public static SysAdminEntity getById(int adminId)
{
SysAdminEntity admin = new SysAdminEntity();
DataRow dr = DbHelper.ExecuteDataRow("p_SysAdmin_getById", adminId);
if (dr != null)
{
admin.AdminId = adminId;
admin.Username = dr["username"].ToString();
admin.Password = dr["password"].ToString();
admin.Realname = dr["Realname"].ToString();
admin.Email = dr["email"].ToString();
admin.Mobile = dr["Mobile"].ToString();
if (dr["LastDt"] != DBNull.Value)
admin.LastDt = Convert.ToDateTime(dr["LastDt"]);
if (dr["CurrentDt"] != DBNull.Value)
admin.CurrentDt = Convert.ToDateTime(dr["CurrentDt"]);
if (dr["Permission"] != DBNull.Value)
admin.Permission = dr["Permission"].ToString();
admin.IsSalesperson = Convert.ToBoolean(dr["isSalesperson"]);
if (dr["isAllowAccess"] != DBNull.Value)
admin.IsAllowAccess = Convert.ToBoolean(dr["isAllowAccess"]);
bool isbool=false;
bool.TryParse(dr["disable"].ToString(), out isbool);
admin.Disable = isbool;
if (dr["departmentId"] != DBNull.Value)
admin.Department = Convert.ToInt32(dr["departmentId"]);
}
return admin;
}
protected void btn_Save_Click(object sender, EventArgs e)
{
if (sysId==0)
{
if (logic.sysAdmin.isExistUser(txt_username.Text))
{
Library.Script.ClientMsg("用户名已经存在,重新输入!");
return;
}
}
SysAdminEntity adminEnt = new SysAdminEntity();
adminEnt.Username = txt_username.Text;
adminEnt.Realname = txt_realname.Text;
adminEnt.Email = txt_email.Text;
adminEnt.Mobile = txt_mobile.Text;
adminEnt.IsSalesperson = cbo_isSalesperson.Checked;
adminEnt.Disable = cbo_disable.Checked;
adminEnt.IsAllowAccess = chkAllowAccess.Checked;
adminEnt.Department = Convert.ToInt32(ddl_subDepartmentId.SelectedValue==""?ddl_departmentId.SelectedValue:ddl_subDepartmentId.SelectedValue);
if (sysId != 0)
{
adminEnt.Password =hid_pwd.Value;
adminEnt.AdminId = sysId;
logic.sysAdmin.update(adminEnt);
}
else
{
adminEnt.Password = Library.StringLbl.EncryptMD5(txt_pwd.Text);
logic.sysAdmin.insert(adminEnt);
}
Library.Script.ClientMsgUrl("保存成功!", "sysAdminList.aspx");
}
protected void btn_Save_Click(object sender, EventArgs e)
{
SysAdminEntity adminEnt = new SysAdminEntity();
adminEnt.Username = txt_username.Text;
adminEnt.Realname = txt_realname.Text;
adminEnt.Email = txt_email.Text;
adminEnt.Mobile = txt_mobile.Text;
adminEnt.AdminId = logic.sysAdmin.AdminID;
adminEnt.Password = hid_pwd.Value;
logic.sysAdmin.update(adminEnt);
Library.Script.ClientMsg("修改成功!");
}
public string Customer_updatePwd()
{
string oldpwd = Library.StringLbl.EncryptMD5(this.txt_oldPassword.Text);
int adminId = logic.sysAdmin.getById(logic.sysAdmin.AdminID).AdminId;
string sqlpwd = logic.sysAdmin.getById(adminId).Password;
//判断输入的旧密码与数据库的密码是否一致
if (oldpwd == sqlpwd)
{
SysAdminEntity _adminEnt = new SysAdminEntity();
_adminEnt.AdminId = adminId;
_adminEnt.Password = Library.StringLbl.EncryptMD5(txt_password.Text);
logic.sysAdmin.updatePwd(_adminEnt);
return "1";
}
else
{
//旧密码不正确
return "0";
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
// 验证登录代码
string username = this.txtUsername.Value.Trim();
string pwd = Library.StringLbl.EncryptMD5(this.txtPassword.Value.Trim());
SysAdminEntity adminEnt = new SysAdminEntity();
adminEnt = logic.sysAdmin.login(username, pwd, Convert.ToInt32(System.Configuration.ConfigurationSettings.AppSettings["AfterLoginMin"]));
if (adminEnt.StatusCode == 3)
{
logic.sysAdmin.RecordLogin(adminEnt.AdminId);
logic.loginLog.insertFade(adminEnt.AdminId, "1", Session.SessionID);
int psdhistory = logic.sysAdmin.selectPsdhistory(adminEnt.AdminId, "2");
if (psdhistory == 0)
{
Response.Redirect("firsteditpwd.aspx");
}
else
{
bool isAuth = false;
string ipAddr = GetClientIP();
if (ipAddr == ConfigurationManager.AppSettings["WANIPAddress"] || ipAddr == "127.0.0.1")// LAN Access
{
isAuth = true;
}
else
{
if (ConfigurationManager.AppSettings["EnabledFilterAccess"] == "1")
{
isAuth = adminEnt.IsAllowAccess;
}
else
{
isAuth = true;
}
}
if (isAuth)
{
Response.Redirect("index.aspx");
}
else
{
Page.RegisterStartupScript("", "<script>alert('外部访问权限不够,请联系系统管理员!');</script>");
return;
}
}
}
else if (adminEnt.StatusCode == 1)
{
Page.RegisterStartupScript("", "<script>alert('用户名不存在,请重试!');</script>");
return;
}
else if (adminEnt.StatusCode == 2)
{
Page.RegisterStartupScript("", "<script>alert('该用户名已禁用,请重试!');</script>");
return;
}
else if (adminEnt.StatusCode == 4)
{
if (adminEnt.ErrorPwdTimes == 3)
{
Page.RegisterStartupScript("", "<script>alert('您已连续三次输入错误的密码,请" + System.Configuration.ConfigurationSettings.AppSettings["AfterLoginMin"] + "分钟后再登陆!');</script>");
return;
}
else
{
Page.RegisterStartupScript("", "<script>alert('输入密码错误!" + System.Configuration.ConfigurationSettings.AppSettings["AfterLoginMin"] + "分钟内您还有" + (3 - adminEnt.ErrorPwdTimes) + "次机会!');</script>");
return;
}
}
else
{
Page.RegisterStartupScript("", "<script>alert('您在" + System.Configuration.ConfigurationSettings.AppSettings["AfterLoginMin"] + "分钟内已经连续三次输入错误密码!请在" + (Convert.ToInt32(System.Configuration.ConfigurationSettings.AppSettings["AfterLoginMin"]) - adminEnt.ErrorMin) + "分钟后再登陆!');</script>");
return;
}
}
public static SysAdminEntity login(string username, string password,int disablemin)
{
SysAdminEntity admin = new SysAdminEntity();
DataRow dr = DbHelper.ExecuteDataRow("p_SysAdmin_login", username, password,disablemin);
if (dr != null)
{
admin.AdminId = Convert.ToInt32(dr["AdminId"]);
admin.Username = username;
admin.Password = password;
if(dr["StatusCode"]!=DBNull.Value)
admin.StatusCode = Convert.ToInt32(dr["StatusCode"]);
if(dr["Errortimes"]!=DBNull.Value)
admin.ErrorPwdTimes = Convert.ToInt32(dr["Errortimes"]);
if(dr["Errormin"]!=DBNull.Value)
admin.ErrorMin = Convert.ToInt32(dr["Errormin"]);
admin.IsAllowAccess = Convert.ToBoolean(dr["isAllowAccess"]);
}
return admin;
}
public static void insert(SysAdminEntity admin)
{
DbHelper.ExecuteNonQuery("p_SysAdmin_insert", admin.Username,
admin.Password,admin.Realname, admin.Email,admin.Mobile,admin.IsSalesperson,admin.Department);
}
public static void updatePwd(SysAdminEntity admin)
{
DbHelper.ExecuteNonQuery("p_SysAdmin_updatePwd", admin.AdminId, admin.Password,admin.IP,admin.Oldpassword);
}
public static void update(SysAdminEntity admin)
{
DbHelper.ExecuteNonQuery("[dbo].[p_SysAdmin_update]", admin.AdminId, admin.Username,
admin.Password, admin.Realname, admin.Email, admin.Mobile,admin.IsSalesperson,admin.Disable,admin.IsAllowAccess,admin.Department);
}