using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient;
using System.Configuration;
namespace biao
{
public partial class Form1 : Form
{
string strcon = string.Empty;
int errorcount = 0;
public Form1()
{
InitializeComponent();
}
private void btn_OK_Click(object sender, EventArgs e)
{
strcon=ConfigurationManager.ConnectionStrings["sqlcnn"].ConnectionString;
int sqlerror = GetError();
if (sqlerror >= 3)
{
#region
/*
DateTime errortime = GetErrorTime();
//Subtract函数减去指定时间,返回一个时间差,这个返回值可以转换成我们需要的形式,比如可以转换层总共多少秒,或者总共是多少分
TimeSpan span = DateTime.Now.Subtract(errortime);
double theseconds = span.TotalSeconds;
if (theseconds < 15)
{
MessageBox.Show("您已经连续3次输入错误的密码,已被系统锁定,请15秒之后再次重试,或者到服务窗口解锁!");
return;
}
else
{
errorcount = 0;
UpdateError(errorcount);
}
* */
int secondspan = GetErrorTime1();
if (secondspan < 15)
{
MessageBox.Show("您已经连续3次输入错误的密码,已被系统锁定,请15秒之后再次重试,或者到服务窗口解锁");
return;
}
#endregion
}
#region
//根据用户输入的用户名和密码验证是否合法用户
errorcount = GetError();
DataTable dt = GetDataTable();
if (dt.Rows.Count <= 0)
{
errorcount++;
UpdateError(errorcount);
UpdateErrortime();
MessageBox.Show("输入的用户名或者密码不正确,请重新输入!");
}
else if (dt.Rows.Count > 1)
{
MessageBox.Show("系统中存在重复的用户,请联系管理员!");
}
else
{
errorcount = 0;
UpdateError(errorcount);
MessageBox.Show("登录成功");
}
#endregion
}
//f返回当前用户最后一次的登录错误时间
private DateTime GetErrorTime()
{
SqlConnection conn = new SqlConnection(strcon);
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
conn.Open();
cmd.CommandText = "select ErrorTime from T_User where
UserName=@username";
cmd.Parameters.AddWithValue("@username", b_textUser.Text);
object obj = cmd.ExecuteScalar();
return Convert.ToDateTime(obj);
}
//从数据库中获取间隔时间
private int GetErrorTime1()
{
SqlConnection conn = new SqlConnection(strcon);
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
conn.Open();
cmd.CommandText = "select DATEDIFF([second],ErrorTime,getdate())from T_User where
UserName=@username";
cmd.Parameters.AddWithValue("@username",b_textUser.Text);
//返回一行一列
object obj = cmd.ExecuteScalar();
return Convert.ToInt32(obj);
}
//获取用户的登录错误次数
private int GetError()
{
SqlConnection conn = new SqlConnection(strcon);
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
conn.Open();
cmd.CommandText = "select Error from T_User where
UserName=@username";
cmd.Parameters.AddWithValue("@username", b_textUser.Text);
object obj = cmd.ExecuteScalar();
//转换成我们需要的数据类型
if (DBNull.Value.Equals(obj) == true)
{
return 0;
}
else
{
return Convert.ToInt32(obj);
}
}
private void UpdateErrortime()
{
SqlConnection conn = new SqlConnection(strcon);
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
conn.Open();
cmd.CommandText = "update T_User set
ErrorTime=@errortime where UserName=@username";
cmd.Parameters.AddWithValue("errortime",DateTime.Now);
cmd.Parameters.AddWithValue("username",b_textUser.Text);
cmd.ExecuteNonQuery();
}
private void UpdateError(int errorcount)
{
SqlConnection conn = new SqlConnection(strcon);
conn.Open();
SqlCommand cmd = new SqlCommand();
cmd.Connection = conn;
cmd.CommandText = "update T_User set Error=@error where
UserName=@username";
cmd.Parameters.AddWithValue("@error", errorcount);
cmd.Parameters.AddWithValue("@username", b_textUser.Text);
cmd.ExecuteNonQuery();
}
private DataTable GetDataTable()
{
SqlConnection conn = new SqlConnection(strcon);
//存储要像数据库管理系统发送的一条sql语句
SqlCommand cmd = new SqlCommand();
//指明要像那个数据库发送sql语句
cmd.Connection = conn;
cmd.CommandText = "select *from T_User where
UserName=@username and Password=@password and Error=0";
//使用用户输入的内容替换sql语句中@username占位符
cmd.Parameters.AddWithValue("@username", this.b_textUser.Text);
cmd.Parameters.AddWithValue("@password", this.b_textPassword.Text);
//数据适配器,向数据库发送命令
SqlDataAdapter adapter = new SqlDataAdapter(cmd);
//内存中的表格,用来存储从数据库中返回的数据
DataTable dt = new DataTable();
adapter.Fill(dt);
//根据datatable对象中的数据的行数来判断用户输入的是否正确
cmd.Dispose();
//关闭连接
conn.Close();
//释放资源
conn.Dispose();
return dt;
}
}
}