/// <summary> /// 增加一条数据 /// </summary> public void Add(thesis.model.User model) { model.ID = GetMaxID() + 1; StringBuilder strSql = new StringBuilder(); strSql.Append("insert into SPECIES12("); strSql.Append("ID,NAME,MM,ZX,JIBIE,REPHOME,EMAIL,HP,TEL,FLAG,HOLD1,HOLD2,COMPANYID,DEPARTMENTID,OFFICEID"); strSql.Append(")"); strSql.Append(" values ("); strSql.Append("" + model.ID + ","); strSql.Append("'" + model.NAME + "',"); strSql.Append("'" + model.MM + "',"); strSql.Append("" + model.ZX + ","); strSql.Append("" + model.JIBIE + ","); strSql.Append("'" + model.REPHOME + "',"); strSql.Append("'" + model.EMAIL + "',"); strSql.Append("'" + model.HP + "',"); strSql.Append("'" + model.TEL + "',"); strSql.Append("" + model.FLAG + ","); strSql.Append("'" + model.HOLD1 + "',"); strSql.Append("'" + model.HOLD2 + "',"); strSql.Append("" + model.COMPANYID + ","); strSql.Append("" + model.DEPARTMENTID + ","); strSql.Append("" + model.OFFICEID + ""); strSql.Append(")"); DbHelperSQL.ExecuteSql(strSql.ToString()); }
/// <summary> /// 获得数据列表 /// </summary> private List <User> GetList(string strWhere) { StringBuilder strSql = new StringBuilder(); strSql.Append("select ID,NAME,MM,ZX,JIBIE,REPHOME,EMAIL,HP,TEL,FLAG,HOLD1,HOLD2 ,COMPANYID,DEPARTMENTID,OFFICEID "); strSql.Append(" FROM SPECIES12 "); if (strWhere.Trim() != "") { strSql.Append(" where " + strWhere); } DataSet ds = DbHelperSQL.Query(strSql.ToString()); List <User> list = new List <User>(); for (int i = 0; i < ds.Tables[0].Rows.Count; i++) { thesis.model.User model = new thesis.model.User(); if (ds.Tables[0].Rows[i]["ID"].ToString() != "") { model.ID = int.Parse(ds.Tables[0].Rows[i]["ID"].ToString()); } model.NAME = ds.Tables[0].Rows[i]["NAME"].ToString(); model.MM = ds.Tables[0].Rows[i]["MM"].ToString(); if (ds.Tables[0].Rows[i]["ZX"].ToString() != "") { model.ZX = int.Parse(ds.Tables[0].Rows[i]["ZX"].ToString()); } if (ds.Tables[0].Rows[i]["JIBIE"].ToString() != "") { model.JIBIE = int.Parse(ds.Tables[0].Rows[i]["JIBIE"].ToString()); } model.REPHOME = ds.Tables[0].Rows[i]["REPHOME"].ToString(); model.EMAIL = ds.Tables[0].Rows[i]["EMAIL"].ToString(); model.HP = ds.Tables[0].Rows[i]["HP"].ToString(); model.TEL = ds.Tables[0].Rows[i]["TEL"].ToString(); if (ds.Tables[0].Rows[i]["FLAG"].ToString() != "") { model.FLAG = int.Parse(ds.Tables[0].Rows[i]["FLAG"].ToString()); } model.HOLD1 = ds.Tables[0].Rows[i]["HOLD1"].ToString(); model.HOLD2 = ds.Tables[0].Rows[i]["HOLD2"].ToString(); if (!ds.Tables[0].Rows[i]["COMPANYID"].ToString().Equals("")) { model.COMPANYID = int.Parse(ds.Tables[0].Rows[i]["COMPANYID"].ToString()); } if (!ds.Tables[0].Rows[i]["DEPARTMENTID"].ToString().Equals("")) { model.DEPARTMENTID = int.Parse(ds.Tables[0].Rows[i]["DEPARTMENTID"].ToString()); } if (!ds.Tables[0].Rows[i]["OFFICEID"].ToString().Equals("")) { model.OFFICEID = int.Parse(ds.Tables[0].Rows[i]["OFFICEID"].ToString()); } list.Add(model); } return(list); }
/// <summary> /// 更新一条数据 /// </summary> public void Update(thesis.model.User model) { StringBuilder strSql = new StringBuilder(); strSql.Append("update SPECIES12 set "); strSql.Append("NAME='" + model.NAME + "',"); strSql.Append("MM='" + model.MM + "',"); strSql.Append("ZX=" + model.ZX + ","); strSql.Append("JIBIE=" + model.JIBIE + ","); strSql.Append("REPHOME='" + model.REPHOME + "',"); strSql.Append("EMAIL='" + model.EMAIL + "',"); strSql.Append("HP='" + model.HP + "',"); strSql.Append("TEL='" + model.TEL + "',"); strSql.Append("FLAG=" + model.FLAG + ","); strSql.Append("HOLD1='" + model.HOLD1 + "',"); strSql.Append("HOLD2='" + model.HOLD2 + "',"); strSql.Append("COMPANYID=" + model.COMPANYID + ","); strSql.Append("DEPARTMENTID=" + model.DEPARTMENTID + ","); strSql.Append("OFFICEID=" + model.OFFICEID + ""); strSql.Append(" where ID=" + model.ID + " "); DbHelperSQL.ExecuteSql(strSql.ToString()); }
/// <summary> /// 更新一条数据 /// </summary> public void Update(thesis.model.User model) { dal.Update(model); }
/// <summary> /// 增加一条数据 /// </summary> public void Add(thesis.model.User model) { dal.Add(model); }
protected void Button1_Click(object sender, EventArgs e) { if ("".Equals(tbUserName.Value.Trim())) { this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('用户名不能为空!');", true); return; } #region 查看当前用户是否已经被锁定(根据系统设定的最大密码错误次数和启用该功能的开关) string PassWordErrorRecord = StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["PassWordErrorRecord"].ToString()).ToUpper(); if (PassWordErrorRecord.Equals("QIYONG") && !CheckErrorRecord()) { this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('您今天的密码错误次数已经达到上限,系统拒绝您今天登陆!');", true); return; } #endregion FormsAuthentication.Initialize(); UserBll userBll = new UserBll(); thesis.model.User spcUser = userBll.GetModel(tbUserName.Value.Trim().ToLower()); if (spcUser != null && spcUser.MM.Equals(StringEncodeAndDecode.Encode(tbPassword.Value.Trim()))) { //写入日志 OperationLogBll olBll = new OperationLogBll(); OperationLog oLog = new OperationLog(); oLog.SPECIES12_ID = spcUser.ID; string ipaddress = ClientIPAddress.getIPAddress(); oLog.RQSJ = DateTime.Now; oLog.NR = spcUser.NAME + "成功登录本系统【" + ipaddress + "】!"; oLog.ENR = spcUser.NAME + "load successfully[" + ipaddress + "]!"; olBll.Add(oLog); //修改用户的登录信息,添加用户登陆日志 /*修改用户的最新登陆日期和访问量*/ string logindate = System.DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss"); spcUser.HOLD1 = logindate; spcUser.HOLD2 = spcUser.HOLD2.Trim().Equals("") ? "1" : (int.Parse(spcUser.HOLD2) + 1).ToString(); userBll.Update(spcUser); /*写入登陆日志*/ LoginRecordBLL loginbll = new LoginRecordBLL(); LoginRecord record = new LoginRecord(); record.USERID = spcUser.ID; record.IPADDRESS = ipaddress; record.LOGINDATE = logindate; record.BY2 = ""; record.BY1 = ""; loginbll.Add(record); // 为了实现认证,创建一个新的票据 FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, // 票据版本号 tbUserName.Value.Trim(), // 票据持有者 DateTime.Now, //分配票据的时间 DateTime.Now.AddMinutes(30), // 失效时间 true, // 需要用户的 cookie "spcuser", // 用户数据,可以作为用户的角色 FormsAuthentication.FormsCookiePath); //cookie有效路径 //使用机器码machine key加密cookie,为了安全传送 string hash = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie( FormsAuthentication.FormsCookieName, // 认证cookie的名称 hash); //加密之后的cookie //将cookie的失效时间设置为和票据tikets的失效时间一致 if (ticket.IsPersistent) { cookie.Expires = ticket.Expiration; } //添加cookie到页面请求响应中 Response.Cookies.Add(cookie); // 将用户转向到之前请求的页面, // 如果之前没有请求任何页面,就转向到首页 string returnUrl = Request.QueryString["ReturnUrl"]; if (returnUrl == null) { returnUrl = "Default.aspx"; } // 不要调用 FormsAuthentication.RedirectFromLoginPage 方法, // 因为它会把刚才添加的票据(cookie)替换掉 #region 清除密码错误记录 if (PassWordErrorRecord.Equals("QIYONG")) { string del = "delete from ERRORPASSWORDRECORD where username='******' and ERRORDATE='" + System.DateTime.Now.ToString("yyyy-MM-dd") + "'"; DbHelperSQL.ExecuteSql(del); } #endregion #region 清除超时用户,同时清除自己以前的登录记录(目的是防止因为Session过期而导致的重新登陆拒绝问题) string LimitOnline = StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["LimitOnline"]); if (!LimitOnline.ToUpper().Equals("XJTUCIMSSPC")) { if (DelTimeOut(this.tbUserName.Value.ToString())) { WriteActiveUser(this.tbUserName.Value.ToString()); Session["userwrx"] = spcUser; Session["UserName2"] = tbUserName.Value.ToString(); Session["UserID"] = spcUser.ID; Response.Redirect(returnUrl); } else { this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('当前用户已经登录,不能重复登录!');", true); } } else { Session["userwrx"] = spcUser; Session["UserName2"] = tbUserName.Value.ToString(); Session["UserID"] = spcUser.ID; Response.Redirect(returnUrl); } #endregion } else { if (PassWordErrorRecord.Equals("QIYONG")) { string sql_sel = "select * from ERRORPASSWORDRECORD where username='******' and ERRORDATE='" + System.DateTime.Now.ToString("yyyy-MM-dd") + "'"; DataSet ds = DbHelperSQL.Query(sql_sel); int max_error = 5; int remain_error = 4; if (!StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["ErrorRecordNum"].ToString()).Equals("")) { max_error = int.Parse(StringEncodeAndDecode.Decode(ConfigurationManager.AppSettings["ErrorRecordNum"].ToString())); } if (ds.Tables[0].Rows.Count == 0)//还没有错误过 { string sql_ins = "insert into ERRORPASSWORDRECORD(username,IPADDRESS,ERRORNUM,ERRORDATE)values('" + this.tbUserName.Value + "','" + ClientIPAddress.getIPAddress() + "',1,'" + System.DateTime.Now.ToString("yyyy-MM-dd") + "')"; DbHelperSQL.ExecuteSql(sql_ins); } else { string sql_update = "update ERRORPASSWORDRECORD set ERRORNUM=ERRORNUM+1 where username='******' and ERRORDATE='" + System.DateTime.Now.ToString("yyyy-MM-dd") + "'"; DbHelperSQL.ExecuteSql(sql_update); remain_error = max_error - int.Parse(ds.Tables[0].Rows[0]["ERRORNUM"].ToString()) - 1; } this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('错误的用户名/密码,您还有【" + remain_error + "】次尝试机会!');", true); } else { this.ClientScript.RegisterStartupScript(this.GetType(), "noUser", "alert('错误的用户名/密码!');", true); } } }
/// <summary> /// 得到一个对象实体 /// </summary> private thesis.model.User GetModelByCondition(string strWhere) { StringBuilder strSql = new StringBuilder(); strSql.Append("select "); strSql.Append(" ID,NAME,MM,ZX,JIBIE,REPHOME,EMAIL,HP,TEL,FLAG,HOLD1,HOLD2,COMPANYID,DEPARTMENTID,OFFICEID "); strSql.Append(" from SPECIES12 "); if (strWhere.Trim() != "") { strSql.Append(" where " + strWhere); } thesis.model.User model = new thesis.model.User(); DataSet ds = DbHelperSQL.Query(strSql.ToString()); if (ds.Tables[0].Rows.Count > 0) { if (ds.Tables[0].Rows[0]["ID"].ToString() != "") { model.ID = int.Parse(ds.Tables[0].Rows[0]["ID"].ToString()); } model.NAME = ds.Tables[0].Rows[0]["NAME"].ToString(); model.MM = ds.Tables[0].Rows[0]["MM"].ToString(); if (ds.Tables[0].Rows[0]["ZX"].ToString() != "") { model.ZX = int.Parse(ds.Tables[0].Rows[0]["ZX"].ToString()); } if (ds.Tables[0].Rows[0]["JIBIE"].ToString() != "") { model.JIBIE = int.Parse(ds.Tables[0].Rows[0]["JIBIE"].ToString()); } model.REPHOME = ds.Tables[0].Rows[0]["REPHOME"].ToString(); model.EMAIL = ds.Tables[0].Rows[0]["EMAIL"].ToString(); model.HP = ds.Tables[0].Rows[0]["HP"].ToString(); model.TEL = ds.Tables[0].Rows[0]["TEL"].ToString(); if (ds.Tables[0].Rows[0]["FLAG"].ToString() != "") { model.FLAG = int.Parse(ds.Tables[0].Rows[0]["FLAG"].ToString()); } model.HOLD1 = ds.Tables[0].Rows[0]["HOLD1"].ToString(); model.HOLD2 = ds.Tables[0].Rows[0]["HOLD2"].ToString(); if (!ds.Tables[0].Rows[0]["COMPANYID"].ToString().Equals("")) { model.COMPANYID = int.Parse(ds.Tables[0].Rows[0]["COMPANYID"].ToString()); } if (!ds.Tables[0].Rows[0]["DEPARTMENTID"].ToString().Equals("")) { model.DEPARTMENTID = int.Parse(ds.Tables[0].Rows[0]["DEPARTMENTID"].ToString()); } if (!ds.Tables[0].Rows[0]["OFFICEID"].ToString().Equals("")) { model.OFFICEID = int.Parse(ds.Tables[0].Rows[0]["OFFICEID"].ToString()); } return(model); } else { return(null); } }