public static string UserLogin(string userName, string userPassword) { try { var res = string.Empty; const string sqlUserName = "******"; var paramsStr = new StringBuilder(); paramsStr.Append("@Mobile nvarchar(200)"); Database db = DatabaseFactory.CreateDatabase(); var command = SQLServerUtiles.Get_SP_ExecuteSQL(db, sqlUserName, paramsStr.ToString()); db.AddInParameter(command, "Mobile", DbType.AnsiString, userName); var name = db.ExecuteScalar(command); if (name == null || name == DBNull.Value) { const string sqlFacName = "SELECT * FROM UserAccount WHERE Mobile = @Mobile"; var paramsStrFac = new StringBuilder(); paramsStrFac.Append("@Mobile nvarchar(200)"); Database dbFac = DatabaseFactory.CreateDatabase(); var commandFac = SQLServerUtiles.Get_SP_ExecuteSQL(dbFac, sqlFacName, paramsStrFac.ToString()); dbFac.AddInParameter(commandFac, "Mobile", DbType.AnsiString, userName); var nameFac = dbFac.ExecuteScalar(commandFac); if (nameFac == null || nameFac == DBNull.Value) { res = "用户名有误或不存在!"; } else { const string sqlFac = "SELECT * FROM UserAccount WHERE Mobile = @Mobile and PassWord=@PassWord"; paramsStrFac.Append(",@PassWord nvarchar(50)"); Database dbFacInfo = DatabaseFactory.CreateDatabase(); var commandFacInfo = SQLServerUtiles.Get_SP_ExecuteSQL(dbFacInfo, sqlFac, paramsStrFac.ToString()); dbFacInfo.AddInParameter(commandFacInfo, "Mobile", DbType.AnsiString, userName); dbFacInfo.AddInParameter(commandFacInfo, "PassWord", DbType.AnsiString, userPassword); var dataReader = dbFacInfo.ExecuteReader(commandFacInfo); if (dataReader.Read()) { var user = new FactroyInfo().ReaderBind(dataReader); if (user.Status != 1) { res = "帐号异常或被锁定!"; } else { HttpContext.Current.Session["FrontUser"] = new UserAccount().ReaderBind(dataReader); } } else { res = "密码输入错误!"; } } } else { const string sqlUser = "******"; paramsStr.Append(",@PassWord nvarchar(50)"); Database dbUser = DatabaseFactory.CreateDatabase(); var commandUser = SQLServerUtiles.Get_SP_ExecuteSQL(dbUser, sqlUser, paramsStr.ToString()); dbUser.AddInParameter(commandUser, "Mobile", DbType.AnsiString, userName); dbUser.AddInParameter(commandUser, "PassWord", DbType.AnsiString, userPassword); var dataReader = dbUser.ExecuteReader(commandUser); if (dataReader.Read()) { var user = new UserAccount().ReaderBind(dataReader); if (user.Status != 1) { res = "帐号异常或被锁定!"; } else { HttpContext.Current.Session["FrontUser"] = new UserAccount().ReaderBind(dataReader); } } else { res = "密码输入错误!"; } } return(res); } catch (Exception) { return("登录失败"); } }
public static string UserLogin(string userName, string userPassword) { try { var res = string.Empty; const string sqlUserName = "******"; var paramsStr = new StringBuilder(); paramsStr.Append("@Mobile nvarchar(200)"); Database db = DatabaseFactory.CreateDatabase(); var command = SQLServerUtiles.Get_SP_ExecuteSQL(db, sqlUserName, paramsStr.ToString()); db.AddInParameter(command, "Mobile", DbType.AnsiString, userName); var name = db.ExecuteScalar(command); if (name == null || name == DBNull.Value) { const string sqlFacName = "SELECT * FROM UserAccount WHERE Mobile = @Mobile"; var paramsStrFac = new StringBuilder(); paramsStrFac.Append("@Mobile nvarchar(200)"); Database dbFac = DatabaseFactory.CreateDatabase(); var commandFac = SQLServerUtiles.Get_SP_ExecuteSQL(dbFac, sqlFacName, paramsStrFac.ToString()); dbFac.AddInParameter(commandFac, "Mobile", DbType.AnsiString, userName); var nameFac = dbFac.ExecuteScalar(commandFac); if (nameFac == null || nameFac == DBNull.Value) { res = "用户名有误或不存在!"; } else { const string sqlFac = "SELECT * FROM UserAccount WHERE Mobile = @Mobile and PassWord=@PassWord"; paramsStrFac.Append(",@PassWord nvarchar(50)"); Database dbFacInfo = DatabaseFactory.CreateDatabase(); var commandFacInfo = SQLServerUtiles.Get_SP_ExecuteSQL(dbFacInfo, sqlFac, paramsStrFac.ToString()); dbFacInfo.AddInParameter(commandFacInfo, "Mobile", DbType.AnsiString, userName); dbFacInfo.AddInParameter(commandFacInfo, "PassWord", DbType.AnsiString, userPassword); var dataReader = dbFacInfo.ExecuteReader(commandFacInfo); if (dataReader.Read()) { var user = new FactroyInfo().ReaderBind(dataReader); if (user.Status != 1) { res = "帐号异常或被锁定!"; } else { HttpContext.Current.Session["FrontUser"] = new UserAccount().ReaderBind(dataReader); } } else { res = "密码输入错误!"; } } } else { const string sqlUser = "******"; paramsStr.Append(",@PassWord nvarchar(50)"); Database dbUser = DatabaseFactory.CreateDatabase(); var commandUser = SQLServerUtiles.Get_SP_ExecuteSQL(dbUser, sqlUser, paramsStr.ToString()); dbUser.AddInParameter(commandUser, "Mobile", DbType.AnsiString, userName); dbUser.AddInParameter(commandUser, "PassWord", DbType.AnsiString, userPassword); var dataReader = dbUser.ExecuteReader(commandUser); if (dataReader.Read()) { var user = new UserAccount().ReaderBind(dataReader); if (user.Status != 1) { res = "帐号异常或被锁定!"; } else { HttpContext.Current.Session["FrontUser"] = new UserAccount().ReaderBind(dataReader); } } else { res = "密码输入错误!"; } } return res; } catch (Exception) { return "登录失败"; } }