpOnly = true;
context.Response.Cookies.Add(cookie);
//FormsAuthentication.SetAuthCookie(userid, true);
//日志
XHD.BLL.Sys_log log = new XHD.BLL.Sys_log();
XHD.Model.Sys_log modellog = new XHD.Model.Sys_log();
modellog.EventType = "系统登录";
modellog.EventDate = DateTime.Now;
modellog.UserID = empModel.ID;
modellog.UserName = empModel.name;
modellog.IPStreet = request.UserHostAddress;
modellog.Factory_Id = empModel.factory_Id;
log.Add(modellog);
//online
XHD.BLL.Sys_online sol = new XHD.BLL.Sys_online();
XHD.Model.Sys_online model = new XHD.Model.Sys_online();
model.UserName = empModel.name;
model.UserID = empModel.ID;
model.LastLogTime = DateTime.Now;
DataSet ds1 = sol.GetList(" UserID=" + empModel.ID);
//添加当前用户信息
if (ds1.Tables[0].Rows.Count > 0)
{
sol.Update(model, " UserID=" + empModel.ID);
}
else
{
sol.Add(model);
}
//删除超时用户
//2分钟用户失效,删除 --Robert 2015-11-24
sol.Delete(" LastLogTime<date_sub(now(), interval 2 minute)");
//验证完毕,允许登录
context.Response.Write("2");
}
else
{
context.Response.Write("4");//不允许登录
}
}
else
{
context.Response.Write("5");//不允许登录
}
#endregion
}
}
else
{
context.Response.Write("1");//用户名或密码错误
}
//}
//else
//{
// context.Response.Write("0");//验证码错误
//}
}
else
{
context.Response.Write("999");//系统数据错误
}
}
else if (request["Action"] == "logout")
{
#region
var cookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (null != cookie)
{
var ticket = FormsAuthentication.Decrypt(cookie.Value);
string CoockiesID = ticket.UserData;
FormsAuthentication.SignOut();
context.Response.Write("true");
//online
XHD.BLL.Sys_online sol = new XHD.BLL.Sys_online();
try
{
if (!string.IsNullOrEmpty(CoockiesID))
{
sol.Delete(" UserID=" + int.Parse(CoockiesID));
}
}
catch
{
}
}
#endregion
}
else if (request["Action"] == "checkpwd")
{
#region
var cookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];
var ticket = FormsAuthentication.Decrypt(cookie.Value);
string CoockiesID = ticket.UserData;
XHD.BLL.hr_employee emp = new XHD.BLL.hr_employee();
int emp_id = int.Parse(CoockiesID);
string password = FormsAuthentication.HashPasswordForStoringInConfigFile(request["password"], "MD5");
DataSet ds = emp.GetList(string.Format("ID={0} and pwd='{1}'", emp_id, password));
if (ds.Tables[0].Rows.Count > 0)
{
context.Response.Write("{sucess:sucess}");
}
else
{
context.Response.Write("{sucess:false}");
}
#endregion
}
}
