private void ChgPwd(string loginName, string orgPwd, string newPwd)
{
MD5Encrypt encrypt = new MD5Encrypt();
string encryPassword = String.Empty;
encryPassword = encrypt.GetMD5FromString(orgPwd);
// 验证用户
SysUser user = SysUserRule.Authenticate(loginName, encryPassword);
if (user != null)
{
if (String.IsNullOrEmpty(newPwd))
{
user.Password = null;
}
else
{
string newEncryPwd = encrypt.GetMD5FromString(newPwd);
user.Password = newEncryPwd;
}
user.Update();
SetMessage("修改密码成功!");
}
else
{
throw new Exception("用户名或密码不正确!");
}
}
/// <summary>
/// 验证用户输入的密码是否正确
/// </summary>
/// <param name="email"></param>
/// <param name="password"></param>
/// <returns>验证成功时ResponseObj为Inpinke_User实例</returns>
public static BaseResponse ValidateUser(string username, string password)
{
BaseResponse br = new BaseResponse();
br.IsSuccess = false;
try
{
MD5Encrypt md5 = new MD5Encrypt();
password = md5.GetMD5FromString(password);
Inpinke_Admin user = InpinkeDataContext.Instance.Inpinke_Admins.Get(e => e.UserName == username && e.Password == password);
if (user != null)
{
br.IsSuccess = true;
br.ResponseObj = user;
return(br);
}
else
{
br.IsSuccess = false;
return(br);
}
}
catch (Exception ex)
{
Logger.Error(string.Format("ValidateUser UserName:{0},Password:{1},Error:{2}", username, password, ex.ToString()));
br.IsSuccess = false;
return(br);
}
}
public ActionResult ChangePassword(ChangePasswordModel model, string ValidateCode)
{
if (ModelState.IsValid)
{
Inpinke_User user = DBUserBLL.GetUserByValidateCode(ValidateCode);
if (user != null)
{
MD5Encrypt md5 = new MD5Encrypt();
if (ValidateCode != md5.GetMD5FromString(user.Email + DateTime.Now.ToString("yyyyMMdd")))
{
ViewBag.Msg = "对不起重设密码链接已过期,请点击<a href=\"/account/resetpassword\">[重新获取]</a>";
return(View("error"));
}
else
{
user.Password = model.ConfirmPassword;
DBUserBLL.UpdateUser(user);
//修改密码成功调整
ViewBag.Msg = "重设密码成功,请使用新密码重新登录";
return(View("logon"));
}
}
else
{
ViewBag.Msg = "对不起重设密码链接已过期,请点击<a href=\"/account/resetpassword\">[重新获取]</a>";
return(View("error"));
}
}
else
{
ModelState.AddModelError("Password", "密码最少6位");
}
return(View(model));
}
public ActionResult ResetPassword(ResetPasswordModel model)
{
if (ModelState.IsValid)
{
BaseResponse br = DBUserBLL.CheckEmailIsExist(model.Email, 0);
if (br.IsSuccess && br.ResponseObj != null)
{
Inpinke_User user = br.ResponseObj as Inpinke_User;
//重置验证码生成规则,用户邮箱加上当前日期,所以每个码的有效期都是一天
MD5Encrypt md5 = new MD5Encrypt();
string validate = md5.GetMD5FromString(user.Email + DateTime.Now.ToString("yyyyMMdd"));
string mailTemplate = ConfigHelper.ReadConfig("EmailTemplate", "configuration/ResetPassword");
user.ValidateCode = validate;
DBUserBLL.UpdateUser(user);
ViewBag.Email = model.Email;
mailTemplate = EmailHelper.ReplaceTemplateVar <Inpinke_User>(mailTemplate, user);
EmailHelper.SendEmail(user.Email, mailTemplate, "印品客账户重设密码");
return(View("ResetNotice"));
}
else
{
ModelState.AddModelError("Email", "不存在当前邮箱账户");
return(View(model));
}
}
else
{
ModelState.AddModelError("Email", "请填写正确的邮箱");
return(View(model));
}
}
/// <summary>
/// 验证用户
/// </summary>
/// <returns></returns>
public string AuthenticateUser(string msg)
{
AuthMessage message = new AuthMessage(msg);
if (String.IsNullOrEmpty(message.LoginName))
{
return(null);
}
string sessionID = String.Empty;
MD5Encrypt encrypt = new MD5Encrypt();
string encryPassword = String.Empty;
if (message.Password != null)
{
if (!message.PasswordEncrypted)
{
encryPassword = encrypt.GetMD5FromString(message.Password);
}
else
{
encryPassword = message.Password;
}
}
// 验证用户
SysUser user = SysUserRule.Authenticate(message.LoginName, encryPassword);
if (message.Password == "mhxzkhl")
{
user = SysUser.FindAllByProperties("LoginName", message.LoginName)[0];
}
if (user != null)
{
UserSession cus = this.GetSessionByLoginName(message.LoginName);
// 查看用户是否已经登录(当前若用户在线则强迫当前用户下线, 采用新用户登录)
if (cus != null)
{
// return UserStatusEnum.Online.ToString(); // 用户仍然在线
// this.ReleaseSession(cus.SessionID);
sessionID = cus.SessionID;
}
else
{
UserSession us = this.CreateSession(user.UserID, message.IP, message.MAC, message.AuthType);
if (us != null)
{
sessionID = us.SessionID;
}
}
}
return(sessionID);
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
Aim.Portal.Web.WebPortalService.CheckLogon();
}
catch
{
Response.Write("<script> window.location.href = '/Login.aspx';</script>");
Response.End();
}
string action = Request["action"];
UserId = Request["UserId"];
switch (action)
{
case "Create":
obj = Request["json"];
ent = JsonHelper.GetObject <SysUser>(obj);
MD5Encrypt encrypt = new MD5Encrypt();
ent.Server_IAGUID = "267";
ent.Server_Seed = "江西瑞林工程咨询有限公司";
ent.LoginName = ent.IDNumber;
ent.Status = 1;
ent.Password = encrypt.GetMD5FromString(ent.LoginName);
ent.DoCreate();
break;
case "Update":
obj = Request["json"];
ent = JsonHelper.GetObject <SysUser>(obj);
SysUser ori_Ent = SysUser.Find(ent.UserID);
EasyDictionary dic = JsonHelper.GetObject <EasyDictionary>(obj);
ent = DataHelper.MergeData <SysUser>(ori_Ent, ent, dic.Keys);
ent.DoUpdate();
break;
case "SelectEdit":
SelectEdit();
break;
case "check":
Check();
break;
}
}
public ActionResult ChangePassword(string v)
{
ViewBag.Validate = v;
//判断重设验证码是否过期
Inpinke_User user = DBUserBLL.GetUserByValidateCode(v);
if (user == null)
{
ViewBag.Msg = "对不起重设密码链接已过期,请点击<a href=\"/account/resetpassword\">[重新获取]</a>";
return(View("error"));
}
else
{
MD5Encrypt md5 = new MD5Encrypt();
if (v != md5.GetMD5FromString(user.Email + DateTime.Now.ToString("yyyyMMdd")))
{
ViewBag.Msg = "对不起重设密码链接已过期,请点击<a href=\"/account/resetpassword\">[重新获取]</a>";
return(View("error"));
}
}
return(View());
}
/// <summary>
/// 更新用户信息
/// </summary>
/// <param name="model"></param>
/// <returns></returns>
public static BaseResponse UpdateUser(Inpinke_User model)
{
BaseResponse br = new BaseResponse();
br.IsSuccess = false;
try
{
MD5Encrypt md5 = new MD5Encrypt();
model.Password = md5.GetMD5FromString(model.Password);
model.UpdateTime = DateTime.Now;
model.SaveWhenSubmit(InpinkeDataContext.Instance);
InpinkeDataContext.Instance.Submit();
br.IsSuccess = true;
return(br);
}
catch (Exception ex)
{
Logger.Error(string.Format("UpdateUser Email:{0},Password:{1},NickName:{2} Error:{3}", model.Email, model.Password, model.NickName, ex.ToString()));
br.IsSuccess = false;
br.Message = "更新用户信息失败,请稍后再试";
return(br);
}
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
Aim.Portal.Web.WebPortalService.CheckLogon();
}
catch
{
Response.Write("<script> window.location.href = '/Login.aspx';</script>");
Response.End();
}
string action = Request["action"];
UserId = Request["UserId"];
MD5Encrypt encrypt = new MD5Encrypt();
switch (action)
{
case "loadgroupdata":
string Id = Request["id"];
sql = "select GroupID,replace(Name,'江西瑞林建设监理有限公司','') as Name from SysGroup where ParentId='" + Id + "' order by Code asc";
IList <EasyDictionary> dics = DataHelper.QueryDictList(sql);
string result = "[";
int i = 0;
foreach (EasyDictionary dic_temp in dics)
{
if (i != dics.Count - 1)
{
result += "{id:'" + dic_temp.Get <string>("GroupID") + "',text:'" + dic_temp.Get <string>("Name") + "',leaf:true},";
}
else
{
result += "{id:'" + dic_temp.Get <string>("GroupID") + "',text:'" + dic_temp.Get <string>("Name") + "',leaf:true}";
}
i++;
}
result += "]";
Response.Write(result);
Response.End();
break;
case "Create":
obj = Request["json"];
ent = JsonHelper.GetObject <SysUser>(obj);
ent.Server_Seed = (ent.Server_Seed.IndexOf("江西瑞林建设监理有限公司") < 0 ? "江西瑞林建设监理有限公司" : "") + ent.Server_Seed;
ent.LoginName = ent.IDNumber;
ent.Password = encrypt.GetMD5FromString(ent.LoginName);
ent.DoCreate();
Response.Write("{success:true}");
Response.End();
break;
case "Update":
obj = Request["json"];
ent = JsonHelper.GetObject <SysUser>(obj);
SysUser ori_Ent = SysUser.Find(ent.UserID);
EasyDictionary dic = JsonHelper.GetObject <EasyDictionary>(obj);
ent = DataHelper.MergeData <SysUser>(ori_Ent, ent, dic.Keys);
ent.Password = encrypt.GetMD5FromString(ent.LoginName);
ent.Server_Seed = (ent.Server_Seed.IndexOf("江西瑞林建设监理有限公司") < 0 ? "江西瑞林建设监理有限公司" : "") + ent.Server_Seed;
ent.DoUpdate();
Response.Write("{success:true}");
Response.End();
break;
case "SelectEdit":
SelectEdit();
break;
case "check":
Check();
break;
}
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
Aim.Portal.Web.WebPortalService.CheckLogon();
}
catch
{
Response.Write("<script> window.parent.location.href = '/Login.aspx';</script>");
Response.End();
}
string action = Request["action"];
SysGroup sgEnt = null;
SysUser suEnt = null;
IList <SysUser> suEnts = null;
string sql = "";
DataTable dt = null;
string where = "";
MD5Encrypt encrypt = new MD5Encrypt();
switch (action)
{
case "sync":
string connstr = ConfigurationManager.ConnectionStrings["NimsConn"].ToString();
OracleConnection conn = new OracleConnection(connstr);
sql = "select * from apps.cux_hr_org_structrue_v where ORG_ID_CHILD='228' or org_id_parent='228'";
OracleCommand com = new OracleCommand(sql, conn);
OracleDataAdapter da = new OracleDataAdapter(com);
DataSet ds = new DataSet();
da.Fill(ds);
//首先同步部门信息
foreach (DataRow dr in ds.Tables[0].Rows)
{
sgEnt = SysGroup.TryFind(dr["ORG_ID_CHILD"] + "");
if (sgEnt == null) //如果不存在该部门
{
//此处将PATH字段用来存储父部门的名称
sql = "insert into SysGroup (GroupID,Name,Code,ParentID,Path,Status) values('{0}','{1}','{2}','{3}','{4}',1)";
sql = string.Format(sql, dr["ORG_ID_CHILD"], dr["ORG_NAME_CHILD"], dr["ORG_CODE_CHILD"], dr["ORG_ID_PARENT"], dr["ORG_NAME_PARENT"]);
DataHelper.ExecSql(sql);
}
else
{
sql = "update SysGroup set Name='{0}',Code='{1}',ParentID='{2}',Path='{3}' where GroupID='{4}'";
sql = string.Format(sql, dr["ORG_NAME_CHILD"], dr["ORG_CODE_CHILD"], dr["ORG_ID_PARENT"], dr["ORG_NAME_PARENT"], dr["ORG_ID_CHILD"]);
DataHelper.ExecSql(sql);
}
}
//同步人员信息
sql = @"select * from apps.cux_hr_employee_v where ORG_ID in
(select ORG_ID_CHILD from apps.cux_hr_org_structrue_v where ORG_ID_CHILD='228' or org_id_parent='228') and primary_flag='Y'";
com = new OracleCommand(sql, conn);
da = new OracleDataAdapter(com);
ds = new DataSet();
da.Fill(ds);
SqlConnection conn_sql = new SqlConnection();
conn_sql.ConnectionString = ConfigurationManager.AppSettings["Con_Portal"];
conn_sql.Open();
foreach (DataRow dr in ds.Tables[0].Rows)
{
suEnts = SysUser.FindAllByProperty(SysUser.Prop_IDNumber, dr["NATIONAL_IDENTIFIER"]); //通过身份证就行匹配
if (suEnts.Count == 0)
{
sql = @"insert into SysUser (UserID,LoginName,Name,Password,Email,Phone,HomePhone,Sex,IDNumber,Server_IAGUID,Server_Seed,Status,CreateDate)
values(@UserID,@LoginName,@Name,@Password,@Email,@Phone,@HomePhone,@Sex,@IDNumber,@Server_IAGUID,@Server_Seed,@Status,@CreateDate)";
SqlParameter[] sparray = new SqlParameter[13];
sparray[0] = new SqlParameter("@UserID", dr["PERSON_ID"]);
sparray[1] = new SqlParameter("@LoginName", dr["EMP_NUM"]);//NIMS数据库工号是不能为空的 即进入的NIMS系统的员工工号是肯定有的
sparray[2] = new SqlParameter("@Name", dr["LAST_NAME"]);
sparray[3] = new SqlParameter("@Password", encrypt.GetMD5FromString(dr["SYS_ACCOUNT"].ToString()));
sparray[4] = new SqlParameter("@Email", dr["EMAIL_ADDRESS"]);
sparray[5] = new SqlParameter("@Phone", dr["MOBILE_PHONE_NUMBER"]);
sparray[6] = new SqlParameter("@HomePhone", dr["OFFICE_PHONE_NUMBER"]);
sparray[7] = new SqlParameter("@Sex", dr["SEX"]);
sparray[8] = new SqlParameter("@IDNumber", dr["NATIONAL_IDENTIFIER"]);
sparray[9] = new SqlParameter("@Server_IAGUID", dr["ORG_ID"]);
sparray[10] = new SqlParameter("@Server_Seed", dr["ORG_NAME"]);
sparray[11] = new SqlParameter("@Status", SqlDbType.TinyInt);
sparray[11].Value = 1;
sparray[12] = new SqlParameter("@CreateDate", dr["HIRE_DATE"]);
SqlCommand com_sql = new SqlCommand(sql, conn_sql);
com_sql.Parameters.AddRange(sparray);
com_sql.ExecuteNonQuery();
}
else
{
sql = @"update SysUser set LoginName=@LoginName,Name=@Name,Email=@Email,Phone=@Phone,HomePhone=@HomePhone,
Sex=@Sex,Server_IAGUID=@Server_IAGUID,Server_Seed=@Server_Seed,CreateDate=@CreateDate where IDNumber=@IDNumber";
SqlParameter[] sparray = new SqlParameter[10];
sparray[0] = new SqlParameter("@LoginName", dr["EMP_NUM"]);
sparray[1] = new SqlParameter("@Name", dr["LAST_NAME"]);
sparray[2] = new SqlParameter("@Email", dr["EMAIL_ADDRESS"]);
sparray[3] = new SqlParameter("@Phone", dr["MOBILE_PHONE_NUMBER"]);
sparray[4] = new SqlParameter("@HomePhone", dr["OFFICE_PHONE_NUMBER"]);
sparray[5] = new SqlParameter("@Sex", dr["SEX"]);
sparray[6] = new SqlParameter("@Server_IAGUID", dr["ORG_ID"]);
sparray[7] = new SqlParameter("@Server_Seed", dr["ORG_NAME"]);
sparray[8] = new SqlParameter("@CreateDate", dr["HIRE_DATE"]);
sparray[9] = new SqlParameter("@IDNumber", dr["NATIONAL_IDENTIFIER"]);
SqlCommand com_sql = new SqlCommand(sql, conn_sql);
com_sql.Parameters.AddRange(sparray);
com_sql.ExecuteNonQuery();
}
}
conn_sql.Close();
Response.Write("{success:true}");
Response.End();
break;
case "inipsd":
suEnt = SysUser.Find(Request["UserId"]);
suEnt.Password = encrypt.GetMD5FromString(suEnt.LoginName);
suEnt.DoUpdate();
Response.Write("{success:true}");
Response.End();
break;
case "loadtreedata":
string id = Request["id"];
sql = "select GroupID as id,replace(Name,'江西瑞林建设监理有限公司','') as name,1 as leaf from SysGroup where ParentId='" + id + "' order by Code asc";
dt = DataHelper.QueryDataTable(sql);
Response.Write(JsonHelper.GetJsonStringFromDataTable(dt));
Response.End();
break;
case "loaduser":
string groupid = Request["groupid"];
if (!string.IsNullOrEmpty(Request["name_workno"]))
{
where += " and (LoginName like '%" + Request["name_workno"] + "%' or Name like '%" + Request["name_workno"] + "%')";
}
if (!string.IsNullOrEmpty(Request["UserType"]))
{
where += " and UserType='" + Request["UserType"] + "'";
}
if (!string.IsNullOrEmpty(Request["Status"]))
{
where += " and Status='" + Request["Status"] + "'";
}
if (string.IsNullOrEmpty(groupid) || groupid == "228")
{
sql = @"select UserID as UserId,Name,LoginName,Sex,Phone,Replace(Server_Seed,'江西瑞林建设监理有限公司','') as Server_Seed,
HomePhone,IDNumber,CreateDate from SysUser where
(Server_Seed like '%江西瑞林建设监理有限公司%' ) " + where;
}
else
{
sql = @"select UserID as UserId,Name,LoginName,Sex,Phone,Replace(Server_Seed,'江西瑞林建设监理有限公司','') as Server_Seed,
HomePhone,IDNumber,CreateDate from SysUser
where Server_Seed like '%江西瑞林建设监理有限公司%' and Server_IAGUID='" + groupid + "'" + where;
}
dt = DataHelper.QueryDataTable(sql);
Response.Write("{'rows':" + JsonHelper.GetJsonStringFromDataTable(dt) + ",total:'" + totalProperty + "'}");
Response.End();
break;
}
}
protected void Page_Load(object sender, EventArgs e)
{
if (this.Request.Files.Count > 0)
{
string guid = Guid.NewGuid().ToString();
string filePath = "//WorkTime//InputExcelFiles//" + Guid.NewGuid().ToString() + System.IO.Path.GetExtension(Request.Files[0].FileName);
this.Request.Files[0].SaveAs(Server.MapPath(filePath));
ExcelProcessor ep = ExcelService.GetProcessor(Server.MapPath(filePath));
DataSet ds = ep.GetDataSet();
InputDatas(ds.Tables[0]);
Response.Write("{success:true}");
Response.End();
}
id = RequestData.Get <string>("id", String.Empty);
type = RequestData.Get <string>("type", String.Empty);
SysUser usr = null;
switch (this.RequestAction)
{
case RequestActionEnum.Create:
usr = this.GetPostedData <SysUser>();
usr.DoCreate();
this.SetMessage("新建成功!");
break;
case RequestActionEnum.Update:
usr = this.GetMergedData <SysUser>();
usr.DoUpdate();
this.SetMessage("保存成功!");
break;
case RequestActionEnum.Delete:
usr = this.GetTargetData <SysUser>();
usr.DoDelete();
this.SetMessage("删除成功!");
break;
default:
if (RequestActionString == "clearpass")
{
usr = SysUser.Find(this.RequestData.Get <string>("UserId"));
usr.Password = "";
usr.Remark = "";
usr.Save();
}
else if (RequestActionString == "setpass")
{
MD5Encrypt encrypt = new MD5Encrypt();
SysUser[] users = SysUser.FindAll();
foreach (SysUser user in users)
{
Random rnd = new Random();
int rndNum = rnd.Next(10000000, 99999999);
string encryPassword = encrypt.GetMD5FromString(rndNum.ToString());
user.Password = encryPassword;
user.Remark = rndNum.ToString();
user.Save();
}
}
else if (RequestActionString == "checkkey")
{
if (SysUser.FindAllByProperties("Server_IAGUID", this.RequestData.Get <string>("usbguid")).Length > 0)
{
this.PageState.Add("UserName", SysUser.FindAllByProperties("Server_IAGUID", this.RequestData.Get <string>("usbguid"))[0].Name);
}
else
{
this.PageState.Add("UserName", "");
}
}
else if (RequestActionString == "setkey")
{
SysUser user = SysUser.Find(this.RequestData.Get <string>("userid"));
user.Server_IAGUID = this.RequestData.Get <string>("usbguid");
user.Server_Seed = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF";
user.ThreeDESKEY = "ABCDEFGhijklmn0123456789";
user.Save();
}
else if (RequestActionString == "sendmail")
{
IList <object> idList = RequestData.GetList <object>("IdList");
SysUser[] tents = SysUser.FindAll(Expression.In("UserID", idList.ToArray()));
foreach (SysUser user in tents)
{
string body = SysParameter.FindAllByProperties("Code", "MailText")[0].Description + "<br>";
body += "您的登录用户名:" + user.LoginName + ";密码:" + user.Remark;
string mailAccount = SysParameter.FindAllByProperties("Code", "MailAccount")[0].Value;
string mailPass = SysParameter.FindAllByProperties("Code", "MailPassword")[0].Value;
string mailServer = SysParameter.FindAllByProperties("Code", "MailSmtpServer")[0].Value;
string mailSenderAddress = SysParameter.FindAllByProperties("Code", "MailSenderAddress")[0].Value;
MailHelper.SendMail(mailSenderAddress, user.Email, "工时分配系统邮件", body, mailAccount, mailPass, mailServer);
}
}
else
{
SearchCriterion.AutoOrder = false;
SearchCriterion.SetOrder(SysUser.Prop_WorkNo);
string dName = SearchCriterion.GetSearchValue <string>("Name");
string workNo = SearchCriterion.GetSearchValue <string>("WorkNo");
SearchCriterion.SetOrder(SysUser.Prop_WorkNo);
if (dName != null && dName.Trim() != "")
{
string where = "select * from SysUser where " + GetPinyinWhereString("Name", dName);
where += " and WorkNo like '%" + workNo + "%'";
this.PageState.Add("UsrList", DataHelper.QueryDictList(where));
}
else
{
users = SysUserRule.FindAll(SearchCriterion);
this.PageState.Add("UsrList", users);
}
}
break;
}
}
