public static void CheckLogin() { if (SessionS.GetSessionValue("LoginUser") == null) { HttpContext.Current.Response.Redirect("~/Login.aspx"); } }
public static UserVM GetLoginUser() { UserVM user = SessionS.GetSessionValue("LoginUser") as UserVM; if (user == null) { HttpContext.Current.Response.Redirect("~/Login.aspx"); } return(user); }
/// <summary> /// 驗證是否登錄,如會話過期會跳轉到登錄頁面 /// </summary> public static void CheckLogin() { if (SessionS.GetSessionValue("LoginUser") == null) { HttpContext.Current.Response.Redirect("~/Login.aspx"); //不要用Server導向,因為怕對方猜到未導向的網址 //HttpContext.Current.Server.Transfer("~/Login.aspx"); } }
protected void Page_Load(object sender, EventArgs e) { AllowHttpMethod("GET", "POST"); NameValueCollection NVC = Request.QueryString; if (NVC != null && NVC.Count > 0) { //throw new HttpException(404, "Not found"); Response.Redirect("/"); } if (WebConfigurationManager.AppSettings["SystemPowerCateID"] != null) { SystemPowerCateID = Convert.ToInt32(WebConfigurationManager.AppSettings["SystemPowerCateID"]); } if (this.IsPostBack == true) { UserVM user = SessionS.GetSessionValue("LoginUser") as UserVM; if (user != null) { int Chk = 0; using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xUpdateLogoutDate", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@UserID", user.ID); cmd.Parameters.AddWithValue("@LoginDate", user.LoginDate); cmd.Parameters.AddWithValue("@SystemPowerCateID", SystemPowerCateID); SqlParameter sp = cmd.Parameters.AddWithValue("@Chk", Chk); sp.Direction = ParameterDirection.Output; sc.Open(); cmd.ExecuteNonQuery(); Chk = (int)sp.Value; } } Session.Clear(); } } }
public ActionResult AddSessionS(SessionS session) { //查询电影时长 var str = HttpClientHelper.SendRequest("api/Lmq/ShowMovie", "get"); var list = JsonConvert.DeserializeObject <List <Movie> >(str); var mid = list.Where(l => l.MId == session.MovieId).FirstOrDefault().M_Time;//电影时长 session.S_EndTime = session.S_BeginTime.AddMinutes(mid); string str1 = JsonConvert.SerializeObject(session); string i = HttpClientHelper.SendRequest("api/Lmq/AddSessionS", "post", str1); if (i == "1") { return(Content("<script>alert('添加成功');location.href='/LmqMVC/AddSessionS';</script>")); } else { return(Content("<script>alert('添加失败');location.href='/LmqMVC/AddSessionS';</script>")); } }
protected void btnLogin_Click(object sender, EventArgs e) { string txtUser = tbUser.Text.Trim(); string txtPassword = tbPassword.Text.Trim(); string txtCode = tbCode.Text.ToLower().Trim(); int UserCount = 0; DataTable dt = new DataTable(); //if (SessionS.GetSessionValue("CheckCode") == null || SessionS.GetSessionValue("CheckCode").ToString().Equals(txtCode) == false) //{ // Panel1.Visible = true; // lblError.Text = "驗證碼錯誤"; // return; //} EncryptT enc = new EncryptT(); using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xCheckLogin", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); cmd.Parameters.AddWithValue("@LoginPassword", enc.ToSHA256(txtPassword)); cmd.Parameters.AddWithValue("@FunctionIndex", 1); SqlParameter sp = cmd.Parameters.AddWithValue("@UserCount", UserCount); sp.Direction = ParameterDirection.Output; sc.Open(); cmd.ExecuteNonQuery(); UserCount = (int)sp.Value; } } if (UserCount > 0) { using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xGetUserByLoginName", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); using (SqlDataAdapter da = new SqlDataAdapter(cmd)) { sc.Open(); da.Fill(dt); } } } UserVM user = new UserVM(); EntityS.FillModel <UserVM>(user, dt); user.LoginDate = DateTime.Now; HttpContext.Current.Session["LoginUser"] = user; string tempUrl = SessionS.GetSessionValue("tempUrl") as string; if (tempUrl != null) { SessionS.RemoveSession("tempUrl"); Response.Redirect(tempUrl); } else { Response.Redirect("~/Home.aspx"); } } else { Panel1.Visible = true; lblError.Text = "帳號密碼錯誤"; } }
public static void SetLoginUser(UserVM user) { SessionS.AddSession("LoginUser", user); }
protected void btnLogin_Click(object sender, EventArgs e) { string script = ""; string txtUser = tbUser.Text.Trim(); string txtPassword = tbPassword.Text.Trim(); string txtCode = tbCode.Text.ToLower().Trim(); int UserCount = 0; DataTable dt = new DataTable(); if (SessionS.GetSessionValue("CheckCode") == null || SessionS.GetSessionValue("CheckCode").ToString().Equals(txtCode) == false) { tbCode.Text = ""; script = "<script>alert('驗證碼錯誤');</script>"; Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); return; } EncryptT enc = new EncryptT(); using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xCheckLogin", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); cmd.Parameters.AddWithValue("@LoginPassword", enc.ToSHA256(txtPassword)); cmd.Parameters.AddWithValue("@FunctionIndex", Convert.ToInt32(WebConfigurationManager.AppSettings["SystemFunctionIndex"])); SqlParameter sp = cmd.Parameters.AddWithValue("@UserCount", UserCount); sp.Direction = ParameterDirection.Output; sc.Open(); cmd.ExecuteNonQuery(); UserCount = (int)sp.Value; } } if (UserCount > 0) { using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xGetUserByLoginName", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); using (SqlDataAdapter da = new SqlDataAdapter(cmd)) { sc.Open(); da.Fill(dt); } } } UserVM user = new UserVM(); EntityS.FillModel <UserVM>(user, dt); //user.LoginDate = DateTime.Now; var org = SystemOrg.GetVM(user.OrgID); var clientIP = IpAddressS.GetIP(); IpT ipt = new IpT(clientIP); NameValueCollection rRequest = Request.ServerVariables; bool yesOrNo = false; if (clientIP != null && org != null) { if (clientIP.Equals("::1") || clientIP.Equals("127.0.0.1") || string.IsNullOrEmpty(org.IpStart) || string.IsNullOrEmpty(org.IpEnd) || org.IpStart.Equals("0.0.0.0") && org.IpEnd.Equals("0.0.0.0")) { yesOrNo = true; } else { yesOrNo = ipt.CheckInNowWifi(string.Format("{0}-{1}", org.IpStart, org.IpEnd)); } } else if (user.OrgID == 1) { yesOrNo = true; } else if (org == null) { script = "<script>alert('無權限登入');</script>"; Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); return; } if (yesOrNo == false) { script = "<script>alert('非允許IP位置');</script>"; } else { int Chk = 0; using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xUpdateLoginDate", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@UserID", user.ID); cmd.Parameters.AddWithValue("@LoginIP", IpAddressS.GetIP()); cmd.Parameters.AddWithValue("@SystemPowerCateID", SystemPowerCateID); SqlParameter sp1 = cmd.Parameters.AddWithValue("@LoginDateOut", user.LoginDate); sp1.Direction = ParameterDirection.Output; SqlParameter sp2 = cmd.Parameters.AddWithValue("@Chk", Chk); sp2.Direction = ParameterDirection.Output; sc.Open(); cmd.ExecuteNonQuery(); user.LoginDate = (DateTime)sp1.Value; Chk = (int)sp2.Value; } } if (Chk > 0) { //Session.Abandon(); //Session.Clear(); HttpContext.Current.Session["LoginUser"] = user; string tempUrl = SessionS.GetSessionValue("tempUrl") as string; if (tempUrl != null) { SessionS.RemoveSession("tempUrl"); Response.Redirect(tempUrl); } else { Response.Redirect("~/Home.aspx"); } } else { script = "<script>alert('帳號密碼錯誤');</script>"; } } } else { script = "<script>alert('帳號密碼錯誤');</script>"; } Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); }