protected override void OnPreLoad(EventArgs e)
{
base.OnPreLoad(e);
if (Request.Url.AbsolutePath.IndexOf("Index.aspx") >= 0)
{
if (!string.IsNullOrEmpty(WorkUser.qyID))
{
Response.Redirect("/WxjzgcjczyPage/MainPage/Index2.aspx");
}
}
string loginID = LoginManager.GetLoginID();
//Session[ConfigManager.GetSignInAppUserSessionName()] = WorkUser;
if (!string.IsNullOrEmpty(loginID))
{
//object sessionAppUser = Session[ConfigManager.GetSignInAppUserSessionName()];
//if (!sessionAppUser.IsEmpty())
//{
// this.WorkUser = (AppUser)sessionAppUser;
//}
//else
//{
FunctionResult <AppUser> result = BLL.InitAppUser(loginID);
if (result.Status != FunctionResultStatus.Error)
{
this.WorkUser = result.Result;
Session[ConfigManager.GetSignInAppUserSessionName()] = result.Result;
}
else
{
Response.Clear();
Response.Write("您在本系统里没有权限!");
Response.Flush();
Response.End();
}
//}
}
else
{
this.TopWindowLocation(ConfigManager.GetLoginPageUrl());
return;
}
//下面的代码防止A用户打开的页面,B用户登录进来,操作前面A用户打开的页面,造成数据错乱
if (!Page.IsPostBack)
{
this.ViewState.Add("PageOpenedByThisUser", WorkUser.UserID);
}
else
if (WorkUser.UserID != this.ViewState["PageOpenedByThisUser"].ToString())
{
Response.Write("页面用户信息已过期!");
Response.End();
}
}
protected override void OnPreLoad(EventArgs e)
{
base.OnPreLoad(e);
string loginID = LoginManager.GetLoginID();
//Session[ConfigManager.GetSignInAppUserSessionName()] = WorkUser;
if (!string.IsNullOrEmpty(loginID))
{
object sessionAppUser = Session[ConfigManager.GetSignInAppUserSessionName()];
if (!sessionAppUser.IsEmpty())
{
this.WorkUser = (AppUser)sessionAppUser;
}
else
{
this.WorkUser = BLL.InitAppUser(loginID).Result;
Session[ConfigManager.GetSignInAppUserSessionName()] = WorkUser;
}
}
else
{
this.TopWindowLocation(ConfigManager.GetLoginPageUrl());
return;
}
//下面的代码防止A用户打开的页面,B用户登录进来,操作前面A用户打开的页面,造成数据错乱
if (!Page.IsPostBack)
{
this.ViewState.Add("PageOpenedByThisUser", WorkUser.UserID);
}
else
if (WorkUser.UserID != this.ViewState["PageOpenedByThisUser"].ToString())
{
Response.Write("页面用户信息已过期!");
Response.End();
}
}
/// <summary>
/// 登录校验
/// </summary>
private void ValidateLogin()
{
StringBuilder str = new StringBuilder();
HttpContext context = System.Web.HttpContext.Current;
string username = context.Request.Params["username"];
string password = context.Request.Params["password"];
string verificationCode = context.Request.Params["verificationCode"];
if (string.IsNullOrEmpty(username))
{
str.Append("{\"IsSuccess\":false,\"Msg\":\"用户名不能为空\"}");
context.Response.Write(str.ToString());
return;
}
if (string.IsNullOrEmpty(password))
{
str.Append("{\"IsSuccess\":false,\"Msg\":\"密码不能为空\"}");
context.Response.Write(str.ToString());
return;
}
if (string.IsNullOrEmpty(verificationCode))
{
str.Append("{\"IsSuccess\":false,\"Msg\":\"验证码不能为空\"}");
context.Response.Write(str.ToString());
return;
}
object verificationCodeServer = context.Session[ConfigManager.GetVerificationCode_SessionName()];
if (verificationCodeServer == null || verificationCodeServer.Equals(String.Empty))
{
str.Append("{\"IsSuccess\":false,\"Msg\":\"服务器端找不到验证码\"}");
context.Response.Write(str.ToString());
return;
}
if (string.IsNullOrEmpty(verificationCode) || !verificationCode.ToString().Equals(verificationCodeServer.ToString(), StringComparison.CurrentCultureIgnoreCase))
{
str.Append("{\"IsSuccess\":false,\"Msg\":\"验证码不正确\"}");
context.Response.Write(str.ToString());
return;
}
object loginCount = context.Session["loginCount"];
int waitTime = ConfigManager.GetLoginErrorWait();
if (loginCount != null && loginCount.ToInt32(0) >= ConfigManager.GetAllowLoginCount() && !string.IsNullOrEmpty(context.Session["loginForbidTime"].ToString2()))
{
DateTime oldTime = DateTime.Parse(context.Session["loginForbidTime"].ToString2());
TimeSpan span = DateTime.Now - oldTime;
if (span.Minutes < waitTime)
{
str.Append("{\"IsSuccess\":false,\"Msg\":\"你登录错误已超过" + ConfigManager.GetAllowLoginCount() + "次,请" + (waitTime - span.Minutes) + "分钟后重试\"}");
context.Response.Write(str.ToString());
return;
}
else
{
context.Session["loginCount"] = 0;
context.Session["loginForbidTime"] = "";
}
}
if (systemBLL.UserLogin(username, password))
{
if (loginCount != null)
{
context.Session["loginCount"] = 0;
}
AppUser workUser = new AppUser();
workUser = systemBLL.InitAppUser(username, password).Result;
//更新用户登录时间
systemBLL.UpdateLoginTime(workUser.UserID, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"));
context.Session[ConfigManager.GetSignInAppUserSessionName()] = workUser;
LoginManager.SetLoginID(workUser.UserID);
if (string.IsNullOrEmpty(workUser.qyID))
{
str.Append("{\"IsSuccess\":true,\"Msg\":\"登录成功\",\"url\":\"/WxjzgcjczyPage/MainPage/Index.aspx\"}");
}
else
{
str.Append("{\"IsSuccess\":true,\"Msg\":\"登录成功\",\"url\":\"/WxjzgcjczyPage/MainPage/Index2.aspx\"}");
}
context.Response.Write(str.ToString());
}
else
{
loginCount = context.Session["loginCount"];
if (loginCount == null)
{
loginCount = 1;
}
else
{
loginCount = loginCount.ToInt32(0) + 1;
}
context.Session["loginCount"] = loginCount;
if (loginCount != null && loginCount.ToInt32(0) == ConfigManager.GetAllowLoginCount())
{
context.Session["loginForbidTime"] = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
}
str.Append("{\"IsSuccess\":false,\"Msg\":\"用户名或密码错误\"}");
context.Response.Write(str.ToString());
}
}
