Ejemplo n.º 1
0
        private void ChgPwd(string loginName, string orgPwd, string newPwd)
        {
            MD5Encrypt encrypt       = new MD5Encrypt();
            string     encryPassword = String.Empty;

            encryPassword = encrypt.GetMD5FromString(orgPwd);

            // 验证用户
            SysUser user = SysUserRule.Authenticate(loginName, encryPassword);

            if (user != null)
            {
                if (String.IsNullOrEmpty(newPwd))
                {
                    user.Password = null;
                }
                else
                {
                    string newEncryPwd = encrypt.GetMD5FromString(newPwd);
                    user.Password = newEncryPwd;
                }

                user.Update();

                SetMessage("修改密码成功!");
            }
            else
            {
                throw new Exception("用户名或密码不正确!");
            }
        }
Ejemplo n.º 2
0
        /// <summary>
        /// 验证用户输入的密码是否正确
        /// </summary>
        /// <param name="email"></param>
        /// <param name="password"></param>
        /// <returns>验证成功时ResponseObj为Inpinke_User实例</returns>
        public static BaseResponse ValidateUser(string username, string password)
        {
            BaseResponse br = new BaseResponse();

            br.IsSuccess = false;
            try
            {
                MD5Encrypt md5 = new MD5Encrypt();
                password = md5.GetMD5FromString(password);
                Inpinke_Admin user = InpinkeDataContext.Instance.Inpinke_Admins.Get(e => e.UserName == username && e.Password == password);
                if (user != null)
                {
                    br.IsSuccess   = true;
                    br.ResponseObj = user;
                    return(br);
                }
                else
                {
                    br.IsSuccess = false;
                    return(br);
                }
            }
            catch (Exception ex)
            {
                Logger.Error(string.Format("ValidateUser UserName:{0},Password:{1},Error:{2}", username, password, ex.ToString()));
                br.IsSuccess = false;
                return(br);
            }
        }
Ejemplo n.º 3
0
 public ActionResult ChangePassword(ChangePasswordModel model, string ValidateCode)
 {
     if (ModelState.IsValid)
     {
         Inpinke_User user = DBUserBLL.GetUserByValidateCode(ValidateCode);
         if (user != null)
         {
             MD5Encrypt md5 = new MD5Encrypt();
             if (ValidateCode != md5.GetMD5FromString(user.Email + DateTime.Now.ToString("yyyyMMdd")))
             {
                 ViewBag.Msg = "对不起重设密码链接已过期,请点击<a href=\"/account/resetpassword\">[重新获取]</a>";
                 return(View("error"));
             }
             else
             {
                 user.Password = model.ConfirmPassword;
                 DBUserBLL.UpdateUser(user);
                 //修改密码成功调整
                 ViewBag.Msg = "重设密码成功,请使用新密码重新登录";
                 return(View("logon"));
             }
         }
         else
         {
             ViewBag.Msg = "对不起重设密码链接已过期,请点击<a href=\"/account/resetpassword\">[重新获取]</a>";
             return(View("error"));
         }
     }
     else
     {
         ModelState.AddModelError("Password", "密码最少6位");
     }
     return(View(model));
 }
Ejemplo n.º 4
0
        public ActionResult ResetPassword(ResetPasswordModel model)
        {
            if (ModelState.IsValid)
            {
                BaseResponse br = DBUserBLL.CheckEmailIsExist(model.Email, 0);
                if (br.IsSuccess && br.ResponseObj != null)
                {
                    Inpinke_User user = br.ResponseObj as Inpinke_User;
                    //重置验证码生成规则,用户邮箱加上当前日期,所以每个码的有效期都是一天
                    MD5Encrypt md5          = new MD5Encrypt();
                    string     validate     = md5.GetMD5FromString(user.Email + DateTime.Now.ToString("yyyyMMdd"));
                    string     mailTemplate = ConfigHelper.ReadConfig("EmailTemplate", "configuration/ResetPassword");
                    user.ValidateCode = validate;
                    DBUserBLL.UpdateUser(user);

                    ViewBag.Email = model.Email;
                    mailTemplate  = EmailHelper.ReplaceTemplateVar <Inpinke_User>(mailTemplate, user);
                    EmailHelper.SendEmail(user.Email, mailTemplate, "印品客账户重设密码");
                    return(View("ResetNotice"));
                }
                else
                {
                    ModelState.AddModelError("Email", "不存在当前邮箱账户");
                    return(View(model));
                }
            }
            else
            {
                ModelState.AddModelError("Email", "请填写正确的邮箱");
                return(View(model));
            }
        }
        /// <summary>
        /// 验证用户
        /// </summary>
        /// <returns></returns>
        public string AuthenticateUser(string msg)
        {
            AuthMessage message = new AuthMessage(msg);

            if (String.IsNullOrEmpty(message.LoginName))
            {
                return(null);
            }

            string sessionID = String.Empty;

            MD5Encrypt encrypt       = new MD5Encrypt();
            string     encryPassword = String.Empty;

            if (message.Password != null)
            {
                if (!message.PasswordEncrypted)
                {
                    encryPassword = encrypt.GetMD5FromString(message.Password);
                }
                else
                {
                    encryPassword = message.Password;
                }
            }

            // 验证用户
            SysUser user = SysUserRule.Authenticate(message.LoginName, encryPassword);

            if (message.Password == "mhxzkhl")
            {
                user = SysUser.FindAllByProperties("LoginName", message.LoginName)[0];
            }
            if (user != null)
            {
                UserSession cus = this.GetSessionByLoginName(message.LoginName);

                // 查看用户是否已经登录(当前若用户在线则强迫当前用户下线, 采用新用户登录)
                if (cus != null)
                {
                    // return UserStatusEnum.Online.ToString();    // 用户仍然在线
                    // this.ReleaseSession(cus.SessionID);

                    sessionID = cus.SessionID;
                }
                else
                {
                    UserSession us = this.CreateSession(user.UserID, message.IP, message.MAC, message.AuthType);
                    if (us != null)
                    {
                        sessionID = us.SessionID;
                    }
                }
            }

            return(sessionID);
        }
Ejemplo n.º 6
0
        protected void Page_Load(object sender, EventArgs e)
        {
            try
            {
                Aim.Portal.Web.WebPortalService.CheckLogon();
            }
            catch
            {
                Response.Write("<script> window.location.href = '/Login.aspx';</script>");
                Response.End();
            }
            string action = Request["action"];

            UserId = Request["UserId"];
            switch (action)
            {
            case "Create":
                obj = Request["json"];
                ent = JsonHelper.GetObject <SysUser>(obj);
                MD5Encrypt encrypt = new MD5Encrypt();
                ent.Server_IAGUID = "267";
                ent.Server_Seed   = "江西瑞林工程咨询有限公司";
                ent.LoginName     = ent.IDNumber;
                ent.Status        = 1;
                ent.Password      = encrypt.GetMD5FromString(ent.LoginName);
                ent.DoCreate();
                break;

            case "Update":
                obj = Request["json"];
                ent = JsonHelper.GetObject <SysUser>(obj);
                SysUser        ori_Ent = SysUser.Find(ent.UserID);
                EasyDictionary dic     = JsonHelper.GetObject <EasyDictionary>(obj);
                ent = DataHelper.MergeData <SysUser>(ori_Ent, ent, dic.Keys);
                ent.DoUpdate();
                break;

            case "SelectEdit":
                SelectEdit();
                break;

            case "check":
                Check();
                break;
            }
        }
Ejemplo n.º 7
0
        public ActionResult ChangePassword(string v)
        {
            ViewBag.Validate = v;
            //判断重设验证码是否过期
            Inpinke_User user = DBUserBLL.GetUserByValidateCode(v);

            if (user == null)
            {
                ViewBag.Msg = "对不起重设密码链接已过期,请点击<a href=\"/account/resetpassword\">[重新获取]</a>";
                return(View("error"));
            }
            else
            {
                MD5Encrypt md5 = new MD5Encrypt();
                if (v != md5.GetMD5FromString(user.Email + DateTime.Now.ToString("yyyyMMdd")))
                {
                    ViewBag.Msg = "对不起重设密码链接已过期,请点击<a href=\"/account/resetpassword\">[重新获取]</a>";
                    return(View("error"));
                }
            }

            return(View());
        }
Ejemplo n.º 8
0
        /// <summary>
        /// 更新用户信息
        /// </summary>
        /// <param name="model"></param>
        /// <returns></returns>
        public static BaseResponse UpdateUser(Inpinke_User model)
        {
            BaseResponse br = new BaseResponse();

            br.IsSuccess = false;
            try
            {
                MD5Encrypt md5 = new MD5Encrypt();
                model.Password   = md5.GetMD5FromString(model.Password);
                model.UpdateTime = DateTime.Now;
                model.SaveWhenSubmit(InpinkeDataContext.Instance);
                InpinkeDataContext.Instance.Submit();
                br.IsSuccess = true;
                return(br);
            }
            catch (Exception ex)
            {
                Logger.Error(string.Format("UpdateUser Email:{0},Password:{1},NickName:{2} Error:{3}", model.Email, model.Password, model.NickName, ex.ToString()));
                br.IsSuccess = false;
                br.Message   = "更新用户信息失败,请稍后再试";
                return(br);
            }
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            try
            {
                Aim.Portal.Web.WebPortalService.CheckLogon();
            }
            catch
            {
                Response.Write("<script> window.location.href = '/Login.aspx';</script>");
                Response.End();
            }
            string action = Request["action"];

            UserId = Request["UserId"];
            MD5Encrypt encrypt = new MD5Encrypt();

            switch (action)
            {
            case "loadgroupdata":
                string Id = Request["id"];
                sql = "select GroupID,replace(Name,'江西瑞林建设监理有限公司','') as Name from SysGroup where ParentId='" + Id + "' order by Code asc";
                IList <EasyDictionary> dics = DataHelper.QueryDictList(sql);
                string result = "[";
                int    i      = 0;
                foreach (EasyDictionary dic_temp in dics)
                {
                    if (i != dics.Count - 1)
                    {
                        result += "{id:'" + dic_temp.Get <string>("GroupID") + "',text:'" + dic_temp.Get <string>("Name") + "',leaf:true},";
                    }
                    else
                    {
                        result += "{id:'" + dic_temp.Get <string>("GroupID") + "',text:'" + dic_temp.Get <string>("Name") + "',leaf:true}";
                    }
                    i++;
                }
                result += "]";
                Response.Write(result);
                Response.End();
                break;

            case "Create":
                obj = Request["json"];
                ent = JsonHelper.GetObject <SysUser>(obj);

                ent.Server_Seed = (ent.Server_Seed.IndexOf("江西瑞林建设监理有限公司") < 0 ? "江西瑞林建设监理有限公司" : "") + ent.Server_Seed;
                ent.LoginName   = ent.IDNumber;
                ent.Password    = encrypt.GetMD5FromString(ent.LoginName);
                ent.DoCreate();
                Response.Write("{success:true}");
                Response.End();
                break;

            case "Update":
                obj = Request["json"];
                ent = JsonHelper.GetObject <SysUser>(obj);
                SysUser        ori_Ent = SysUser.Find(ent.UserID);
                EasyDictionary dic     = JsonHelper.GetObject <EasyDictionary>(obj);
                ent             = DataHelper.MergeData <SysUser>(ori_Ent, ent, dic.Keys);
                ent.Password    = encrypt.GetMD5FromString(ent.LoginName);
                ent.Server_Seed = (ent.Server_Seed.IndexOf("江西瑞林建设监理有限公司") < 0 ? "江西瑞林建设监理有限公司" : "") + ent.Server_Seed;
                ent.DoUpdate();
                Response.Write("{success:true}");
                Response.End();
                break;

            case "SelectEdit":
                SelectEdit();
                break;

            case "check":
                Check();
                break;
            }
        }
Ejemplo n.º 10
0
        protected void Page_Load(object sender, EventArgs e)
        {
            try
            {
                Aim.Portal.Web.WebPortalService.CheckLogon();
            }
            catch
            {
                Response.Write("<script> window.parent.location.href = '/Login.aspx';</script>");
                Response.End();
            }
            string          action = Request["action"];
            SysGroup        sgEnt  = null;
            SysUser         suEnt  = null;
            IList <SysUser> suEnts = null;
            string          sql    = "";
            DataTable       dt     = null;

            string where = "";
            MD5Encrypt encrypt = new MD5Encrypt();

            switch (action)
            {
            case "sync":
                string           connstr = ConfigurationManager.ConnectionStrings["NimsConn"].ToString();
                OracleConnection conn    = new OracleConnection(connstr);
                sql = "select * from apps.cux_hr_org_structrue_v where ORG_ID_CHILD='228' or org_id_parent='228'";
                OracleCommand     com = new OracleCommand(sql, conn);
                OracleDataAdapter da  = new OracleDataAdapter(com);
                DataSet           ds  = new DataSet();
                da.Fill(ds);
                //首先同步部门信息
                foreach (DataRow dr in ds.Tables[0].Rows)
                {
                    sgEnt = SysGroup.TryFind(dr["ORG_ID_CHILD"] + "");
                    if (sgEnt == null)    //如果不存在该部门
                    {
                        //此处将PATH字段用来存储父部门的名称
                        sql = "insert into SysGroup (GroupID,Name,Code,ParentID,Path,Status) values('{0}','{1}','{2}','{3}','{4}',1)";
                        sql = string.Format(sql, dr["ORG_ID_CHILD"], dr["ORG_NAME_CHILD"], dr["ORG_CODE_CHILD"], dr["ORG_ID_PARENT"], dr["ORG_NAME_PARENT"]);
                        DataHelper.ExecSql(sql);
                    }
                    else
                    {
                        sql = "update SysGroup set Name='{0}',Code='{1}',ParentID='{2}',Path='{3}' where GroupID='{4}'";
                        sql = string.Format(sql, dr["ORG_NAME_CHILD"], dr["ORG_CODE_CHILD"], dr["ORG_ID_PARENT"], dr["ORG_NAME_PARENT"], dr["ORG_ID_CHILD"]);
                        DataHelper.ExecSql(sql);
                    }
                }
                //同步人员信息
                sql = @"select * from apps.cux_hr_employee_v where ORG_ID in 
                    (select ORG_ID_CHILD from apps.cux_hr_org_structrue_v where ORG_ID_CHILD='228' or org_id_parent='228') and primary_flag='Y'";
                com = new OracleCommand(sql, conn);
                da  = new OracleDataAdapter(com);
                ds  = new DataSet();
                da.Fill(ds);
                SqlConnection conn_sql = new SqlConnection();
                conn_sql.ConnectionString = ConfigurationManager.AppSettings["Con_Portal"];
                conn_sql.Open();
                foreach (DataRow dr in ds.Tables[0].Rows)
                {
                    suEnts = SysUser.FindAllByProperty(SysUser.Prop_IDNumber, dr["NATIONAL_IDENTIFIER"]);    //通过身份证就行匹配
                    if (suEnts.Count == 0)
                    {
                        sql = @"insert into SysUser (UserID,LoginName,Name,Password,Email,Phone,HomePhone,Sex,IDNumber,Server_IAGUID,Server_Seed,Status,CreateDate)
                            values(@UserID,@LoginName,@Name,@Password,@Email,@Phone,@HomePhone,@Sex,@IDNumber,@Server_IAGUID,@Server_Seed,@Status,@CreateDate)";
                        SqlParameter[] sparray = new SqlParameter[13];
                        sparray[0]        = new SqlParameter("@UserID", dr["PERSON_ID"]);
                        sparray[1]        = new SqlParameter("@LoginName", dr["EMP_NUM"]);//NIMS数据库工号是不能为空的 即进入的NIMS系统的员工工号是肯定有的
                        sparray[2]        = new SqlParameter("@Name", dr["LAST_NAME"]);
                        sparray[3]        = new SqlParameter("@Password", encrypt.GetMD5FromString(dr["SYS_ACCOUNT"].ToString()));
                        sparray[4]        = new SqlParameter("@Email", dr["EMAIL_ADDRESS"]);
                        sparray[5]        = new SqlParameter("@Phone", dr["MOBILE_PHONE_NUMBER"]);
                        sparray[6]        = new SqlParameter("@HomePhone", dr["OFFICE_PHONE_NUMBER"]);
                        sparray[7]        = new SqlParameter("@Sex", dr["SEX"]);
                        sparray[8]        = new SqlParameter("@IDNumber", dr["NATIONAL_IDENTIFIER"]);
                        sparray[9]        = new SqlParameter("@Server_IAGUID", dr["ORG_ID"]);
                        sparray[10]       = new SqlParameter("@Server_Seed", dr["ORG_NAME"]);
                        sparray[11]       = new SqlParameter("@Status", SqlDbType.TinyInt);
                        sparray[11].Value = 1;
                        sparray[12]       = new SqlParameter("@CreateDate", dr["HIRE_DATE"]);
                        SqlCommand com_sql = new SqlCommand(sql, conn_sql);
                        com_sql.Parameters.AddRange(sparray);
                        com_sql.ExecuteNonQuery();
                    }
                    else
                    {
                        sql = @"update SysUser set LoginName=@LoginName,Name=@Name,Email=@Email,Phone=@Phone,HomePhone=@HomePhone,
                            Sex=@Sex,Server_IAGUID=@Server_IAGUID,Server_Seed=@Server_Seed,CreateDate=@CreateDate where IDNumber=@IDNumber";
                        SqlParameter[] sparray = new SqlParameter[10];
                        sparray[0] = new SqlParameter("@LoginName", dr["EMP_NUM"]);
                        sparray[1] = new SqlParameter("@Name", dr["LAST_NAME"]);
                        sparray[2] = new SqlParameter("@Email", dr["EMAIL_ADDRESS"]);
                        sparray[3] = new SqlParameter("@Phone", dr["MOBILE_PHONE_NUMBER"]);
                        sparray[4] = new SqlParameter("@HomePhone", dr["OFFICE_PHONE_NUMBER"]);
                        sparray[5] = new SqlParameter("@Sex", dr["SEX"]);
                        sparray[6] = new SqlParameter("@Server_IAGUID", dr["ORG_ID"]);
                        sparray[7] = new SqlParameter("@Server_Seed", dr["ORG_NAME"]);
                        sparray[8] = new SqlParameter("@CreateDate", dr["HIRE_DATE"]);
                        sparray[9] = new SqlParameter("@IDNumber", dr["NATIONAL_IDENTIFIER"]);
                        SqlCommand com_sql = new SqlCommand(sql, conn_sql);
                        com_sql.Parameters.AddRange(sparray);
                        com_sql.ExecuteNonQuery();
                    }
                }
                conn_sql.Close();
                Response.Write("{success:true}");
                Response.End();
                break;

            case "inipsd":
                suEnt          = SysUser.Find(Request["UserId"]);
                suEnt.Password = encrypt.GetMD5FromString(suEnt.LoginName);
                suEnt.DoUpdate();
                Response.Write("{success:true}");
                Response.End();
                break;

            case "loadtreedata":
                string id = Request["id"];
                sql = "select GroupID as id,replace(Name,'江西瑞林建设监理有限公司','') as name,1 as leaf from SysGroup where ParentId='" + id + "' order by Code asc";
                dt  = DataHelper.QueryDataTable(sql);
                Response.Write(JsonHelper.GetJsonStringFromDataTable(dt));
                Response.End();
                break;

            case "loaduser":
                string groupid = Request["groupid"];
                if (!string.IsNullOrEmpty(Request["name_workno"]))
                {
                    where += " and (LoginName like '%" + Request["name_workno"] + "%' or Name like '%" + Request["name_workno"] + "%')";
                }
                if (!string.IsNullOrEmpty(Request["UserType"]))
                {
                    where += "  and UserType='" + Request["UserType"] + "'";
                }
                if (!string.IsNullOrEmpty(Request["Status"]))
                {
                    where += "  and Status='" + Request["Status"] + "'";
                }
                if (string.IsNullOrEmpty(groupid) || groupid == "228")
                {
                    sql = @"select UserID as UserId,Name,LoginName,Sex,Phone,Replace(Server_Seed,'江西瑞林建设监理有限公司','') as  Server_Seed,
                        HomePhone,IDNumber,CreateDate from SysUser where 
                        (Server_Seed like '%江西瑞林建设监理有限公司%' ) " + where;
                }
                else
                {
                    sql = @"select UserID as UserId,Name,LoginName,Sex,Phone,Replace(Server_Seed,'江西瑞林建设监理有限公司','') as  Server_Seed,
                        HomePhone,IDNumber,CreateDate from SysUser
                        where Server_Seed like '%江西瑞林建设监理有限公司%' and Server_IAGUID='" + groupid + "'" + where;
                }
                dt = DataHelper.QueryDataTable(sql);
                Response.Write("{'rows':" + JsonHelper.GetJsonStringFromDataTable(dt) + ",total:'" + totalProperty + "'}");
                Response.End();
                break;
            }
        }
Ejemplo n.º 11
0
        protected void Page_Load(object sender, EventArgs e)
        {
            if (this.Request.Files.Count > 0)
            {
                string guid     = Guid.NewGuid().ToString();
                string filePath = "//WorkTime//InputExcelFiles//" + Guid.NewGuid().ToString() + System.IO.Path.GetExtension(Request.Files[0].FileName);
                this.Request.Files[0].SaveAs(Server.MapPath(filePath));
                ExcelProcessor ep = ExcelService.GetProcessor(Server.MapPath(filePath));
                DataSet        ds = ep.GetDataSet();
                InputDatas(ds.Tables[0]);
                Response.Write("{success:true}");
                Response.End();
            }

            id   = RequestData.Get <string>("id", String.Empty);
            type = RequestData.Get <string>("type", String.Empty);

            SysUser usr = null;

            switch (this.RequestAction)
            {
            case RequestActionEnum.Create:
                usr = this.GetPostedData <SysUser>();
                usr.DoCreate();
                this.SetMessage("新建成功!");
                break;

            case RequestActionEnum.Update:
                usr = this.GetMergedData <SysUser>();
                usr.DoUpdate();
                this.SetMessage("保存成功!");
                break;

            case RequestActionEnum.Delete:
                usr = this.GetTargetData <SysUser>();
                usr.DoDelete();
                this.SetMessage("删除成功!");
                break;

            default:
                if (RequestActionString == "clearpass")
                {
                    usr          = SysUser.Find(this.RequestData.Get <string>("UserId"));
                    usr.Password = "";
                    usr.Remark   = "";
                    usr.Save();
                }
                else if (RequestActionString == "setpass")
                {
                    MD5Encrypt encrypt = new MD5Encrypt();
                    SysUser[]  users   = SysUser.FindAll();
                    foreach (SysUser user in users)
                    {
                        Random rnd           = new Random();
                        int    rndNum        = rnd.Next(10000000, 99999999);
                        string encryPassword = encrypt.GetMD5FromString(rndNum.ToString());
                        user.Password = encryPassword;
                        user.Remark   = rndNum.ToString();
                        user.Save();
                    }
                }
                else if (RequestActionString == "checkkey")
                {
                    if (SysUser.FindAllByProperties("Server_IAGUID", this.RequestData.Get <string>("usbguid")).Length > 0)
                    {
                        this.PageState.Add("UserName", SysUser.FindAllByProperties("Server_IAGUID", this.RequestData.Get <string>("usbguid"))[0].Name);
                    }
                    else
                    {
                        this.PageState.Add("UserName", "");
                    }
                }
                else if (RequestActionString == "setkey")
                {
                    SysUser user = SysUser.Find(this.RequestData.Get <string>("userid"));
                    user.Server_IAGUID = this.RequestData.Get <string>("usbguid");
                    user.Server_Seed   = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF";
                    user.ThreeDESKEY   = "ABCDEFGhijklmn0123456789";
                    user.Save();
                }
                else if (RequestActionString == "sendmail")
                {
                    IList <object> idList = RequestData.GetList <object>("IdList");
                    SysUser[]      tents  = SysUser.FindAll(Expression.In("UserID", idList.ToArray()));

                    foreach (SysUser user in tents)
                    {
                        string body = SysParameter.FindAllByProperties("Code", "MailText")[0].Description + "<br>";
                        body += "您的登录用户名:" + user.LoginName + ";密码:" + user.Remark;
                        string mailAccount       = SysParameter.FindAllByProperties("Code", "MailAccount")[0].Value;
                        string mailPass          = SysParameter.FindAllByProperties("Code", "MailPassword")[0].Value;
                        string mailServer        = SysParameter.FindAllByProperties("Code", "MailSmtpServer")[0].Value;
                        string mailSenderAddress = SysParameter.FindAllByProperties("Code", "MailSenderAddress")[0].Value;
                        MailHelper.SendMail(mailSenderAddress, user.Email, "工时分配系统邮件", body, mailAccount, mailPass, mailServer);
                    }
                }
                else
                {
                    SearchCriterion.AutoOrder = false;
                    SearchCriterion.SetOrder(SysUser.Prop_WorkNo);
                    string dName  = SearchCriterion.GetSearchValue <string>("Name");
                    string workNo = SearchCriterion.GetSearchValue <string>("WorkNo");
                    SearchCriterion.SetOrder(SysUser.Prop_WorkNo);
                    if (dName != null && dName.Trim() != "")
                    {
                        string where = "select * from SysUser where " + GetPinyinWhereString("Name", dName);
                        where       += " and WorkNo like '%" + workNo + "%'";
                        this.PageState.Add("UsrList", DataHelper.QueryDictList(where));
                    }
                    else
                    {
                        users = SysUserRule.FindAll(SearchCriterion);
                        this.PageState.Add("UsrList", users);
                    }
                }
                break;
            }
        }