public void Logout(LoginInfo lgi)
{
if (lgi.User == null)
{
return;
}
DateTime logoutTime = DateTime.Now;
SqlParameter[] parameters = new SqlParameter[] {
new SqlParameter("@ID", lgi.ID)
};
int iReturn = DataProvider.ExecuteNonQuery("usp_Logout", parameters);
if (iReturn > 0)
{
lgi.Status = LoginStatus.Exited;
lgi.LogoutTime = logoutTime;
}
}
public CommandResult ChangePassword(int userID, string oldPassword, string newPass)
{
//var t = DESEncrypt.Encrypt("test");
//var t1 = DESEncrypt.Decrypt(t);
CommandResult result = new CommandResult();
//SqlParameter outputPar = new SqlParameter("@Output", "") { Direction = System.Data.ParameterDirection.InputOutput,Size=32 };
//SqlParameter resultPar = new SqlParameter("@Result", 1) { Direction = System.Data.ParameterDirection.InputOutput };
//SqlParameter[] parameters = new SqlParameter[] {
// new SqlParameter("@UserID",userID),
// new SqlParameter("@OldPass",DESEncrypt.Encrypt(oldPassword)),
// new SqlParameter("@NewPass",DESEncrypt.Encrypt(newPass)),
// resultPar,outputPar
//};
//DataProvider.ExecuteNonQuery("usp_ChangePassword", parameters);
//result.Result = (int)resultPar.Value == 1;
//result.Message = outputPar.Value.ToString();
//return result;
var sql = string.Format("select [PASSWORD] from EAP_User where ID={0} ", userID);
var pass = DataProvider.ExecuteScalar <string>(sql);
if (DESEncrypt.Decrypt(pass) == oldPassword)
{
result.Result = true;
sql = string.Format("update EAP_User set [PASSWORD]='{1}' where ID={0}", userID, DESEncrypt.Encrypt(newPass));
DataProvider.ExecuteNonQuery(sql);
result.Message = "密码修改成功";
}
else
{
result.Result = false;
result.Message = "原密码不正确";
}
return(result);
}
