Ejemplo n.º 1
0
        /// <summary>
        /// 增加一条数据
        /// </summary>
        public void Add(thesis.model.User model)
        {
            model.ID = GetMaxID() + 1;
            StringBuilder strSql = new StringBuilder();

            strSql.Append("insert into SPECIES12(");
            strSql.Append("ID,NAME,MM,ZX,JIBIE,REPHOME,EMAIL,HP,TEL,FLAG,HOLD1,HOLD2,COMPANYID,DEPARTMENTID,OFFICEID");
            strSql.Append(")");
            strSql.Append(" values (");
            strSql.Append("" + model.ID + ",");
            strSql.Append("'" + model.NAME + "',");
            strSql.Append("'" + model.MM + "',");
            strSql.Append("" + model.ZX + ",");
            strSql.Append("" + model.JIBIE + ",");
            strSql.Append("'" + model.REPHOME + "',");
            strSql.Append("'" + model.EMAIL + "',");
            strSql.Append("'" + model.HP + "',");
            strSql.Append("'" + model.TEL + "',");
            strSql.Append("" + model.FLAG + ",");
            strSql.Append("'" + model.HOLD1 + "',");
            strSql.Append("'" + model.HOLD2 + "',");
            strSql.Append("" + model.COMPANYID + ",");
            strSql.Append("" + model.DEPARTMENTID + ",");
            strSql.Append("" + model.OFFICEID + "");
            strSql.Append(")");
            DbHelperSQL.ExecuteSql(strSql.ToString());
        }
Ejemplo n.º 2
0
        /// <summary>
        /// 获得数据列表
        /// </summary>
        private List <User> GetList(string strWhere)
        {
            StringBuilder strSql = new StringBuilder();

            strSql.Append("select ID,NAME,MM,ZX,JIBIE,REPHOME,EMAIL,HP,TEL,FLAG,HOLD1,HOLD2 ,COMPANYID,DEPARTMENTID,OFFICEID ");
            strSql.Append(" FROM SPECIES12 ");
            if (strWhere.Trim() != "")
            {
                strSql.Append(" where " + strWhere);
            }
            DataSet     ds   = DbHelperSQL.Query(strSql.ToString());
            List <User> list = new List <User>();

            for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
            {
                thesis.model.User model = new thesis.model.User();
                if (ds.Tables[0].Rows[i]["ID"].ToString() != "")
                {
                    model.ID = int.Parse(ds.Tables[0].Rows[i]["ID"].ToString());
                }
                model.NAME = ds.Tables[0].Rows[i]["NAME"].ToString();
                model.MM   = ds.Tables[0].Rows[i]["MM"].ToString();
                if (ds.Tables[0].Rows[i]["ZX"].ToString() != "")
                {
                    model.ZX = int.Parse(ds.Tables[0].Rows[i]["ZX"].ToString());
                }
                if (ds.Tables[0].Rows[i]["JIBIE"].ToString() != "")
                {
                    model.JIBIE = int.Parse(ds.Tables[0].Rows[i]["JIBIE"].ToString());
                }
                model.REPHOME = ds.Tables[0].Rows[i]["REPHOME"].ToString();
                model.EMAIL   = ds.Tables[0].Rows[i]["EMAIL"].ToString();
                model.HP      = ds.Tables[0].Rows[i]["HP"].ToString();
                model.TEL     = ds.Tables[0].Rows[i]["TEL"].ToString();
                if (ds.Tables[0].Rows[i]["FLAG"].ToString() != "")
                {
                    model.FLAG = int.Parse(ds.Tables[0].Rows[i]["FLAG"].ToString());
                }
                model.HOLD1 = ds.Tables[0].Rows[i]["HOLD1"].ToString();
                model.HOLD2 = ds.Tables[0].Rows[i]["HOLD2"].ToString();
                if (!ds.Tables[0].Rows[i]["COMPANYID"].ToString().Equals(""))
                {
                    model.COMPANYID = int.Parse(ds.Tables[0].Rows[i]["COMPANYID"].ToString());
                }

                if (!ds.Tables[0].Rows[i]["DEPARTMENTID"].ToString().Equals(""))
                {
                    model.DEPARTMENTID = int.Parse(ds.Tables[0].Rows[i]["DEPARTMENTID"].ToString());
                }

                if (!ds.Tables[0].Rows[i]["OFFICEID"].ToString().Equals(""))
                {
                    model.OFFICEID = int.Parse(ds.Tables[0].Rows[i]["OFFICEID"].ToString());
                }
                list.Add(model);
            }
            return(list);
        }
Ejemplo n.º 3
0
        /// <summary>
        /// 更新一条数据
        /// </summary>
        public void Update(thesis.model.User model)
        {
            StringBuilder strSql = new StringBuilder();

            strSql.Append("update SPECIES12 set ");
            strSql.Append("NAME='" + model.NAME + "',");
            strSql.Append("MM='" + model.MM + "',");
            strSql.Append("ZX=" + model.ZX + ",");
            strSql.Append("JIBIE=" + model.JIBIE + ",");
            strSql.Append("REPHOME='" + model.REPHOME + "',");
            strSql.Append("EMAIL='" + model.EMAIL + "',");
            strSql.Append("HP='" + model.HP + "',");
            strSql.Append("TEL='" + model.TEL + "',");
            strSql.Append("FLAG=" + model.FLAG + ",");
            strSql.Append("HOLD1='" + model.HOLD1 + "',");
            strSql.Append("HOLD2='" + model.HOLD2 + "',");
            strSql.Append("COMPANYID=" + model.COMPANYID + ",");
            strSql.Append("DEPARTMENTID=" + model.DEPARTMENTID + ",");
            strSql.Append("OFFICEID=" + model.OFFICEID + "");
            strSql.Append(" where ID=" + model.ID + " ");
            DbHelperSQL.ExecuteSql(strSql.ToString());
        }
Ejemplo n.º 4
0
 /// <summary>
 /// 更新一条数据
 /// </summary>
 public void Update(thesis.model.User model)
 {
     dal.Update(model);
 }
Ejemplo n.º 5
0
 /// <summary>
 /// 增加一条数据
 /// </summary>
 public void Add(thesis.model.User model)
 {
     dal.Add(model);
 }
Ejemplo n.º 6
0
        protected void Button1_Click(object sender, EventArgs e)
        {
            if ("".Equals(tbUserName.Value.Trim()))
            {
                this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('用户名不能为空!');", true);
                return;
            }

            #region 查看当前用户是否已经被锁定(根据系统设定的最大密码错误次数和启用该功能的开关)
            string PassWordErrorRecord = StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["PassWordErrorRecord"].ToString()).ToUpper();
            if (PassWordErrorRecord.Equals("QIYONG") && !CheckErrorRecord())
            {
                this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('您今天的密码错误次数已经达到上限,系统拒绝您今天登陆!');", true);
                return;
            }
            #endregion

            FormsAuthentication.Initialize();
            UserBll           userBll = new UserBll();
            thesis.model.User spcUser = userBll.GetModel(tbUserName.Value.Trim().ToLower());
            if (spcUser != null && spcUser.MM.Equals(StringEncodeAndDecode.Encode(tbPassword.Value.Trim())))
            {
                //写入日志
                OperationLogBll olBll = new OperationLogBll();
                OperationLog    oLog  = new OperationLog();
                oLog.SPECIES12_ID = spcUser.ID;
                string ipaddress = ClientIPAddress.getIPAddress();
                oLog.RQSJ = DateTime.Now;
                oLog.NR   = spcUser.NAME + "成功登录本系统【" + ipaddress + "】!";
                oLog.ENR  = spcUser.NAME + "load successfully[" + ipaddress + "]!";
                olBll.Add(oLog);

                //修改用户的登录信息,添加用户登陆日志

                /*修改用户的最新登陆日期和访问量*/
                string logindate = System.DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
                spcUser.HOLD1 = logindate;
                spcUser.HOLD2 = spcUser.HOLD2.Trim().Equals("") ? "1" : (int.Parse(spcUser.HOLD2) + 1).ToString();

                userBll.Update(spcUser);

                /*写入登陆日志*/

                LoginRecordBLL loginbll = new LoginRecordBLL();
                LoginRecord    record   = new LoginRecord();
                record.USERID    = spcUser.ID;
                record.IPADDRESS = ipaddress;
                record.LOGINDATE = logindate;
                record.BY2       = "";
                record.BY1       = "";

                loginbll.Add(record);


                // 为了实现认证,创建一个新的票据
                FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                    1,                                    // 票据版本号
                    tbUserName.Value.Trim(),              // 票据持有者
                    DateTime.Now,                         //分配票据的时间
                    DateTime.Now.AddMinutes(30),          // 失效时间
                    true,                                 // 需要用户的 cookie
                    "spcuser",                            // 用户数据,可以作为用户的角色
                    FormsAuthentication.FormsCookiePath); //cookie有效路径
                //使用机器码machine key加密cookie,为了安全传送
                string     hash   = FormsAuthentication.Encrypt(ticket);
                HttpCookie cookie = new HttpCookie(
                    FormsAuthentication.FormsCookieName, // 认证cookie的名称
                    hash);                               //加密之后的cookie

                //将cookie的失效时间设置为和票据tikets的失效时间一致
                if (ticket.IsPersistent)
                {
                    cookie.Expires = ticket.Expiration;
                }

                //添加cookie到页面请求响应中
                Response.Cookies.Add(cookie);

                // 将用户转向到之前请求的页面,
                // 如果之前没有请求任何页面,就转向到首页
                string returnUrl = Request.QueryString["ReturnUrl"];
                if (returnUrl == null)
                {
                    returnUrl = "Default.aspx";
                }

                // 不要调用 FormsAuthentication.RedirectFromLoginPage 方法,
                // 因为它会把刚才添加的票据(cookie)替换掉
                #region 清除密码错误记录
                if (PassWordErrorRecord.Equals("QIYONG"))
                {
                    string del = "delete from ERRORPASSWORDRECORD where username='******' and ERRORDATE='" + System.DateTime.Now.ToString("yyyy-MM-dd") + "'";
                    DbHelperSQL.ExecuteSql(del);
                }
                #endregion

                #region 清除超时用户,同时清除自己以前的登录记录(目的是防止因为Session过期而导致的重新登陆拒绝问题)
                string LimitOnline = StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["LimitOnline"]);
                if (!LimitOnline.ToUpper().Equals("XJTUCIMSSPC"))
                {
                    if (DelTimeOut(this.tbUserName.Value.ToString()))
                    {
                        WriteActiveUser(this.tbUserName.Value.ToString());
                        Session["userwrx"] = spcUser;

                        Session["UserName2"] = tbUserName.Value.ToString();
                        Session["UserID"]    = spcUser.ID;
                        Response.Redirect(returnUrl);
                    }
                    else
                    {
                        this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('当前用户已经登录,不能重复登录!');", true);
                    }
                }
                else
                {
                    Session["userwrx"] = spcUser;

                    Session["UserName2"] = tbUserName.Value.ToString();
                    Session["UserID"]    = spcUser.ID;
                    Response.Redirect(returnUrl);
                }

                #endregion
            }
            else
            {
                if (PassWordErrorRecord.Equals("QIYONG"))
                {
                    string  sql_sel      = "select * from ERRORPASSWORDRECORD where username='******' and ERRORDATE='" + System.DateTime.Now.ToString("yyyy-MM-dd") + "'";
                    DataSet ds           = DbHelperSQL.Query(sql_sel);
                    int     max_error    = 5;
                    int     remain_error = 4;

                    if (!StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["ErrorRecordNum"].ToString()).Equals(""))
                    {
                        max_error = int.Parse(StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["ErrorRecordNum"].ToString()));
                    }
                    if (ds.Tables[0].Rows.Count == 0)//还没有错误过
                    {
                        string sql_ins = "insert into ERRORPASSWORDRECORD(username,IPADDRESS,ERRORNUM,ERRORDATE)values('" + this.tbUserName.Value + "','" + ClientIPAddress.getIPAddress() + "',1,'" + System.DateTime.Now.ToString("yyyy-MM-dd") + "')";
                        DbHelperSQL.ExecuteSql(sql_ins);
                    }
                    else
                    {
                        string sql_update = "update ERRORPASSWORDRECORD set ERRORNUM=ERRORNUM+1 where username='******' and ERRORDATE='" + System.DateTime.Now.ToString("yyyy-MM-dd") + "'";
                        DbHelperSQL.ExecuteSql(sql_update);
                        remain_error = max_error - int.Parse(ds.Tables[0].Rows[0]["ERRORNUM"].ToString()) - 1;
                    }
                    this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('错误的用户名/密码,您还有【" + remain_error + "】次尝试机会!');", true);
                }
                else
                {
                    this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('错误的用户名/密码!');", true);
                }
            }
        }
Ejemplo n.º 7
0
        /// <summary>
        /// 得到一个对象实体
        /// </summary>
        private thesis.model.User GetModelByCondition(string strWhere)
        {
            StringBuilder strSql = new StringBuilder();

            strSql.Append("select   ");
            strSql.Append(" ID,NAME,MM,ZX,JIBIE,REPHOME,EMAIL,HP,TEL,FLAG,HOLD1,HOLD2,COMPANYID,DEPARTMENTID,OFFICEID ");
            strSql.Append(" from SPECIES12 ");
            if (strWhere.Trim() != "")
            {
                strSql.Append(" where " + strWhere);
            }
            thesis.model.User model = new thesis.model.User();
            DataSet           ds    = DbHelperSQL.Query(strSql.ToString());

            if (ds.Tables[0].Rows.Count > 0)
            {
                if (ds.Tables[0].Rows[0]["ID"].ToString() != "")
                {
                    model.ID = int.Parse(ds.Tables[0].Rows[0]["ID"].ToString());
                }
                model.NAME = ds.Tables[0].Rows[0]["NAME"].ToString();
                model.MM   = ds.Tables[0].Rows[0]["MM"].ToString();
                if (ds.Tables[0].Rows[0]["ZX"].ToString() != "")
                {
                    model.ZX = int.Parse(ds.Tables[0].Rows[0]["ZX"].ToString());
                }
                if (ds.Tables[0].Rows[0]["JIBIE"].ToString() != "")
                {
                    model.JIBIE = int.Parse(ds.Tables[0].Rows[0]["JIBIE"].ToString());
                }
                model.REPHOME = ds.Tables[0].Rows[0]["REPHOME"].ToString();
                model.EMAIL   = ds.Tables[0].Rows[0]["EMAIL"].ToString();
                model.HP      = ds.Tables[0].Rows[0]["HP"].ToString();
                model.TEL     = ds.Tables[0].Rows[0]["TEL"].ToString();
                if (ds.Tables[0].Rows[0]["FLAG"].ToString() != "")
                {
                    model.FLAG = int.Parse(ds.Tables[0].Rows[0]["FLAG"].ToString());
                }
                model.HOLD1 = ds.Tables[0].Rows[0]["HOLD1"].ToString();
                model.HOLD2 = ds.Tables[0].Rows[0]["HOLD2"].ToString();
                if (!ds.Tables[0].Rows[0]["COMPANYID"].ToString().Equals(""))
                {
                    model.COMPANYID = int.Parse(ds.Tables[0].Rows[0]["COMPANYID"].ToString());
                }

                if (!ds.Tables[0].Rows[0]["DEPARTMENTID"].ToString().Equals(""))
                {
                    model.DEPARTMENTID = int.Parse(ds.Tables[0].Rows[0]["DEPARTMENTID"].ToString());
                }

                if (!ds.Tables[0].Rows[0]["OFFICEID"].ToString().Equals(""))
                {
                    model.OFFICEID = int.Parse(ds.Tables[0].Rows[0]["OFFICEID"].ToString());
                }
                return(model);
            }
            else
            {
                return(null);
            }
        }