protected new void Page_Load(object sender, EventArgs e) { base.AllowHttpMethod("GET", "POST"); base.DisableTop(true); base.BodyClass = "top"; UserVM user = AuthServer.GetLoginUser(); txtLogin1 = string.Format("{0}({1}, {2})" , user.UserName , user.LoginName , user.OrgName); txtLogin2 = string.Format("於{0} 由 {1} 登入" , user.LoginDate.ToShortTaiwanDateTime() , IpAddressS.GetIP()); if (WebConfigurationManager.AppSettings["SystemPowerCateID"] != null) { SystemPowerCateID = Convert.ToInt32(WebConfigurationManager.AppSettings["SystemPowerCateID"]); } DataTable dt = MSDB.GetDataTable("ConnUser", "dbo.usp_SystemM_xGetTotalOnlineUserByCateID" , new Dictionary <string, object>() { { "@SystemPowerCateID", SystemPowerCateID } }); if (dt.Rows.Count > 0) { txtLogin3 = "線上人數: " + dt.Rows[0][0].ToString() + " 人"; } }
protected void Page_Load(object sender, EventArgs e) { base.AllowHttpMethod("GET", "Post"); base.DisableTop(true); base.BodyClass = "class='top'"; UserVM user = AuthServer.GetLoginUser(); //使用者姓名(使用者帳號, 使用者單位)於YYY.MM.DD HH:MM:SS由##使用者IP##登入 txtLongin1 = string.Format("{0}({1}, {2})" , user.UserName , user.LoginName , user.OrgName); txtLongin2 = string.Format("於{0} 由 ##{1}## 登入" , user.LoginDate.ToShortTaiwanDateTime() , IpAddressS.GetIP()); }
protected void btnLogin_Click(object sender, EventArgs e) { string script = ""; string txtUser = tbUser.Text.Trim(); string txtPassword = tbPassword.Text.Trim(); string txtCode = tbCode.Text.ToLower().Trim(); int UserCount = 0; DataTable dt = new DataTable(); if (SessionS.GetSessionValue("CheckCode") == null || SessionS.GetSessionValue("CheckCode").ToString().Equals(txtCode) == false) { tbCode.Text = ""; script = "<script>alert('驗證碼錯誤');</script>"; Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); return; } EncryptT enc = new EncryptT(); using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xCheckLogin", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); cmd.Parameters.AddWithValue("@LoginPassword", enc.ToSHA256(txtPassword)); cmd.Parameters.AddWithValue("@FunctionIndex", Convert.ToInt32(WebConfigurationManager.AppSettings["SystemFunctionIndex"])); SqlParameter sp = cmd.Parameters.AddWithValue("@UserCount", UserCount); sp.Direction = ParameterDirection.Output; sc.Open(); cmd.ExecuteNonQuery(); UserCount = (int)sp.Value; } } if (UserCount > 0) { using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xGetUserByLoginName", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@LoginName", txtUser); using (SqlDataAdapter da = new SqlDataAdapter(cmd)) { sc.Open(); da.Fill(dt); } } } UserVM user = new UserVM(); EntityS.FillModel <UserVM>(user, dt); //user.LoginDate = DateTime.Now; var org = SystemOrg.GetVM(user.OrgID); var clientIP = IpAddressS.GetIP(); IpT ipt = new IpT(clientIP); NameValueCollection rRequest = Request.ServerVariables; bool yesOrNo = false; if (clientIP != null && org != null) { if (clientIP.Equals("::1") || clientIP.Equals("127.0.0.1") || string.IsNullOrEmpty(org.IpStart) || string.IsNullOrEmpty(org.IpEnd) || org.IpStart.Equals("0.0.0.0") && org.IpEnd.Equals("0.0.0.0")) { yesOrNo = true; } else { yesOrNo = ipt.CheckInNowWifi(string.Format("{0}-{1}", org.IpStart, org.IpEnd)); } } else if (user.OrgID == 1) { yesOrNo = true; } else if (org == null) { script = "<script>alert('無權限登入');</script>"; Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); return; } if (yesOrNo == false) { script = "<script>alert('非允許IP位置');</script>"; } else { int Chk = 0; using (SqlConnection sc = new SqlConnection(WebConfigurationManager.ConnectionStrings["ConnUser"].ToString())) { using (SqlCommand cmd = new SqlCommand("dbo.usp_SystemM_xUpdateLoginDate", sc)) { cmd.CommandType = CommandType.StoredProcedure; cmd.Parameters.AddWithValue("@UserID", user.ID); cmd.Parameters.AddWithValue("@LoginIP", IpAddressS.GetIP()); cmd.Parameters.AddWithValue("@SystemPowerCateID", SystemPowerCateID); SqlParameter sp1 = cmd.Parameters.AddWithValue("@LoginDateOut", user.LoginDate); sp1.Direction = ParameterDirection.Output; SqlParameter sp2 = cmd.Parameters.AddWithValue("@Chk", Chk); sp2.Direction = ParameterDirection.Output; sc.Open(); cmd.ExecuteNonQuery(); user.LoginDate = (DateTime)sp1.Value; Chk = (int)sp2.Value; } } if (Chk > 0) { //Session.Abandon(); //Session.Clear(); HttpContext.Current.Session["LoginUser"] = user; string tempUrl = SessionS.GetSessionValue("tempUrl") as string; if (tempUrl != null) { SessionS.RemoveSession("tempUrl"); Response.Redirect(tempUrl); } else { Response.Redirect("~/Home.aspx"); } } else { script = "<script>alert('帳號密碼錯誤');</script>"; } } } else { script = "<script>alert('帳號密碼錯誤');</script>"; } Page.ClientScript.RegisterClientScriptBlock(this.Page.GetType(), "alert", script, false); }