public void ProcessRequest(HttpContext context) { string userName = context.Request[Constants.UserName]; string userPass = context.Request[Constants.UserPass]; if (!String.IsNullOrEmpty(userName) && !String.IsNullOrEmpty(userPass)) { try { DataTable dt = SqlHelper.ExcuteTable(String.Format("select * from Users where UserName = '******'", userName)); if (dt == null) { SqlHelper.ExcuteNoQuery("insert into Users values(@UserName,@UserPass,'','','')", new SqlParameter[] { new SqlParameter("UserName", userName), new SqlParameter("UserPass", Encription.MD5Encrypt(userPass)) }); } else { dt.Rows[0].BeginEdit(); dt.Rows[0]["UserPass"] = Encription.MD5Encrypt(userPass); dt.Rows[0].EndEdit(); SqlHelper.UpdateTable(dt, "Users"); } }catch (Exception ex) { context.Response.Write(ex.ToString()); return; } context.Response.Write(userName + "账户重置成功!"); return; } context.Response.Write("重置账户参数不正确!"); }
private DateTime GMT = DateTime.Parse("1970-1-1 00:00:00"); //格林时间; public void ProcessRequest(HttpContext context) { LoginJSData myJson = new LoginJSData(); JavaScriptSerializer jsSerial = new JavaScriptSerializer(); string validateCodeInSession = (string)context.Session[Constants.ValidateCode]; string userName = context.Request.Params["userName"]; string userPass = context.Request.Params["userPass"]; string isRemember = context.Request.Params["isRemember"]; string validateCode = context.Request.Params["verifyTxt"]; bool isRequestStatus = context.Request.Params["status"] != null ? true : false; bool isResign = context.Request.Params["resign"] != null ? true : false; string sql = ""; if (isResign) { if (MySession.UserNameSession != null) { MySession.UserNameSession = null; } if (CookieHelper.GetCookie(Constants.UserInfo) != null) { CookieHelper.RemoveCookie(Constants.UserInfo); } context.Response.Write("OK"); return; } if (isRequestStatus) { if (MySession.UserNameSession == null) { context.Response.Write(""); } else { context.Response.Write(MySession.UserNameSession); } return; } //处理验证码是否已过期 if (context.Session == null) { myJson.State = EnumState.验证码错误; myJson.Message = "页面停留过长,验证码已失效!"; context.Response.Write(jsSerial.Serialize(myJson)); return; } //处理验证码是否输入正确 if (!validateCode.Equals(validateCodeInSession, StringComparison.CurrentCultureIgnoreCase)) { myJson.State = EnumState.验证码错误; myJson.Message = "验证码错误!"; context.Response.Write(jsSerial.Serialize(myJson)); return; } //检测用户名是否存在或是否处于锁定状态 sql = String.Format("select * from Users where UserName='******'", userName); if (!SqlHelper.IsRecordExists(sql)) { myJson.State = EnumState.用户不存在; myJson.Message = String.Format("“{0}”用户不存在!", userName); context.Response.Write(jsSerial.Serialize(myJson)); return; } else { sql = String.Format("select * from Users where UserName = '******'", userName); DataTable dt = SqlHelper.ExcuteTable(sql, new SqlParameter("UserName", userName));// if ((bool)dt.Rows[0]["IsLock"]) { if (dt.Rows[0]["LockTime"] != DBNull.Value) { if ((DateTime.UtcNow - GMT).TotalMinutes - Convert.ToInt32(dt.Rows[0]["LockTime"]) > 30) // 距离上次输入错误大于30分钟 解锁账户 { dt.Rows[0].BeginEdit(); dt.Rows[0]["IsLock"] = false; dt.Rows[0]["Wrongs"] = 0; dt.Rows[0].EndEdit(); SqlHelper.UpdateTable(dt, "Users"); } else { myJson.State = EnumState.用户不存在; myJson.Message = String.Format("用户{0}已被锁定30分钟!", userName); context.Response.Write(jsSerial.Serialize(myJson)); return; } } } } DataTable dt1; sql = String.Format("select * from Users where UserName = '******'", userName); dt1 = SqlHelper.ExcuteTable(sql, new SqlParameter("UserName", userName)); sql = String.Format("select * from Users where UserName = '******' and UserPass = '******'", userName, Encription.MD5Encrypt(userPass)); if (!SqlHelper.IsRecordExists(sql)) //输入账户密码不正确 { int wrongNum = 0; wrongNum = dt1.Rows[0]["Wrongs"] == DBNull.Value ? 0 : (int)dt1.Rows[0]["Wrongs"]; wrongNum++; dt1.Rows[0].BeginEdit(); dt1.Rows[0]["Wrongs"] = wrongNum; dt1.Rows[0].EndEdit(); SqlHelper.UpdateTable(dt1, "Users"); if (wrongNum >= 5) { dt1.Rows[0].BeginEdit(); dt1.Rows[0]["IsLock"] = true; dt1.Rows[0]["LockTime"] = (DateTime.UtcNow - GMT).TotalMinutes; dt1.Rows[0].EndEdit(); SqlHelper.UpdateTable(dt1, "Users"); myJson.State = EnumState.密码错误; myJson.Message = "密码错误!输入错误已达5次," + userName + "账户已被锁定!"; context.Response.Write(jsSerial.Serialize(myJson)); return; } else { myJson.State = EnumState.密码错误; myJson.Message = "密码错误!已累计错误" + wrongNum + "次,输入错误达5次将锁定账户!"; context.Response.Write(jsSerial.Serialize(myJson)); return; } } else //输入账户密码正确 { dt1.Rows[0].BeginEdit(); dt1.Rows[0]["Wrongs"] = 0; dt1.Rows[0].EndEdit(); SqlHelper.UpdateTable(dt1, "Users"); //用cookie记住用户信息 if (isRemember == "true") { if (CookieHelper.GetCookie(Constants.UserInfo) == null) { string pass = Encription.MD5Encrypt(userName + Encription.MD5Encrypt(userPass)); HttpCookie cookie = new HttpCookie(Constants.UserInfo); cookie.Values.Add(Constants.UserName, userName); cookie.Values.Add(Constants.UserPass, pass); //客户端cookie中密码的保密规则:用户名+原密码MD5加密,在对其再一次md5加密 cookie.Expires = DateTime.Now.AddMonths(1); CookieHelper.AddCookie(cookie); } else { HttpCookie cookie = CookieHelper.GetCookie(Constants.UserInfo); String pass = Encription.MD5Encrypt(userName + Encription.MD5Encrypt(userPass)); if (cookie.Values[Constants.UserName] != userName) { CookieHelper.SetCookie(Constants.UserInfo, Constants.UserName, userName, DateTime.Now.AddMonths(1)); } if (cookie.Values[Constants.UserPass] != pass) { CookieHelper.SetCookie(Constants.UserInfo, Constants.UserPass, pass, DateTime.Now.AddMonths(1)); } } } else { if (CookieHelper.GetCookie(Constants.UserInfo) != null) { CookieHelper.RemoveCookie(Constants.UserInfo); } } MySession.UserNameSession = userName;//登录状态记录到session中; myJson.State = EnumState.登录成功; myJson.Message = userName + ",欢迎您回来!"; context.Response.Write(jsSerial.Serialize(myJson)); return; } }