public bool CheckInNowWifi(string Allow_IP_Range)
{
bool rtn = false;
try
{
//string nowIP = IpTool.LocalIPAddressString();
//IPAddress[] address = GetIPs();
string[] ip_segment = Allow_IP_Range.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
foreach (string item in ip_segment)
{
string[] ipRange = item.Split(new[] { '-' }, StringSplitOptions.RemoveEmptyEntries);
if (ipRange.Length < 2)
{
if (address == null)
{
return(false);
}
foreach (IPAddress ip in address)
{
if (ip.ToString().Equals(ipRange[0]))
{
rtn = true;
return(true);
}
}
}
else
{
if (address == null)
{
return(false);
}
foreach (IPAddress ip in address)
{
bool inRange = IpT.IsIpInRange(ip.ToString(), ipRange[0], ipRange[1]);
if (inRange)
{
rtn = true;
return(true);
}
}
}
}
}
catch (Exception ex)
{
rtn = false;
//LogTool.Debug(ex);
}
return(rtn);
}
protected void btnLogin_Click(object sender, EventArgs e)
{
string script = "";
string txtUser = tbUser.Text.Trim();
string txtPassword = tbPassword.Text.Trim();
string txtCode = tbCode.Text.ToLower().Trim();
int UserCount = 0;
DataTable dt = new DataTable();
if (SessionS.GetSessionValue("CheckCode") == null || SessionS.GetSessionValue("CheckCode").ToString().Equals(txtCode) == false)
{
tbCode.Text = "";
script = "<script>alert('驗證碼錯誤');</script>";
Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false);
return;
}
EncryptT enc = new EncryptT();
using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString()))
{
using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xCheckLogin", sc))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@LoginName", txtUser);
cmd.Parameters.AddWithValue("@LoginPassword", enc.ToSHA256(txtPassword));
cmd.Parameters.AddWithValue("@FunctionIndex", Convert.ToInt32(WebConfigurationManager.AppSettings["SystemFunctionIndex"]));
SqlParameter sp = cmd.Parameters.AddWithValue("@UserCount", UserCount);
sp.Direction = ParameterDirection.Output;
sc.Open();
cmd.ExecuteNonQuery();
UserCount = (int)sp.Value;
}
}
if (UserCount > 0)
{
using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString()))
{
using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xGetUserByLoginName", sc))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@LoginName", txtUser);
using (SqlDataAdapter da = new SqlDataAdapter(cmd))
{
sc.Open();
da.Fill(dt);
}
}
}
UserVM user = new UserVM();
EntityS.FillModel <UserVM>(user, dt);
//user.LoginDate = DateTime.Now;
var org = SystemOrg.GetVM(user.OrgID);
var clientIP = IpAddressS.GetIP();
IpT ipt = new IpT(clientIP);
NameValueCollection rRequest = Request.ServerVariables;
bool yesOrNo = false;
if (clientIP != null && org != null)
{
if (clientIP.Equals("::1") || clientIP.Equals("127.0.0.1") || string.IsNullOrEmpty(org.IpStart) || string.IsNullOrEmpty(org.IpEnd) || org.IpStart.Equals("0.0.0.0") && org.IpEnd.Equals("0.0.0.0"))
{
yesOrNo = true;
}
else
{
yesOrNo = ipt.CheckInNowWifi(string.Format("{0}-{1}", org.IpStart, org.IpEnd));
}
}
else if (user.OrgID == 1)
{
yesOrNo = true;
}
else if (org == null)
{
script = "<script>alert('無權限登入');</script>";
Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false);
return;
}
if (yesOrNo == false)
{
script = "<script>alert('非允許IP位置');</script>";
}
else
{
int Chk = 0;
using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString()))
{
using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xUpdateLoginDate", sc))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@UserID", user.ID);
cmd.Parameters.AddWithValue("@LoginIP", IpAddressS.GetIP());
cmd.Parameters.AddWithValue("@SystemPowerCateID", SystemPowerCateID);
SqlParameter sp1 = cmd.Parameters.AddWithValue("@LoginDateOut", user.LoginDate);
sp1.Direction = ParameterDirection.Output;
SqlParameter sp2 = cmd.Parameters.AddWithValue("@Chk", Chk);
sp2.Direction = ParameterDirection.Output;
sc.Open();
cmd.ExecuteNonQuery();
user.LoginDate = (DateTime)sp1.Value;
Chk = (int)sp2.Value;
}
}
if (Chk > 0)
{
//Session.Abandon();
//Session.Clear();
HttpContext.Current.Session["LoginUser"] = user;
string tempUrl = SessionS.GetSessionValue("tempUrl") as string;
if (tempUrl != null)
{
SessionS.RemoveSession("tempUrl");
Response.Redirect(tempUrl);
}
else
{
Response.Redirect("~/Home.aspx");
}
}
else
{
script = "<script>alert('帳號密碼錯誤');</script>";
}
}
}
else
{
script = "<script>alert('帳號密碼錯誤');</script>";
}
Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false);
}
