Exemple #1
0
        public void ProcessRequest(HttpContext context)
        {
            context.Response.ContentType = "text/plain";
            context.Response.Charset = "utf-8";
            HttpRequest request = context.Request;

            if (request["Action"] == "login")
            {
                BLL.hr_employee emp = new BLL.hr_employee();

                string username = PageValidate.InputText(request["username"], 255);
                //string password = FormsAuthentication.HashPasswordForStoringInConfigFile(request["password"], "MD5");
                string password = PageValidate.InputText(request["password"], 255);
                string validate = PageValidate.InputText(request["validate"], 255);

                if (!string.IsNullOrEmpty(validate) && !string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
                {
                    if (validate == context.Session["CheckCode"].ToString() || validate.ToLower() == context.Session["CheckCode"].ToString().ToLower())
                    {
                        DataSet ds = emp.GetList(" uid='" + username + "' and pwd='" + password + "'");
                        if (ds.Tables[0].Rows.Count > 0)
                        {
                            if (ds.Tables[0].Rows[0]["canlogin"].ToString() == "1")
                            {
                                string userid = ds.Tables[0].Rows[0]["ID"].ToString();
                                context.Response.Cookies["UserID"].Value = userid;
                                //FormsAuthentication.RedirectFromLoginPage(userid, false);
                                FormsAuthentication.SetAuthCookie(userid, true);

                                //日志
                                BLL.Sys_log log = new BLL.Sys_log();
                                Model.Sys_log modellog = new Model.Sys_log();
                                modellog.EventType = "系统登录";

                                modellog.EventDate = DateTime.Now;
                                modellog.UserID = int.Parse(userid);
                                modellog.UserName = ds.Tables[0].Rows[0]["name"].ToString();
                                modellog.IPStreet = request.UserHostAddress;

                                log.Add(modellog);

                                //online
                                BLL.Sys_online sol = new BLL.Sys_online();
                                Model.Sys_online model = new Model.Sys_online();

                                model.UserName = ds.Tables[0].Rows[0]["name"].ToString();
                                model.UserID = int.Parse(ds.Tables[0].Rows[0]["id"].ToString());
                                model.LastLogTime = DateTime.Now;

                                DataSet ds1 = sol.GetList(" UserID=" + ds.Tables[0].Rows[0]["id"].ToString());

                                //添加当前用户信息
                                if (ds1.Tables[0].Rows.Count > 0)
                                {
                                    sol.Update(model, " UserID=" + ds.Tables[0].Rows[0]["id"].ToString());
                                }
                                else
                                {
                                    sol.Add(model);
                                }
                                //删除超时用户
                                sol.Delete(" LastLogTime<DATEADD(MI,-1,getdate())");

                                //验证完毕,允许登录
                                context.Response.Write("2");
                            }
                            else
                            {
                                context.Response.Write("4");//不允许登录
                            }
                        }
                        else
                        {
                            context.Response.Write("1");//用户名或密码错误
                        }
                    }
                    else
                    {
                        context.Response.Write("0");//验证码错误
                    }
                }
                else
                {
                    context.Response.Write("999");//系统数据错误
                }
            }
            if (request["Action"] == "logout")
            {
                HttpCookie oldcookie = request.Cookies["UserID"];
                context.Response.Cookies["UserID"].Value = "";
                FormsAuthentication.SignOut();
                context.Response.Write("true");

                //online
                BLL.Sys_online sol = new BLL.Sys_online();
                try
                {
                    if (!string.IsNullOrEmpty(oldcookie.Value))
                    {
                        sol.Delete(" UserID=" + oldcookie.Value);
                    }
                }
                catch
                {
                }
            }
            if (request["Action"] == "checkpwd")
            {
                BLL.hr_employee emp = new BLL.hr_employee();

                int emp_id = int.Parse(request.Cookies["UserID"].Value.ToString());
                string password = FormsAuthentication.HashPasswordForStoringInConfigFile(request["password"], "MD5");

                DataSet ds = emp.GetList(string.Format("ID={0} and pwd='{1}'", emp_id, password));

                if (ds.Tables[0].Rows.Count > 0)
                {
                    context.Response.Write("{sucess:sucess}");
                }
                else
                {
                    context.Response.Write("{sucess:false}");
                }
            }
        }
Exemple #2
0
        public void ProcessRequest(HttpContext context)
        {
            context.Response.ContentType = "text/plain";
            HttpRequest request = context.Request;

            BLL.Sys_Menu menu = new BLL.Sys_Menu();

            BLL.hr_employee emp     = new BLL.hr_employee();
            int             emp_id  = int.Parse(request.Cookies["UserID"].Value);
            DataSet         dsemp   = emp.GetList("id=" + int.Parse(request.Cookies["UserID"].Value));
            string          empname = dsemp.Tables[0].Rows[0]["name"].ToString();
            string          uid     = dsemp.Tables[0].Rows[0]["uid"].ToString();

            if (request["Action"] == "GetSysApp")
            {
                DataSet ds = null;

                int appid = int.Parse(request["appid"]);

                if (dsemp.Tables[0].Rows.Count > 0)
                {
                    if (dsemp.Tables[0].Rows[0]["uid"].ToString() == "admin")
                    {
                        ds = menu.GetList(0, "App_id=" + appid, "Menu_order");
                    }
                    else
                    {
                        Data.GetAuthorityByUid getauth = new Data.GetAuthorityByUid();
                        string menus = getauth.GetAuthority(request.Cookies["UserID"].Value, "Menus");
                        ds = menu.GetList(0, "App_id=" + appid + " and Menu_id in " + menus, "Menu_order");
                    }
                }

                string dt = "[" + GetTasksString(0, ds.Tables[0]) + "]";

                context.Response.Write(dt);
            }
            if (request["Action"] == "getUserTree")
            {
                BLL.Sys_online   sol   = new BLL.Sys_online();
                Model.Sys_online model = new Model.Sys_online();


                model.UserName    = emp.GetList("ID =" + int.Parse(request.Cookies["UserID"].Value)).Tables[0].Rows[0]["name"].ToString();
                model.UserID      = int.Parse(request.Cookies["UserID"].Value);
                model.LastLogTime = DateTime.Now;

                DataSet ds1 = sol.GetList(" UserID=" + request.Cookies["UserID"].Value);

                //添加当前用户信息
                if (ds1.Tables[0].Rows.Count > 0)
                {
                    sol.Update(model, " UserID=" + request.Cookies["UserID"].Value);
                }
                else
                {
                    sol.Add(model);
                }
                //}

                //删除超时用户
                sol.Delete(" LastLogTime<DATEADD(MI,-2,getdate())");

                //context.Response.Write(Common.GetGridJSON.DataTableToJSON(sol.GetAllList().Tables[0]));

                BLL.hr_department dep = new BLL.hr_department();
                BLL.hr_post       hp  = new BLL.hr_post();

                DataSet       ds  = dep.GetList(0, "", " convert(int,[d_order])");
                StringBuilder str = new StringBuilder();
                str.Append("[");
                for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
                {
                    str.Append("{id:" + ds.Tables[0].Rows[i]["id"].ToString() + ",pid:" + ds.Tables[0].Rows[i]["parentid"].ToString() + ",text:'" + ds.Tables[0].Rows[i]["d_name"] + "',d_icon:'" + ds.Tables[0].Rows[i]["d_icon"] + "'},");
                    DataSet dsp = hp.GetList("dep_id=" + ds.Tables[0].Rows[i]["id"]);
                    for (int j = 0; j < dsp.Tables[0].Rows.Count; j++)
                    {
                        if (!string.IsNullOrEmpty(dsp.Tables[0].Rows[j]["emp_name"].ToString()))
                        {
                            DataSet dso      = sol.GetList("UserID=" + dsp.Tables[0].Rows[j]["emp_id"]);
                            string  posticon = "../images/icon/93.png";
                            if (dso.Tables[0].Rows.Count > 0)
                            {
                                posticon = "../images/icon/37.png";//95
                            }

                            str.Append("{id:-" + dsp.Tables[0].Rows[j]["post_id"].ToString() + ",pid:" + dsp.Tables[0].Rows[j]["dep_id"].ToString() + ",text:'" + dsp.Tables[0].Rows[j]["emp_name"] + "',d_icon:'" + posticon + "'},");
                        }
                    }
                }
                str.Replace(",", "", str.Length - 1, 1);
                str.Append("]");
                context.Response.Write(str);
            }
            if (request["Action"] == "GetUserInfo")
            {
                string dt = Common.DataToJson.DataToJSON(dsemp);

                context.Response.Write(dt);
            }
            if (request["Action"] == "GetOnline")
            {
                BLL.Sys_online   sol   = new BLL.Sys_online();
                Model.Sys_online model = new Model.Sys_online();


                model.UserName    = empname;
                model.UserID      = emp_id;
                model.LastLogTime = DateTime.Now;

                DataSet ds1 = sol.GetList(" UserID=" + int.Parse(request.Cookies["UserID"].Value));

                //添加当前用户信息
                if (ds1.Tables[0].Rows.Count > 0)
                {
                    sol.Update(model, " UserID=" + int.Parse(request.Cookies["UserID"].Value));
                }
                else
                {
                    sol.Add(model);
                }
                //}

                //删除超时用户
                sol.Delete(" LastLogTime<DATEADD(MI,-2,getdate())");

                context.Response.Write(Common.GetGridJSON.DataTableToJSON(sol.GetAllList().Tables[0]));
            }
            if (request["Action"] == "GetIcons")
            {
                try
                {
                    var icontype = request["icontype"];

                    var rootPath = context.Server.MapPath("~/images/icon/");
                    Common.ObjectListToJSON objtojson = new Common.ObjectListToJSON();
                    List <FileInfo>         lp        = GetAllFilesInDirectory(rootPath);
                    string a = objtojson.toJSON(lp);
                    context.Response.Write(a);
                }
                catch (Exception err)
                {
                    context.Response.Write("系统错误:" + err.Message);
                }
            }
        }
Exemple #3
0
        public void ProcessRequest(HttpContext context)
        {
            context.Response.ContentType = "text/plain";
            context.Response.Charset     = "utf-8";
            HttpRequest request = context.Request;

            if (request["Action"] == "login")
            {
                BLL.hr_employee emp = new BLL.hr_employee();

                string username = PageValidate.InputText(request["username"], 255);
                //string password = FormsAuthentication.HashPasswordForStoringInConfigFile(request["password"], "MD5");
                string password = PageValidate.InputText(request["password"], 255);
                string validate = PageValidate.InputText(request["validate"], 255);

                if (!string.IsNullOrEmpty(validate) && !string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
                {
                    if (validate == context.Session["CheckCode"].ToString() || validate.ToLower() == context.Session["CheckCode"].ToString().ToLower())
                    {
                        DataSet ds = emp.GetList(" uid='" + username + "' and pwd='" + password + "'");
                        if (ds.Tables[0].Rows.Count > 0)
                        {
                            if (ds.Tables[0].Rows[0]["canlogin"].ToString() == "1")
                            {
                                string userid = ds.Tables[0].Rows[0]["ID"].ToString();
                                FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                                    1,
                                    username,
                                    DateTime.Now,
                                    DateTime.Now.AddMinutes(20),
                                    true,
                                    userid,
                                    "/"
                                    );
                                var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
                                cookie.HttpOnly = true;
                                context.Response.Cookies.Add(cookie);

                                //FormsAuthentication.SetAuthCookie(userid, true);

                                //日志
                                BLL.Sys_log   log      = new BLL.Sys_log();
                                Model.Sys_log modellog = new Model.Sys_log();
                                modellog.EventType = "系统登录";

                                modellog.EventDate = DateTime.Now;
                                modellog.UserID    = int.Parse(userid);
                                modellog.UserName  = ds.Tables[0].Rows[0]["name"].ToString();
                                modellog.IPStreet  = request.UserHostAddress;

                                log.Add(modellog);

                                //online
                                BLL.Sys_online   sol   = new BLL.Sys_online();
                                Model.Sys_online model = new Model.Sys_online();

                                model.UserName    = ds.Tables[0].Rows[0]["name"].ToString();
                                model.UserID      = int.Parse(ds.Tables[0].Rows[0]["id"].ToString());
                                model.LastLogTime = DateTime.Now;

                                DataSet ds1 = sol.GetList(" UserID=" + ds.Tables[0].Rows[0]["id"].ToString());

                                //添加当前用户信息
                                if (ds1.Tables[0].Rows.Count > 0)
                                {
                                    sol.Update(model, " UserID=" + ds.Tables[0].Rows[0]["id"].ToString());
                                }
                                else
                                {
                                    sol.Add(model);
                                }
                                //删除超时用户
                                //sol.Delete(" LastLogTime<DATEADD(MI,-1,getdate())");//SQL Server使用
                                sol.Delete(" LastLogTime<date_sub(now(),interval 1 day)");

                                //验证完毕,允许登录
                                context.Response.Write("2");
                            }
                            else
                            {
                                context.Response.Write("4");//不允许登录
                            }
                        }
                        else
                        {
                            context.Response.Write("1");//用户名或密码错误
                        }
                    }
                    else
                    {
                        context.Response.Write("0");//验证码错误
                    }
                }
                else
                {
                    context.Response.Write("999");//系统数据错误
                }
            }

            if (request["Action"] == "logout")
            {
                var cookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];

                if (null != cookie)
                {
                    var    ticket     = FormsAuthentication.Decrypt(cookie.Value);
                    string CoockiesID = ticket.UserData;

                    FormsAuthentication.SignOut();
                    context.Response.Write("true");

                    //online
                    BLL.Sys_online sol = new BLL.Sys_online();
                    try
                    {
                        if (!string.IsNullOrEmpty(CoockiesID))
                        {
                            sol.Delete(" UserID=" + int.Parse(CoockiesID));
                        }
                    }
                    catch
                    {
                    }
                }
            }
            if (request["Action"] == "checkpwd")
            {
                var    cookie     = context.Request.Cookies[FormsAuthentication.FormsCookieName];
                var    ticket     = FormsAuthentication.Decrypt(cookie.Value);
                string CoockiesID = ticket.UserData;

                BLL.hr_employee emp = new BLL.hr_employee();

                int    emp_id   = int.Parse(CoockiesID);
                string password = FormsAuthentication.HashPasswordForStoringInConfigFile(request["password"], "MD5");


                DataSet ds = emp.GetList(string.Format("ID={0} and pwd='{1}'", emp_id, password));

                if (ds.Tables[0].Rows.Count > 0)
                {
                    context.Response.Write("{sucess:sucess}");
                }
                else
                {
                    context.Response.Write("{sucess:false}");
                }
            }
        }
        public void ProcessRequest(HttpContext context)
        {
            context.Response.ContentType = "text/plain";
            HttpRequest request = context.Request;

            BLL.Sys_Menu menu = new BLL.Sys_Menu();

            var    cookie     = context.Request.Cookies[FormsAuthentication.FormsCookieName];
            var    ticket     = FormsAuthentication.Decrypt(cookie.Value);
            string CoockiesID = ticket.UserData;

            BLL.hr_employee emp     = new BLL.hr_employee();
            int             emp_id  = int.Parse(CoockiesID);
            DataSet         dsemp   = emp.GetList("id=" + emp_id);
            string          empname = dsemp.Tables[0].Rows[0]["name"].ToString();
            string          uid     = dsemp.Tables[0].Rows[0]["uid"].ToString();

            if (request["Action"] == "GetSysApp")
            {
                DataSet ds = null;

                int appid = int.Parse(request["appid"]);

                if (dsemp.Tables[0].Rows.Count > 0)
                {
                    if (dsemp.Tables[0].Rows[0]["uid"].ToString() == "admin")
                    {
                        ds = menu.GetList(0, "App_id=" + appid, "Menu_order");
                    }
                    else
                    {
                        Data.GetAuthorityByUid getauth = new Data.GetAuthorityByUid();
                        string menus = getauth.GetAuthority(emp_id.ToString(), "Menus");
                        ds = menu.GetList(0, "App_id=" + appid + " and Menu_id in " + menus, "Menu_order");
                    }
                }

                string dt = "[" + GetTasksString(0, ds.Tables[0]) + "]";

                context.Response.Write(dt);
            }
            if (request["Action"] == "getUserTree")
            {
                BLL.Sys_online   sol   = new BLL.Sys_online();
                Model.Sys_online model = new Model.Sys_online();

                model.UserName    = PageValidate.InputText(empname, 250);
                model.UserID      = emp_id;
                model.LastLogTime = DateTime.Now;

                DataSet ds1 = sol.GetList(" UserID=" + emp_id);

                //添加当前用户信息
                if (ds1.Tables[0].Rows.Count > 0)
                {
                    sol.Update(model, " UserID=" + emp_id);
                }
                else
                {
                    sol.Add(model);
                }

                //删除超时用户
                //sol.Delete(" LastLogTime<DATEADD(MI,-2,getdate())");//SQL Server使用
                sol.Delete(" LastLogTime<date_sub(now(),interval 2 day)");

                BLL.hr_department dep = new BLL.hr_department();
                BLL.hr_post       hp  = new BLL.hr_post();

                DataSet       ds  = dep.GetList(0, "", "d_order");
                StringBuilder str = new StringBuilder();
                str.Append("[");
                str.Append(GetTreeString(0, ds.Tables[0], 1));
                str.Replace(",", "", str.Length - 1, 1);
                str.Append("]");
                context.Response.Write(str);
            }
            if (request["Action"] == "GetUserInfo")
            {
                string dt = Common.DataToJson.DataToJSON(dsemp);

                context.Response.Write(dt);
            }
            if (request["Action"] == "GetOnline")
            {
                BLL.Sys_online   sol   = new BLL.Sys_online();
                Model.Sys_online model = new Model.Sys_online();


                model.UserName    = empname;
                model.UserID      = emp_id;
                model.LastLogTime = DateTime.Now;

                DataSet ds1 = sol.GetList(" UserID=" + emp_id);

                //添加当前用户信息
                if (ds1.Tables[0].Rows.Count > 0)
                {
                    sol.Update(model, " UserID=" + emp_id);
                }
                else
                {
                    sol.Add(model);
                }
                //}

                //删除超时用户
                //sol.Delete(" LastLogTime<DATEADD(MI,-2,getdate())");//SQL Server使用
                sol.Delete(" LastLogTime<date_sub(now(),interval 2 day)");

                context.Response.Write(Common.GetGridJSON.DataTableToJSON(sol.GetAllList().Tables[0]));
            }
            if (request["Action"] == "GetIcons")
            {
                try
                {
                    var icontype = request["icontype"];

                    var rootPath = context.Server.MapPath("~/images/icon/");
                    Common.ObjectListToJSON objtojson = new Common.ObjectListToJSON();
                    List <FileInfo>         lp        = GetAllFilesInDirectory(rootPath);
                    string a = objtojson.toJSON(lp);
                    context.Response.Write(a);
                }
                catch (Exception err)
                {
                    context.Response.Write("系统错误:" + err.Message);
                }
            }
        }
Exemple #5
0
        public void ProcessRequest(HttpContext context)
        {
            context.Response.ContentType = "text/plain";
            HttpRequest request = context.Request;

            BLL.Sys_Menu menu = new BLL.Sys_Menu();

            BLL.hr_employee emp = new BLL.hr_employee();
            int emp_id = int.Parse(request.Cookies["UserID"].Value);
            DataSet dsemp = emp.GetList("id=" + int.Parse( request.Cookies["UserID"].Value));
            string empname = dsemp.Tables[0].Rows[0]["name"].ToString();
            string uid = dsemp.Tables[0].Rows[0]["uid"].ToString();

            if (request["Action"] == "GetSysApp")
            {
                DataSet ds = null;

                int appid = int.Parse(request["appid"]);

                if (dsemp.Tables[0].Rows.Count > 0)
                {
                    if (dsemp.Tables[0].Rows[0]["uid"].ToString() == "admin")
                    {
                        ds = menu.GetList(0, "App_id=" + appid, "Menu_order");
                    }
                    else
                    {
                        Data.GetAuthorityByUid getauth = new Data.GetAuthorityByUid();
                        string menus = getauth.GetAuthority(request.Cookies["UserID"].Value, "Menus");
                        ds = menu.GetList(0, "App_id=" + appid + " and Menu_id in " + menus, "Menu_order");
                    }
                }

                string dt = "[" + GetTasksString(0, ds.Tables[0]) + "]";

                context.Response.Write(dt);
            }
            if (request["Action"] == "getUserTree")
            {
                BLL.Sys_online sol = new BLL.Sys_online();
                Model.Sys_online model = new Model.Sys_online();

                model.UserName = emp.GetList("ID =" + int.Parse(request.Cookies["UserID"].Value)).Tables[0].Rows[0]["name"].ToString();
                model.UserID = int.Parse(request.Cookies["UserID"].Value);
                model.LastLogTime = DateTime.Now;

                DataSet ds1 = sol.GetList(" UserID=" + request.Cookies["UserID"].Value);

                //添加当前用户信息
                if (ds1.Tables[0].Rows.Count > 0)
                {
                    sol.Update(model, " UserID=" + request.Cookies["UserID"].Value);
                }
                else
                {
                    sol.Add(model);
                }
                //}

                //删除超时用户
                sol.Delete(" LastLogTime<DATEADD(MI,-2,getdate())");

                //context.Response.Write(Common.GetGridJSON.DataTableToJSON(sol.GetAllList().Tables[0]));

                BLL.hr_department dep = new BLL.hr_department();
                BLL.hr_post hp = new BLL.hr_post();

                DataSet ds = dep.GetList(0, "isDelete=0 ", " convert(int,[d_order])");
                StringBuilder str = new StringBuilder();
                str.Append("[");
                for (int i = 0; i < ds.Tables[0].Rows.Count; i++)
                {
                    str.Append("{id:" + ds.Tables[0].Rows[i]["id"].ToString() + ",pid:" + ds.Tables[0].Rows[i]["parentid"].ToString() + ",text:'" + ds.Tables[0].Rows[i]["d_name"] + "',d_icon:'" + ds.Tables[0].Rows[i]["d_icon"] + "'},");
                    DataSet dsp = hp.GetList("dep_id=" + ds.Tables[0].Rows[i]["id"]);
                    for (int j = 0; j < dsp.Tables[0].Rows.Count; j++)
                    {
                        if (!string.IsNullOrEmpty(dsp.Tables[0].Rows[j]["emp_name"].ToString()))
                        {
                            DataSet dso = sol.GetList("UserID=" + dsp.Tables[0].Rows[j]["emp_id"]);
                            string posticon = "img_crm/icon/93.png";
                            if (dso.Tables[0].Rows.Count > 0)
                            {
                                posticon = "img_crm/icon/38.png";//95
                            }

                            str.Append("{id:-" + dsp.Tables[0].Rows[j]["post_id"].ToString() + ",pid:" + dsp.Tables[0].Rows[j]["dep_id"].ToString() + ",text:'" + dsp.Tables[0].Rows[j]["emp_name"] + "',d_icon:'" + posticon + "'},");
                        }
                    }
                }
                str.Replace(",", "", str.Length - 1, 1);
                str.Append("]");
                context.Response.Write(str);

            }
            if (request["Action"] == "GetUserInfo")
            {
                string dt = Common.DataToJson.DataToJSON(dsemp);

                context.Response.Write(dt);

            }
            if (request["Action"] == "GetOnline")
            {
                BLL.Sys_online sol = new BLL.Sys_online();
                Model.Sys_online model = new Model.Sys_online();

                model.UserName = empname;
                model.UserID = emp_id;
                model.LastLogTime = DateTime.Now;

                DataSet ds1 = sol.GetList(" UserID=" + int.Parse( request.Cookies["UserID"].Value));

                //添加当前用户信息
                if (ds1.Tables[0].Rows.Count > 0)
                {
                    sol.Update(model, " UserID=" + int.Parse( request.Cookies["UserID"].Value));
                }
                else
                {
                    sol.Add(model);
                }
                //}

                //删除超时用户
                sol.Delete(" LastLogTime<DATEADD(MI,-2,getdate())");

                context.Response.Write(Common.GetGridJSON.DataTableToJSON(sol.GetAllList().Tables[0]));
            }
            if (request["Action"] == "GetIcons")
            {
                try
                {
                    var icontype = request["icontype"];

                    var rootPath = context.Server.MapPath("~/img_crm/icon/");
                    Common.ObjectListToJSON objtojson = new Common.ObjectListToJSON();
                    List<FileInfo> lp = GetAllFilesInDirectory(rootPath);
                    string a = objtojson.toJSON(lp);
                    context.Response.Write(a);

                }
                catch (Exception err)
                {
                    context.Response.Write("系统错误:" + err.Message);
                }
            }
        }
Exemple #6
0
        public void ProcessRequest(HttpContext context)
        {
            context.Response.ContentType = "text/plain";
            context.Response.Charset     = "utf-8";
            HttpRequest request = context.Request;

            //string param = PostInput(HttpContext.Current);
            //string[] paramstr = param.Split('&');
            string uid = request["uid"];
            string pwd = request["pwd"];

            //foreach (string item in paramstr)
            //{
            //    if (item.IndexOf("uid") != -1)
            //    {
            //        uid = item.Split('=')[1];
            //    }
            //    else if (item.IndexOf("pwd") != -1)
            //    {
            //        pwd = item.Split('=')[1];
            //    }
            //}

            BLL.hr_employee     emp      = new BLL.hr_employee();
            BLL.Sys_FactoryInfo fty      = new BLL.Sys_FactoryInfo();
            BLL.ecs_admin_user  ecsadmin = new BLL.ecs_admin_user();

            if (!string.IsNullOrEmpty(pwd) && !string.IsNullOrEmpty(uid))  //判断pwd与uid不为空
            {
                DataSet ds = emp.GetList(" uid = '" + uid + "'");

                if (ds.Tables[0].Rows.Count > 0 && ds.Tables[0].Rows[0]["pwd"].ToString() == pwd)   //判断可以找到该用户
                {
                    string factory_Id = ds.Tables[0].Rows[0]["Factory_Id"].ToString();


                    #region 创建HttpCookie

                    if (ds.Tables[0].Rows[0]["uid"].ToString() == "admin")
                    {
                        string userid   = ds.Tables[0].Rows[0]["ID"].ToString();
                        string username = ds.Tables[0].Rows[0]["uid"].ToString();
                        FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                            1,
                            username,
                            DateTime.Now,
                            DateTime.Now.AddMinutes(20),
                            true,
                            userid,
                            "/"
                            );
                        var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
                        cookie.HttpOnly = true;
                        context.Response.Cookies.Add(cookie);

                        //FormsAuthentication.SetAuthCookie(userid, true);

                        //日志
                        //BLL.Sys_log log = new BLL.Sys_log();
                        //Model.Sys_log modellog = new Model.Sys_log();
                        //modellog.EventType = "系统登录";

                        //modellog.EventDate = DateTime.Now;
                        //modellog.UserID = int.Parse(userid);
                        //modellog.UserName = ds.Tables[0].Rows[0]["name"].ToString();
                        //modellog.IPStreet = request.UserHostAddress;
                        //modellog.Factory_Id = factory_Id;

                        //log.Add(modellog);

                        //online
                        BLL.Sys_online   sol   = new BLL.Sys_online();
                        Model.Sys_online model = new Model.Sys_online();

                        model.UserName    = ds.Tables[0].Rows[0]["name"].ToString();
                        model.UserID      = int.Parse(ds.Tables[0].Rows[0]["id"].ToString());
                        model.LastLogTime = DateTime.Now;

                        DataSet ds1 = sol.GetList(" UserID=" + ds.Tables[0].Rows[0]["id"].ToString());

                        //添加当前用户信息
                        if (ds1.Tables[0].Rows.Count > 0)
                        {
                            sol.Update(model, " UserID=" + ds.Tables[0].Rows[0]["id"].ToString());
                        }
                        else
                        {
                            sol.Add(model);
                        }
                        //删除超时用户
                        //2分钟用户失效,删除 --Robert 2015-11-24
                        sol.Delete(" LastLogTime<date_sub(now(), interval 5 minute)");

                        //验证完毕,允许登录
                        string returnJson = @"{result: 'true',uid: '" + username + "'}";
                        context.Response.Write(returnJson);
                    }
                    else
                    {
                        DataSet dsfty    = fty.GetList("Factory_Id='" + factory_Id + "'");
                        string  username = ds.Tables[0].Rows[0]["uid"].ToString();
                        string  isDelete = dsfty.Tables[0].Rows[0]["IsDelete"].ToString();
                        if (int.Parse(isDelete) == 0)
                        {
                            if (ds.Tables[0].Rows[0]["canlogin"].ToString() == "1")
                            {
                                string userid = ds.Tables[0].Rows[0]["ID"].ToString();
                                FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                                    1,
                                    username,
                                    DateTime.Now,
                                    DateTime.Now.AddMinutes(20),
                                    true,
                                    userid,
                                    "/"
                                    );
                                var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
                                cookie.HttpOnly = true;
                                context.Response.Cookies.Add(cookie);

                                //FormsAuthentication.SetAuthCookie(userid, true);

                                //日志
                                //BLL.Sys_log log = new BLL.Sys_log();
                                //Model.Sys_log modellog = new Model.Sys_log();
                                //modellog.EventType = "系统登录";

                                //modellog.EventDate = DateTime.Now;
                                //modellog.UserID = int.Parse(userid);
                                //modellog.UserName = ds.Tables[0].Rows[0]["name"].ToString();
                                //modellog.IPStreet = request.UserHostAddress;
                                //modellog.Factory_Id = factory_Id;

                                //log.Add(modellog);

                                //online
                                BLL.Sys_online   sol   = new BLL.Sys_online();
                                Model.Sys_online model = new Model.Sys_online();

                                model.UserName    = ds.Tables[0].Rows[0]["name"].ToString();
                                model.UserID      = int.Parse(ds.Tables[0].Rows[0]["id"].ToString());
                                model.LastLogTime = DateTime.Now;

                                DataSet ds1 = sol.GetList(" UserID=" + ds.Tables[0].Rows[0]["id"].ToString());

                                //添加当前用户信息
                                if (ds1.Tables[0].Rows.Count > 0)
                                {
                                    sol.Update(model, " UserID=" + ds.Tables[0].Rows[0]["id"].ToString());
                                }
                                else
                                {
                                    sol.Add(model);
                                }
                                //删除超时用户
                                //2分钟用户失效,删除 --Robert 2015-11-24
                                sol.Delete(" LastLogTime<date_sub(now(), interval 5 minute)");

                                //验证完毕,允许登录
                                string returnJson = @"{result: 'true',uid: '" + username + "'}";
                                context.Response.Write(returnJson);
                            }
                            else
                            {
                                string returnJson = @"{result: 'false',uid: '11111',msg;'不允许登录'}";
                                context.Response.Write(returnJson);//不允许登录
                            }
                        }
                        else
                        {
                            string returnJson = @"{result: 'false',uid: '11111',msg;'不允许登录'}";
                            context.Response.Write(returnJson);//不允许登录
                        }
                    }
                    #endregion
                }
                else
                {
                    string returnJson = @"{result: 'false',uid: '11111',msg;'用户名或密码错误'}";
                    context.Response.Write(returnJson);//用户名或密码错误
                }
            }
            else
            {
                string returnJson = @"{result: 999,uid: '11111',msg;'系统数据错误'}";
                context.Response.Write(returnJson);//系统数据错误
            }
        }
Exemple #7
0
        public void ProcessRequest(HttpContext context)
        {
            context.Response.ContentType = "text/plain";
            context.Response.Charset     = "utf-8";
            HttpRequest request = context.Request;

            if (request["Action"] == "login")
            {
                BLL.hr_employee     emp = new BLL.hr_employee();
                BLL.Sys_FactoryInfo fty = new BLL.Sys_FactoryInfo();

                string username = PageValidate.InputText(request["username"], 255);
                //string password = FormsAuthentication.HashPasswordForStoringInConfigFile(request["password"], "MD5");
                string password = PageValidate.InputText(request["password"], 255);
                string validate = PageValidate.InputText(request["validate"], 255);

                //SQL注入式攻击过滤===========================================================================================
                string path = context.Server.MapPath(@"../file/SQLFile.txt");
                if (CommonData.getSQLPercolation(username.ToUpper(), path))
                {
                    context.Response.Write("999");//系统错误
                    return;
                }
                //============================================================================================================

                if (!string.IsNullOrEmpty(validate) && !string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
                {
                    if (validate == context.Session["CheckCode"].ToString() || validate.ToLower() == context.Session["CheckCode"].ToString().ToLower())
                    {
                        //DataSet ds = emp.GetList(" uid='" + username + "' and pwd='" + password + "'");
                        Model.hr_employee empModel = emp.LoginUser(username);
                        //IP 限制====================================================================================================
                        string vrip = GetClientIPv4Address();

                        List <string> lstIp = new List <string>();
                        lstIp.Add("219.146.197.91");    //电信IP地址
                        lstIp.Add("60.213.50.226");     //联通IP地址

                        lstIp.Add("172.178.1.118");     //本地(邢荣)
                        lstIp.Add("172.178.1.211");     //本地(陈伟)
                        lstIp.Add("172.178.1.100");     //本地(陈伟)
                        lstIp.Add("172.178.1.203");     //本地(robert)
                        lstIp.Add("172.178.1.201");     //本地(李明)
                        lstIp.Add("172.178.1.79");      //本地(王德胜)
                        lstIp.Add("172.178.1.117");     //本地(王立全)
                        lstIp.Add("172.178.1.243");     //本地(王虎)
                        //if (!lstIp.Contains(vrip))
                        //{
                        //    //修改:robert, 2016-06-04     过滤特殊人群,当前:王频频wpp6274========
                        //    if (username.Trim() != "wpp6274" && username.Trim() != "gjc1010")
                        //    {
                        //        context.Response.Write("6");//ip受限制
                        //        return;
                        //    }
                        //    //=======================================================================
                        //}
                        //============================================================================================================

                        if (empModel != null && empModel.pwd == password.ToUpper())
                        {
                            //只允许李辉、郭建传,李艳梅,admin登录
                            //if (username.Trim() != "li5001" && username.Trim() != "1010" && username.Trim() != "lym5007" && username.Trim() != "admin" && username.Trim() != "yqy5062" && username.Trim() != "lgh1128" && username.Trim() != "lc1271" && username.Trim() != "zf6346")
                            //{
                            //    context.Response.Write("6");//ip受限制
                            //    return;
                            //}
                            //=======================================================================
                            //存在该 uid的用户,并且 pwd-密码正确;执行以下内容
                            //if (ds.Tables[0].Rows.Count > 0)
                            //{
                            if (empModel.uid.Trim() == "admin")
                            {
                                #region
                                //string userid = empModel.ID.ToString();
                                FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                                    1,
                                    empModel.uid,
                                    DateTime.Now,
                                    DateTime.Now.AddMinutes(20),
                                    true,
                                    empModel.ID.ToString(),
                                    "/"
                                    );
                                var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
                                cookie.HttpOnly = true;
                                context.Response.Cookies.Add(cookie);

                                //FormsAuthentication.SetAuthCookie(userid, true);

                                //日志
                                //BLL.Sys_log log = new BLL.Sys_log();
                                //Model.Sys_log modellog = new Model.Sys_log();
                                //modellog.EventType = "系统登录";

                                //modellog.EventDate = DateTime.Now;
                                //modellog.UserID = empModel.ID;
                                //modellog.UserName = empModel.name;
                                //modellog.IPStreet = request.UserHostAddress;
                                //modellog.Factory_Id = empModel.factory_Id;

                                //log.Add(modellog);

                                //online
                                BLL.Sys_online   sol   = new BLL.Sys_online();
                                Model.Sys_online model = new Model.Sys_online();

                                model.UserName    = empModel.name;
                                model.UserID      = empModel.ID;
                                model.LastLogTime = DateTime.Now;

                                DataSet ds1 = sol.GetList(" UserID=" + empModel.ID);

                                //添加当前用户信息
                                if (ds1.Tables[0].Rows.Count > 0)
                                {
                                    sol.Update(model, " UserID=" + empModel.ID);
                                }
                                else
                                {
                                    sol.Add(model);
                                }
                                //删除超时用户
                                //2分钟用户失效,删除 --Robert 2015-11-24
                                sol.Delete(" LastLogTime<date_sub(now(), interval 5 minute)");

                                //验证完毕,允许登录
                                context.Response.Write("2");
                                #endregion
                            }
                            else
                            {
                                #region
                                DataSet dsfty    = fty.GetList("Factory_Id='" + empModel.factory_Id + "'");
                                string  isDelete = dsfty.Tables[0].Rows[0]["IsDelete"].ToString();
                                if (int.Parse(isDelete) == 0)
                                {
                                    if (empModel.canlogin.ToString() == "1")
                                    {
                                        FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                                            1,
                                            username,
                                            DateTime.Now,
                                            DateTime.Now.AddMinutes(20),
                                            true,
                                            empModel.ID.ToString(),
                                            "/"
                                            );
                                        var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
                                        cookie.HttpOnly = true;
                                        context.Response.Cookies.Add(cookie);

                                        //FormsAuthentication.SetAuthCookie(userid, true);

                                        //日志
                                        BLL.Sys_log   log      = new BLL.Sys_log();
                                        Model.Sys_log modellog = new Model.Sys_log();
                                        modellog.EventType = "系统登录";

                                        modellog.EventDate   = DateTime.Now;
                                        modellog.UserID      = empModel.ID;
                                        modellog.UserName    = empModel.name;
                                        modellog.IPStreet    = request.UserHostAddress;
                                        modellog.Current_txt = "DAS 用户登录";
                                        modellog.Factory_Id  = empModel.factory_Id;

                                        log.Add(modellog);

                                        //online
                                        BLL.Sys_online   sol   = new BLL.Sys_online();
                                        Model.Sys_online model = new Model.Sys_online();

                                        model.UserName    = empModel.name;
                                        model.UserID      = empModel.ID;
                                        model.LastLogTime = DateTime.Now;

                                        DataSet ds1 = sol.GetList(" UserID=" + empModel.ID);

                                        //添加当前用户信息
                                        if (ds1.Tables[0].Rows.Count > 0)
                                        {
                                            sol.Update(model, " UserID=" + empModel.ID);
                                        }
                                        else
                                        {
                                            sol.Add(model);
                                        }
                                        //删除超时用户
                                        //2分钟用户失效,删除 --Robert 2015-11-24
                                        sol.Delete(" LastLogTime<date_sub(now(), interval 5 minute)");


                                        //验证完毕,允许登录
                                        context.Response.Write("2");
                                    }
                                    else
                                    {
                                        context.Response.Write("4");//不允许登录
                                    }
                                }
                                else
                                {
                                    context.Response.Write("5");//不允许登录
                                }
                                #endregion
                            }

                            #region 历史2016-04-15前

                            /*
                             * string factory_Id = ds.Tables[0].Rows[0]["Factory_Id"].ToString();
                             *
                             * if (ds.Tables[0].Rows[0]["uid"].ToString() == "admin")
                             * {
                             #region
                             *  string userid = ds.Tables[0].Rows[0]["ID"].ToString();
                             *  FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                             *      1,
                             *      username,
                             *      DateTime.Now,
                             *      DateTime.Now.AddMinutes(20),
                             *      true,
                             *      userid,
                             *      "/"
                             *      );
                             *  var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
                             *  cookie.HttpOnly = true;
                             *  context.Response.Cookies.Add(cookie);
                             *
                             *  //FormsAuthentication.SetAuthCookie(userid, true);
                             *
                             *  //日志
                             *  BLL.Sys_log log = new BLL.Sys_log();
                             *  Model.Sys_log modellog = new Model.Sys_log();
                             *  modellog.EventType = "系统登录";
                             *
                             *  modellog.EventDate = DateTime.Now;
                             *  modellog.UserID = int.Parse(userid);
                             *  modellog.UserName = ds.Tables[0].Rows[0]["name"].ToString();
                             *  modellog.IPStreet = request.UserHostAddress;
                             *  modellog.Factory_Id = factory_Id;
                             *
                             *  log.Add(modellog);
                             *
                             *  //online
                             *  BLL.Sys_online sol = new BLL.Sys_online();
                             *  Model.Sys_online model = new Model.Sys_online();
                             *
                             *  model.UserName = ds.Tables[0].Rows[0]["name"].ToString();
                             *  model.UserID = int.Parse(ds.Tables[0].Rows[0]["id"].ToString());
                             *  model.LastLogTime = DateTime.Now;
                             *
                             *  DataSet ds1 = sol.GetList(" UserID=" + ds.Tables[0].Rows[0]["id"].ToString());
                             *
                             *  //添加当前用户信息
                             *  if (ds1.Tables[0].Rows.Count > 0)
                             *  {
                             *      sol.Update(model, " UserID=" + ds.Tables[0].Rows[0]["id"].ToString());
                             *  }
                             *  else
                             *  {
                             *      sol.Add(model);
                             *  }
                             *  //删除超时用户
                             *  //2分钟用户失效,删除 --Robert 2015-11-24
                             *  sol.Delete(" LastLogTime<date_sub(now(), interval 2 minute)");
                             *
                             *
                             *  //验证完毕,允许登录
                             *  context.Response.Write("2");
                             #endregion
                             * }
                             * else
                             * {
                             #region
                             *  DataSet dsfty = fty.GetList("Factory_Id='" + factory_Id + "'");
                             *  string isDelete = dsfty.Tables[0].Rows[0]["IsDelete"].ToString();
                             *  if (int.Parse(isDelete) == 0)
                             *  {
                             *      if (ds.Tables[0].Rows[0]["canlogin"].ToString() == "1")
                             *      {
                             *          string userid = ds.Tables[0].Rows[0]["ID"].ToString();
                             *          FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                             *              1,
                             *              username,
                             *              DateTime.Now,
                             *              DateTime.Now.AddMinutes(20),
                             *              true,
                             *              userid,
                             *              "/"
                             *              );
                             *          var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
                             *          cookie.HttpOnly = true;
                             *          context.Response.Cookies.Add(cookie);
                             *
                             *          //FormsAuthentication.SetAuthCookie(userid, true);
                             *
                             *          //日志
                             *          BLL.Sys_log log = new BLL.Sys_log();
                             *          Model.Sys_log modellog = new Model.Sys_log();
                             *          modellog.EventType = "系统登录";
                             *
                             *          modellog.EventDate = DateTime.Now;
                             *          modellog.UserID = int.Parse(userid);
                             *          modellog.UserName = ds.Tables[0].Rows[0]["name"].ToString();
                             *          modellog.IPStreet = request.UserHostAddress;
                             *          modellog.Factory_Id = factory_Id;
                             *
                             *          log.Add(modellog);
                             *
                             *          //online
                             *          BLL.Sys_online sol = new BLL.Sys_online();
                             *          Model.Sys_online model = new Model.Sys_online();
                             *
                             *          model.UserName = ds.Tables[0].Rows[0]["name"].ToString();
                             *          model.UserID = int.Parse(ds.Tables[0].Rows[0]["id"].ToString());
                             *          model.LastLogTime = DateTime.Now;
                             *
                             *          DataSet ds1 = sol.GetList(" UserID=" + ds.Tables[0].Rows[0]["id"].ToString());
                             *
                             *          //添加当前用户信息
                             *          if (ds1.Tables[0].Rows.Count > 0)
                             *          {
                             *              sol.Update(model, " UserID=" + ds.Tables[0].Rows[0]["id"].ToString());
                             *          }
                             *          else
                             *          {
                             *              sol.Add(model);
                             *          }
                             *          //删除超时用户
                             *          //2分钟用户失效,删除 --Robert 2015-11-24
                             *          sol.Delete(" LastLogTime<date_sub(now(), interval 2 minute)");
                             *
                             *
                             *          //验证完毕,允许登录
                             *          context.Response.Write("2");
                             *      }
                             *      else
                             *      {
                             *          context.Response.Write("4");//不允许登录
                             *      }
                             *  }
                             *  else
                             *  {
                             *      context.Response.Write("5");//不允许登录
                             *  }
                             #endregion
                             * }
                             */
                            #endregion
                        }
                        else
                        {
                            context.Response.Write("1");//用户名或密码错误
                        }
                    }
                    else
                    {
                        context.Response.Write("0");//验证码错误
                    }
                }
                else
                {
                    context.Response.Write("999");//系统数据错误
                }
            }

            else if (request["Action"] == "logout")
            {
                #region
                var cookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];

                if (null != cookie)
                {
                    var    ticket     = FormsAuthentication.Decrypt(cookie.Value);
                    string CoockiesID = ticket.UserData;

                    FormsAuthentication.SignOut();
                    context.Response.Write("true");

                    //online
                    BLL.Sys_online sol = new BLL.Sys_online();
                    try
                    {
                        if (!string.IsNullOrEmpty(CoockiesID))
                        {
                            sol.Delete(" UserID=" + int.Parse(CoockiesID));
                        }
                    }
                    catch
                    {
                    }
                }
                #endregion
            }
            else if (request["Action"] == "checkpwd")
            {
                #region
                var    cookie     = context.Request.Cookies[FormsAuthentication.FormsCookieName];
                var    ticket     = FormsAuthentication.Decrypt(cookie.Value);
                string CoockiesID = ticket.UserData;

                BLL.hr_employee emp = new BLL.hr_employee();

                int    emp_id   = int.Parse(CoockiesID);
                string password = FormsAuthentication.HashPasswordForStoringInConfigFile(request["password"], "MD5");

                DataSet ds = emp.GetList(string.Format("ID={0} and pwd='{1}'", emp_id, password));

                if (ds.Tables[0].Rows.Count > 0)
                {
                    context.Response.Write("{sucess:sucess}");
                }
                else
                {
                    context.Response.Write("{sucess:false}");
                }
                #endregion
            }
        }
        public void ProcessRequest(HttpContext context)
        {
            context.Response.ContentType = "text/plain";
            context.Response.Charset     = "utf-8";
            HttpRequest request = context.Request;

            if (request["Action"] == "login")
            {
                BLL.hr_employee emp = new BLL.hr_employee();

                string username = PageValidate.InputText(request["username"], 255);
                //string password = FormsAuthentication.HashPasswordForStoringInConfigFile(request["password"], "MD5");
                string password = PageValidate.InputText(request["password"], 255);
                string validate = PageValidate.InputText(request["validate"], 255);

                if (!string.IsNullOrEmpty(validate) && !string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password))
                {
                    if (validate == context.Session["CheckCode"].ToString() || validate == context.Session["CheckCode"].ToString().ToLower())
                    {
                        DataSet ds = emp.GetList(" uid='" + username + "' and pwd='" + password + "'");
                        if (ds.Tables[0].Rows.Count > 0)
                        {
                            if (ds.Tables[0].Rows[0]["canlogin"].ToString() == "1")
                            {
                                string userid = ds.Tables[0].Rows[0]["ID"].ToString();
                                context.Response.Cookies["UserID"].Value = userid;
                                //FormsAuthentication.RedirectFromLoginPage(userid, false);
                                FormsAuthentication.SetAuthCookie(userid, true);

                                //日志
                                BLL.Sys_log   log      = new BLL.Sys_log();
                                Model.Sys_log modellog = new Model.Sys_log();
                                modellog.EventType = "系统登录";

                                modellog.EventDate = DateTime.Now;
                                modellog.UserID    = int.Parse(userid);
                                modellog.UserName  = ds.Tables[0].Rows[0]["name"].ToString();
                                modellog.IPStreet  = request.UserHostAddress;

                                log.Add(modellog);

                                //online
                                BLL.Sys_online   sol   = new BLL.Sys_online();
                                Model.Sys_online model = new Model.Sys_online();

                                model.UserName    = ds.Tables[0].Rows[0]["name"].ToString();
                                model.UserID      = int.Parse(ds.Tables[0].Rows[0]["id"].ToString());
                                model.LastLogTime = DateTime.Now;

                                DataSet ds1 = sol.GetList(" UserID=" + ds.Tables[0].Rows[0]["id"].ToString());

                                //添加当前用户信息
                                if (ds1.Tables[0].Rows.Count > 0)
                                {
                                    sol.Update(model, " UserID=" + ds.Tables[0].Rows[0]["id"].ToString());
                                }
                                else
                                {
                                    sol.Add(model);
                                }
                                //删除超时用户
                                sol.Delete(" LastLogTime<DATEADD(MI,-1,getdate())");

                                //验证完毕,允许登录
                                context.Response.Write("2");
                            }
                            else
                            {
                                context.Response.Write("4");//不允许登录
                            }
                        }
                        else
                        {
                            context.Response.Write("1");//用户名或密码错误
                        }
                    }
                    else
                    {
                        context.Response.Write("0");//验证码错误
                    }
                }
                else
                {
                    context.Response.Write("999");//系统数据错误
                }
            }
            if (request["Action"] == "logout")
            {
                HttpCookie oldcookie = request.Cookies["UserID"];
                context.Response.Cookies["UserID"].Value = "";
                FormsAuthentication.SignOut();
                context.Response.Write("true");

                //online
                BLL.Sys_online sol = new BLL.Sys_online();
                try
                {
                    if (!string.IsNullOrEmpty(oldcookie.Value))
                    {
                        sol.Delete(" UserID=" + oldcookie.Value);
                    }
                }
                catch
                {
                }
            }
            if (request["Action"] == "checkpwd")
            {
                BLL.hr_employee emp = new BLL.hr_employee();

                int    emp_id   = int.Parse(request.Cookies["UserID"].Value.ToString());
                string password = FormsAuthentication.HashPasswordForStoringInConfigFile(request["password"], "MD5");


                DataSet ds = emp.GetList(string.Format("ID={0} and pwd='{1}'", emp_id, password));

                if (ds.Tables[0].Rows.Count > 0)
                {
                    context.Response.Write("{sucess:sucess}");
                }
                else
                {
                    context.Response.Write("{sucess:false}");
                }
            }
        }