public ActionResult Login(string userName, string password, string verifyCode) { try { if (userName.IsNullOrEmpty() || password.IsNullOrEmpty() || verifyCode.IsNullOrEmpty()) { return(Error("请求失败,缺少必要参数。")); } if (verifyCode.ToLower() != WebHelper.GetSession(Keys.SESSION_KEY_VCODE)) { return(Warning("验证码错误,请重新输入。")); } var userEntity = userlogic.GetByUserName(userName); if (userEntity == null) { return(Warning("该账户不存在,请重新输入。")); } if (userEntity.IsEnabled != "1") { return(Warning("该账户已被禁用,请联系管理员。")); } var userLogOnEntity = userLogOnLogic.GetByAccount(userEntity.Id); string inputPassword = password.DESEncrypt(userLogOnEntity.SecretKey).MD5Encrypt(); if (inputPassword != userLogOnEntity.Password) { //LogHelper.Write(Level.Info, "系统登录", "密码错误", userEntity.Account, userEntity.RealName); logLogic.Write(Level.Info, "系统登录", "密码错误", "", userEntity.Account, userEntity.RealName); return(Warning("密码错误,请重新输入。")); } else { Operator operatorModel = new Operator(); operatorModel.UserId = userEntity.Id; operatorModel.Account = userEntity.Account; operatorModel.RealName = userEntity.RealName; operatorModel.Avatar = userEntity.Avatar; operatorModel.CompanyId = userEntity.CompanyId; //operatorModel.DepartmentId = userEntity.DepartmentId; operatorModel.LoginTime = DateTime.Now; operatorModel.Token = Guid.NewGuid().ToString().Replace("-", "").DESEncrypt(); operatorModel.ShopID = userEntity.ShopID; OperatorProvider.Instance.Current = operatorModel; userLogOnLogic.UpdateLogin(userLogOnEntity); logLogic.Write(Level.Info, "系统登录", "登录成功", "", userEntity.Account, userEntity.RealName); return(Success()); } } catch (Exception ex) { LogHelper.WriteLog(ex.Message + "---" + ex.StackTrace); return(Error()); } }
/// <summary> /// 执行SQL语句,返回只读数据集 /// </summary> /// <param name="connection">数据库连接</param> /// <param name="transaction">事务</param> /// <param name="commandType">命令类型(存储过程,命令文本, 其它.)</param> /// <param name="commandText">SQL语句或存储过程名称</param> /// <param name="parms">查询参数</param> /// <returns>返回只读数据集</returns> private static MySqlDataReader ExecuteDataReader(MySqlConnection connection, MySqlTransaction transaction, CommandType commandType, string commandText, params MySqlParameter[] parms) { #region 开始时间 Stopwatch stopwatch = Stopwatch.StartNew(); #endregion 开始时间 MySqlCommand command = new MySqlCommand(); PrepareCommand(command, connection, transaction, commandType, commandText, parms); MySqlDataReader dr = null; try { dr = command.ExecuteReader(CommandBehavior.CloseConnection); } catch (Exception ex) { string strLog = "/*" + DateTime.Now.ToString("HH:mm:ss.fff") + "\t" + ex.Message.Replace("\r\n", String.Empty) + "*/ " + MySqlParameterCache.FormatSQLScript(String.Empty, commandType, commandText, parms).Replace("\r\n", String.Empty); LogLogic.Write(strLog, ERROR_WRITE_LOG_PATH, ERROR_WRITE_LOG_EXTENSION); } #region 结束时间 stopwatch.Stop(); #endregion 结束时间 #region 输出SQLScript if (MYSQL_SCRIPT_WRITE_LOG) { string strTestSQL = MySqlParameterCache.FormatSQLScript(String.Empty, commandType, commandText, parms); SQLScriptWriteLog(stopwatch.ElapsedMilliseconds, strTestSQL.Replace("\r\n", String.Empty)); } #endregion 输出SQLScript return(dr); }
/// <summary> /// 输出SQL脚本到Log /// </summary> /// <param name="dateTimeBegin">开始时间</param> /// <param name="dateTimeEnd">结束时间</param> /// <param name="strSQLScript">输出SQL脚本</param> public static void SQLScriptWriteLog(long longMilliseconds, string strSQLScript) { try { string strUrl = ClientModel.GetUrl(); string strUserHostAddress = ClientModel.GetIPAdderss(); string strLog = "/*" + longMilliseconds.ToString().PadLeft(8, ' ') + "ms " + DateTime.Now.ToString("HH:mm:ss.fff") + " " + strUserHostAddress.PadLeft(15, ' ') + "*/ " + strSQLScript + " /*" + strUrl + "*/"; LogLogic.Write(strLog, MYSQL_SCRIPT_WRITE_LOG_PATH, MYSQL_SCRIPT_WRITE_LOG_EXTENSION); } catch { } }
/// <summary> /// 执行SQL语句,返回结果集 /// </summary> /// <param name="connection">数据库连接</param> /// <param name="transaction">事务</param> /// <param name="commandType">命令类型(存储过程,命令文本, 其它.)</param> /// <param name="commandText">SQL语句或存储过程名称</param> /// <param name="parms">查询参数</param> /// <returns>返回结果集</returns> private static DataSet ExecuteDataSet(MySqlConnection connection, MySqlTransaction transaction, CommandType commandType, string commandText, params MySqlParameter[] parms) { #region 开始时间 Stopwatch stopwatch = Stopwatch.StartNew(); #endregion 开始时间 MySqlCommand command = new MySqlCommand(); PrepareCommand(command, connection, transaction, commandType, commandText, parms); MySqlDataAdapter adapter = new MySqlDataAdapter(command); DataSet ds = new DataSet(); try { adapter.Fill(ds); } catch (Exception ex) { string strLog = "/*" + DateTime.Now.ToString("HH:mm:ss.fff") + "\t" + ex.Message.Replace("\r\n", String.Empty) + "*/ " + MySqlParameterCache.FormatSQLScript(String.Empty, commandType, commandText, parms).Replace("\r\n", String.Empty); LogLogic.Write(strLog, ERROR_WRITE_LOG_PATH, ERROR_WRITE_LOG_EXTENSION); } if (commandText.IndexOf("@") > 0) { string strCommandText = commandText.ToLower(); int index = strCommandText.IndexOf("where "); if (index < 0) { index = strCommandText.IndexOf("\nwhere"); } if (index > 0) { ds.ExtendedProperties.Add("SQL", strCommandText.Substring(0, index - 1)); //将获取的语句保存在表的一个附属数组里,方便更新时生成CommandBuilder } else { ds.ExtendedProperties.Add("SQL", strCommandText); //将获取的语句保存在表的一个附属数组里,方便更新时生成CommandBuilder } } else { ds.ExtendedProperties.Add("SQL", commandText); //将获取的语句保存在表的一个附属数组里,方便更新时生成CommandBuilder } foreach (DataTable dt in ds.Tables) { dt.ExtendedProperties.Add("SQL", ds.ExtendedProperties["SQL"]); } command.Parameters.Clear(); #region 结束时间 stopwatch.Stop(); #endregion 结束时间 #region 输出SQLScript if (MYSQL_SCRIPT_WRITE_LOG) { string strTestSQL = MySqlParameterCache.FormatSQLScript(String.Empty, commandType, commandText, parms); SQLScriptWriteLog(stopwatch.ElapsedMilliseconds, strTestSQL.Replace("\r\n", String.Empty)); } #endregion 输出SQLScript return(ds); }