コード例 #1
0
        public static int Logout(users ck2)
        {
            if (null == ck2)
            {
                return(-1);
            }

            try
            {
                var ck = new ManageCookie();
                using (SqlConnection conn = DBConnection())
                {
                    string strsql = string.Format(@"
                            update persons set p_is_online=0 where p_id=@p_id;
                            update online_user set logout_date=getdate() where id=@log_id;
                            ");
                    var    cmd    = new SqlCommand(strsql, conn)
                    {
                        CommandType = CommandType.Text
                    };
                    cmd.Parameters.AddWithValue("@log_id", ck2.online_id);
                    cmd.Parameters.AddWithValue("@p_id", ck2.p_id);

                    cmd.ExecuteNonQuery();

                    ck.DeleteCookies();
                    //HttpContext.Current.Session["logId"] = null;
                    HttpContext.Current.Cache.Remove("menuData");
                    HttpContext.Current.Cache.Remove("menuText");
                }
            }
            catch { return(-1); }
            return(0);
        }
コード例 #2
0
        public static string Login(string IdCard, string strName, string UserStatus)
        {
            ManageCookie  ck          = new ManageCookie();
            int           retIdentity = 0; //To get the identity from inserted value
            int           retAllow    = 0; //To validate user
            SqlConnection conn        = DBConnection();
            DataSet       ds          = new DataSet();

            //Add one more criteria: p.p_is_deleted is 0
            string strsql = string.Format(@"select p.p_id, p.m_id, p.p_role_id 
                                        , p.p_idno, p.p_name_thai, p.p_sname_thai, p.p_name_eng, p.p_sname_eng
                                        , p.p_is_online, isnull(datediff(hour, p.last_login, getdate()),0) as last_login
                                        , m.mi_code, m.mi_name 
                                        ,d.d_code, d.d_name
                                        from persons p
                                        left join ministry m on p.m_id = m.mi_id
                                        left join persons_detail pd on p.p_id = pd.p_id 
                                        left join department d on pd.d_id = d.d_id
                            where p.p_idno = @idno and p.p_name_eng = @name and p.p_is_active=1 and p.p_is_delete=0 and p.p_role_id=@role_id; ");

            SqlCommand cmd = new SqlCommand(strsql, conn);

            cmd.CommandType = CommandType.Text;
            cmd.Parameters.AddWithValue("@idno", IdCard);
            cmd.Parameters.AddWithValue("@name", strName);
            cmd.Parameters.AddWithValue("@role_id", UserStatus);
            cmd.CommandTimeout = 0;
            //DataSet ds = ExecuteDetaset(cmd);
            SqlDataAdapter da = new SqlDataAdapter(cmd);

            da.Fill(ds);
            retAllow = validateUser(ds);
            if (retAllow == 1)
            {
                //                Comment by Ton
                //                strsql = string.Format(@"insert into online_user(p_id,p_idno,p_name_thai,p_sname_thai)
                //                values(@uid, @idno, @namethai, @sname);
                //                select @@Identity;
                //                update persons set p_is_active=1, last_login=getdate(), p_is_online=1 where p_idno=@idno;
                //                ");

                //              Add one more criteria condition : also check UID
                strsql = string.Format(@"insert into online_user(p_id,p_idno,p_name_thai,p_sname_thai) 
                values(@uid, @idno, @namethai, @sname);             
                select @@Identity;
                update persons set p_is_active=1, last_login=getdate(), p_is_online=1 where (p_idno=@idno) AND (p_id = @uid) ;
                ");

                cmd.Parameters.Clear();
                cmd.CommandText = strsql;
                cmd.CommandType = CommandType.Text;
                cmd.Parameters.AddWithValue("@uid", ds.Tables[0].Rows[0]["p_id"]);
                cmd.Parameters.AddWithValue("@idno", IdCard);
                cmd.Parameters.AddWithValue("@namethai", ds.Tables[0].Rows[0]["p_name_thai"]);
                cmd.Parameters.AddWithValue("@sname", ds.Tables[0].Rows[0]["p_sname_thai"]);

                cmd.ExecuteNonQuery();


                retIdentity = Convert.ToInt32(cmd.ExecuteScalar());
                HttpContext.Current.Session["logId"] = Convert.ToString(retIdentity) + "/" + ds.Tables[0].Rows[0]["p_id"] + "/" + ds.Tables[0].Rows[0]["mi_name"];
                //ck.logId = retIdentity;
                ck.CreateCookies(ds.Tables[0], Convert.ToString(retIdentity));
            }
            else
            {
                ck.DeleteCookies();
                //Response.Cookies[myFunc.ckCKCode].Expires = DateTime.Now.AddDays(-1);
                //Response.Cookies[myFunc.ckUserType].Expires = DateTime.Now.AddDays(-1);
                //_Utility.MessageBox("Username Or Password are not correct.", txtUsername);
                //return;
            }
            DBConnection().Close();
            if (retAllow == 1 && retIdentity > 0)
            {
                return("");
            }
            else if (retAllow == 2)
            {
                return("ท่านไม่สามารถเข้าใช้งานได้ เนื่องจาขณะนี้มีผู้ใช้ที่ท่านระบุกำลังทำงานอยู่ในระบบ");
            }
            else if (retAllow == 0)
            {
                return("ข้อมูลไม่ถูกต้อง กรุณากรอกข้อมูลให้ถูกต้อง");
            }
            return("");
        }