public ActionResult Login(FormCollection collection) { string isVcodeSessionKey = MyCreek.Utility.Keys.SessionKeys.IsValidateCode.ToString(); string vcodeSessionKey = MyCreek.Utility.Keys.SessionKeys.ValidateCode.ToString(); ViewBag.Forcescript = ""; ViewBag.IsVcodeSessionKey = isVcodeSessionKey; ViewBag.ErrMsg = ""; string account = collection["Account"]; string password = collection["Password"]; string force = collection["Force"]; string vcode = collection["VCode"]; bool isSessionLost = "1" == Request.QueryString["session"];//是否是超时后再登录 if (System.Web.HttpContext.Current.Session[isVcodeSessionKey] != null && "1" == System.Web.HttpContext.Current.Session[isVcodeSessionKey].ToString() && (System.Web.HttpContext.Current.Session[vcodeSessionKey] == null || string.Compare(System.Web.HttpContext.Current.Session[vcodeSessionKey].ToString(), vcode.Trim(), true) != 0)) { ViewBag.ErrMsg = "alert('验证码错误!');"; } else if (account.IsNullOrEmpty() || password.IsNullOrEmpty()) { Session[isVcodeSessionKey] = "1"; MyCreek.Platform.Log.Add("用户登录失败", string.Concat("用户:", account, "登录失败,帐号或密码为空"), MyCreek.Platform.Log.Types.用户登录); ViewBag.ErrMsg = "alert('帐号或密码不能为空!');"; } else { MyCreek.Platform.Users busers = new MyCreek.Platform.Users(); var user = busers.GetByAccount(account.Trim()); if (user == null || string.Compare(user.Password, busers.GetUserEncryptionPassword(user.ID.ToString(), password.Trim()), false) != 0) { System.Web.HttpContext.Current.Session[isVcodeSessionKey] = "1"; MyCreek.Platform.Log.Add("用户登录失败", string.Concat("用户:", account, "登录失败,帐号或密码错误"), MyCreek.Platform.Log.Types.用户登录); ViewBag.ErrMsg = "alert('帐号或密码错误!');"; } else if (user.Status == 1) { System.Web.HttpContext.Current.Session[isVcodeSessionKey] = "1"; MyCreek.Platform.Log.Add("用户登录失败", string.Concat("用户:", account, "登录失败,帐号已被冻结"), MyCreek.Platform.Log.Types.用户登录); ViewBag.ErrMsg = "alert('帐号已被冻结!');"; } else { MyCreek.Platform.OnlineUsers bou = new MyCreek.Platform.OnlineUsers(); var onUser = bou.Get(user.ID); if (onUser != null && "1" != force) { string ip = onUser.IP; System.Web.HttpContext.Current.Session.Remove(isVcodeSessionKey); ViewBag.Forcescript = "if(confirm('当前帐号已经在" + ip + "登录,您要强行登录吗?')){$('#Account').val('" + account + "');$('#Password').val('" + password + "');$('#Force').val('1');$('#form1').submit();}"; } else { Guid uniqueID = Guid.NewGuid(); System.Web.HttpContext.Current.Session[MyCreek.Utility.Keys.SessionKeys.UserID.ToString()] = user.ID; System.Web.HttpContext.Current.Session[MyCreek.Utility.Keys.SessionKeys.UserUniqueID.ToString()] = uniqueID; System.Web.HttpContext.Current.Session[MyCreek.Utility.Keys.SessionKeys.BaseUrl.ToString()] = Url.Content("~/"); bou.Add(user, uniqueID); System.Web.HttpContext.Current.Session.Remove(isVcodeSessionKey); MyCreek.Platform.Log.Add("用户登录成功", string.Concat("用户:", user.Name, "(", user.ID, ")登录成功"), MyCreek.Platform.Log.Types.用户登录); if (isSessionLost) { ViewBag.Forcescript = "alert('登录成功!');new RoadUI.Window().close();"; } else { ViewBag.Forcescript = "top.location='" + Url.Content("~/Home") + "';"; } } } } return(View()); }
private void check() { string isVcodeSessionKey = MyCreek.Utility.Keys.SessionKeys.IsValidateCode.ToString(); string vcodeSessionKey = MyCreek.Utility.Keys.SessionKeys.ValidateCode.ToString(); string account = Request.Form["Account"]; string password = Request.Form["Password"]; string force = Request.Form["Force"]; string vcode = Request.Form["VCode"]; bool isSessionLost = "1" == Request.QueryString["session"];//是否是超时后再登录 if (Session[isVcodeSessionKey] != null && "1" == Session[isVcodeSessionKey].ToString() && (Session[vcodeSessionKey] == null || string.Compare(Session[vcodeSessionKey].ToString(), vcode.Trim(), true) != 0)) { Page.ClientScript.RegisterStartupScript(Page.GetType(), "error", "alert('验证码错误!');", true); } else if (account.IsNullOrEmpty() || password.IsNullOrEmpty()) { Session[isVcodeSessionKey] = "1"; MyCreek.Platform.Log.Add("用户登录失败", string.Concat("用户:", account, "登录失败,帐号或密码为空"), MyCreek.Platform.Log.Types.用户登录); Script = "alert('帐号或密码不能为空!');"; } else { MyCreek.Platform.Users busers = new MyCreek.Platform.Users(); var user = busers.GetByAccount(account.Trim()); if (user == null || string.Compare(user.Password, busers.GetUserEncryptionPassword(user.ID.ToString(), password.Trim()), false) != 0) { Session[isVcodeSessionKey] = "1"; MyCreek.Platform.Log.Add("用户登录失败", string.Concat("用户:", account, "登录失败,帐号或密码错误"), MyCreek.Platform.Log.Types.用户登录); Script = "alert('帐号或密码错误!');"; } else if (user.Status == 1) { Session[isVcodeSessionKey] = "1"; MyCreek.Platform.Log.Add("用户登录失败", string.Concat("用户:", account, "登录失败,帐号已被冻结"), MyCreek.Platform.Log.Types.用户登录); Script = "alert('帐号已被冻结!');"; } else { MyCreek.Platform.OnlineUsers bou = new MyCreek.Platform.OnlineUsers(); var onUser = bou.Get(user.ID); if (onUser != null && "1" != force) { string ip = onUser.IP; Session.Remove(isVcodeSessionKey); Script = "if(confirm('当前帐号已经在" + ip + "登录,您要强行登录吗?')){$('#Account').val('" + account + "');$('#Password').val('" + password + "');$('#Force').val('1');$('#form1').submit();}"; } else { Guid uniqueID = Guid.NewGuid(); Session[MyCreek.Utility.Keys.SessionKeys.UserID.ToString()] = user.ID; Session[MyCreek.Utility.Keys.SessionKeys.UserUniqueID.ToString()] = uniqueID; bou.Add(user, uniqueID); Session.Remove(isVcodeSessionKey); MyCreek.Platform.Log.Add("用户登录成功", string.Concat("用户:", user.Name, "(", user.ID, ")登录成功"), MyCreek.Platform.Log.Types.用户登录); if (isSessionLost) { Script = "alert('登录成功!');new RoadUI.Window().close();"; } else { Script = "top.location='" + Common.Tools.BaseUrl + "Default.aspx';"; } } } } }