} // end of CreateUserSession
/// <summary>
/// Creates a Admin Session
/// </summary>
private void CreateAdminSession()
{
// create and initialize admin session object
cqAdminSession = CQWrapper.CreateAdminSession();
Logger.WritePerf(LogSource.CQ, "Connecting to CQ Admin Session");
CQWrapper.AdminLogon(cqAdminSession, m_user, m_pwd, m_dbSet, m_configFile);
Logger.WritePerf(LogSource.CQ, "Connected to CQ Admin Session");
OAdUser cqUser = CQWrapper.GetUser(cqAdminSession, m_user);
try
{
if (!CQWrapper.IsSuperUser(cqUser))
{
string errMsg = UtilityMethods.Format(CQResource.CQ_NO_ADMIN_RIGHT,
CurConResource.Analysis,
m_configFile);
Logger.Write(LogSource.CQ, TraceLevel.Error, errMsg);
ConverterMain.MigrationReport.WriteIssue(String.Empty,
errMsg, string.Empty /* no item */, null, "Config", ReportIssueType.Critical);
throw new ConverterException(errMsg);
}
}
catch (System.Runtime.InteropServices.COMException ex)
{
string errMsg = UtilityMethods.Format(CQResource.CQ_NO_ADMIN_RIGHT, m_configFile);
Logger.WriteException(LogSource.CQ, ex);
Logger.Write(LogSource.CQ, TraceLevel.Error, errMsg);
ConverterMain.MigrationReport.WriteIssue(String.Empty, errMsg, string.Empty /* no item */,
null, "Config", ReportIssueType.Critical);
throw new ConverterException(errMsg);
}
} // end of CreateAdminSession
public Task Invoke(HttpContext context)
{
string token = "";
if (context.Request.Cookies.TryGetValue("MRCTOKEN", out token))
{
string userinfo = EncryptHelper.DesDecrypt(token, KeyTool.GetEncryptKey());
string orginInfo = RedisHelper.Get(userinfo);
if (orginInfo.IsNullOrEmpty())
{
context.Items["islogin"] = false;
return(this._next(context));
}
;
AdminSession userSession = JsonHelper.Deserialize <AdminSession>(orginInfo);
if (context.GetClientIP() != userSession.LoginIP)
{
context.Items["islogin"] = false;
}
else
{
context.Items["user"] = userSession;
context.Items["islogin"] = true;
}
}
return(this._next(context));
}
/// <summary>
///
/// </summary>
/// <param name="oldPassword">明文</param>
/// <param name="newPassword">明文</param>
public void ChangePassword(string oldPassword, string newPassword)
{
PasswordHelper.EnsurePasswordLegal(newPassword);
AdminSession session = this.Session;
MALU_Users userLogOn = this.DbContext.Query <MALU_Users>().Where(a => a.Id == session.UserId).First();
string encryptedOldPassword = PasswordHelper.Encrypt(oldPassword, "invtax");
if (encryptedOldPassword != userLogOn.password)
{
throw new Ace.Exceptions.InvalidDataException("旧密码不正确");
}
string newEncryptedPassword = PasswordHelper.Encrypt(newPassword, "invtax");
this.DbContext.DoWithTransaction(() =>
{
this.DbContext.Update <MALU_Users>(a => a.Id == session.UserId, a => new MALU_Users()
{
password = newEncryptedPassword
});
// this.Log(Entities.Enums.LogType.Update, "Account", true, "用户[{0}]修改密码".ToFormat(session.UserId));
});
}
/// <summary>
///
/// </summary>
/// <param name="oldPassword">明文</param>
/// <param name="newPassword">明文</param>
public void ChangePassword(string oldPassword, string newPassword)
{
PasswordHelper.EnsurePasswordLegal(newPassword);
AdminSession session = this.Session;
Sys_UserLogOn userLogOn = this.DbContext.Query <Sys_UserLogOn>().Where(a => a.UserId == session.UserId).First();
string encryptedOldPassword = PasswordHelper.Encrypt(oldPassword, userLogOn.UserSecretkey);
if (encryptedOldPassword != userLogOn.UserPassword)
{
throw new Ace.Exceptions.InvalidDataException("旧密码不正确");
}
string newUserSecretkey = UserHelper.GenUserSecretkey();
string newEncryptedPassword = PasswordHelper.Encrypt(newPassword, newUserSecretkey);
this.DbContext.DoWithTransaction(() =>
{
this.DbContext.Update <Sys_UserLogOn>(a => a.UserId == session.UserId, a => new Sys_UserLogOn()
{
UserSecretkey = newUserSecretkey, UserPassword = newEncryptedPassword
});
this.Log(LogType.Update, "Account", true, "用户[{0}]修改密码".ToFormat(session.UserId));
});
}
///// <summary>
/////
///// </summary>
///// <param name="oldPassword">明文</param>
///// <param name="newPassword">明文</param>
public void ChangePassword(string oldPassword, string newPassword)
{
PasswordHelper.EnsurePasswordLegal(newPassword);
AdminSession session = Session;
var user = _accountRepository.GetSys_UserByUserName(session.UserName);
string encryptedOldPassword = PasswordHelper.Encrypt(oldPassword, user.UserSecretkey);
if (encryptedOldPassword != user.UserPassword)
{
throw new InvalidDataException("旧密码不正确");
}
string newUserSecretkey = UserHelper.GenUserSecretkey();
string newEncryptedPassword = PasswordHelper.Encrypt(newPassword, newUserSecretkey);
user.UserSecretkey = newUserSecretkey;
user.UserPassword = newEncryptedPassword;
if (_accountRepository.Update(user))
{
_sysLogAppService.Log(user.Id, user.RealName, session.LoginIP, "用户[{0}]修改密码".ToFormat(session.UserName));
}//更新密码
}
public async Task <IActionResult> BuscarQuejas(string region, string departamento, string municipio, string estado, string del, string al, string nombre)
{
ClsPeticiones peticiones = new ClsPeticiones();
AdminSession session = new AdminSession(HttpContext);
DateTime? Del = null, Al = null;
if (!del.Equals("0"))
{
try
{
Del = DateTime.Parse(del);
}
catch (Exception)
{
}
}
if (!al.Equals("0"))
{
try
{
Al = DateTime.Parse(al);
}
catch (Exception)
{
}
}
int.TryParse(region, out int IdRegion);
int.TryParse(departamento, out int IdDepartamento);
int.TryParse(municipio, out int IdMunicipio);
int.TryParse(estado, out int IdEstado);
ClsFiltrosInformesQuejas model = new ClsFiltrosInformesQuejas()
{
IdRegion = IdRegion,
IdDepartamento = IdDepartamento,
IdMunicipio = IdMunicipio,
IdEstado = IdEstado,
Del = Del,
Al = Al,
Nombrecomercio = nombre.Equals("null") ? null : nombre
};
var result = await peticiones.PostComplejoAutenticado <ClsFiltrosInformesQuejas, Cls_Response <List <ClsInfoInformQuejas> > >(model, "Informes/GetInformeQuejas", session.GetClaim(VariablesDeSession.Token));
if (!result.Error)
{
ViewBag.Lista = result.Body;
session.SetObject(VariablesDeSession.DataReporte, result.Body);
}
else
{
ViewBag.Error = result.Message;
}
return(PartialView());
}
public async Task <IActionResult> Edit(int id, [Bind("Id,Date,Login,Password")] AdminSession adminSession)
{
if (id != adminSession.Id)
{
return(NotFound());
}
if (ModelState.IsValid)
{
try
{
_context.Update(adminSession);
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!AdminSessionExists(adminSession.Id))
{
return(NotFound());
}
else
{
throw;
}
}
return(RedirectToAction(nameof(Index)));
}
return(View(adminSession));
}
public async Task <IActionResult> AdminEstablecimientos(string IdEmpresa)
{
ClsPeticiones peticiones = new ClsPeticiones();
ClsCatalogos catalogos = new ClsCatalogos();
AdminSession sesion = new AdminSession(HttpContext);
List <int> ids = new List <int> {
1, 2
};
ViewBag.ListEstados = new SelectList(await catalogos.ListEstados(ids), "IdEstado", "NombreEstado");
ViewBag.ListaDepartamentos = new SelectList(await catalogos.ListDepartamentos(), "IdDepartamento", "NombreDepartamento");
sesion.SetString(IdEmpresa, VariablesDeSession.IdEmpresa);
//var result = await peticiones.GetComplejoAnonimo<string, Cls_Response<List<ClsInfoSucursales>>>("Comercios/GetEstablecimientosById/" + IdEmpresa);
ClsCreateEstablecimiento model = new ClsCreateEstablecimiento();
model.Establecimiento = new TbEstablecimiento();
if (sesion.GetString(VariablesDeSession.MensajeExito) != null)
{
ViewBag.Exito = sesion.GetString(VariablesDeSession.MensajeExito);
sesion.Remove(VariablesDeSession.MensajeExito);
}
return(View(model));
}
public async Task <IActionResult> GuardarEstablecimiento(ClsCreateEstablecimiento model)
{
ClsPeticiones peticiones = new ClsPeticiones();
ClsCatalogos catalogos = new ClsCatalogos();
List <int> ids = new List <int> {
1, 2
};
ViewBag.ListEstados = new SelectList(await catalogos.ListEstados(ids), "IdEstado", "NombreEstado");
ViewBag.ListaDepartamentos = new SelectList(await catalogos.ListDepartamentos(), "IdDepartamento", "NombreDepartamento");
AdminSession session = new AdminSession(HttpContext);
if (ModelState.IsValid)
{
model.Establecimiento.IdEmpresa = int.Parse(session.GetString(VariablesDeSession.IdEmpresa));
var response = await peticiones.PostComplejoAutenticado <TbEstablecimiento, Cls_Response <string> >(model.Establecimiento, "Comercios/GuardarEstablecimiento", session.GetClaim(VariablesDeSession.Token));
if (!response.Error)
{
session.SetString(response.Body, VariablesDeSession.MensajeExito);
return(RedirectToAction("AdminEstablecimientos", "Comercios", new { IdEmpresa = session.GetString(VariablesDeSession.IdEmpresa) }));
}
else
{
ViewBag.Error = response.Message;
return(View("AdminEstablecimientos", model));
}
}
else
{
return(View("AdminEstablecimientos", model));
}
}
public async Task <IActionResult> ResolverQueja(List <ClsInfoInformQuejas> model)
{
ClsPeticiones peticiones = new ClsPeticiones();
AdminSession sesion = new AdminSession(HttpContext);
bool ok = true;
foreach (var item in model)
{
if (item.check && string.IsNullOrEmpty(item.DescripcioResuelve))
{
ok = false;
}
}
if (ok)
{
var response = await peticiones.PostComplejoAutenticado <List <ClsInfoInformQuejas>, Cls_Response <string> >(model, "Quejas/AtenderQuejas", sesion.GetClaim(VariablesDeSession.Token));
if (!response.Error)
{
sesion.SetString(response.Body, VariablesDeSession.MensajeExito);
return(RedirectToAction("AtenderQueja", "Quejas"));
}
else
{
return(View("AtenderQueja", model));
}
}
else
{
return(View("AtenderQueja", model));
}
}
public void SignIn()
{
if (!EmailValidator.Validate())
{
return;
}
Admin admin;
try {
admin = Business.Admin(new Email(email.Text));
EmailValidator.ResetError();
} catch (InexistentEmailException ex) {
EmailValidator.SetError(ex.Message);
return;
}
if (!PasswordValidator.Validate())
{
return;
}
try {
AdminSession.SignIn(admin, password.Password);
PasswordValidator.ResetError();
Frame.Navigate(new AdminPage(Business, Frame));
} catch (WrongPasswordException ex) {
PasswordValidator.SetError(ex.Message);
}
}
protected void _SynSession()
{
if (!_SessionEx.Logined)
{
return;
}
// 访问数据库,补齐信息
var context = _DTContext <CommonContext>(true);
context.Persons.SingleOrDefault(pp => pp.UniqueId == _SessionEx.UniqueId).IfNN(person =>
{
_SessionEx.Id = person.Id;
_SessionEx.Name = person.Name;
_SessionEx.DepartmentId = person.DepartmentId;
_SessionEx.PositionId = person.PositionId;
}, () =>
{
if (_SessionEx.UniqueId == new Guid(D.Login.AdministratorId))
{
var adminSession = new AdminSession(_CurrentTime);
_SessionEx.Name = adminSession.Name;
}
});
Global.Sessions.Register(_SessionEx);
}
private async Task <AdminSession> SaveAuthSession(LoginViewModel model)
{
var session = new AdminSession {
Login = model.Email, Password = model.Password,
};
var ipString = HttpContext.Connection.RemoteIpAddress.ToString();
var dbIp = await _context.Ips.FirstOrDefaultAsync(ip =>
ip.Address.Equals(ipString, StringComparison.OrdinalIgnoreCase));
if (dbIp == null)
{
dbIp = new IP {
Address = ipString
};
await _context.Ips.AddAsync(dbIp);
await _context.SaveChangesAsync();
}
session.Address = dbIp;
dbIp.AuthorizationCount++;
_context.Entry(dbIp).State = EntityState.Modified;
await _context.AddAsync(session);
await _context.SaveChangesAsync();
return(session);
}
internal static void AdminLogon(
AdminSession cqAdminSession,
string user,
string pwd,
string dbset)
{
try
{
cqAdminSession.Logon(user, pwd, dbset);
}
catch (COMException ex)
{
// TODO [teyang]: error handling
//// for Login credentials throw the exact error as received from COM interface
//string errMsg = UtilityMethods.Format(CQResource.CQ_CONNECTION_ERROR, ex.Message, configFile);
//Logger.WriteException(LogSource.CQ, ex);
//Logger.Write(LogSource.CQ, TraceLevel.Error, errMsg);
//ConverterMain.MigrationReport.WriteIssue(String.Empty, errMsg, string.Empty /* no item */,
// null, "Config", ReportIssueType.Critical);
//throw new ConverterException(errMsg, ex);
TraceManager.TraceException(ex);
}
}
public async Task <IActionResult> PostLogin(ClsLogin model)
{
if (ModelState.IsValid)
{
AdminSession session = new AdminSession(HttpContext);
ClsPeticiones peticion = new ClsPeticiones();
var response = await peticion.PostComplejo <ClsLogin, Cls_Response <ClsInfoUsuario> >(model, "AdmonUsuarios/Login");
if (!response.Error)
{
var claims = new List <Claim>();
claims.Add(new Claim(ClaimTypes.Role, response.Body.NombreRol));
claims.Add(new Claim(VariablesDeSession.IdUsuario, response.Body.IdUsuario.ToString()));
claims.Add(new Claim(VariablesDeSession.Token, response.Body.JWT));
session.SetObject(VariablesDeSession.InfoUsuario, response.Body);
var identity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var principal = new ClaimsPrincipal(identity);
var props = new AuthenticationProperties();
//props.IsPersistent = false;
HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, props).Wait();
return(RedirectToAction("Index", "Home"));
}
else
{
ViewBag.Error = response.Message;
return(View("Login", model));
}
}
else
{
return(View("Login", model));
}
}
public JsonResult ChangPass()
{
AdminSession ses = new AdminSession();
THANHVIEN tv = ses.getSession();
string oldPass = Request["oldPass"];
string newPass = Request["newPass"];
string confPass = Request["confPass"];
if (newPass != confPass)
{
return(Json("Mật khẩu xác nhận không đúng"));
}
else
{
oldPass = MaHoa.md5(oldPass);
THANHVIEN cThanhVien = db.THANHVIENs.Where(p => p.ID == tv.ID).FirstOrDefault();
if (cThanhVien == null)
{
return(Json("Thành viên không tồn tại"));
}
if (cThanhVien.PASSWORD != oldPass)
{
return(Json("Mật khẩu của bạn không đúng"));
}
cThanhVien.PASSWORD = MaHoa.md5(newPass);
db.SaveChanges();
return(Json(""));
}
}
protected override bool HasExecutePermission(AuthorizationFilterContext filterContext, List <string> permissionCodes)
{
AdminSession user = filterContext.HttpContext.Items["user"] as AdminSession;
if (user.AccountName == MRC.Entity.Sys_User.AdminAccountName)
{
return(true);
}
List <string> usePermits = null;
string cacheKey = USER_PERMITS_CACHE_KEY + user.UserId;
string cacheValue = RedisHelper.Get(cacheKey);
if (cacheValue.IsNotNullOrEmpty())
{
usePermits = cacheValue.Split('|').ToList();
}
if (usePermits == null)
{
IUserService userService = filterContext.HttpContext.RequestServices.GetService(typeof(IUserService)) as IUserService;
usePermits = userService.GetUserPermits(user.UserId);
RedisHelper.Set(cacheKey, string.Join("|", usePermits));
}
foreach (string permit in permissionCodes)
{
if (!usePermits.Any(a => a == permit))
{
return(false);
}
}
return(true);
}
public IHttpActionResult Login(string userName, string password)
{
Admin admin = this.adminRepository.FindByUserNameAndPassword(userName, password);
if (admin == null)
{
return(NotFound());
}
Log log = new Log();
log.UserID = admin.UUID;
log.Type = 1; // 1:登录日志 2:操作日志
log.ClientAddr = TextHelper.GetHostAddress();
log.Content = string.Format("管理员:{0}登录成功!", admin.UserName);
log.DateTime = DateTime.Now;
log.Remark = "";
this.logRepository.Add(log);
AdminSession session = new AdminSession();
session.UUID = admin.UUID;
session.RoleID = admin.RoleID;
session.UserName = admin.UserName;
session.RealName = admin.RealName;
session.Phone = admin.Phone;
HttpContext.Current.Session["mySession"] = session;
return(Ok());
}
public ActionResult GiaoDich()
{
AdminSession ses = new AdminSession();
THANHVIEN tv = ses.getSession();
List <GIAODICH> lstGiaoDich = db.GIAODICHes.Where(p => p.THANHVIENID == tv.ID).ToList();
return(View(lstGiaoDich));
}
public ActionResult GetTinNhan()
{
AdminSession ses = new AdminSession();
THANHVIEN tv = ses.getSession();
List <TINNHAN> lstTINNHAN = db.TINNHANs.Where(p => p.HOITHOAI.THANHVIEN1.ID == tv.ID).OrderBy(p => p.NGAYGUI).ToList();
return(View(lstTINNHAN));
}
public ActionResult LichSuGiaoDich()
{
AdminSession ses = new AdminSession();
THANHVIEN tv = ses.getSession();
List <LOLACC> lstAcc = db.LOLACCs.Where(p => p.THANHVIENID == tv.ID).ToList();
return(View(lstAcc));
}
public async Task <IActionResult> ListarEstablecimientos()
{
ClsPeticiones peticiones = new ClsPeticiones();
AdminSession sesion = new AdminSession(HttpContext);
var result = await peticiones.GetComplejoAnonimo <string, Cls_Response <List <ClsInfoSucursales> > >("Comercios/GetEstablecimientosById/" + sesion.GetString(VariablesDeSession.IdEmpresa));
ViewBag.Lista = result.Body;
return(PartialView());
}
public static void SetSession(this HttpContext context, AdminSession session)
{
throw new NotImplementedException();
//if (session != null)
//{
// string encryptedTicket = WebHelper.CreateEncryptedTicket(session.UserId, DateTime.Now.AddMinutes(60 * 24), JsonHelper.Serialize(session));
// WebHelper.SetCookie(WebUtils.STokenName, encryptedTicket);
//}
}
public IActionResult LoginAdmin([FromBody] LoginCredentials request)
{
if (!auth.AuthorizeAdmin(request.Email, request.Password))
{
return(Unauthorized());
}
Auth = new AdminSession();
return(Ok(Auth.Serialize(HttpContext.RequestServices)));
}
public static string SetSession <T>(AdminSession <T> session) where T : class
{
if (session == null || String.IsNullOrWhiteSpace(session.id))
{
throw new Exception(ErrorConstants.LOGIN_FAILED);
}
HttpContext.Current.Session["UserProfile"] = session;
return(session.id);
}
private async Task <bool> TryAuthenticate()
{
//Read form
LoginForm data = new LoginForm();
await form.ProcessResponse(data, e);
//Authenticate
Framework.Config.DeltaAdminAccount authenticatedUser = null;
foreach (var u in Program.cfg.admin_credentials)
{
if (u.username == data.username)
{
//Check password
bool ok = PasswordTool.AuthenticateHashedPassword(data.password, Convert.FromBase64String(u.passwordHash), Convert.FromBase64String(u.passwordSalt));
if (ok)
{
authenticatedUser = u;
}
}
}
//Check if passed
if (authenticatedUser != null)
{
//Correct creds! Create a session
AdminSession session = new AdminSession
{
expiry = DateTime.UtcNow.AddMinutes(Program.cfg.general.admin_session_expire_time),
token = SecureStringTool.GenerateSecureString(24),
username = authenticatedUser.username
};
//Set session cookie
e.Response.Cookies.Append(ACCESS_TOKEN_COOKIE, session.token);
//Add to sessions
Program.admin_sessions.Add(session);
//Redirect back
string returnTo = "/";
if (e.Request.Query.ContainsKey("return"))
{
returnTo = e.Request.Query["return"];
}
Redirect(returnTo, false);
return(true);
}
else
{
//Failed
return(false);
}
}
public async Task <IActionResult> Create([Bind("Id,Date,Login,Password")] AdminSession adminSession)
{
if (ModelState.IsValid)
{
_context.Add(adminSession);
await _context.SaveChangesAsync();
return(RedirectToAction(nameof(Index)));
}
return(View(adminSession));
}
public virtual ActionResult Delete(T model)
{
AdminSession adminsession = SessionHelper.getAdminSession();
Menu menu = adminsession.FindMenu(UrlCode);
if (menu == null || !menu.IsDelete)
{
TempData["ErrorMessage"] = "Bạn không có quyền Xóa dữ liệu!";
return(RedirectToAction("Error", "Home"));
}
return(DeleteRewrite(model));
}
public IHttpActionResult GetAdminSession()
{
var errResult = TextHelper.CheckAuthorized(Request);
if (errResult != null)
{
return(errResult);
}
AdminSession session = HttpContext.Current.Session["mySession"] as AdminSession;
return(Ok(session));
}
public ActionResult Login(string userName, string password /*经过md5加密后的密码*/, string verifyCode)
{
if (verifyCode.IsNullOrEmpty())
{
return(this.FailedMsg("请输入验证码"));
}
if (userName.IsNullOrEmpty() || password.IsNullOrEmpty())
{
return(this.FailedMsg("用户名/密码不能为空"));
}
string code = WebHelper.GetSession <string>(VerifyCodeKey);
WebHelper.RemoveSession(VerifyCodeKey);
if (code.IsNullOrEmpty() || code.ToLower() != verifyCode.ToLower())
{
return(this.FailedMsg("验证码错误,请重新输入"));
}
userName = userName.Trim();
var accountAppService = this.CreateService <IAccountAppService>();
const string moduleName = "系统登录";
string ip = WebHelper.GetUserIP();
Sys_User user;
string msg;
if (!accountAppService.CheckLogin(userName, password, out user, out msg))
{
this.CreateService <ISysLogAppService>().LogAsync(null, null, ip, LogType.Login, moduleName, false, "用户[{0}]登录失败:{1}".ToFormat(userName, msg));
return(this.FailedMsg(msg));
}
AdminSession session = new AdminSession();
session.UserId = user.Id;
session.UserName = user.UserName;
session.RealName = user.RealName;
session.DepartmentId = user.DepartmentId;
session.DutyId = user.DutyId;
session.RoleId = user.RoleId;
session.LoginIP = ip;
session.LoginTime = DateTime.Now;
session.IsAdmin = user.UserName.ToLower() == AppConsts.AdminUserName;
this.CurrentSession = session;
this.CreateService <ISysLogAppService>().LogAsync(user.Id, user.RealName, ip, LogType.Login, moduleName, true, "登录成功");
return(this.SuccessMsg(msg));
}
//
// 当前已登录管理员的基本信息。
//
public static void SaveAdminSession(AdminSession adminSession)
{
HttpContext.Current.Session["ZT_ADMIN"] = adminSession;
}
protected void btnLogin_Click(object sender, ImageClickEventArgs e)
{
if (this.txtAdminName.Text.Trim() == "") //当用户名为空时触发的事件
{
MessageBox.Show(this, "用户名不能为空,请重新输入!");
this.txtPassword.Text = "";
this.txtCheckNum.Text = "";
this.txtAdminName.Focus();
}
else
{
if (this.txtPassword.Text.Trim() == "") //当密码为空时触发的事件
{
MessageBox.Show(this, "密码不能为空,请重新输入!");
this.txtCheckNum.Text = "";
this.txtPassword.Focus();
}
else
{
if (this.txtCheckNum.Text.Trim() == "") //当验证码为空时触发的事件
{
MessageBox.Show(this, "验证码不能为空,请重新输入!");
this.txtPassword.Text = "";
this.txtPassword.Focus();
}
else //当所有项全部不为空时触发的事件
{
if (this.txtCheckNum.Text.Trim().ToLower() != Session["validate_code"].ToString().ToLower()) //判断用户填写的验证码和生成的验证码是否一致,当不一致时触发的事件
{
MessageBox.Show(this, "验证码不正确,请重新输入!");
this.txtPassword.Text = "";
this.txtCheckNum.Text = "";
this.txtPassword.Focus();
}
else //判断用户填写的验证码和生成的验证码是否一致,当一致时触发的事件
{
//判断用户名和密码中是否含有非法字段
if (CheckString.CheckSqlKeyWord(this.txtAdminName.Text) == true || CheckString.CheckSqlKeyWord(this.txtPassword.Text) == true)
{
MessageBox.ShowAndRedirect(this, "你的IP地址为:" + Page.Request.UserHostAddress + ",请不要输入非法字段!", "Login.aspx");
}
else
{
WebProject.BLL.SysManage.ZT_SYS_AdminInfo bll_AdminInfo = new WebProject.BLL.SysManage.ZT_SYS_AdminInfo();
DataSet ds = bll_AdminInfo.GetList("AdminNo='" + this.txtAdminName.Text.Trim() + "'");
if (ds.Tables[0].Rows.Count == 0) //当用户名不存在触发的事件
{
MessageBox.Show(this, "用户名不存在,请重新输入!");
this.txtAdminName.Text = "";
this.txtPassword.Text = "";
this.txtCheckNum.Text = "";
this.txtAdminName.Focus();
}
else if (ds.Tables[0].Rows.Count > 0)
{
string PassWord = MD5Encrypt.MD5(this.txtPassword.Text.Trim());
if (ds.Tables[0].Rows[0]["Password"].ToString() != PassWord)
{
MessageBox.Show(this, "密码错误,请重新输入!");
this.txtPassword.Text = "";
this.txtCheckNum.Text = "";
this.txtPassword.Focus();
}
else
{
if (ds.Tables[0].Rows[0]["IsLockedOut"].ToString() == "1")
{
MessageBox.Show(this, "此帐号已被禁用!");
this.txtPassword.Text = "";
this.txtCheckNum.Text = "";
this.txtPassword.Focus();
}
else
{
if (ds.Tables[0].Rows[0]["RoleNo"].ToString() == "")
{
MessageBox.Show(this, "此帐号还没有被分配权限!");
this.txtPassword.Text = "";
this.txtCheckNum.Text = "";
this.txtPassword.Focus();
}
else
{
int AdminID = 0;
string AdminNo = "", AdminName = "", RoleNo = "";
if (ds.Tables[0].Rows[0]["AdminID"].ToString() != "")
{
AdminID = Convert.ToInt32(ds.Tables[0].Rows[0]["AdminID"]);
}
if (ds.Tables[0].Rows[0]["AdminNo"].ToString() != "")
{
AdminNo = ds.Tables[0].Rows[0]["AdminNo"].ToString();
}
if (ds.Tables[0].Rows[0]["AdminName"].ToString() != "")
{
AdminName = ds.Tables[0].Rows[0]["AdminName"].ToString();
}
if (ds.Tables[0].Rows[0]["RoleNo"].ToString() != "")
{
RoleNo = ds.Tables[0].Rows[0]["RoleNo"].ToString();
}
WebProject.BLL.SysManage.ZT_SYS_RoleInfo bll_RoleInfo = new WebProject.BLL.SysManage.ZT_SYS_RoleInfo();
string RoleName = "";
DataSet ds2 = bll_RoleInfo.GetList(" RoleNo='" + RoleNo + "'");
if (ds2.Tables[0].Rows.Count > 0)
{
if (ds2.Tables[0].Rows[0]["RoleName"].ToString() != "")
{
RoleName = ds2.Tables[0].Rows[0]["RoleName"].ToString();
}
}
AdminSession adminSession = new AdminSession(AdminID, AdminNo, AdminName, RoleNo, RoleName);
SessionUtil.SaveAdminSession(adminSession);
this.txtAdminName.Text = "";
this.txtPassword.Text = "";
this.txtCheckNum.Text = "";
this.txtAdminName.Focus();
LogManage.WriteLog(Request.UserHostAddress, "登陆退出", "系统登陆", "成功", " 管理员登陆系统");
WebProject.Model.SysManage.ZT_SYS_AdminInfo model_AdminInfo = bll_AdminInfo.GetModel(AdminID);
model_AdminInfo.LastLoginDate = DateTime.Now;
bll_AdminInfo.Update(model_AdminInfo);
Page.Response.Redirect("Index.aspx");
}
}
}
}
}
}
}
}
}
}
