using System;
using System.Data;
using System.Data.OracleClient;
using System.Diagnostics;
using System.Drawing;
using System.IO;
using System.Net;
using System.Runtime.InteropServices;
using System.Text;
using System.Windows.Forms;
using System.Xml;
using Cyberpipe.SM4;
using DevComponents.DotNetBar;
namespace Cyberpipe
{
public partial class FrmLogin : Office2007Form
{
//登录界面 -- 配置文件的路径
public static string filename = Application.StartupPath + "\\login.xml";
public string Message = "";
public double lockedTime = 15;
public FrmLogin()
{
InitializeComponent();
}
struct lockStruct {
public int wrongCount;
public DateTime wrongDate;
}
private lockStruct getWCountAndWDateByUser()
{
// 根据用户名获取wrongPassWord和wrongDate
string sql = "select * from casic_userinfotest where USERNAME=:username and sysname='EMS'";
OracleParameter usernameParam = new OracleParameter(":username", txtUser.Text.Trim());
DataTable dt = OledbHelper.ExecuteDataTable(sql, usernameParam);
lockStruct ls;
ls.wrongCount = int.Parse(dt.Rows[0]["WRONGCOUNT"].ToString());
if (dt.Rows[0]["wrongDate"].ToString() == "")
{
ls.wrongDate = DateTime.Parse("01/01/1970 00:00:0"); ;
}
else
{
ls.wrongDate = DateTime.Parse(dt.Rows[0]["WRONGDATE"].ToString());
}
return ls;
}
private double SubTime(DateTime date)
{
DateTime current = new DateTime();
current = DateTime.Now;
TimeSpan timeSpan = current.Subtract(date).Duration();
double subTime = timeSpan.TotalMinutes;
return subTime;
}
private bool valLocked()
{
lockStruct ls = getWCountAndWDateByUser();
double subTime = SubTime(ls.wrongDate);
if (ls.wrongCount < 5)
{
// 如果输错密码小于5次,不锁定
return false;
}
else if (ls.wrongCount == 5 && subTime > lockedTime)
{
// 如果输错密码大于5次,但是距离上次输错时间已经超过15分钟,不锁定
return false;
}
else
{
// 如果输错密码大于5次,但是距离上次输错时间还在15分钟内,锁定
return true;
}
}
private void updateWCountAndWDateByUser(int wrongcount,DateTime dt)
{
OracleConnection conn = OledbHelper.sqlConnection();
conn.Open();
OracleCommand cmd = new OracleCommand();
cmd.Connection = conn;
cmd.CommandText = "update casic_userinfotest set WRONGCOUNT=" + wrongcount + " , WRONGDATE = to_date('" + dt + "', 'yyyy-MM-dd hh24:mi:ss') where USERNAME='" + txtUser.Text.Trim() + "' and sysname = 'EMS'";
cmd.CommandType = CommandType.Text;
cmd.ExecuteNonQuery();
conn.Close();
}
/// <summary>
/// 登录按钮事件处理
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
/// <summary>
/// 登录按钮事件处理
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void button1_Click(object sender, EventArgs e)
{
bool result = ValidateUser();
// bool result =ValidateFromUrl();//从平台获取用户角色信息,判断是否能登陆成功
if (result)
{
WriteXml();
Utility.userName = txtUser.Text.Trim();
DialogResult = DialogResult.OK;
Close();
}
else
{
MessageBox.Show(Message, "提示");
txtUser.Clear();
textBoxPassWord.Clear();
}
}
/// <summary>
/// 验证用户名、密码
/// </summary>
/// <returns></returns>
private bool ValidateUser()
{
// 查找是否由此用户
DataTable dt1 = OledbHelper.ExecuteDataTable("select * from casic_userinfotest where USERNAME=:username and sysname='EMS'", new OracleParameter(":username", txtUser.Text.Trim()));
if (dt1 == null || dt1.Rows.Count <= 0)
{
Message = "无此用户名,请注册";
return false;
}
// 判断用户是否处于被锁定状态
bool islocked = valLocked();
if (islocked == true) {
Message = "登陆错误过多,请等待15分钟后再尝试";
return false;
}
// 验证用户账户和密码
string passWord = SM4Utils.SM4EncryptStr(textBoxPassWord.Text.Trim());
string sql = "select * from casic_userinfotest where USERNAME=:username and PASSWORD=:password and sysname='EMS'";
OracleParameter usernameParam = new OracleParameter(":username", txtUser.Text.Trim());
OracleParameter passwordParam = new OracleParameter(":password", passWord);
DataTable dt = OledbHelper.ExecuteDataTable(sql, usernameParam, passwordParam);
if (dt == null || dt.Rows.Count <= 0) {
Message = "用户名、密码不正确,请重新输入!";
lockStruct ls = getWCountAndWDateByUser();
if (SubTime(ls.wrongDate) > lockedTime)
{
updateWCountAndWDateByUser(1, DateTime.Now);
}
else {
updateWCountAndWDateByUser(ls.wrongCount+1, DateTime.Now);
}
return false;
}
// 验证用户角色
if (String.IsNullOrEmpty(dt.Rows[0]["rid"].ToString())) return true;
sql = "select gid from casic_userroletest where id=" + dt.Rows[0]["rid"] + " and sysname='EMS' ";
using (OracleDataReader reader = OracleUtils.ExecuteReader(OracleUtils.ConnectionString, CommandType.Text, sql))
{
while (reader.Read())
{
Utility.userRole = reader[0].ToString();
break;
}
}
// 成功登陆后,累计输错密码的次数清0
updateWCountAndWDateByUser(0, DateTime.Now);
return true;
}
private bool ValidateFromUrl()
{
string user = txtUser.Text.Trim();
string pwd = textBoxPassWord.Text.Trim();
//做成配置的
string roleserver = Utility.RoleServer;
if (roleserver == null || roleserver.Trim().Equals(""))
{
MessageBox.Show("请在Config.xml中配置roleurl!");
return false;
}
HttpWebRequest request =
WebRequest.Create(roleserver.Trim()+"/rs/authority/user?username=" + user + "&password=" + pwd + "&appId="+Utility.AppId.Trim()) as HttpWebRequest;
if (request == null) return false;
using (HttpWebResponse response = request.GetResponse() as HttpWebResponse)
{
try
{
if (response == null || response.GetResponseStream() == null) return false;
StreamReader reader = new StreamReader(response.GetResponseStream());
string[] result = reader.ReadToEnd().Split(',');
//解析result
if (result.Length < 5) return false;
StringBuilder userRole = new StringBuilder("");
for (int i = 4; i < result.Length; i++)
{
string[] tmpStrings = result[i].Split('_');
if (tmpStrings.Length < 2) continue;
userRole.Append(tmpStrings[1].Trim() + ",");
}
if (userRole.Length < 3) return false;
userRole.Remove(userRole.Length - 3, 3);
// MessageBox.Show(userRole.ToString());
Utility.userRole = userRole.ToString();
return Utility.userRole != null && !Utility.userRole.Equals("null");
}
catch (Exception e)
{
return false;
}
}
}
private void FrmLogin_Load(object sender, EventArgs e)
{//global::Cyberpipe.Properties.Resources.登录页3;
this.pictureBox1.BackgroundImage = Image.FromFile(Application.StartupPath + Utility.LoginImgPath); ;
// Utility.SetParams();
StartPosition = FormStartPosition.CenterScreen;
ReadXml();
}
/// <summary>
/// 读取上一次登录的用户名和密码
/// </summary>
private void ReadXml()
{
if (!File.Exists(filename)) return;
//初始化XML文档操作类
XmlDocument myDoc = new XmlDocument();
{
//加载XML文件
try
{
myDoc.Load(filename);
}
catch (Exception e)
{
LogError.PublishError(e);
return;
}
//搜索指定的节点
XmlNode serverRootNode = myDoc.SelectSingleNode("Params");
XmlNodeList nodes = null;
if (serverRootNode != null)
{
nodes = serverRootNode.ChildNodes;
}
if (nodes == null) return;
foreach (XmlNode xn in nodes)
{
if (xn.Name.Equals("username"))
{
txtUser.Text = xn.InnerText.Trim();
}
else if (xn.Name.Equals("password"))
{
textBoxPassWord.Text = xn.InnerText.Trim();
}
else if (xn.Name.Equals("isremember"))
{
checkBoxXRememberPassword.Checked = xn.InnerText.Trim().Equals("true");
}
}
}
}
/// <summary>
/// 记录登录的用户名和密码
/// </summary>
private void WriteXml()
{
if (!File.Exists(filename))
{
return;
}
//初始化XML文档操作类
XmlDocument myDoc = new XmlDocument();
//加载XML文件
try
{
myDoc.Load(filename);
}
catch (Exception e)
{
LogError.PublishError(e);
MessageBox.Show(e.Message, "提示");
return;
}
//搜索指定的节点
XmlNode serverRootNode = myDoc.SelectSingleNode("Params");
XmlNodeList nodes = null;
if (serverRootNode != null)
{
nodes = serverRootNode.ChildNodes;
}
if (nodes != null)
{
foreach (XmlNode xn in nodes)
{
XmlElement xe = (XmlElement)xn;
if (xe.Name.Equals("username"))
{
xe.InnerText = txtUser.Text.Trim();
}
else if (xe.Name.Equals("password"))
{
xe.InnerText = checkBoxXRememberPassword.Checked ? textBoxPassWord.Text.Trim() : "";
}
else if (xe.Name.Equals("isremember"))
{
xe.InnerText = checkBoxXRememberPassword.Checked ? "true" : "false";
}
}
}
myDoc.Save(filename);
}
/// <summary>
/// 关闭按钮事件处理
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void btnCancel_Click(object sender, EventArgs e)
{
Close();
}
}
}
