Esempio n. 1
0
 public static string UserLogin(string userName, string userPassword)
 {
     try
     {
         var          res         = string.Empty;
         const string sqlUserName = "******";
         var          paramsStr   = new StringBuilder();
         paramsStr.Append("@Mobile nvarchar(200)");
         Database db      = DatabaseFactory.CreateDatabase();
         var      command = SQLServerUtiles.Get_SP_ExecuteSQL(db, sqlUserName, paramsStr.ToString());
         db.AddInParameter(command, "Mobile", DbType.AnsiString, userName);
         var name = db.ExecuteScalar(command);
         if (name == null || name == DBNull.Value)
         {
             const string sqlFacName   = "SELECT * FROM UserAccount WHERE Mobile = @Mobile";
             var          paramsStrFac = new StringBuilder();
             paramsStrFac.Append("@Mobile nvarchar(200)");
             Database dbFac      = DatabaseFactory.CreateDatabase();
             var      commandFac = SQLServerUtiles.Get_SP_ExecuteSQL(dbFac, sqlFacName, paramsStrFac.ToString());
             dbFac.AddInParameter(commandFac, "Mobile", DbType.AnsiString, userName);
             var nameFac = dbFac.ExecuteScalar(commandFac);
             if (nameFac == null || nameFac == DBNull.Value)
             {
                 res = "用户名有误或不存在!";
             }
             else
             {
                 const string sqlFac = "SELECT * FROM  UserAccount WHERE Mobile = @Mobile and PassWord=@PassWord";
                 paramsStrFac.Append(",@PassWord nvarchar(50)");
                 Database dbFacInfo      = DatabaseFactory.CreateDatabase();
                 var      commandFacInfo = SQLServerUtiles.Get_SP_ExecuteSQL(dbFacInfo, sqlFac, paramsStrFac.ToString());
                 dbFacInfo.AddInParameter(commandFacInfo, "Mobile", DbType.AnsiString, userName);
                 dbFacInfo.AddInParameter(commandFacInfo, "PassWord", DbType.AnsiString, userPassword);
                 var dataReader = dbFacInfo.ExecuteReader(commandFacInfo);
                 if (dataReader.Read())
                 {
                     var user = new FactroyInfo().ReaderBind(dataReader);
                     if (user.Status != 1)
                     {
                         res = "帐号异常或被锁定!";
                     }
                     else
                     {
                         HttpContext.Current.Session["FrontUser"] = new UserAccount().ReaderBind(dataReader);
                     }
                 }
                 else
                 {
                     res = "密码输入错误!";
                 }
             }
         }
         else
         {
             const string sqlUser = "******";
             paramsStr.Append(",@PassWord nvarchar(50)");
             Database dbUser      = DatabaseFactory.CreateDatabase();
             var      commandUser = SQLServerUtiles.Get_SP_ExecuteSQL(dbUser, sqlUser, paramsStr.ToString());
             dbUser.AddInParameter(commandUser, "Mobile", DbType.AnsiString, userName);
             dbUser.AddInParameter(commandUser, "PassWord", DbType.AnsiString, userPassword);
             var dataReader = dbUser.ExecuteReader(commandUser);
             if (dataReader.Read())
             {
                 var user = new UserAccount().ReaderBind(dataReader);
                 if (user.Status != 1)
                 {
                     res = "帐号异常或被锁定!";
                 }
                 else
                 {
                     HttpContext.Current.Session["FrontUser"] = new UserAccount().ReaderBind(dataReader);
                 }
             }
             else
             {
                 res = "密码输入错误!";
             }
         }
         return(res);
     }
     catch (Exception)
     {
         return("登录失败");
     }
 }
Esempio n. 2
0
 public static string UserLogin(string userName, string userPassword)
 {
     try
     {
         var res = string.Empty;
         const string sqlUserName = "******";
         var paramsStr = new StringBuilder();
         paramsStr.Append("@Mobile nvarchar(200)");
         Database db = DatabaseFactory.CreateDatabase();
         var command = SQLServerUtiles.Get_SP_ExecuteSQL(db, sqlUserName, paramsStr.ToString());
         db.AddInParameter(command, "Mobile", DbType.AnsiString, userName);
         var name = db.ExecuteScalar(command);
         if (name == null || name == DBNull.Value)
         {
             const string sqlFacName = "SELECT * FROM UserAccount WHERE Mobile = @Mobile";
             var paramsStrFac = new StringBuilder();
             paramsStrFac.Append("@Mobile nvarchar(200)");
             Database dbFac = DatabaseFactory.CreateDatabase();
             var commandFac = SQLServerUtiles.Get_SP_ExecuteSQL(dbFac, sqlFacName, paramsStrFac.ToString());
             dbFac.AddInParameter(commandFac, "Mobile", DbType.AnsiString, userName);
             var nameFac = dbFac.ExecuteScalar(commandFac);
             if (nameFac == null || nameFac == DBNull.Value)
             {
                 res = "用户名有误或不存在!";
             }
             else
             {
                 const string sqlFac = "SELECT * FROM  UserAccount WHERE Mobile = @Mobile and PassWord=@PassWord";
                 paramsStrFac.Append(",@PassWord nvarchar(50)");
                 Database dbFacInfo = DatabaseFactory.CreateDatabase();
                 var commandFacInfo = SQLServerUtiles.Get_SP_ExecuteSQL(dbFacInfo, sqlFac, paramsStrFac.ToString());
                 dbFacInfo.AddInParameter(commandFacInfo, "Mobile", DbType.AnsiString, userName);
                 dbFacInfo.AddInParameter(commandFacInfo, "PassWord", DbType.AnsiString, userPassword);
                 var dataReader = dbFacInfo.ExecuteReader(commandFacInfo);
                 if (dataReader.Read())
                 {
                     var user = new FactroyInfo().ReaderBind(dataReader);
                     if (user.Status != 1)
                     {
                         res = "帐号异常或被锁定!";
                     }
                     else
                     {
                         HttpContext.Current.Session["FrontUser"] = new UserAccount().ReaderBind(dataReader);
                     }
                 }
                 else
                 {
                     res = "密码输入错误!";
                 }
             }
         }
         else
         {
             const string sqlUser = "******";
             paramsStr.Append(",@PassWord nvarchar(50)");
             Database dbUser = DatabaseFactory.CreateDatabase();
             var commandUser = SQLServerUtiles.Get_SP_ExecuteSQL(dbUser, sqlUser, paramsStr.ToString());
             dbUser.AddInParameter(commandUser, "Mobile", DbType.AnsiString, userName);
             dbUser.AddInParameter(commandUser, "PassWord", DbType.AnsiString, userPassword);
             var dataReader = dbUser.ExecuteReader(commandUser);
             if (dataReader.Read())
             {
                 var user = new UserAccount().ReaderBind(dataReader);
                 if (user.Status != 1)
                 {
                     res = "帐号异常或被锁定!";
                 }
                 else
                 {
                     HttpContext.Current.Session["FrontUser"] = new UserAccount().ReaderBind(dataReader);
                 }
             }
             else
             {
                 res = "密码输入错误!";
             }
         }
         return res;
     }
     catch (Exception)
     {
         return "登录失败";
     }
 }