| | |
|---|
| | | |
|---|
| | | SQLHelper.ClsCN oCN = new SQLHelper.ClsCN(); |
|---|
| | | |
|---|
| | | ds = oCN.RunProcReturn("select ManagerFlag from gy_czygl where czymc='" + user.Trim() + "'", "gy_czygl"); |
|---|
| | | if (!(bool)ds.Tables[0].Rows[0]["ManagerFlag"]) //是否管理员 |
|---|
| | | { |
|---|
| | | //不是管理员 |
|---|
| | | sWhere += " and 制单人 = '" + user + "'"; |
|---|
| | | } |
|---|
| | | //ds = oCN.RunProcReturn("select ManagerFlag from gy_czygl where czymc='" + user.Trim() + "'", "gy_czygl"); |
|---|
| | | //if (!(bool)ds.Tables[0].Rows[0]["ManagerFlag"]) //是否管理员 |
|---|
| | | //{ |
|---|
| | | // //不是管理员 |
|---|
| | | // sWhere += " and 制单人 = '" + user + "'"; |
|---|
| | | //} |
|---|
| | | |
|---|
| | | |
|---|
| | | string sql = string.Format(@"select * from " + HView + " where 1 = 1 " + sWhere + " order by 日期 desc, hmainid desc"); |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | #endregion |
|---|
| | | |
|---|
| | | /// <summary> |
|---|
| | | /// APP登录权限验证接口 |
|---|
| | | /// </summary> |
|---|
| | | [Route("Auth/CheckAppLoginAuth")] |
|---|
| | | [HttpPost] |
|---|
| | | public object CheckAppLoginAuth() |
|---|
| | | { |
|---|
| | | try |
|---|
| | | { |
|---|
| | | // 获取请求参数 |
|---|
| | | string orgID = HttpContext.Current.Request.Form["orgID"] ?? ""; |
|---|
| | | string orgName = HttpContext.Current.Request.Form["orgName"] ?? ""; |
|---|
| | | string serverUrl = HttpContext.Current.Request.Form["serverUrl"] ?? ""; |
|---|
| | | string phoneType = HttpContext.Current.Request.Form["phoneType"] ?? ""; |
|---|
| | | string userAccount = HttpContext.Current.Request.Form["userAccount"] ?? ""; |
|---|
| | | string other = HttpContext.Current.Request.Form["other"] ?? ""; |
|---|
| | | // 参数验证 |
|---|
| | | if (string.IsNullOrEmpty(userAccount)) |
|---|
| | | { |
|---|
| | | objJsonResult.code = "0"; |
|---|
| | | objJsonResult.count = 0; |
|---|
| | | objJsonResult.Message = "账号不能为空!"; |
|---|
| | | objJsonResult.data = null; |
|---|
| | | return objJsonResult; |
|---|
| | | } |
|---|
| | | |
|---|
| | | if (string.IsNullOrEmpty(orgID)) |
|---|
| | | { |
|---|
| | | objJsonResult.code = "0"; |
|---|
| | | objJsonResult.count = 0; |
|---|
| | | objJsonResult.Message = "组织ID不能为空!"; |
|---|
| | | objJsonResult.data = null; |
|---|
| | | return objJsonResult; |
|---|
| | | } |
|---|
| | | |
|---|
| | | // 参数安全处理(防止注入) |
|---|
| | | orgID = orgID.Replace("'", "''"); |
|---|
| | | orgName = orgName.Replace("'", "''"); |
|---|
| | | serverUrl = serverUrl.Replace("'", "''"); |
|---|
| | | phoneType = phoneType.Replace("'", "''"); |
|---|
| | | userAccount = userAccount.Replace("'", "''"); |
|---|
| | | |
|---|
| | | // 执行固定存储过程 |
|---|
| | | string sql = $"EXEC SP_CheckAppLoginAuth '{orgID}', '{orgName}', '{serverUrl}', '{phoneType}','{userAccount}','{other}'"; |
|---|
| | | ds = oCN.RunProcReturn(sql, "SP_CheckAppLoginAuth"); |
|---|
| | | |
|---|
| | | if (ds.Tables[0].Rows.Count > 0) |
|---|
| | | { |
|---|
| | | int result = Convert.ToInt32(ds.Tables[0].Rows[0]["Result"]); |
|---|
| | | string message = ds.Tables[0].Rows[0]["Message"].ToString(); |
|---|
| | | |
|---|
| | | objJsonResult.code = "1"; |
|---|
| | | objJsonResult.count = 1; |
|---|
| | | objJsonResult.Message = message; |
|---|
| | | objJsonResult.data = ds.Tables[0]; |
|---|
| | | } |
|---|
| | | else |
|---|
| | | { |
|---|
| | | objJsonResult.code = "0"; |
|---|
| | | objJsonResult.count = 0; |
|---|
| | | objJsonResult.Message = "验证接口返回异常!"; |
|---|
| | | objJsonResult.data = null; |
|---|
| | | } |
|---|
| | | |
|---|
| | | return objJsonResult; |
|---|
| | | } |
|---|
| | | catch (Exception e) |
|---|
| | | { |
|---|
| | | objJsonResult.code = "0"; |
|---|
| | | objJsonResult.count = 0; |
|---|
| | | objJsonResult.Message = "Exception!" + e.ToString(); |
|---|
| | | objJsonResult.data = null; |
|---|
| | | return objJsonResult; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
