protected void btnSave_Click(object sender, EventArgs e) { string IDF = PureString(tbIDF.Text); string UserName = PureString(tbName.Text); string Email = PureString(tbEmail.Text); string Title = PureString(tbTitle.Text); string Tel = PureString(tbTel.Text); string PWD = PureString(tbPWD.Text); string PWD2 = PureString(tbPWD2.Text); if (PWD.Equals(PWD2) == false || tbPWD.Enabled == false || tbPWD2.Enabled == false || btnChange.Text.Trim().Equals("變更密碼")) { PWD = ""; } else { EncryptT enc = new EncryptT(); PWD = enc.ToSHA256(PWD); } int Chk = 0; Dictionary <string, object> OutDict = new Dictionary <string, object>() { { "@Chk", Chk } }; MSDB.ExecuteNonQuery("ConnUser", "dbo.usp_AccountM_xUpdateUserInfo" , ref OutDict , new Dictionary <string, object>() { { "@UserID", user.ID }, { "@RocID", IDF }, { "@UserName", UserName }, { "@Email", Email }, { "@Title", Title }, { "@PhoneNumber", Tel }, { "@LoginPassword", PWD } }); Chk = (int)OutDict["@Chk"]; string script = ""; if (Chk > 0) { script = "<script>alert('儲存成功');location.href='';</script><style>body{display:none;}</style>"; } else { script = "<script>alert('儲存失敗');</script>"; } Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); }
protected void btnLogin_Click(object sender, EventArgs e) { string txtUser = tbUser.Text.Trim(); string txtPassword = tbPassword.Text.Trim(); string txtCode = tbCode.Text.ToLower().Trim(); int UserCount = 0; DataTable dt = new DataTable(); //if (SessionS.GetSessionValue("CheckCode") == null || SessionS.GetSessionValue("CheckCode").ToString().Equals(txtCode) == false) //{ // Panel1.Visible = true; // lblError.Text = "驗證碼錯誤"; // return; //} EncryptT enc = new EncryptT(); using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xCheckLogin", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); cmd.Parameters.AddWithValue("@LoginPassword", enc.ToSHA256(txtPassword)); cmd.Parameters.AddWithValue("@FunctionIndex", 1); SqlParameter sp = cmd.Parameters.AddWithValue("@UserCount", UserCount); sp.Direction = ParameterDirection.Output; sc.Open(); cmd.ExecuteNonQuery(); UserCount = (int)sp.Value; } } if (UserCount > 0) { using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xGetUserByLoginName", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); using (SqlDataAdapter da = new SqlDataAdapter(cmd)) { sc.Open(); da.Fill(dt); } } } UserVM user = new UserVM(); EntityS.FillModel <UserVM>(user, dt); user.LoginDate = DateTime.Now; HttpContext.Current.Session["LoginUser"] = user; string tempUrl = SessionS.GetSessionValue("tempUrl") as string; if (tempUrl != null) { SessionS.RemoveSession("tempUrl"); Response.Redirect(tempUrl); } else { Response.Redirect("~/Home.aspx"); } } else { Panel1.Visible = true; lblError.Text = "帳號密碼錯誤"; } }
protected void btnLogin_Click(object sender, EventArgs e) { string script = ""; string txtUser = tbUser.Text.Trim(); string txtPassword = tbPassword.Text.Trim(); string txtCode = tbCode.Text.ToLower().Trim(); int UserCount = 0; DataTable dt = new DataTable(); if (SessionS.GetSessionValue("CheckCode") == null || SessionS.GetSessionValue("CheckCode").ToString().Equals(txtCode) == false) { tbCode.Text = ""; script = "<script>alert('驗證碼錯誤');</script>"; Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); return; } EncryptT enc = new EncryptT(); using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xCheckLogin", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); cmd.Parameters.AddWithValue("@LoginPassword", enc.ToSHA256(txtPassword)); cmd.Parameters.AddWithValue("@FunctionIndex", Convert.ToInt32(WebConfigurationManager.AppSettings["SystemFunctionIndex"])); SqlParameter sp = cmd.Parameters.AddWithValue("@UserCount", UserCount); sp.Direction = ParameterDirection.Output; sc.Open(); cmd.ExecuteNonQuery(); UserCount = (int)sp.Value; } } if (UserCount > 0) { using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xGetUserByLoginName", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); using (SqlDataAdapter da = new SqlDataAdapter(cmd)) { sc.Open(); da.Fill(dt); } } } UserVM user = new UserVM(); EntityS.FillModel <UserVM>(user, dt); //user.LoginDate = DateTime.Now; var org = SystemOrg.GetVM(user.OrgID); var clientIP = IpAddressS.GetIP(); IpT ipt = new IpT(clientIP); NameValueCollection rRequest = Request.ServerVariables; bool yesOrNo = false; if (clientIP != null && org != null) { if (clientIP.Equals("::1") || clientIP.Equals("127.0.0.1") || string.IsNullOrEmpty(org.IpStart) || string.IsNullOrEmpty(org.IpEnd) || org.IpStart.Equals("0.0.0.0") && org.IpEnd.Equals("0.0.0.0")) { yesOrNo = true; } else { yesOrNo = ipt.CheckInNowWifi(string.Format("{0}-{1}", org.IpStart, org.IpEnd)); } } else if (user.OrgID == 1) { yesOrNo = true; } else if (org == null) { script = "<script>alert('無權限登入');</script>"; Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); return; } if (yesOrNo == false) { script = "<script>alert('非允許IP位置');</script>"; } else { int Chk = 0; using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xUpdateLoginDate", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@UserID", user.ID); cmd.Parameters.AddWithValue("@LoginIP", IpAddressS.GetIP()); cmd.Parameters.AddWithValue("@SystemPowerCateID", SystemPowerCateID); SqlParameter sp1 = cmd.Parameters.AddWithValue("@LoginDateOut", user.LoginDate); sp1.Direction = ParameterDirection.Output; SqlParameter sp2 = cmd.Parameters.AddWithValue("@Chk", Chk); sp2.Direction = ParameterDirection.Output; sc.Open(); cmd.ExecuteNonQuery(); user.LoginDate = (DateTime)sp1.Value; Chk = (int)sp2.Value; } } if (Chk > 0) { //Session.Abandon(); //Session.Clear(); HttpContext.Current.Session["LoginUser"] = user; string tempUrl = SessionS.GetSessionValue("tempUrl") as string; if (tempUrl != null) { SessionS.RemoveSession("tempUrl"); Response.Redirect(tempUrl); } else { Response.Redirect("~/Home.aspx"); } } else { script = "<script>alert('帳號密碼錯誤');</script>"; } } } else { script = "<script>alert('帳號密碼錯誤');</script>"; } Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); }
protected void btnSave_Click(object sender, EventArgs e) { string checkScript = ""; string message = CheckValid(); if (message.Length > 0) { checkScript = "<script>alert('" + message + "');</script>"; Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", checkScript, false); return; } string Account = PureString(tbAccount.Text); string Name = PureString(tbName.Text); string Phone = PureString(tbPhone.Text); string Email = PureString(tbEmail.Text); string Title = PureString(tbTitle.Text); string R1 = PureString(tbR1.Text); string R2 = PureString(tbR2.Text); string RID = PureString(tbRID.Text); int OutFileInfoID = 0; bool UploadFileSuccess = true; int Chk = 0; bool IsBusiness = false; if (cbP.Checked == true) { IsBusiness = true; } List <String> checkList = new List <string>(); foreach (ListItem item in cbList.Items) { if (item.Selected) { checkList.Add(item.Value); } } List <int> OutFileInfoID_List = new List <int>(); StringBuilder errorSb = new StringBuilder(); string errMsg = ""; if (tbFile.HasFile == true) { List <string> list = new List <string>() { "application/pdf", "application/msword", "application/vnd.openxmlformats-officedocument.wordprocessingml.document" //"application/vnd.ms-excel", //"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" }; HttpFileCollection multipleFiles = Request.Files; for (int fileCount = 0; fileCount < multipleFiles.Count; fileCount++) { //string fileName = Path.GetFileName(uploadedFile.FileName); //if (uploadedFile.ContentLength > 0) //{ // uploadedFile.SaveAs(Server.MapPath("~/Files/") + fileName); // Label1.Text += fileName + "Saved <BR>"; //} HttpPostedFile uploadedFile = multipleFiles[fileCount]; string extension = ""; //string[] ary = tbFile.FileName.Split('.'); string[] ary = uploadedFile.FileName.Split('.'); if (ary.Length > 1) { extension = ary.Last().ToLower(); } if (list.Contains(uploadedFile.ContentType) == false) { errorSb.Append("alert('上傳格式限PDF、WORD');"); } if (uploadedFile.ContentLength > 3 * 1024 * 1024) { errorSb.Append("alert('大小限3M以內');"); } errMsg = errorSb.ToString(); if (errMsg.Length > 0) { break; } byte[] fileData = null; using (var binaryReader = new BinaryReader(uploadedFile.InputStream)) { fileData = binaryReader.ReadBytes(uploadedFile.ContentLength); } NIIS_WS.WebServiceSoapClient WS = new NIIS_WS.WebServiceSoapClient(); string contentType = tbFile.PostedFile.ContentType; OutFileInfoID = WS.UploadFile(1, contentType, extension, uploadedFile.FileName, user.ID, user.OrgID, fileData); if (OutFileInfoID < 1) { UploadFileSuccess = false; break; } else { OutFileInfoID_List.Add(OutFileInfoID); } } } if (errMsg.Length > 0) { Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", "<script>" + errMsg + "</script>", false); return; } if (UploadFileSuccess == true) { string OutFileInfoIDs = string.Join(",", OutFileInfoID_List.Select(x => x.ToString()).ToArray()); Dictionary <string, object> OutDict = new Dictionary <string, object>() { { "@Chk", Chk } }; EncryptT enc = new EncryptT(); MSDB.ExecuteNonQuery("ConnUser", "dbo.usp_AccountM_xAddUserInfo" , ref OutDict , new Dictionary <string, object>() { { "@LoginName", Account }, { "@LoginPassword", enc.ToSHA256(Account + "123") }, { "@UserName", Name }, { "@RocID", RID }, { "@PhoneNumber", Phone }, { "@Email", Email }, { "@OrgID", user.OrgID }, { "@Title", Title }, { "@ApplyReason", R1 }, { "@ApplyRemark", R2 }, { "@IsBusiness", IsBusiness }, { "@CheckState", 1 }, { "@SystemPowerString", 1 }, { "@EnableState", 1 }, { "@CreatedUserID", user.ID }, { "@ApplyDate", DateTime.Now }, { "@RoleIDs", string.Join(",", checkList) }, { "@FileInfoIDs", OutFileInfoIDs } }); Chk = (int)OutDict["@Chk"]; } string script = ""; if (Chk > 0) { script = "<style>body{display:none;}</style><script>alert('儲存成功');location.href = '/System/AccountM/AccountMaintain.aspx?i=" + ID + "';</script>"; } else { switch (Chk) { case -1: script = "<style>body{display:none;}</style><script>alert('帳號重複');</script>"; break; case -2: script = "<style>body{display:none;}</style><script>alert('身分證號重複');</script>"; break; default: script = "<style>body{display:none;}</style><script>alert('儲存失敗');</script>"; break; } } Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); }