Exemplo n.º 1
0
 /// <summary>
 /// 插入數據
 /// </summary>
 /// <param name="ula"></param>
 /// <returns></returns>
 public int Insert(UserLoginAttempts ula)
 {
     try
     {
         return _ulaDao.Insert(ula);
     }
     catch (Exception ex)
     {
         throw new Exception("UserLoginAttemptsMgr-->Insert" + ex.Message, ex);
     }
 }
Exemplo n.º 2
0
        public DataTable GetUserLoginAttemptsList(UserLoginAttempts ula, out int totalCount)
        {
            try
            {
                return _ulaDao.GetUserLoginAttemptsList(ula, out totalCount);
            }
            catch (Exception ex)
            {
                throw new Exception("UserLoginAttemptsMgr-->GetUserLoginAttemptsList" + ex.Message, ex);
            }

        }
Exemplo n.º 3
0
        /// <summary>
        /// 列表頁
        /// </summary>
        /// <returns></returns>
        public HttpResponseBase GetUserLoginList()
        {
            string json = string.Empty;
            try
            {
                UserLoginAttempts query = new UserLoginAttempts();
                query.Start = Convert.ToInt32(Request.Params["start"] ?? "0");
                query.Limit = Convert.ToInt32(Request.Params["limit"] ?? "25");
                query.login_mail = Request.Params["login_mail"];
                query.login_ipfrom = Request.Params["login_ipfrom"];
                if (!string.IsNullOrEmpty(Request.Params["start_date"]))
                {
                    query.slogin_createdate = (int)CommonFunction.GetPHPTime(Convert.ToDateTime(Request.Params["start_date"]).ToString("yyyy-MM-dd HH:mm:ss"));
                }
                if (!string.IsNullOrEmpty(Request.Params["end"]))
                {
                    query.elogin_createdate = (int)CommonFunction.GetPHPTime(Convert.ToDateTime(Request.Params["end"]).ToString("yyyy-MM-dd HH:mm:ss"));
                }
                if (!string.IsNullOrEmpty(Request.Params["sumtotal"]))
                {
                    query.sumtotal = int.Parse(Request.Params["sumtotal"]);
                }
                if (!string.IsNullOrEmpty(Request.Params["ismail"]))
                {
                    query.ismail = int.Parse(Request.Params["ismail"]);
                }
                if (!string.IsNullOrEmpty(Request.Params["login_type"]))
                {
                    query.login_type = int.Parse(Request.Params["login_type"]);
                }
                int totalCount = 0;
                ulaMgr = new UserLoginAttemptsMgr(mySqlConnectionString);

                DataTable dt = ulaMgr.GetUserLoginAttemptsList(query, out totalCount);
                IsoDateTimeConverter timeConverter = new IsoDateTimeConverter();
                //这里使用自定义日期格式,如果不使用的话,默认是ISO8601格式     
                timeConverter.DateTimeFormat = "yyyy-MM-dd HH:mm:ss";
                //listUser是准备转换的对象
                json = "{success:true,totalCount:" + totalCount + ",data:" + JsonConvert.SerializeObject(dt, Formatting.Indented, timeConverter) + "}";//返回json數據
            }
            catch (Exception ex)
            {
                Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                log.Error(logMessage);
                json = "{success:false,totalCount:0,data:[]}";
            }
            this.Response.Clear();
            this.Response.Write(json);
            this.Response.End();
            return this.Response;
        }
Exemplo n.º 4
0
        public ActionResult Login()
        {
            object notice = new object();
            if (string.IsNullOrEmpty(Request.Params["txtEmail"]))
            {
                notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_NO_EMAIL + "'}";
                ViewBag.notice = notice;
                return View("Index");
            }

            string IsRemember = Request.Params["chkRememberEmail"] != null ? Request.Params["chkRememberEmail"] : "false";
            string email = Request.Params["txtEmail"].Trim();
            string passwd = Request.Params["hid_password"].Trim();
            string challenge_id = Request.Params["challenge_id"];
            int CookieExpireTime = 10;
            ViewBag.LoginEmail = null;
            ICallerImplMgr callerMgr = new CallerMgr(connectionString);
            Caller caller = null;
            UserLoginAttemptsMgr ulaMgr = new UserLoginAttemptsMgr(connectionString);

            //記錄/清空cookie

            BLL.gigade.Common.CommonFunction.Cookie_Set("UserInfo", "email", email, IsRemember, CookieExpireTime);


            if (!Regex.IsMatch(email, @"^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$"))
            {
                notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_EMAIL_FORMAT_ERROR + "'}";
                ViewBag.notice = notice;
                if (IsRemember == "true")
                {
                    ViewBag.LoginEmail = email;
                }

                return View("Index");
            }

            if (passwd == "")
            {
                notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_NO_PASSWD + "'}";
                ViewBag.notice = notice;
                if (IsRemember == "true")
                {
                    ViewBag.LoginEmail = email;
                }
                return View("Index");
            }

            try
            {
                caller = callerMgr.Login(email);
            }
            catch (Exception ex)
            {
                Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                log.Error(logMessage);
            }


            if (caller == null)
            {
                notice = "{result:'Error',msg:'" + Resources.Login.ERROR_EMAIL_PASSWD_ERROR + "'}";
                ViewBag.notice = notice;
                if (IsRemember == "true")
                {
                    ViewBag.LoginEmail = email;
                }
                UserLoginAttempts ula = new UserLoginAttempts();
                ula.login_mail = email;
                ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                ula.login_type = 3;
                ulaMgr.Insert(ula);
                return View("Index");
            }
            else
            {
                if (caller.user_status == 2)
                {
                    notice = "{result:'Error',msg:'" + Resources.Login.NOTICE_EMAIL_STOP + "'}";

                    if (IsRemember == "true")
                    {
                        ViewBag.LoginEmail = email;
                    }
                    UserLoginAttempts ula = new UserLoginAttempts();
                    ula.login_mail = email;
                    ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                    ula.login_type = 3;
                    ulaMgr.Insert(ula);
                    ViewBag.notice = notice;
                    return View("Index");
                }

                if (caller.user_status == 3)
                {
                    notice = "{result:'Error',msg:'" + Resources.Login.NOTICE_EMAIL_DELETE + "'}";

                    if (IsRemember == "true")
                    {
                        ViewBag.LoginEmail = email;
                    }

                    UserLoginAttempts ula = new UserLoginAttempts();
                    ula.login_mail = caller.user_email;
                    ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                    ula.login_type = 3;
                    ulaMgr.Insert(ula);
                    ViewBag.notice = notice;
                    return View("Index");
                }

                string challenge_key = "";

                try
                {
                    challenge_key = callerMgr.Get_Challenge_Key(challenge_id);
                    callerMgr.Kill_Challenge_Id(challenge_id);
                }
                catch (Exception ex)
                {
                    Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                    logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                    logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                    log.Error(logMessage);
                }

                BLL.gigade.Common.HashEncrypt hash = new BLL.gigade.Common.HashEncrypt();
                string newpasswd = hash.SHA256Encrypt(caller.user_password + challenge_key);


                if (passwd != newpasswd)
                {
                    try
                    {
                        callerMgr.Add_Login_Attempts(caller.user_id);

                    }
                    catch (Exception ex)
                    {
                        Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                        logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                        logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                        log.Error(logMessage);
                    }

                    caller.user_login_attempts++;
                    string tempStr = string.Format(Resources.Login.ERROR_PASSWD_ERROR_TIMES, caller.user_login_attempts, 5);//後台登入改為5次 edit by shuangshuang0420j 201504101555 from hill

                    notice = "{result:'Error',msg:'" + tempStr + "'}";
                    ViewBag.notice = notice;

                    ViewBag.challenge_id = callerMgr.Add_Challenge();
                    ViewBag.challenge_key = callerMgr.Get_Challenge_Key(ViewBag.challenge_id);
                    //後台登入改為5次并計入UserLoginAttempts表 edit by shuangshuang0420j 201504101555 from hill
                    UserLoginAttempts ula = new UserLoginAttempts();
                    ula.login_mail = caller.user_email;
                    ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                    ula.login_type = 3;
                    ulaMgr.Insert(ula);
                    if (caller.user_login_attempts >= 5)//後台登入改為5次 edit by shuangshuang0420j 201504101555 from hill
                    {
                        try
                        {
                            callerMgr.Modify_User_Status(caller.user_id, 2);
                        }
                        catch (Exception ex)
                        {
                            Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                            logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                            logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                            log.Error(logMessage);
                        }

                    }


                    if (IsRemember == "true")
                    {
                        ViewBag.LoginEmail = email;
                    }

                    return View("Index");
                }

                if (caller.user_status == 0)
                {
                    notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_FIRST_LOGIN + "'}";
                    ViewBag.notice = notice;
                    ViewBag.isFirst = 1;
                    ViewBag.uid = caller.user_id;
                    ViewBag.email = caller.user_email;
                    return View("ChangePasswd");
                }

                try
                {
                    //添加登錄記錄
                    callerMgr.Add_Manage_Login(caller.user_id);

                    //修改登入數據
                    callerMgr.Modify_User_Login_Data(caller.user_id);
                }
                catch (Exception ex)
                {
                    Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                    logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                    logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                    log.Error(logMessage);
                }

                caller.user_password = "";

                try
                {
                    string xmlPath = ConfigurationManager.AppSettings["SiteConfig"];//XML的設置
                    string path = Server.MapPath(xmlPath);
                    SiteConfigMgr _siteConfigMgr = new SiteConfigMgr(path);
                    string APIServer = _siteConfigMgr.GetConfigByName("APIServer").Value;


                    GigadeApiRequest request = new GigadeApiRequest(APIServer);

                    var result = request.Request<SuppliersLoginViewModel, SuppliersLoginResult>("api/admin/account/login",
                         new SuppliersLoginViewModel() { user_email = email, user_password = newpasswd, user_halfToken = challenge_key, login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString()) });
                    var back = result.result;
                    Session["AccessToken"] = back.userToken.user_token;
                }
                catch (Exception ex)
                {
                    Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                    logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                    logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                    log.Error(logMessage);
                }
                

                Session["caller"] = caller;
                return Redirect("../home");

            }

        }
Exemplo n.º 5
0
        public ActionResult DoForget()
        {
            object notice = new object();
            if (!string.IsNullOrEmpty(Request.Params["txtEmail"]))
            {
                string _email = Request.Params["txtEmail"].Trim().ToLower();
                if (!Regex.IsMatch(_email, @"^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$"))
                {
                    notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_EMAIL_FORMAT_ERROR + "'}";
                    ViewBag.notice = notice;
                    return View("Forget");
                }

                Caller caller = null;
                ICallerImplMgr callerMgr = new CallerMgr(connectionString);
                UserLoginAttemptsMgr ulaMgr = new UserLoginAttemptsMgr(connectionString);
                try
                {
                    caller = callerMgr.Login(_email);
                }
                catch (Exception ex)
                {
                    Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                    logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                    logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                    log.Error(logMessage);
                }

                if (caller == null)
                {
                    notice = "{result:'Error',msg:'" + Resources.Login.ERROR_EMIAL_NOT_MATCH + "'}";
                    ViewBag.notice = notice;
                    return View("Forget");
                }

                if (caller.user_status >= 2)
                {
                    notice = "{result:'Error',msg:'" + Resources.Login.ERROR_EMAIL_STATUS_INACTIVE + "'}";
                    ViewBag.notice = notice;
                    UserLoginAttempts ula = new UserLoginAttempts();
                    ula.login_mail = caller.user_email;
                    ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                    ula.login_type = 3;
                    ulaMgr.Insert(ula);
                    return View("Forget");
                }

                string sUser_Confirm_Code = BLL.gigade.Common.CommonFunction.Generate_Rand_String(8);

                BLL.gigade.Common.HashEncrypt hash = new BLL.gigade.Common.HashEncrypt();

                try
                {
                    callerMgr.Modify_User_Confirm_Code(caller.user_id, hash.SHA256Encrypt(sUser_Confirm_Code));
                }
                catch (Exception ex)
                {
                    Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                    logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                    logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                    log.Error(logMessage);
                }



                ///////////////////////
                //發郵件
                ///////////////////////

                //return Redirect("/Login/ChangePasswd?uid=" + caller.user_id + "&code=" + sUser_Confirm_Code);

                ViewBag.ConfirmSend = "請檢查您的E-mail信箱,以取得密碼的相關資訊!";
                return View("NoticeShow");

            }
            else
            {
                notice = "{result:'Notice',msg:'登錄信箱不能為空!'}";
                ViewBag.notice = notice;
                return View("Forget");
            }
        }
Exemplo n.º 6
0
        public ActionResult Login()
        {
            string code = string.Empty;
            string challenge_id = string.Empty;
            string challenge_key = string.Empty;
          
            object notice = new object();
            if (string.IsNullOrEmpty(Request.Params["txtEmail"]))
            {
                notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_NO_EMAIL + "'}";
                ViewBag.notice = notice;
                return View("Index");
            }

            string IsRemember = Request.Params["chkRememberEmail"] != null ? Request.Params["chkRememberEmail"] : "false";
            string email = Request.Params["txtEmail"].Trim();
            string passwd = Request.Params["passwd"].Trim();
            int CookieExpireTime = 10;
            ViewBag.LoginEmail = null;
            _vendorImp = new VendorMgr(connectionString);
            //Caller caller = null;
            BLL.gigade.Model.Vendor vendor = null;
            //記錄/清空cookie

            BLL.gigade.Common.CommonFunction.Cookie_Set("vendor", "email", email, IsRemember, CookieExpireTime);

            UserLoginAttemptsMgr ulaMgr = new UserLoginAttemptsMgr(connectionString);

            //if (!Regex.IsMatch(email, @"^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$"))
            if (!Regex.IsMatch(email, @"[\w|-]+@[-|\w]*[-|\.|\w]*\.\w"))
            {
                notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_EMAIL_FORMAT_ERROR + "'}";
                ViewBag.notice = notice;
                if (IsRemember == "true")
                {
                    ViewBag.LoginEmail = email;
                }
                return View("Index");
            }

            if (passwd == "")
            {
                notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_NO_PASSWD + "'}";
                ViewBag.notice = notice;
                if (IsRemember == "true")
                {
                    ViewBag.LoginEmail = email;
                }
                return View("Index");
            }
            if (!string.IsNullOrEmpty(Request.Params["CheckCode"]))
            {
                code = Request.Params["CheckCode"].ToString().Trim();
            }
            if (Session["code"] != null)
            {
                if (Session["code"].ToString() != code)
                {
                    string message = "{result:'Notice',msg:'驗證碼輸入錯誤'}";
                    ViewBag.notice = message;
                    ViewBag.Email = Request.Params["txtEmail"];
                    ViewBag.Password = Request.Params["passwd"];
                    return View("Index");
                }
            }
            try
            {
                BLL.gigade.Model.Vendor query = new BLL.gigade.Model.Vendor();
                query.vendor_email = email;
                vendor = _vendorImp.Login(query);
            }
            catch (Exception ex)
            {
                Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                log.Error(logMessage);
            }


            if (vendor == null)
            {
                notice = "{result:'Error',msg:'" + Resources.Login.ERROR_EMAIL_PASSWD_ERROR + "'}";
                ViewBag.notice = notice;
                if (IsRemember == "true")
                {
                    ViewBag.LoginEmail = email;
                }
                UserLoginAttempts ula = new UserLoginAttempts();
                ula.login_mail = email;
                ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                ula.login_type = 5;
                ulaMgr.Insert(ula);
                return View("Index");
            }
            else
            {
                if (vendor.vendor_status == 2)
                {
                    notice = "{result:'Error',msg:'" + Resources.Login.NOTICE_EMAIL_STOP + "'}";
                    ViewBag.notice = notice;
                    if (IsRemember == "true")
                    {
                        ViewBag.LoginEmail = email;
                    }
                    UserLoginAttempts ula = new UserLoginAttempts();
                    ula.login_mail = email;
                    ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                    ula.login_type = 5;
                    ulaMgr.Insert(ula);
                    ViewBag.Email = Request.Params["txtEmail"];
                    return View("Index");
                }

                //if (caller.user_status == 3)
                //{
                //    notice = "{result:'Error',msg:'" + Resources.Login.NOTICE_EMAIL_DELETE + "'}";
                //    ViewBag.notice = notice;
                //    if (IsRemember == "true")
                //    {
                //        ViewBag.LoginEmail = email;
                //    }
                //    return View("Index");
                //}


                try
                {
                    challenge_id = callerMgr.Add_Challenge();
                    challenge_key = callerMgr.Get_Challenge_Key(challenge_id);
                    callerMgr.Kill_Challenge_Id(challenge_id);
                }
                catch (Exception ex)
                {
                    Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                    logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                    logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                    log.Error(logMessage);
                }
               
                BLL.gigade.Common.HashEncrypt hash = new BLL.gigade.Common.HashEncrypt();
                string inputpasswd = hash.SHA256Encrypt(hash.SHA256Encrypt(passwd) + challenge_key);
                string newpasswd = hash.SHA256Encrypt(vendor.vendor_password+ challenge_key);

                if (inputpasswd != newpasswd)
                {
                    try
                    {
                        _vendorImp.Add_Login_Attempts(Convert.ToInt32(vendor.vendor_id));
                        //callerMgr.Add_Login_Attempts(caller.user_id);
                    }
                    catch (Exception ex)
                    {
                        Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                        logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                        logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                        log.Error(logMessage);
                    }

                    vendor.vendor_login_attempts++;
                    string tempStr = string.Format(Resources.Login.ERROR_PASSWD_ERROR_TIMES, vendor.vendor_login_attempts, 6);
                    notice = "{result:'Error',msg:'" + tempStr + "'}";
                    UserLoginAttempts ula = new UserLoginAttempts();
                    ula.login_mail = email;
                    ula.login_ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                    ula.login_type = 5;
                    ulaMgr.Insert(ula);
                    ViewBag.notice = notice;
                    ViewBag.Email = Request.Params["txtEmail"];
                    ViewBag.challenge_id = callerMgr.Add_Challenge();
                    ViewBag.challenge_key = callerMgr.Get_Challenge_Key(ViewBag.challenge_id);

                    if (vendor.vendor_login_attempts >= 6)
                    {
                        try
                        {
                            _vendorImp.Modify_Vendor_Status(Convert.ToInt32(vendor.vendor_id), 2);
                        }
                        catch (Exception ex)
                        {
                            Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                            logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                            logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                            log.Error(logMessage);
                        }

                    }


                    if (IsRemember == "true")
                    {
                        ViewBag.LoginEmail = email;
                    }

                    return View("Index");
                }

                //if (caller.user_status == 0)
                //{
                //    notice = "{result:'Notice',msg:'" + Resources.Login.NOTICE_FIRST_LOGIN + "'}";
                //    ViewBag.notice = notice;
                //    ViewBag.isFirst = 1;
                //    ViewBag.uid = caller.user_id;
                //    ViewBag.email = caller.user_email;
                //    return View("ChangePasswd");
                //}

                //try
                //{
                //    //添加登錄記錄
                //    callerMgr.Add_Manage_Login(caller.user_id);

                //    //修改登入數據
                //    callerMgr.Modify_User_Login_Data(caller.user_id);
                //}
                //catch (Exception ex)
                //{
                //    Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                //    logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                //    logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                //    log.Error(logMessage);
                //}

                //caller.user_password = "";

                //Session["caller"] = caller;
                vendor.vendor_password = "";
                Session["vendor"] = vendor;
                Session["lgnName"] = vendor.vendor_name_simple;
                return Redirect("../home");

            }

        }
Exemplo n.º 7
0
        public HttpResponseBase SecretLogin()
        {

            string json = string.Empty;
            try
            {
                SecretAccountSet query = new SecretAccountSet();
                sasMgr = new SecretAccountSetMgr(mySqlConnectionString);
                _secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString);
                query.user_id = Convert.ToUInt32((System.Web.HttpContext.Current.Session["caller"] as Caller).user_id.ToString());
                query.ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                query.status = 1;
                List<SecretAccountSet> store = sasMgr.GetSecretSetList(query);//獲得用戶的密保信息
                if (store.Count != 0)//該用戶有機敏權限
                {
                    if (!string.IsNullOrEmpty(Request.Params["password"]))
                    {
                        HashEncrypt hmd5 = new HashEncrypt();
                        if (store[0].secret_pwd != hmd5.SHA256Encrypt(Request.Params["oldpassword"]) && Request.Params["oldpassword"].ToString() != "" && store[0].pwd_status == 0)
                        {
                            ulaMgr = new UserLoginAttemptsMgr(mySqlConnectionString);
                            UserLoginAttempts ula = new UserLoginAttempts();
                            ula.login_mail = (System.Web.HttpContext.Current.Session["caller"] as Caller).user_email;
                            ula.login_ipfrom = query.ipfrom;
                            ula.login_type = 4;
                            ulaMgr.Insert(ula);
                            SecretAccountSet sas = new SecretAccountSet();
                            store[0].user_login_attempts += 1;
                            store[0].updatedate = DateTime.Now;
                            sasMgr.LoginError(store[0]);
                            int count = 5 - store[0].user_login_attempts;//還有count次登入機會
                            json = "{success:true,error:5,count:" + count + "}";//返回json數據0:密碼錯誤
                        }
                        else
                        {
                            if ((store[0].secret_pwd == hmd5.SHA256Encrypt(Request.Params["password"]) && Request.Params["oldpassword"].ToString() == "") || store[0].pwd_status == 0)//密碼驗證正確
                            {
                                if (store[0].secret_count != 0 || store[0].user_login_attempts != 0 || store[0].pwd_status == 0)
                                {
                                    if (store[0].user_login_attempts != 0)
                                    {
                                        store[0].user_login_attempts = 0;
                                    }
                                    if (store[0].secret_count > 1)
                                    {
                                        store[0].secret_count = 1;
                                    }
                                    if (store[0].pwd_status == 0)
                                    {
                                        store[0].pwd_status = 1;
                                        store[0].secret_pwd = hmd5.SHA256Encrypt(Request.Params["password"]);
                                    }
                                    store[0].updatedate = DateTime.Now;
                                    sasMgr.Update(store[0]);//清空賬戶錯誤預警信息
                                }
                                //獲取最新的一條數據
                                SecretInfoLog info = _secretLogMgr.GetMaxCreateLog(new SecretInfoLog { user_id = query.user_id, ipfrom = query.ipfrom }).FirstOrDefault();
                                if (info.input_pwd_date == DateTime.MinValue)//該條數據是否已經記錄驗證時間,沒有則修改,有則新增
                                {
                                    info.input_pwd_date = DateTime.Now;
                                    _secretLogMgr.UpdateSecretInfoLog(info);
                                }
                                else
                                {
                                    info.input_pwd_date = DateTime.Now;
                                    _secretLogMgr.InsertSecretInfoLog(info);
                                }


                                json = "{success:true,error:0}";//返回json數據

                            }
                            else
                            {//密碼錯誤向
                                ulaMgr = new UserLoginAttemptsMgr(mySqlConnectionString);
                                UserLoginAttempts ula = new UserLoginAttempts();
                                ula.login_mail = (System.Web.HttpContext.Current.Session["caller"] as Caller).user_email;
                                ula.login_ipfrom = query.ipfrom;
                                ula.login_type = 4;
                                ulaMgr.Insert(ula);
                                SecretAccountSet sas = new SecretAccountSet();
                                store[0].user_login_attempts += 1;
                                store[0].updatedate = DateTime.Now;
                                sasMgr.LoginError(store[0]);
                                int count = 5 - store[0].user_login_attempts;//還有count次登入機會
                                if (store[0].secret_pwd != hmd5.SHA256Encrypt(Request.Params["oldpassword"]) && Request.Params["oldpassword"].ToString() != "" && store[0].pwd_status == 0)
                                {
                                    json = "{success:true,error:1,count:" + count + "}";//返回json數據0:密碼錯誤
                                }
                                else
                                {

                                    json = "{success:true,error:1,count:" + count + "}";//返回json數據0:密碼錯誤
                                }
                            }
                        }
                    }
                    else
                    {
                        json = "{success:true,error:3}";//返回json數據,後台未獲取到輸入的密碼 
                    }

                }
                else
                {
                    json = "{success:true,error:2}";//返回json數據1:用戶未註冊資安權限或被鎖定
                }


            }
            catch (Exception ex)
            {
                Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                log.Error(logMessage);
                json = "{success:false}";
            }
            this.Response.Clear();
            this.Response.Write(json);
            this.Response.End();
            return this.Response;
        }
Exemplo n.º 8
0
 public int Insert(UserLoginAttempts ula)
 {
     StringBuilder sql = new StringBuilder();
     try
     {
         sql.AppendFormat(@"INSERT INTO user_login_attempts (login_mail,login_ipfrom,login_type,login_createdate) ");
         sql.AppendFormat(@"VALUES('{0}','{1}','{2}','{3}');", ula.login_mail, ula.login_ipfrom, ula.login_type, CommonFunction.GetPHPTime(DateTime.Now.ToString()));
         return _access.execCommand(sql.ToString());
     }
     catch (Exception ex)
     {
         throw new Exception("UserLoginAttemptsDao-->Insert" + ex.Message + sql.ToString(), ex);
     }
 }
Exemplo n.º 9
0
        public DataTable GetUserLoginAttemptsList(UserLoginAttempts ula, out int totalCount)
        {
            totalCount = 0;
            StringBuilder sql = new StringBuilder();
            StringBuilder sqlfield = new StringBuilder();
            StringBuilder sqlfrom = new StringBuilder();
            StringBuilder sqlwhere = new StringBuilder();
            try
            {
                sqlfield.AppendLine(@"SELECT ula.login_id,u.user_id,u.user_name,ula.login_mail,ula.login_ipfrom,FROM_UNIXTIME(ula.login_createdate) AS login_createdate,");
                sqlfield.AppendLine(@"login_type,pa.parameterName as slogin_type,COUNT(ula.login_mail) AS sumtotal ");
                sqlfrom.AppendLine(@" FROM user_login_attempts  ula");
                sqlfrom.AppendLine(@" LEFT JOIN users u ON ula.login_mail=u.user_email");
                sqlfrom.AppendLine(@" LEFT JOIN (SELECT parameterCode,parameterName  FROM t_parametersrc WHERE parameterType='user_login_type') pa ON ula.login_type=pa.parameterCode ");
                sqlwhere.AppendLine(@" WHERE 1=1 ");               
                if (!string.IsNullOrEmpty(ula.login_ipfrom))
                {
                    sqlwhere.AppendFormat(@" AND ula.login_ipfrom like '%{0}%' ", ula.login_ipfrom);
                }
                if (!string.IsNullOrEmpty(ula.login_mail))
                {
                    sqlwhere.AppendFormat(@" AND ula.login_mail like '%{0}%' ", ula.login_mail);
                }
                if (ula.slogin_createdate != 0)
                {
                    sqlwhere.AppendFormat(@" AND ula.login_createdate >='{0}' ", ula.slogin_createdate);
                }
                if (ula.elogin_createdate != 0)
                {
                    sqlwhere.AppendFormat(@" AND ula.login_createdate <='{0}' ", ula.elogin_createdate);
                }
                if (ula.login_type != 0)
                {
                    sqlwhere.AppendFormat(@" AND ula.login_type ='{0}' ", ula.login_type);
                }
                if (ula.ismail == 0)
                {
                    sqlwhere.AppendFormat(@" GROUP BY ula.login_mail,ula.login_ipfrom,ula.login_type  ");
                }
                else if (ula.ismail == 1)
                {
                    sqlwhere.AppendFormat(@" GROUP BY ula.login_mail,ula.login_type  ");
                }
                else if (ula.ismail == 2)
                {
                    sqlwhere.AppendFormat(@" GROUP BY ula.login_ipfrom,ula.login_type  ");
                }

                if (ula.sumtotal != 0)
                {
                    if (ula.ismail == 1 || ula.ismail == 0)
                    {
                        sqlwhere.AppendFormat(@" HAVING COUNT(ula.login_mail)>= {0} ", ula.sumtotal);
                    }
                    else if (ula.ismail == 2)
                    {
                        sqlwhere.AppendFormat(@" HAVING COUNT(ula.login_ipfrom)>= {0} ", ula.sumtotal);
                    }
                }
                sql.Append(sqlfield.ToString() + sqlfrom.ToString() + sqlwhere.ToString());
                sql.AppendFormat(@"  ORDER BY login_id DESC ");
                if (ula.IsPage)
                {
                    DataTable dt = _access.getDataTable("SELECT ula.login_id " + sqlfrom.ToString() + sqlwhere.ToString());
                    totalCount = dt.Rows.Count;
                    sql.AppendFormat(@" LIMIT {0},{1} ", ula.Start, ula.Limit);
                }

                return _access.getDataTable(sql.ToString());

            }
            catch (Exception ex)
            {
                throw new Exception("UserLoginAttemptsDao-->GetUserLoginAttemptsList" + ex.Message + sql.ToString(), ex);
            }
        }