public LoginRule()
{
dac = new LoginDac();
langDac = new Common.DataAccess.LangInfo();
}
/// <summary>
/// 校验用户
/// </summary>
/// <param name="msg"></param>
/// <param name="loginflag"></param>
/// <param name="svrName"></param>
/// <param name="database"></param>
/// <param name="logid"></param>
/// <param name="pwd"></param>
/// <returns></returns>
public string WebCheck(out string msg, out bool loginflag, string svrName, string database, string logid, string pwd, I6WebAppInfo appInfo, string isOnlineCheck)
{
msg = string.Empty;
string pubConn = string.Empty;
string userConn = string.Empty;
var dbbuilder = LoginDac.GetAcountDBConnectString(svrName, database, out pubConn, out userConn);
appInfo.UserType = UserType.OrgUser;
#region 用户状态
string sql = "select status from fg3_user where userno = '" + logid + "'";
string ret = DbHelper.GetString(userConn, sql);
if (ret == "3")
{
msg = "用户[" + logid + "]已锁定,请联系系统管理员!";
loginflag = false;
return(string.Empty);
}
int sysErrortimes = dac.GetSysErrTimes(userConn);//系统定义出错次数
int currentErrorTimes = dac.GetErrTimes(logid, userConn);
if (currentErrorTimes == sysErrortimes)
{
dac.SetUserStateOff(logid, userConn);//锁定用户
msg = "用户[" + logid + "]已锁定,请联系系统管理员!";
loginflag = false;
return(string.Empty);
}
#endregion
#region 校验用户
string username = string.Empty;
object obj = DbHelper.ExecuteScalar(userConn, string.Format("select count(userno) from fg3_user where userno = '{0}'", logid));
if (obj == null || obj == DBNull.Value || obj.ToString() == "0")
{
//检测系统管理员
obj = DbHelper.ExecuteScalar(pubConn, string.Format("select count(cname) from ngrights where cname = '{0}'", logid));
if (obj == null || obj == DBNull.Value || obj.ToString() == "0")
{
msg = "不存在该用户!";
loginflag = false;
return(string.Empty);
}
else
{
appInfo.UserType = UserType.System;
}
username = logid;
}
else
{
string usernameSql = string.Format("select username from fg3_user where userno = '{0}'", logid);
username = DbHelper.GetString(userConn, usernameSql);
}
#endregion
#region 校验密码
if (UserType.OrgUser == appInfo.UserType)
{
obj = DbHelper.ExecuteScalar(userConn, string.Format("select pwd from fg3_user where userno = '{0}'", logid));
}
else
{
obj = DbHelper.ExecuteScalar(pubConn, string.Format("select cpwd from ngrights where cname = '{0}'", logid));
}
if (string.IsNullOrEmpty(pwd))
{
if (obj != null && obj != DBNull.Value)
{
if (obj.ToString().Length > 0)
{
msg = "密码不正确!";
loginflag = false;
return(string.Empty);
}
}
}
else
{
if (obj == null || obj == DBNull.Value)
{
msg = "密码不正确!";
loginflag = false;
return(string.Empty);
}
else
{
string dbpwd = NG3.NGEncode.DecodePassword(obj.ToString(), 128);
if (dbpwd.Equals(pwd) == false)
{
msg = "密码不正确!";
loginflag = false;
return(string.Empty);
}
}
}
//错误次数清零
dac.ClearErr(logid, userConn);
#endregion
#region 系统维护通知
if (appInfo.UserType != UserType.System)
{
DataTable dt = PubCommonDac.Instance.GetSysMaintainCall(pubConn);
if (dt.Rows.Count > 0)
{
string userID = PubCommonDac.Instance.GetUserId(userConn, logid);
string allowlogin = dt.Rows[0]["allowlogin"].ToString();
string[] allowlogins = allowlogin.Split(';');
bool flag = true;
string ucode = !string.IsNullOrWhiteSpace(database) ? database : new DBConnectionStringBuilder().DefaultDB.Replace("NG", "");
for (int i = 0; i < allowlogins.Length - 1; i++)
{
if (ucode == allowlogins[i].Split('|')[0] && userID == allowlogins[i].Split('|')[1])
{
flag = false;
break;
}
}
if (flag)
{
msg = "系统维护中,预计维护结束时间为" + dt.Rows[0]["preenddate"] + "。" + dt.Rows[0]["runinfo"];
loginflag = false;
return(string.Empty);
}
}
}
#endregion
#region 普通用户,获取组织
string ocode = string.Empty;
string oname = string.Empty;
var loginorg = string.Empty;
if (UserType.System != appInfo.UserType)
{
var strLoginOrg = DbHelper.ExecuteScalar(userConn, string.Format("select lastloginorg from fg3_user where userno = '{0}'", logid));
loginorg = strLoginOrg == null ? string.Empty : strLoginOrg.ToString();
}
if (!string.IsNullOrWhiteSpace(loginorg) && loginorg != "0")
{
sql = $"select ocode,oname from fg_orglist where phid = {loginorg}";
DataTable dt = DbHelper.GetDataTable(userConn, sql);
if (dt.Rows.Count > 0)
{
ocode = dt.Rows[0]["ocode"].ToString();//取第一个组织作为默认组织
oname = dt.Rows[0]["oname"].ToString();
}
}
else
{
msg = appInfo.UserType == UserType.System ? "" : "UserNoHaveOrg";//找不到用户最后一次的登录
}
#endregion
#region 在线用户
string message = CheckTheSameSessionUser(logid);
if (!string.IsNullOrEmpty(message))
{
msg = message;
loginflag = false;
return(string.Empty);
}
string uCode = !string.IsNullOrWhiteSpace(database) ? database : dbbuilder.DefaultDB;
if (isOnlineCheck != "1")
{
message = CheckUserOnline(logid, uCode.Replace("NG", ""), string.Empty);
if (!string.IsNullOrEmpty(message))
{
msg = message;
loginflag = false;
return(string.Empty);
}
}
#endregion
appInfo.PubConnectString = pubConn;
appInfo.UserConnectString = userConn;
appInfo.LoginID = logid;
appInfo.UserName = username;
appInfo.OCode = ocode;
appInfo.OrgName = oname;
appInfo.UCode = uCode;
appInfo.UserID = appInfo.UserType == UserType.System ? 0 : Convert.ToInt64(DbHelper.GetString(userConn, string.Format("select phid from fg3_user where userno = '{0}'", logid)));
long orgid = 0;
long.TryParse(loginorg, out orgid);
appInfo.OrgID = orgid;
loginflag = true;
return(userConn);
}
