protected void IbtnEnter_Click(object sender, EventArgs e)
{
string str = (string)this.Session["LoginName"];
string str2 = (string)this.Session["password"];
if (string.IsNullOrEmpty(str) || string.IsNullOrEmpty(str2))
{
AdminPage.WriteErrMsg("<li>操作超时</li>", "Login.aspx");
}
string str4 = base.Request.Form[str];
string str5 = base.Request.Form[str2];
AdministratorInfo info = Administrators.AuthenticateAdmin(str4.Trim(), str5.Trim());
if (info.IsLock)
{
AdminPage.WriteErrMsg("<li>此管理员已经被锁定,请联系网站管理员!</li>", "Login.aspx");
}
LogInfo info2 = new LogInfo();
info2.UserName = info.AdminName;
info2.UserIP = PEContext.Current.UserHostAddress;
info2.ScriptName = base.Request.RawUrl;
info2.Timestamp = DateTime.Now;
info2.Source = "";
ILog log = LogFactory.CreateLog();
if (!info.IsNull && (string.Compare(info.AdminName, str4.Trim(), StringComparison.OrdinalIgnoreCase) == 0))
{
AdminPrincipal principal = new AdminPrincipal();
principal.UserName = info.UserName;
principal.AdminName = info.AdminName;
principal.RndPassword = info.RndPassword;
string userData = principal.SerializeToString();
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, info.AdminName, DateTime.Now, DateTime.Now.AddMinutes((double)SiteConfig.SiteOption.TicketTime), false, userData);
string str8 = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName + "AdminCookie", str8);
cookie.HttpOnly = true;
cookie.Path = FormsAuthentication.FormsCookiePath;
cookie.Secure = FormsAuthentication.RequireSSL;
base.Response.Cookies.Add(cookie);
if (base.Request.Cookies[FormsAuthentication.FormsCookieName] == null)
{
UserInfo usersByUserName = Users.GetUsersByUserName(principal.UserName);
if (!usersByUserName.IsNull && (usersByUserName.Status == UserStatus.None))
{
string str9 = DataSecurity.MakeRandomString(10);
usersByUserName.LogOnTimes++;
usersByUserName.LastLogOnTime = new DateTime?(DateTime.Now);
usersByUserName.LastLogOnIP = PEContext.Current.UserHostAddress;
usersByUserName.LastPassword = str9;
Users.Update(usersByUserName);
UserPrincipal principal2 = new UserPrincipal();
principal2.UserName = principal.UserName;
principal2.LastPassword = str9;
FormsAuthenticationTicket ticket2 = new FormsAuthenticationTicket(1, principal.UserName, DateTime.Now, DateTime.Now.AddDays(1.0), false, principal2.SerializeToString());
string str10 = FormsAuthentication.Encrypt(ticket2);
HttpCookie cookie2 = new HttpCookie(FormsAuthentication.FormsCookieName, str10);
cookie2.HttpOnly = true;
cookie2.Path = FormsAuthentication.FormsCookiePath;
cookie2.Secure = FormsAuthentication.RequireSSL;
this.Session["UserName"] = principal2.UserName;
base.Response.Cookies.Add(cookie2);
}
}
info2.PostString = "";
info2.Category = LogCategory.LogOnOk;
info2.Message = "登录成功";
info2.Title = info.AdminName + " 登录成功";
info2.Priority = LogPriority.Normal;
log.Add(info2);
BasePage.ResponseRedirect("Index.aspx", true);
}
else
{
info2.PostString = "\r\nFORM: " + HttpContext.Current.Request.Form.ToString() + "\r\nQUERYSTRING: " + HttpContext.Current.Request.QueryString.ToString();
info2.Category = LogCategory.LogOnFailure;
info2.Message = "登录失败";
info2.Title = str4.Trim() + " 登录失败";
info2.Priority = LogPriority.Highest;
log.Add(info2);
AdminPage.WriteErrMsg("<li>用户登录名称或用户密码不对!</li>");
}
}
