/// <summary>
/// 增加一条数据
/// </summary>
public void Add(thesis.model.User model)
{
model.ID = GetMaxID() + 1;
StringBuilder strSql = new StringBuilder();
strSql.Append("insert into SPECIES12(");
strSql.Append("ID,NAME,MM,ZX,JIBIE,REPHOME,EMAIL,HP,TEL,FLAG,HOLD1,HOLD2,COMPANYID,DEPARTMENTID,OFFICEID");
strSql.Append(")");
strSql.Append(" values (");
strSql.Append("" + model.ID + ",");
strSql.Append("'" + model.NAME + "',");
strSql.Append("'" + model.MM + "',");
strSql.Append("" + model.ZX + ",");
strSql.Append("" + model.JIBIE + ",");
strSql.Append("'" + model.REPHOME + "',");
strSql.Append("'" + model.EMAIL + "',");
strSql.Append("'" + model.HP + "',");
strSql.Append("'" + model.TEL + "',");
strSql.Append("" + model.FLAG + ",");
strSql.Append("'" + model.HOLD1 + "',");
strSql.Append("'" + model.HOLD2 + "',");
strSql.Append("" + model.COMPANYID + ",");
strSql.Append("" + model.DEPARTMENTID + ",");
strSql.Append("" + model.OFFICEID + "");
strSql.Append(")");
DbHelperSQL.ExecuteSql(strSql.ToString());
}
/// <summary>
/// 获得数据列表
/// </summary>
private List <User> GetList(string strWhere)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("select ID,NAME,MM,ZX,JIBIE,REPHOME,EMAIL,HP,TEL,FLAG,HOLD1,HOLD2 ,COMPANYID,DEPARTMENTID,OFFICEID ");
strSql.Append(" FROM SPECIES12 ");
if (strWhere.Trim() != "")
{
strSql.Append(" where " + strWhere);
}
DataSet ds = DbHelperSQL.Query(strSql.ToString());
List <User> list = new List <User>();
for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
{
thesis.model.User model = new thesis.model.User();
if (ds.Tables[0].Rows[i]["ID"].ToString() != "")
{
model.ID = int.Parse(ds.Tables[0].Rows[i]["ID"].ToString());
}
model.NAME = ds.Tables[0].Rows[i]["NAME"].ToString();
model.MM = ds.Tables[0].Rows[i]["MM"].ToString();
if (ds.Tables[0].Rows[i]["ZX"].ToString() != "")
{
model.ZX = int.Parse(ds.Tables[0].Rows[i]["ZX"].ToString());
}
if (ds.Tables[0].Rows[i]["JIBIE"].ToString() != "")
{
model.JIBIE = int.Parse(ds.Tables[0].Rows[i]["JIBIE"].ToString());
}
model.REPHOME = ds.Tables[0].Rows[i]["REPHOME"].ToString();
model.EMAIL = ds.Tables[0].Rows[i]["EMAIL"].ToString();
model.HP = ds.Tables[0].Rows[i]["HP"].ToString();
model.TEL = ds.Tables[0].Rows[i]["TEL"].ToString();
if (ds.Tables[0].Rows[i]["FLAG"].ToString() != "")
{
model.FLAG = int.Parse(ds.Tables[0].Rows[i]["FLAG"].ToString());
}
model.HOLD1 = ds.Tables[0].Rows[i]["HOLD1"].ToString();
model.HOLD2 = ds.Tables[0].Rows[i]["HOLD2"].ToString();
if (!ds.Tables[0].Rows[i]["COMPANYID"].ToString().Equals(""))
{
model.COMPANYID = int.Parse(ds.Tables[0].Rows[i]["COMPANYID"].ToString());
}
if (!ds.Tables[0].Rows[i]["DEPARTMENTID"].ToString().Equals(""))
{
model.DEPARTMENTID = int.Parse(ds.Tables[0].Rows[i]["DEPARTMENTID"].ToString());
}
if (!ds.Tables[0].Rows[i]["OFFICEID"].ToString().Equals(""))
{
model.OFFICEID = int.Parse(ds.Tables[0].Rows[i]["OFFICEID"].ToString());
}
list.Add(model);
}
return(list);
}
/// <summary>
/// 更新一条数据
/// </summary>
public void Update(thesis.model.User model)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("update SPECIES12 set ");
strSql.Append("NAME='" + model.NAME + "',");
strSql.Append("MM='" + model.MM + "',");
strSql.Append("ZX=" + model.ZX + ",");
strSql.Append("JIBIE=" + model.JIBIE + ",");
strSql.Append("REPHOME='" + model.REPHOME + "',");
strSql.Append("EMAIL='" + model.EMAIL + "',");
strSql.Append("HP='" + model.HP + "',");
strSql.Append("TEL='" + model.TEL + "',");
strSql.Append("FLAG=" + model.FLAG + ",");
strSql.Append("HOLD1='" + model.HOLD1 + "',");
strSql.Append("HOLD2='" + model.HOLD2 + "',");
strSql.Append("COMPANYID=" + model.COMPANYID + ",");
strSql.Append("DEPARTMENTID=" + model.DEPARTMENTID + ",");
strSql.Append("OFFICEID=" + model.OFFICEID + "");
strSql.Append(" where ID=" + model.ID + " ");
DbHelperSQL.ExecuteSql(strSql.ToString());
}
/// <summary>
/// 更新一条数据
/// </summary>
public void Update(thesis.model.User model)
{
dal.Update(model);
}
/// <summary>
/// 增加一条数据
/// </summary>
public void Add(thesis.model.User model)
{
dal.Add(model);
}
protected void Button1_Click(object sender, EventArgs e)
{
if ("".Equals(tbUserName.Value.Trim()))
{
this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('用户名不能为空!');", true);
return;
}
#region 查看当前用户是否已经被锁定(根据系统设定的最大密码错误次数和启用该功能的开关)
string PassWordErrorRecord = StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["PassWordErrorRecord"].ToString()).ToUpper();
if (PassWordErrorRecord.Equals("QIYONG") && !CheckErrorRecord())
{
this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('您今天的密码错误次数已经达到上限,系统拒绝您今天登陆!');", true);
return;
}
#endregion
FormsAuthentication.Initialize();
UserBll userBll = new UserBll();
thesis.model.User spcUser = userBll.GetModel(tbUserName.Value.Trim().ToLower());
if (spcUser != null && spcUser.MM.Equals(StringEncodeAndDecode.Encode(tbPassword.Value.Trim())))
{
//写入日志
OperationLogBll olBll = new OperationLogBll();
OperationLog oLog = new OperationLog();
oLog.SPECIES12_ID = spcUser.ID;
string ipaddress = ClientIPAddress.getIPAddress();
oLog.RQSJ = DateTime.Now;
oLog.NR = spcUser.NAME + "成功登录本系统【" + ipaddress + "】!";
oLog.ENR = spcUser.NAME + "load successfully[" + ipaddress + "]!";
olBll.Add(oLog);
//修改用户的登录信息,添加用户登陆日志
/*修改用户的最新登陆日期和访问量*/
string logindate = System.DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
spcUser.HOLD1 = logindate;
spcUser.HOLD2 = spcUser.HOLD2.Trim().Equals("") ? "1" : (int.Parse(spcUser.HOLD2) + 1).ToString();
userBll.Update(spcUser);
/*写入登陆日志*/
LoginRecordBLL loginbll = new LoginRecordBLL();
LoginRecord record = new LoginRecord();
record.USERID = spcUser.ID;
record.IPADDRESS = ipaddress;
record.LOGINDATE = logindate;
record.BY2 = "";
record.BY1 = "";
loginbll.Add(record);
// 为了实现认证,创建一个新的票据
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, // 票据版本号
tbUserName.Value.Trim(), // 票据持有者
DateTime.Now, //分配票据的时间
DateTime.Now.AddMinutes(30), // 失效时间
true, // 需要用户的 cookie
"spcuser", // 用户数据,可以作为用户的角色
FormsAuthentication.FormsCookiePath); //cookie有效路径
//使用机器码machine key加密cookie,为了安全传送
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(
FormsAuthentication.FormsCookieName, // 认证cookie的名称
hash); //加密之后的cookie
//将cookie的失效时间设置为和票据tikets的失效时间一致
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
//添加cookie到页面请求响应中
Response.Cookies.Add(cookie);
// 将用户转向到之前请求的页面,
// 如果之前没有请求任何页面,就转向到首页
string returnUrl = Request.QueryString["ReturnUrl"];
if (returnUrl == null)
{
returnUrl = "Default.aspx";
}
// 不要调用 FormsAuthentication.RedirectFromLoginPage 方法,
// 因为它会把刚才添加的票据(cookie)替换掉
#region 清除密码错误记录
if (PassWordErrorRecord.Equals("QIYONG"))
{
string del = "delete from ERRORPASSWORDRECORD where username='******' and ERRORDATE='" + System.DateTime.Now.ToString("yyyy-MM-dd") + "'";
DbHelperSQL.ExecuteSql(del);
}
#endregion
#region 清除超时用户,同时清除自己以前的登录记录(目的是防止因为Session过期而导致的重新登陆拒绝问题)
string LimitOnline = StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["LimitOnline"]);
if (!LimitOnline.ToUpper().Equals("XJTUCIMSSPC"))
{
if (DelTimeOut(this.tbUserName.Value.ToString()))
{
WriteActiveUser(this.tbUserName.Value.ToString());
Session["userwrx"] = spcUser;
Session["UserName2"] = tbUserName.Value.ToString();
Session["UserID"] = spcUser.ID;
Response.Redirect(returnUrl);
}
else
{
this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('当前用户已经登录,不能重复登录!');", true);
}
}
else
{
Session["userwrx"] = spcUser;
Session["UserName2"] = tbUserName.Value.ToString();
Session["UserID"] = spcUser.ID;
Response.Redirect(returnUrl);
}
#endregion
}
else
{
if (PassWordErrorRecord.Equals("QIYONG"))
{
string sql_sel = "select * from ERRORPASSWORDRECORD where username='******' and ERRORDATE='" + System.DateTime.Now.ToString("yyyy-MM-dd") + "'";
DataSet ds = DbHelperSQL.Query(sql_sel);
int max_error = 5;
int remain_error = 4;
if (!StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["ErrorRecordNum"].ToString()).Equals(""))
{
max_error = int.Parse(StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["ErrorRecordNum"].ToString()));
}
if (ds.Tables[0].Rows.Count == 0)//还没有错误过
{
string sql_ins = "insert into ERRORPASSWORDRECORD(username,IPADDRESS,ERRORNUM,ERRORDATE)values('" + this.tbUserName.Value + "','" + ClientIPAddress.getIPAddress() + "',1,'" + System.DateTime.Now.ToString("yyyy-MM-dd") + "')";
DbHelperSQL.ExecuteSql(sql_ins);
}
else
{
string sql_update = "update ERRORPASSWORDRECORD set ERRORNUM=ERRORNUM+1 where username='******' and ERRORDATE='" + System.DateTime.Now.ToString("yyyy-MM-dd") + "'";
DbHelperSQL.ExecuteSql(sql_update);
remain_error = max_error - int.Parse(ds.Tables[0].Rows[0]["ERRORNUM"].ToString()) - 1;
}
this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('错误的用户名/密码,您还有【" + remain_error + "】次尝试机会!');", true);
}
else
{
this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('错误的用户名/密码!');", true);
}
}
}
/// <summary>
/// 得到一个对象实体
/// </summary>
private thesis.model.User GetModelByCondition(string strWhere)
{
StringBuilder strSql = new StringBuilder();
strSql.Append("select ");
strSql.Append(" ID,NAME,MM,ZX,JIBIE,REPHOME,EMAIL,HP,TEL,FLAG,HOLD1,HOLD2,COMPANYID,DEPARTMENTID,OFFICEID ");
strSql.Append(" from SPECIES12 ");
if (strWhere.Trim() != "")
{
strSql.Append(" where " + strWhere);
}
thesis.model.User model = new thesis.model.User();
DataSet ds = DbHelperSQL.Query(strSql.ToString());
if (ds.Tables[0].Rows.Count > 0)
{
if (ds.Tables[0].Rows[0]["ID"].ToString() != "")
{
model.ID = int.Parse(ds.Tables[0].Rows[0]["ID"].ToString());
}
model.NAME = ds.Tables[0].Rows[0]["NAME"].ToString();
model.MM = ds.Tables[0].Rows[0]["MM"].ToString();
if (ds.Tables[0].Rows[0]["ZX"].ToString() != "")
{
model.ZX = int.Parse(ds.Tables[0].Rows[0]["ZX"].ToString());
}
if (ds.Tables[0].Rows[0]["JIBIE"].ToString() != "")
{
model.JIBIE = int.Parse(ds.Tables[0].Rows[0]["JIBIE"].ToString());
}
model.REPHOME = ds.Tables[0].Rows[0]["REPHOME"].ToString();
model.EMAIL = ds.Tables[0].Rows[0]["EMAIL"].ToString();
model.HP = ds.Tables[0].Rows[0]["HP"].ToString();
model.TEL = ds.Tables[0].Rows[0]["TEL"].ToString();
if (ds.Tables[0].Rows[0]["FLAG"].ToString() != "")
{
model.FLAG = int.Parse(ds.Tables[0].Rows[0]["FLAG"].ToString());
}
model.HOLD1 = ds.Tables[0].Rows[0]["HOLD1"].ToString();
model.HOLD2 = ds.Tables[0].Rows[0]["HOLD2"].ToString();
if (!ds.Tables[0].Rows[0]["COMPANYID"].ToString().Equals(""))
{
model.COMPANYID = int.Parse(ds.Tables[0].Rows[0]["COMPANYID"].ToString());
}
if (!ds.Tables[0].Rows[0]["DEPARTMENTID"].ToString().Equals(""))
{
model.DEPARTMENTID = int.Parse(ds.Tables[0].Rows[0]["DEPARTMENTID"].ToString());
}
if (!ds.Tables[0].Rows[0]["OFFICEID"].ToString().Equals(""))
{
model.OFFICEID = int.Parse(ds.Tables[0].Rows[0]["OFFICEID"].ToString());
}
return(model);
}
else
{
return(null);
}
}