protected void BindDataReader(Model.Security.IpAccessControlSettingModel model, SqlDataReader dr)
{
model.Id = DbTool.ConvertObject <System.Int32>(dr["Id"]);
model.LogType = DbTool.ConvertObject <System.String>(dr["LogType"]);
model.IPAccessEnable = DbTool.ConvertObject <System.Boolean>(dr["IPAccessEnable"]);
model.IPAccessMaxCount = DbTool.ConvertObject <System.Int32>(dr["IPAccessMaxCount"]);
model.IPAccessControlTime = DbTool.ConvertObject <System.Int32>(dr["IPAccessControlTime"]);
model.IPAccessControlLockTime = DbTool.ConvertObject <System.Int32>(dr["IPAccessControlLockTime"]);
}
public int ClearLockedIp(Model.Security.IpAccessControlSettingModel logsetting)
{
StringBuilder strSql = new StringBuilder();
strSql.Append(string.Format("delete from IpAccessControl where Islocked=1 and datediff(minute,FistDateTime,'{0}')>{1} and LogType='{2}' and IsBlackIP=0;", System.DateTime.Now, logsetting.IPAccessControlTime + logsetting.IPAccessControlLockTime, logsetting.LogType));
strSql.Append(string.Format("delete from IpAccessControl where Islocked=0 and datediff(minute,FistDateTime,'{0}')>{1} and LogType='{2}';", System.DateTime.Now, logsetting.IPAccessControlTime, logsetting.LogType));
strSql.Append(string.Format("delete from IpAccessControl where Islocked=0 and datediff(minute,FistDateTime,'{0}')>{1} and LogType='{2}' and AccessCount<6", System.DateTime.Now, 60, logsetting.LogType));
return(SqlHelper.ExecuteNonQuery(conn, CommandType.Text, strSql.ToString(), null));
}
public Model.Security.IpAccessControlSettingModel GetModelByLogtype(string logtype)
{
string sql = "select top 1 * from IpAccessControlSetting where logtype ='" + logtype + "'";
Model.Security.IpAccessControlSettingModel model = new Model.Security.IpAccessControlSettingModel();
SqlDataReader dr = SqlHelper.ExecuteReader(conn, CommandType.Text, sql.ToString());
if (dr.Read())
{
BindDataReader(model, dr);
}
dr.Close();
return(model);
}
public List <Model.Security.IpAccessControlSettingModel> GetModelList()
{
List <Model.Security.IpAccessControlSettingModel> result = new List <Model.Security.IpAccessControlSettingModel>();
string sql = "select * from IpAccessControlSetting where 1=1";
Model.Security.IpAccessControlSettingModel model;
SqlDataReader dr = SqlHelper.ExecuteReader(conn, CommandType.Text, sql.ToString());
while (dr.Read())
{
model = new Model.Security.IpAccessControlSettingModel();
BindDataReader(model, dr);
result.Add(model);
}
dr.Close();
return(result);
}
public int Add(Model.Security.IpAccessControlSettingModel model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("insert into [IpAccessControlSetting]");
strSql.Append("(LogType,IPAccessEnable,IPAccessMaxCount,IPAccessControlTime,IPAccessControlLockTime)");
strSql.Append(" values (@LogType,@IPAccessEnable,@IPAccessMaxCount,@IPAccessControlTime,@IPAccessControlLockTime)");
strSql.Append(";select SCOPE_IDENTITY()");
SqlParameter[] parameters =
{
new SqlParameter("@LogType", DbTool.FixSqlParameter(model.LogType))
, new SqlParameter("@IPAccessEnable", DbTool.FixSqlParameter(model.IPAccessEnable))
, new SqlParameter("@IPAccessMaxCount", DbTool.FixSqlParameter(model.IPAccessMaxCount))
, new SqlParameter("@IPAccessControlTime", DbTool.FixSqlParameter(model.IPAccessControlTime))
, new SqlParameter("@IPAccessControlLockTime", DbTool.FixSqlParameter(model.IPAccessControlLockTime))
};
return(DbTool.ConvertObject <int>(SqlHelper.ExecuteScalar(conn, CommandType.Text, strSql.ToString(), parameters), 0));
}
public int Update(Model.Security.IpAccessControlSettingModel model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("update IpAccessControlSetting set ");
strSql.Append("LogType=@LogType,IPAccessEnable=@IPAccessEnable,IPAccessMaxCount=@IPAccessMaxCount,IPAccessControlTime=@IPAccessControlTime,IPAccessControlLockTime=@IPAccessControlLockTime ");
strSql.Append(" where Id=@Id ");
SqlParameter[] parameters =
{
new SqlParameter("@LogType", DbTool.FixSqlParameter(model.LogType))
, new SqlParameter("@IPAccessEnable", DbTool.FixSqlParameter(model.IPAccessEnable))
, new SqlParameter("@IPAccessMaxCount", DbTool.FixSqlParameter(model.IPAccessMaxCount))
, new SqlParameter("@IPAccessControlTime", DbTool.FixSqlParameter(model.IPAccessControlTime))
, new SqlParameter("@IPAccessControlLockTime", DbTool.FixSqlParameter(model.IPAccessControlLockTime))
, new SqlParameter("@Id", model.Id)
};
return(SqlHelper.ExecuteNonQuery(conn, CommandType.Text, strSql.ToString(), parameters));
}
/// <summary>
/// 检查当前访问IP是否可用
/// </summary>
/// <param name="logAccess">是否记录当前访问</param>
/// <param name="logtype">控制类型</param>
/// <returns></returns>
public static bool CheckIpIsOK(bool logAccess, Model.Security.IpAccessControlSettingModel logsetting, string IP, string LockValue, string LockReason, string SourceURL = "")
{
bool _result = true;
//var logsetting = new IpAccessControlSettingDal().GetModelByLogtype(logtype);
//考虑性能这里的参数固定写死
// Model.Security.IpAccessControlSettingModel logsetting = new Model.Security.IpAccessControlSettingModel();
if (logsetting == null)
{
return(_result);
}
if (logsetting.IPAccessEnable)
{
IpAccessControlDal dal = new IpAccessControlDal();
#region Clear LockedIp
dal.ClearLockedIp(logsetting);
#endregion
#region Process
string ip = IP;
var model = dal.GetModelByAddressId(ip, logsetting.LogType);
if (model.Id > 0)
{
if (model.Islocked)
{
_result = false;
}
else
{
_result = true;
#region logAccess
if (logAccess)
{
model.AccessCount += 1;
if (model.AccessCount >= logsetting.IPAccessMaxCount)
{
_result = false;
#region LockIP
model.Islocked = true;
model.UpdateDate = DateTime.Now;
dal.Update(model);
#endregion
}
else
{
model.UpdateDate = DateTime.Now;
dal.Update(model);
}
#region add lock log
new IpAccessControlLogDal().Add(new Model.Security.IpAccessControlLogModel()
{
IpAddress = ip,
LockedDate = System.DateTime.Now,
LogType = logsetting.LogType,
CreateOn = DateTime.Now,
LockReason = LockReason,
LockValue = LockValue,
SourceURL = SourceURL,
});
#endregion
}
#endregion
}
}
else
{
_result = true;
if (logAccess)
{
#region Log IP
model.FistDateTime = DateTime.Now;
model.AccessCount += 1;
model.IpAddress = ip;
model.LogType = logsetting.LogType;
model.Islocked = false;
dal.Add(model);
#endregion
}
}
#endregion
}
return(_result);
}
