public void BasePage_Load(Object sender, EventArgs e) { //Cookie为空,强行登录 if (cookie.UserName.Length == 0) { Response.Write(ShowMassage.Html("请登录", "/default.aspx", true)); Response.End(); } if (cookie.PurviewCodes.Length == 0) { Response.Write(ShowMassage.Html("没有分配权限,请联系管理员", "/default.aspx", true)); Response.End(); } currentUser = new ADT.XingZhi.BLL.S.User().GetModelByUserName(cookie.UserName); if (currentUser == null) { Response.Write(ShowMassage.Html("请登录", "/default.aspx", true)); Response.End(); } if (currentUser.Disabled == true) //该账户已被禁止登录,请重新登录 { Response.Write(ShowMassage.Html("用户已被禁止登录,请联系管理员", "/default.aspx", true)); Response.End(); } if (ViewPurviewCode != "0" && !VerifyPurview(ViewPurviewCode)) { //判断是否有查看页面权限 if (!cookie.PurviewCodes.Contains(ViewPurviewCode)) { Response.Write(ShowMassage.Html(CHECK_POWER_FAIL_PAGE_MESSAGE)); Response.End(); } } }
private void LoadLogin() { string userName = HttpUtility.HtmlEncode(RequestHelper.GetRequestString("username")); string password = HttpUtility.HtmlEncode(RequestHelper.GetRequestString("userpwd")); //请填写完整 if (userName.Length == 0 || password.Length == 0) { Response.Write(ShowMassage.Html("请填写完整", "default.aspx")); } else { UserModel model = bll.GetModelByUserName(userName); if (model == null) { logBLL.AddLog("登录", Request.RawUrl, Request.HttpMethod, "登录系统;结果:失败(用户名不存在)", 0, userName); Response.Write(ShowMassage.Html("用户名不存在", "default.aspx")); } else { if (model.Pwd == MD5Encrypt.GetPass(password, model.Encrypt)) { if (model.Disabled == false) { bll.UpdateByLogin(model.Id, RequestHelper.GetIP()); //登录成功,保存至cookie RABCCookie cookie = new RABCCookie(); DateTime time = DateTime.Now; cookie.AddUserNameCookie(model.Name, time, 0); cookie.AddPurviewCodeCookie(bll.GetPurviewCodesByUserId(model.Id), time, 0); logBLL.AddLog("登录", Request.RawUrl, Request.HttpMethod, "登录系统;结果:成功", model.Id, model.Name); //跳转至首页 Response.Write(ShowMassage.Html("登录成功", "index.aspx")); } else { logBLL.AddLog("登录", Request.RawUrl, Request.HttpMethod, "登录系统;结果:失败(该用户状态为禁止登录)", model.Id, model.Name); Response.Write(ShowMassage.Html("该用户已经被禁止登录", "default.aspx")); } } else { logBLL.AddLog("登录", Request.RawUrl, Request.HttpMethod, "登录系统;结果:失败(密码错误)", model.Id, model.Name); Response.Write(ShowMassage.Html("密码错误", "default.aspx")); } } } Response.End(); }
/// <summary> /// 修改一条数据 /// </summary> /// <param name="model">ADT.XingZhi.Models.S.User</param> /// <param name="userRoleDT">用户角色信息DataTable</param> public int Modify(ADT.XingZhi.Models.S.User model, DataTable userRoleDT) { try { SqlParameter[] param = { new SqlParameter("@id", SqlDbType.Int), new SqlParameter("@pwd", SqlDbType.VarChar, 32), new SqlParameter("@encrypt", SqlDbType.VarChar, 6), new SqlParameter("@realName", SqlDbType.NVarChar, 20), new SqlParameter("@email", SqlDbType.VarChar, 50), new SqlParameter("@mobile", SqlDbType.VarChar, 50), new SqlParameter("@tel", SqlDbType.VarChar, 50), new SqlParameter("@disabled", SqlDbType.Bit), new SqlParameter("@userRole", SqlDbType.Structured), new SqlParameter("@result", SqlDbType.Int) }; param[0].Value = model.Id; param[1].Value = model.Pwd; param[2].Value = model.Encrypt; param[3].Value = model.RealName; param[4].Value = model.Email; param[5].Value = model.Mobile; param[6].Value = model.Tel; param[7].Value = model.Disabled; param[8].Value = userRoleDT; param[8].TypeName = "dbo.RoleUserTableType"; param[9].Direction = ParameterDirection.Output; SqlHelper.ExecuteNonQuery(DefaultConnection.ConnectionStringByDefaultDB, CommandType.StoredProcedure, "sp_modify_S_USER", param); return(Convert.ToInt32(param[9].Value)); } catch (ArgumentNullException ex) { logger.Error("调用方法Modify(ADT.XingZhi.Models.S.User model, DataTable userRoleDT)发生ArgumentNullException", ex); } catch (SqlException ex) { logger.Error("调用方法Modify(ADT.XingZhi.Models.S.User model, DataTable userRoleDT)发生SqlException", ex); } catch (Exception ex) { logger.Error("调用方法Modify(ADT.XingZhi.Models.S.User model, DataTable userRoleDT)发生Exception", ex); } return(-1); }
private void LoadData() { // 如果用户已经登录,则重定向到管理首页 RABCCookie cookie = new RABCCookie(); if (cookie.UserName.Length > 0) { UserModel model = bll.GetModelByUserName(cookie.UserName); if (model != null && model.Disabled == false) { bll.UpdateByLogin(model.Id, RequestHelper.GetIP()); //登录成功,保存至cookie DateTime time = DateTime.Now; cookie.AddUserNameCookie(model.Name, time, 0); cookie.AddPurviewCodeCookie(bll.GetPurviewCodesByUserId(model.Id), time, 0); logBLL.AddLog("登录", Request.RawUrl, Request.HttpMethod, "Session登录系统;结果:成功", model.Id, model.Name); //跳转至首页 Response.Write(ShowMassage.Html("登录成功", "index.aspx")); Response.End(); } } }
protected void btnSave_Click(object sender, EventArgs e) { //保存权限 if (!VerifyPurview(",SU-EDIT,")) { Alert.ShowInParent(CHECK_POWER_FAIL_ACTION_MESSAGE); return; } string strErr = String.Empty; int num = 1; if (id <= 0) { strErr += num + "、参数错误 <br />"; num++; } string vName = HttpUtility.HtmlEncode(txtVerityName.Text.Trim()); if (vName.Length == 0) { strErr += num + "、真实姓名不能为空 <br />"; } if (strErr.Length > 0) { Alert.ShowInParent(strErr); return; } UserModel model = new UserModel(); model.Id = id; string pwd = HttpUtility.HtmlEncode(txtPwd.Text.Trim()); if (pwd.Length > 0) { model.Encrypt = RandomHelper.CreateRandomStr(6); model.Pwd = MD5Encrypt.GetPass(pwd, model.Encrypt); } model.RealName = vName; model.Email = HttpUtility.HtmlEncode(txtEmail.Text.Trim()); model.Mobile = HttpUtility.HtmlEncode(txtMobile.Text.Trim()); model.Tel = HttpUtility.HtmlEncode(txtTel.Text.Trim()); model.Disabled = chkDisabled.Checked; int result = 0; UserBLL bll = new UserBLL(); using (DataTable roleDT = new DataTable()) { roleDT.Columns.Add("roleid", typeof(int)); roleDT.Columns.Add("userid", typeof(int)); #region 角色用户 string userRole = hfSelectedRole.Text.Trim(); if (userRole.Length > 0) { string[] userRoleArr = userRole.Split(','); foreach (string s in userRoleArr) { DataRow dr = roleDT.NewRow(); dr[0] = Convert.ToInt32(s); dr[1] = model.Id; roleDT.Rows.Add(dr); } } #endregion result = bll.Modify(model, roleDT); } if (result > 0) { Alert.ShowInParent("保存成功!", String.Empty, ActiveWindow.GetHidePostBackReference()); } else { Alert.ShowInParent("保存失败"); } }
/// <summary> /// 修改一条数据 /// </summary> /// <param name="model">ADT.XingZhi.Models.S.User</param> /// <param name="userRoleDT">用户角色信息DataTable</param> public int Modify(ADT.XingZhi.Models.S.User model, DataTable userRoleDT) { return(dal.Modify(model, userRoleDT)); }