//加密 protected void Button1_Click(object sender, EventArgs e) { Encrypt_Decrypt ed = new Encrypt_Decrypt(); if (TextBox1.Text.Trim() != "") { TextBox2.Text = ed.MD5Encrypt(TextBox1.Text, "!@#$%^&*"); } //if (dr.Read()) //{ // txtPassword.Text = ed.MD5Decrypt(dr["ST_PASSWORD"].ToString(), "!@#$%^&*"); //} //dr.Close(); }
protected bool CheckUser() { bool bUser = false; string strText = ""; Encrypt_Decrypt ed = new Encrypt_Decrypt(); string password = ed.MD5Encrypt(PassWord.Text.Trim(), "!@#$%^&*"); strText = "select a.ST_ID,a.ST_NAME,a.ST_PASSWORD,a.ST_DEPID,b.DEP_NAME,a.R_NAME,a.ST_POSITION ,st_allow_in "; strText += "from TBDS_STAFFINFO as a,TBDS_DEPINFO as b where a.ST_DEPID=b.DEP_CODE "; strText += "and (ST_CODE='" + UserName.Text + "' or ST_NAME = '" + UserName.Text + "') "; strText += "and ST_PASSWORD='******' "; SqlDataReader dr = DBCallCommon.GetDRUsingSqlText(strText); if (dr.Read()) { if (dr["ST_ALLOW_IN"].ToString() != "1") { bUser = false; power = "2"; } else { if (UserName.Text.Trim().Equals(dr["ST_NAME"].ToString()) || UserName.Text.Trim().Equals(dr["ST_CODE"].ToString())) { if (password.Equals(dr["ST_PASSWORD"].ToString())) { Session["UserName"] = dr["ST_NAME"].ToString(); Session["UserGroup"] = dr["R_NAME"].ToString(); Session["UserID"] = dr["ST_ID"].ToString(); Session["UserDeptID"] = dr["ST_DEPID"].ToString(); Session["UserDept"] = dr["DEP_NAME"].ToString(); Session["POSITION"] = dr["ST_POSITION"].ToString(); //Session["UserNameCode"] = dr["ST_NAMECODE"].ToString(); bUser = true; } } } } dr.Close(); return(bUser); }
protected void btnCom_Click(object sender, EventArgs e) { Encrypt_Decrypt ed = new Encrypt_Decrypt(); if (txtNew.Text.ToString() != txtCofirm.Text.ToString()) { lblupdate.Visible = true; lblupdate.Text = "新密码与确认的密码不一致!"; return; } string oldPassword = ""; string Sql0 = "select ST_PASSWORD from TBDS_STAFFINFO where ST_ID='" + Session["UserID"].ToString() + "'"; SqlDataReader dr = DBCallCommon.GetDRUsingSqlText(Sql0); if (dr.Read()) { oldPassword = dr["ST_PASSWORD"].ToString(); } dr.Close(); string nowtime = DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss"); string password = ed.MD5Encrypt(txtNew.Text.ToString(), "!@#$%^&*"); List <string> list = new List <string>(); string sql = "update TBDS_STAFFINFO set ST_PASSWORD='******' where ST_ID='" + Session["UserID"].ToString() + "'"; list.Add(sql); string sql1 = "insert into TBDS_EDITPASSWORDRECORD(stId,stName,editTime,oldPassword,newPassword) values ('" + userid + "','" + username + "' ,'" + nowtime.Trim() + "' ,'" + oldPassword.Trim() + "' ,'" + password.Trim() + "')"; list.Add(sql1); try { DBCallCommon.ExecuteTrans(list); Response.Write("<script language='JavaScript'>alert('修改密码成功!');window.parent.location.href= '../Default.aspx';</script>"); } catch { Response.Write("<script language='JavaScript'>alert('密码修改失败!')</script>"); } }
protected void btncx_click(object sender, EventArgs e) { string strText = ""; Encrypt_Decrypt ed = new Encrypt_Decrypt(); string password = ed.MD5Encrypt(txtpassword.Text.Trim(), "!@#$%^&*"); strText = "select a.ST_ID,a.ST_NAME,a.ST_PASSWORD,a.ST_DEPID,b.DEP_NAME,a.R_NAME,a.ST_POSITION "; strText += "from TBDS_STAFFINFO as a,TBDS_DEPINFO as b where a.ST_DEPID=b.DEP_CODE "; strText += "and (ST_WORKNO='" + txtCx.Text + "' or ST_NAME = '" + txtCx.Text + "') "; strText += "and ST_PASSWORD='******' "; DataTable dt = DBCallCommon.GetDTUsingSqlText(strText); //Session["UserName"] = dt.Rows[0]["ST_NAME"].ToString(); if (dt.Rows.Count > 0) { string st_id = dt.Rows[0]["ST_ID"].ToString().Trim(); Response.Redirect("http://111.160.8.74:888/OM_Data/OM_CXHZ.aspx?id=" + st_id); } else { Response.Write("<script type='text/javascript'>alert('您的用户名或者密码错误!!!')</script>"); } }
protected void Page_Load(object sender, EventArgs e) { string UserName = Request.Form["UserName"].ToString().Trim(); string password = Request.Form["password"].ToString().Trim(); string result = ""; string strText = ""; Encrypt_Decrypt ed = new Encrypt_Decrypt(); password = ed.MD5Encrypt(password, "!@#$%^&*"); strText = "select ST_ID,ST_NAME,ST_PASSWORD,ST_DEPID from TBDS_STAFFINFO where (ST_CODE='" + UserName + "' or ST_NAME = '" + UserName + "') and ST_PASSWORD='******'"; DataTable dt = DBCallCommon.GetDTUsingSqlText(strText); if (dt.Rows.Count > 0) { result = "{\"DEPID\":\"" + dt.Rows[0]["ST_DEPID"].ToString().Trim() + "\",\"result\":\"success\",\"msg\":\"登录成功!\"}"; } else { result = "{\"result\":\"fault\",\"msg\":\"用户名或密码错误!\"}"; } Response.Write(result); }