Static UserTable As DataTable '定义一个变量,用于存储用户随机身份ID,以及最后一次活动时间.
Static ClearTime As Date
Dim Verified As Boolean '用于标记用户是否通过了身份验证
If UserTable Is Nothing Then '创建用于记录登录信息的临时表
ClearTime = Date.Now()
Dim dtb As New DataTableBuilder("UserInfos")
dtb.AddDef("UserName",Gettype(String),32)
dtb.AddDef("UserID",Gettype(String),16)
dtb.AddDef("ActiveTime",Gettype(Date))
UserTable = dtb.Build(True)
End If
If (Date.Now - ClearTime).TotalMinutes >= 30 Then '清除超过30分钟没有操作的登录信息
UserTable.DeleteFor("ActiveTime < #" & Date.Now.AddMinutes(-30) & "#")
ClearTime = Date.Now()
End If
'通用事件头
Dim fl As String = "d:\web\" & e.path
If filesys.FileExists(fl)
Dim idx As Integer = fl.LastIndexOf(".")
Dim ext As String = fl.SubString(idx)
Select Case ext
Case ".jpg",".gif",".png",".bmp",".wmf",".js",".css" ,".html",".htm",".zip",".rar"
e.WriteFile(fl)
Return '这里必须返回
End Select
End If
Dim wb As New weui
'身份验证
Dim UserName As String
Dim Password As String
Dim UserID As String
Dim dr As DataRow = UserTable.Find("UserName = '" & UserName & "'")
If e.Path = "logon.htm" '验证用户名和密码
If e.PostValues.ContainsKey("username") AndAlso e.PostValues.ContainsKey("password") Then
UserName = e.PostValues("username")
Password = e.PostValues("password")
Dim cmd As New SQLCommand
cmd.C
cmd.CommandText = "SELECT * Fr om {员工管理} Where [name] = '" & username & "'"
_UserTable = cmd.ExecuteReader
If _UserTable.DataRows.count > 0 Then
If password = _userTable.DataRows(0)("password") Then
Verified = True
End If
End If
If Verified Then
UserID = Rand.NextString(16) '生成随机用户ID
UserName = EncryptText(UserName,"123","123") '将用户名加密.
'Dim dr As DataRow = UserTable.Find("UserName = '" & UserName & "'")
If dr IsNot Nothing Then '如果是重复登录,删除以前的登录信息
dr.Delete()
End If
dr = UserTable.AddNew()
dr("UserName") = UserName
dr("UserID") = UserId
dr("ActiveTime") = Date.Now '记录登录时间
wb.AppendCookie("username",UserName) '将用户名和密码写入cookie
wb.AppendCookie("userid",UserID)
wb.InsertHTML("<meta http-equiv='Refresh' c>") '直接跳转到首页
e.WriteString(wb.Build) '生成网页
Return '必须的
End If
End If
Else '其它页面从Cookie提取登录信息进行验证
UserName = e.Cookies("username") '从cookie中获取用户名
UserID = e.Cookies("userid") '从cookie中获取 随机ID
'Dim dr As DataRow = UserTable.Find("UserName = '" & UserName & "'")
If dr IsNot Nothing AndAlso dr("UserID") = UserID Then '如果通过验证,更新活动时候,继续访问其它页面.
dr("ActiveTime") = Date.Now '更新活动时间
Else '如果验证失败
wb.InsertHTML("<meta http-equiv='Refresh' c>") '那么直接跳转到登录页面
e.WriteString(wb.Build) '生成网页
Return '必须的
End If
End If
'开始生成网页