📄 userlogin.cs
字号:
IDataReader rd = DbHelper.ExecuteReader(cn, CommandType.Text, Sql, Param);
if (rd.Read())
{
PWD = rd.GetString(0);
UserNum = rd.GetString(1);
IsLock = rd.GetByte(2);
if (!rd.IsDBNull(3))
SiteID = rd.GetString(3);
sUserGroup = rd.GetString(4);
dtUserRegDate = rd.GetDateTime(5);
ipnt = rd.GetInt32(6);
gpnt = rd.GetInt32(7);
cpnt = rd.GetInt32(8);
apnt = rd.GetInt32(9);
bexist = true;
}
rd.Close();
if (!bexist)
return EnumLoginState.Err_UserNameOrPwdError;
#endregion
#region 对登录错误的检查和处理
//连续登录错误锁定
string sCPParam = string.Empty;
string sAPParam = string.Empty;
string LoginLock = string.Empty;
rd = GetParamUser(cn);
if (rd.Read())
{
if (rd["LoginLock"] != DBNull.Value)
LoginLock = rd["LoginLock"].ToString();
if (rd["cPointParam"] != DBNull.Value)
sCPParam = rd["cPointParam"].ToString();
if (rd["aPointparam"] != DBNull.Value)
sAPParam = rd["aPointparam"].ToString();
}
rd.Close();
//int nErrorNum = 0;
string pattern = @"^(?<n>\d+)\|(?<t>\d+)";
Regex reg = new Regex(pattern, RegexOptions.Compiled);
Match m = reg.Match(LoginLock);
if (m.Success)
{
int number = int.Parse(m.Groups["n"].Value);
int time = int.Parse(m.Groups["t"].Value);
rd = GetErrorLogInfo(cn, UserNum, LogIP);
if (rd.Read())
{
int num = rd.GetInt32(0);
DateTime dtLast = rd.GetDateTime(1);
if (num >= number && dtLast.AddMinutes(time) > Now)
{
rd.Close();
return EnumLoginState.Err_DurativeLogError;
}
}
rd.Close();
}
#endregion
if (PWD != NetCMS.Common.Input.MD5(PassWord))
{
//记录错误
UpdateErrorNum(cn, UserNum, LogIP);
return EnumLoginState.Err_UserNameOrPwdError;
}
else
{
ClearErrorNum(cn, UserNum, LogIP);
}
if (IsLock != 0X00)
{
return EnumLoginState.Err_Locked;
}
EnumLoginState state = CheckUserLogin(cn, UserNum, true);
if (state == EnumLoginState.Succeed)
{
info.SiteID = SiteID;
info.UserName = UserName;
info.UserNum = UserNum;
}
else
{
return state;
}
#region 会员组超时
int nGroupExp = 0;
bool bgrp = false;
string LogPoint = string.Empty;
rd = GetUserGroupInfo(cn, sUserGroup);
if (rd.Read())
{
if (rd["Rtime"] != DBNull.Value)
nGroupExp = Convert.ToInt32(rd["Rtime"]);
if (rd["LoginPoint"] != DBNull.Value)
LogPoint = rd["LoginPoint"].ToString();
bgrp = true;
}
rd.Close();
if (!bgrp)
return state;
if (nGroupExp != 0 && dtUserRegDate.AddDays(nGroupExp) <= Now)
{
LockUser(cn, UserNum);
return EnumLoginState.Err_GroupExpire;
}
#endregion
#region 积分计算
m = reg.Match(LogPoint);
if (m.Success)
{
int ci = int.Parse(m.Groups["n"].Value);
int cg = int.Parse(m.Groups["t"].Value);
ipnt += ci;
gpnt += cg;
}
string p = @"^(?<n>\d+)\|";
Regex r = new Regex(p, RegexOptions.Compiled);
Match match = r.Match(sCPParam);
if (match.Success)
{
int cc = int.Parse(m.Groups["n"].Value);
cpnt += cc;
}
match = r.Match(sAPParam);
if (match.Success)
{
int ca = int.Parse(m.Groups["n"].Value);
apnt += ca;
}
UserLoginSucceedInfo ul;
ul.UserNum = UserNum;
ul.IP = LogIP;
ul.IPoint = ipnt;
ul.GPoint = gpnt;
ul.APoint = apnt;
ul.CPoint = cpnt;
UpdateUserLogin(cn, ul);
return EnumLoginState.Succeed;
#endregion
}
catch
{
return EnumLoginState.Err_DbException;
}
finally
{
if (cn.State == ConnectionState.Open)
cn.Close();
}
}
EnumLoginState IUserLogin.AdminLogin(string UserName, string PassWord, out GlobalUserInfo info)
{
info = new GlobalUserInfo(string.Empty, string.Empty, string.Empty);
SqlConnection cn = new SqlConnection(DBConfig.CmsConString);
try
{
cn.Open();
string UserNum = string.Empty;
string SiteID = string.Empty;
#region 基本信息表
SqlParameter Param = new SqlParameter("@UserName", UserName);
string Sql = "select UserPassword,UserNum,isAdmin,islock,SiteID from " + Pre + "sys_User where UserName=@UserName";
EnumLoginState state = EnumLoginState.Succeed;
IDataReader rd = DbHelper.ExecuteReader(cn, CommandType.Text, Sql, Param);
if (rd.Read())
{
string pwd = rd.GetString(0);
UserNum = rd.GetString(1);
byte isAdmin = rd.GetByte(2);
byte isLock = rd.GetByte(3);
if (!rd.IsDBNull(4))
SiteID = rd.GetString(4);
if (pwd != NetCMS.Common.Input.MD5(PassWord))
state = EnumLoginState.Err_AdminNameOrPwdError;
else if (isAdmin != 0X01)
state = EnumLoginState.Err_NotAdmin;
else if (isLock != 0X00)
state = EnumLoginState.Err_Locked;
}
else
{
state = EnumLoginState.Err_AdminNameOrPwdError;
}
rd.Close();
if (state != EnumLoginState.Succeed)
return state;
#endregion
//检查管理员表
AdminDataInfo adinfo;
state = CheckAdminLogin(cn, UserNum, out adinfo);
if (state == EnumLoginState.Succeed)
{
info.SiteID = SiteID;
info.UserName = UserName;
info.UserNum = UserNum;
}
try
{
Sql = "update " + Pre + "SYS_USER set LastLoginTime='" + DateTime.Now + "',LastIP='" + Public.getUserIP() + "',LoginNumber=LoginNumber+1 where UserNum='" + UserNum + "'";
DbHelper.ExecuteNonQuery(cn, CommandType.Text, Sql, Param);
rootPublic rtp = new rootPublic();
rtp.SaveUserAdminLogs(cn, 1, 1, UserName, "登陆成功", "用户名:" + UserName);
}
catch
{ }
return state;
}
catch
{
return EnumLoginState.Err_DbException;
}
finally
{
if (cn.State == ConnectionState.Open)
cn.Close();
}
}
/// <summary>
/// 查找错误的登录记录
/// </summary>
/// <param name="cn"></param>
/// <param name="UserNum"></param>
/// <param name="IP"></param>
/// <returns></returns>
protected IDataReader GetErrorLogInfo(SqlConnection cn, string UserNum, string IP)
{
string Sql = "select ErrorNum,LastErrorTime from " + Pre + "user_Guser where UserNum=@UserNum and IP=@IP order by LastErrorTime desc";
SqlParameter[] Param = new SqlParameter[] { new SqlParameter("@UserNum", UserNum), new SqlParameter("@IP", IP) };
return DbHelper.ExecuteReader(cn, CommandType.Text, Sql, Param);
}
/// <summary>
/// 更新或添加错误登录记录
/// </summary>
/// <param name="cn"></param>
/// <param name="UserNum"></param>
/// <param name="IP"></param>
protected void UpdateErrorNum(SqlConnection cn, string UserNum, string IP)
{
string Sql = "select top 1 id from " + Pre + "user_Guser where UserNum=@UserNum and IP=@IP order by LastErrorTime desc";
SqlParameter[] Param = new SqlParameter[] { new SqlParameter("@UserNum", UserNum), new SqlParameter("@IP", IP) };
object obj = DbHelper.ExecuteScalar(cn, CommandType.Text, Sql, Param);
if (obj != null && obj != DBNull.Value)
{
Sql = "update " + Pre + "user_Guser set ErrorNum=ErrorNum+1,LastErrorTime='" + DateTime.Now + "' where id=" + obj;
DbHelper.ExecuteScalar(cn, CommandType.Text, Sql, null);
}
else
{
Sql = "insert into " + Pre + "user_Guser (UserNum,CreatTime,ErrorNum,IP,LastErrorTime) values (@UserNum,'" + DateTime.Now + "'";
Sql += ",1,@IP,'" + DateTime.Now + "')";
DbHelper.ExecuteNonQuery(cn, CommandType.Text, Sql, Param);
}
}
/// <summary>
/// 清除错误登录记录
/// </summary>
/// <param name="cn"></param>
/// <param name="UserNum"></param>
/// <param name="IP"></param>
protected void ClearErrorNum(SqlConnection cn, string UserNum, string IP)
{
string Sql = "delete from " + Pre + "user_Guser where UserNum=@UserNum and IP=@IP";
SqlParameter[] Param = new SqlParameter[] { new SqlParameter("@UserNum", UserNum), new SqlParameter("@IP", IP) };
DbHelper.ExecuteNonQuery(cn, CommandType.Text, Sql, Param);
}
protected void LockUser(SqlConnection cn, string UserNum)
{
string Sql = "update " + Pre + "SYS_USER set isLock=1 where UserNum=@UserNum";
SqlParameter Param = new SqlParameter("@UserNum", UserNum);
DbHelper.ExecuteNonQuery(cn, CommandType.Text, Sql, Param);
}
protected void UpdateUserLogin(SqlConnection cn, UserLoginSucceedInfo info)
{
try
{
string Sql = "select top 1 GroupNumber from " + Pre + "user_Group where Gpoint>=" + info.GPoint + " and iPoint>=" + info.IPoint;
Sql += " order by Gpoint Desc,iPoint Desc";
string newGroup = Convert.ToString(DbHelper.ExecuteScalar(cn, CommandType.Text, Sql, null));
Sql = "update " + Pre + "SYS_USER set LastLoginTime='" + DateTime.Now + "',LastIP=@LastIP,iPoint=" + info.IPoint;
Sql += ",gPoint=" + info.GPoint + ",cPoint=" + info.CPoint + ",aPoint=" + info.APoint + ",LoginNumber=LoginNumber+1";
if (newGroup != string.Empty)
Sql += ",UserGroupNumber=@UserGroupNumber";
Sql += " where UserNum=@UserNum";
SqlParameter[] Param = new SqlParameter[3];
Param[0] = new SqlParameter("@LastIP", SqlDbType.NVarChar, 15);
Param[0].Value = info.IP;
Param[1] = new SqlParameter("@UserGroupNumber", SqlDbType.NVarChar, 20);
Param[1].Value = newGroup;
Param[2] = new SqlParameter("@UserNum", SqlDbType.NVarChar, 20);
Param[2].Value = info.UserNum;
DbHelper.ExecuteNonQuery(cn, CommandType.Text, Sql, Param);
}
catch
{
}
}
int IUserLogin.GetLoginSpan()
{
string Sql = "select top 1 LoginLock from " + Pre + "sys_PramUser";
string s = Convert.ToString(DbHelper.ExecuteScalar(CommandType.Text, Sql, null));
string pattern = @"^\d+\|(?<n>\d+)$";
Regex reg = new Regex(pattern, RegexOptions.Compiled);
Match m = reg.Match(s);
if (m.Success)
{
return Convert.ToInt32(m.Groups["n"].Value);
}
return 0;
}
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -