public bool CheckInNowWifi(string Allow_IP_Range) { bool rtn = false; try { //string nowIP = IpTool.LocalIPAddressString(); //IPAddress[] address = GetIPs(); string[] ip_segment = Allow_IP_Range.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (string item in ip_segment) { string[] ipRange = item.Split(new[] { '-' }, StringSplitOptions.RemoveEmptyEntries); if (ipRange.Length < 2) { if (address == null) { return(false); } foreach (IPAddress ip in address) { if (ip.ToString().Equals(ipRange[0])) { rtn = true; return(true); } } } else { if (address == null) { return(false); } foreach (IPAddress ip in address) { bool inRange = IpT.IsIpInRange(ip.ToString(), ipRange[0], ipRange[1]); if (inRange) { rtn = true; return(true); } } } } } catch (Exception ex) { rtn = false; //LogTool.Debug(ex); } return(rtn); }
protected void btnLogin_Click(object sender, EventArgs e) { string script = ""; string txtUser = tbUser.Text.Trim(); string txtPassword = tbPassword.Text.Trim(); string txtCode = tbCode.Text.ToLower().Trim(); int UserCount = 0; DataTable dt = new DataTable(); if (SessionS.GetSessionValue("CheckCode") == null || SessionS.GetSessionValue("CheckCode").ToString().Equals(txtCode) == false) { tbCode.Text = ""; script = "<script>alert('驗證碼錯誤');</script>"; Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); return; } EncryptT enc = new EncryptT(); using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xCheckLogin", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); cmd.Parameters.AddWithValue("@LoginPassword", enc.ToSHA256(txtPassword)); cmd.Parameters.AddWithValue("@FunctionIndex", Convert.ToInt32(WebConfigurationManager.AppSettings["SystemFunctionIndex"])); SqlParameter sp = cmd.Parameters.AddWithValue("@UserCount", UserCount); sp.Direction = ParameterDirection.Output; sc.Open(); cmd.ExecuteNonQuery(); UserCount = (int)sp.Value; } } if (UserCount > 0) { using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xGetUserByLoginName", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); using (SqlDataAdapter da = new SqlDataAdapter(cmd)) { sc.Open(); da.Fill(dt); } } } UserVM user = new UserVM(); EntityS.FillModel <UserVM>(user, dt); //user.LoginDate = DateTime.Now; var org = SystemOrg.GetVM(user.OrgID); var clientIP = IpAddressS.GetIP(); IpT ipt = new IpT(clientIP); NameValueCollection rRequest = Request.ServerVariables; bool yesOrNo = false; if (clientIP != null && org != null) { if (clientIP.Equals("::1") || clientIP.Equals("127.0.0.1") || string.IsNullOrEmpty(org.IpStart) || string.IsNullOrEmpty(org.IpEnd) || org.IpStart.Equals("0.0.0.0") && org.IpEnd.Equals("0.0.0.0")) { yesOrNo = true; } else { yesOrNo = ipt.CheckInNowWifi(string.Format("{0}-{1}", org.IpStart, org.IpEnd)); } } else if (user.OrgID == 1) { yesOrNo = true; } else if (org == null) { script = "<script>alert('無權限登入');</script>"; Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); return; } if (yesOrNo == false) { script = "<script>alert('非允許IP位置');</script>"; } else { int Chk = 0; using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xUpdateLoginDate", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@UserID", user.ID); cmd.Parameters.AddWithValue("@LoginIP", IpAddressS.GetIP()); cmd.Parameters.AddWithValue("@SystemPowerCateID", SystemPowerCateID); SqlParameter sp1 = cmd.Parameters.AddWithValue("@LoginDateOut", user.LoginDate); sp1.Direction = ParameterDirection.Output; SqlParameter sp2 = cmd.Parameters.AddWithValue("@Chk", Chk); sp2.Direction = ParameterDirection.Output; sc.Open(); cmd.ExecuteNonQuery(); user.LoginDate = (DateTime)sp1.Value; Chk = (int)sp2.Value; } } if (Chk > 0) { //Session.Abandon(); //Session.Clear(); HttpContext.Current.Session["LoginUser"] = user; string tempUrl = SessionS.GetSessionValue("tempUrl") as string; if (tempUrl != null) { SessionS.RemoveSession("tempUrl"); Response.Redirect(tempUrl); } else { Response.Redirect("~/Home.aspx"); } } else { script = "<script>alert('帳號密碼錯誤');</script>"; } } } else { script = "<script>alert('帳號密碼錯誤');</script>"; } Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); }