|
#2
yms1232014-10-27 09:20
|
程序代码:using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using Microsoft.Security.Application;
public partial class login : System.Web.UI.Page
{
private static readonly log4net.ILog log = log4net.LogManager.GetLogger(typeof(login));
private Database db = new Database();
protected void Page_Load(object sender, EventArgs e)
{
//验证系统是否已经关闭
checkSys();
}
private void checkSys()
{
string sql = "select * from sysLock";
SqlDataReader reader = db.RunProcGetReader(sql);
if (reader.Read())
{
string status = reader["sysOpen"].ToString();
if (status.Equals("0"))
{
Server.Transfer("error.htm", true);
return;
}
}
}
protected void Button1_Click(object sender, EventArgs e)
{
log.Info("用户登录IP------" + Request.UserHostAddress);
string code = Encoder.HtmlEncode(txtCode.Text.Trim());
if (!code.Equals(Session["CheckCode"].ToString()))
{
Response.Write("<script language=javascript>alert('验证码不正确,请重新输入!');</script>");
return;
}
string userNO = Encoder.HtmlEncode(txtuname.Text.Trim());
string pwd = fun.EncryptDES(Encoder.HtmlEncode(txtupwd.Text.Trim()));
// Console.Write("密码是:"+pwd);
string sql = "select u.*,r.roleName,r.remark as zh_roleName from (select * from userInfo where userNO=@userNO) u left join userRole r on u.userRoleID=r.roleID";
SqlCommand command = db.CreateCmd(sql);
command.Parameters.Add("@userNO", SqlDbType.VarChar).Value = userNO;
SqlDataReader reader = command.ExecuteReader();
if (reader.Read())
{
if (reader["userFirstPwd"].ToString().Equals(pwd))
{
string loginUserNO = reader["userNO"].ToString();
this.Session["userNO"] = loginUserNO;
string loginUserName = reader["username"].ToString();
this.Session["userName"] = loginUserName;
this.Session["userId"] = reader["ID"].ToString();
Session["realPaid"] = reader["realPaid"].ToString();
Session["userMeal"] = reader["user_meal"].ToString();
Session["refereeNO"] = reader["refereeNO"].ToString();
Session["zh_roleName"] = reader["zh_roleName"].ToString();
string uRole = reader["userRoleID"].ToString();
//if (uRole.Equals("05"))
//{
// Session["zh_roleName"] = "服务中心";
//}
Session["userRoleID"] = uRole;
Session["roleName"] = reader["roleName"].ToString();
string activation = reader["activation"].ToString();
Session["activation"] = activation;
Session["userSecondPwd"] = fun.DecryptDES(reader["userSecondPwd"].ToString());
Session["web_urls"] = reader["web_urls"].ToString();
Session["userScore"] = reader["userScore"].ToString();
reader.Close();
if (!activation.Equals("1"))
{
this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('该用户已被锁定,不能登录!');", true);
return;
}
updateUserLoginInfo(loginUserNO, loginUserName, Request.UserHostAddress);
Response.Redirect("hy/user_main.htm");
}
else
{
this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('密码错误!');", true);
}
reader.Close();
}
else
{
this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('不存在此用户或此用户还未通过审核!');", true);
}
reader.Close();
this.db.Dispose();
}
//插入用户登录表
private void updateUserLoginInfo(string loginUserNO, string loginUserName, string loginIP)
{
string loginAddr = loginIP;
try
{
loginAddr = Utility.GetAddressByIp(loginIP);
}
catch (Exception ex)
{
log.Error("根据IP获得物理地址出现异常--->" + ex.Message);
loginAddr = "获取物理地址出现异常";
}
string sql_updateLoginInfo = "INSERT INTO [userLoginInfo]([userNO],[userName],[userIP],[userMAC],[userDNS],[loginTime],[remark]) VALUES('" + loginUserNO + "' ,'" + loginUserName + "','" + loginIP + "','','' ,getdate(),'" + loginAddr + "')";
try
{
this.db.RunNonQurey(sql_updateLoginInfo);
}
catch (Exception ex)
{
log.Error("插入用户登录信息出现异常--->" + ex.Message);
this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('登录出现异常,请重试!');", true);
}
}
}
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using Microsoft.Security.Application;
public partial class login : System.Web.UI.Page
{
private static readonly log4net.ILog log = log4net.LogManager.GetLogger(typeof(login));
private Database db = new Database();
protected void Page_Load(object sender, EventArgs e)
{
//验证系统是否已经关闭
checkSys();
}
private void checkSys()
{
string sql = "select * from sysLock";
SqlDataReader reader = db.RunProcGetReader(sql);
if (reader.Read())
{
string status = reader["sysOpen"].ToString();
if (status.Equals("0"))
{
Server.Transfer("error.htm", true);
return;
}
}
}
protected void Button1_Click(object sender, EventArgs e)
{
log.Info("用户登录IP------" + Request.UserHostAddress);
string code = Encoder.HtmlEncode(txtCode.Text.Trim());
if (!code.Equals(Session["CheckCode"].ToString()))
{
Response.Write("<script language=javascript>alert('验证码不正确,请重新输入!');</script>");
return;
}
string userNO = Encoder.HtmlEncode(txtuname.Text.Trim());
string pwd = fun.EncryptDES(Encoder.HtmlEncode(txtupwd.Text.Trim()));
// Console.Write("密码是:"+pwd);
string sql = "select u.*,r.roleName,r.remark as zh_roleName from (select * from userInfo where userNO=@userNO) u left join userRole r on u.userRoleID=r.roleID";
SqlCommand command = db.CreateCmd(sql);
command.Parameters.Add("@userNO", SqlDbType.VarChar).Value = userNO;
SqlDataReader reader = command.ExecuteReader();
if (reader.Read())
{
if (reader["userFirstPwd"].ToString().Equals(pwd))
{
string loginUserNO = reader["userNO"].ToString();
this.Session["userNO"] = loginUserNO;
string loginUserName = reader["username"].ToString();
this.Session["userName"] = loginUserName;
this.Session["userId"] = reader["ID"].ToString();
Session["realPaid"] = reader["realPaid"].ToString();
Session["userMeal"] = reader["user_meal"].ToString();
Session["refereeNO"] = reader["refereeNO"].ToString();
Session["zh_roleName"] = reader["zh_roleName"].ToString();
string uRole = reader["userRoleID"].ToString();
//if (uRole.Equals("05"))
//{
// Session["zh_roleName"] = "服务中心";
//}
Session["userRoleID"] = uRole;
Session["roleName"] = reader["roleName"].ToString();
string activation = reader["activation"].ToString();
Session["activation"] = activation;
Session["userSecondPwd"] = fun.DecryptDES(reader["userSecondPwd"].ToString());
Session["web_urls"] = reader["web_urls"].ToString();
Session["userScore"] = reader["userScore"].ToString();
reader.Close();
if (!activation.Equals("1"))
{
this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('该用户已被锁定,不能登录!');", true);
return;
}
updateUserLoginInfo(loginUserNO, loginUserName, Request.UserHostAddress);
Response.Redirect("hy/user_main.htm");
}
else
{
this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('密码错误!');", true);
}
reader.Close();
}
else
{
this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('不存在此用户或此用户还未通过审核!');", true);
}
reader.Close();
this.db.Dispose();
}
//插入用户登录表
private void updateUserLoginInfo(string loginUserNO, string loginUserName, string loginIP)
{
string loginAddr = loginIP;
try
{
loginAddr = Utility.GetAddressByIp(loginIP);
}
catch (Exception ex)
{
log.Error("根据IP获得物理地址出现异常--->" + ex.Message);
loginAddr = "获取物理地址出现异常";
}
string sql_updateLoginInfo = "INSERT INTO [userLoginInfo]([userNO],[userName],[userIP],[userMAC],[userDNS],[loginTime],[remark]) VALUES('" + loginUserNO + "' ,'" + loginUserName + "','" + loginIP + "','','' ,getdate(),'" + loginAddr + "')";
try
{
this.db.RunNonQurey(sql_updateLoginInfo);
}
catch (Exception ex)
{
log.Error("插入用户登录信息出现异常--->" + ex.Message);
this.Page.ClientScript.RegisterStartupScript(base.GetType(), "Ok", "alert('登录出现异常,请重试!');", true);
}
}
}
string pwd = fun.EncryptDES(Encoder.HtmlEncode(txtupwd.Text.Trim()));
密码经过加密了,如何获取明文密码,并在登陆成功时输出用户名---密码,保存到当前目录下的文本文档里