public LoginRule() { dac = new LoginDac(); langDac = new Common.DataAccess.LangInfo(); }
/// <summary> /// 校验用户 /// </summary> /// <param name="msg"></param> /// <param name="loginflag"></param> /// <param name="svrName"></param> /// <param name="database"></param> /// <param name="logid"></param> /// <param name="pwd"></param> /// <returns></returns> public string WebCheck(out string msg, out bool loginflag, string svrName, string database, string logid, string pwd, I6WebAppInfo appInfo, string isOnlineCheck) { msg = string.Empty; string pubConn = string.Empty; string userConn = string.Empty; var dbbuilder = LoginDac.GetAcountDBConnectString(svrName, database, out pubConn, out userConn); appInfo.UserType = UserType.OrgUser; #region 用户状态 string sql = "select status from fg3_user where userno = '" + logid + "'"; string ret = DbHelper.GetString(userConn, sql); if (ret == "3") { msg = "用户[" + logid + "]已锁定,请联系系统管理员!"; loginflag = false; return(string.Empty); } int sysErrortimes = dac.GetSysErrTimes(userConn);//系统定义出错次数 int currentErrorTimes = dac.GetErrTimes(logid, userConn); if (currentErrorTimes == sysErrortimes) { dac.SetUserStateOff(logid, userConn);//锁定用户 msg = "用户[" + logid + "]已锁定,请联系系统管理员!"; loginflag = false; return(string.Empty); } #endregion #region 校验用户 string username = string.Empty; object obj = DbHelper.ExecuteScalar(userConn, string.Format("select count(userno) from fg3_user where userno = '{0}'", logid)); if (obj == null || obj == DBNull.Value || obj.ToString() == "0") { //检测系统管理员 obj = DbHelper.ExecuteScalar(pubConn, string.Format("select count(cname) from ngrights where cname = '{0}'", logid)); if (obj == null || obj == DBNull.Value || obj.ToString() == "0") { msg = "不存在该用户!"; loginflag = false; return(string.Empty); } else { appInfo.UserType = UserType.System; } username = logid; } else { string usernameSql = string.Format("select username from fg3_user where userno = '{0}'", logid); username = DbHelper.GetString(userConn, usernameSql); } #endregion #region 校验密码 if (UserType.OrgUser == appInfo.UserType) { obj = DbHelper.ExecuteScalar(userConn, string.Format("select pwd from fg3_user where userno = '{0}'", logid)); } else { obj = DbHelper.ExecuteScalar(pubConn, string.Format("select cpwd from ngrights where cname = '{0}'", logid)); } if (string.IsNullOrEmpty(pwd)) { if (obj != null && obj != DBNull.Value) { if (obj.ToString().Length > 0) { msg = "密码不正确!"; loginflag = false; return(string.Empty); } } } else { if (obj == null || obj == DBNull.Value) { msg = "密码不正确!"; loginflag = false; return(string.Empty); } else { string dbpwd = NG3.NGEncode.DecodePassword(obj.ToString(), 128); if (dbpwd.Equals(pwd) == false) { msg = "密码不正确!"; loginflag = false; return(string.Empty); } } } //错误次数清零 dac.ClearErr(logid, userConn); #endregion #region 系统维护通知 if (appInfo.UserType != UserType.System) { DataTable dt = PubCommonDac.Instance.GetSysMaintainCall(pubConn); if (dt.Rows.Count > 0) { string userID = PubCommonDac.Instance.GetUserId(userConn, logid); string allowlogin = dt.Rows[0]["allowlogin"].ToString(); string[] allowlogins = allowlogin.Split(';'); bool flag = true; string ucode = !string.IsNullOrWhiteSpace(database) ? database : new DBConnectionStringBuilder().DefaultDB.Replace("NG", ""); for (int i = 0; i < allowlogins.Length - 1; i++) { if (ucode == allowlogins[i].Split('|')[0] && userID == allowlogins[i].Split('|')[1]) { flag = false; break; } } if (flag) { msg = "系统维护中,预计维护结束时间为" + dt.Rows[0]["preenddate"] + "。" + dt.Rows[0]["runinfo"]; loginflag = false; return(string.Empty); } } } #endregion #region 普通用户,获取组织 string ocode = string.Empty; string oname = string.Empty; var loginorg = string.Empty; if (UserType.System != appInfo.UserType) { var strLoginOrg = DbHelper.ExecuteScalar(userConn, string.Format("select lastloginorg from fg3_user where userno = '{0}'", logid)); loginorg = strLoginOrg == null ? string.Empty : strLoginOrg.ToString(); } if (!string.IsNullOrWhiteSpace(loginorg) && loginorg != "0") { sql = $"select ocode,oname from fg_orglist where phid = {loginorg}"; DataTable dt = DbHelper.GetDataTable(userConn, sql); if (dt.Rows.Count > 0) { ocode = dt.Rows[0]["ocode"].ToString();//取第一个组织作为默认组织 oname = dt.Rows[0]["oname"].ToString(); } } else { msg = appInfo.UserType == UserType.System ? "" : "UserNoHaveOrg";//找不到用户最后一次的登录 } #endregion #region 在线用户 string message = CheckTheSameSessionUser(logid); if (!string.IsNullOrEmpty(message)) { msg = message; loginflag = false; return(string.Empty); } string uCode = !string.IsNullOrWhiteSpace(database) ? database : dbbuilder.DefaultDB; if (isOnlineCheck != "1") { message = CheckUserOnline(logid, uCode.Replace("NG", ""), string.Empty); if (!string.IsNullOrEmpty(message)) { msg = message; loginflag = false; return(string.Empty); } } #endregion appInfo.PubConnectString = pubConn; appInfo.UserConnectString = userConn; appInfo.LoginID = logid; appInfo.UserName = username; appInfo.OCode = ocode; appInfo.OrgName = oname; appInfo.UCode = uCode; appInfo.UserID = appInfo.UserType == UserType.System ? 0 : Convert.ToInt64(DbHelper.GetString(userConn, string.Format("select phid from fg3_user where userno = '{0}'", logid))); long orgid = 0; long.TryParse(loginorg, out orgid); appInfo.OrgID = orgid; loginflag = true; return(userConn); }