123

CallCenterApi/CallCenterApi.BLL/CallCenterApi.BLL.csproj

@@ -137,6 +137,7 @@
     <Compile Include="T_Sys_UserClass.cs" />
     <Compile Include="T_Sys_UserGroup.cs" />
     <Compile Include="T_Sys_Users.cs" />
+    <Compile Include="T_Sys_VerificationCode.cs" />
     <Compile Include="T_Sys_WorkCalendar.cs" />
     <Compile Include="T_Sys_WorkFile.cs" />
     <Compile Include="T_Sys_WorkOFFDays.cs" />

CallCenterApi/CallCenterApi.BLL/T_Sys_VerificationCode.cs

@@ -0,0 +1,158 @@
+
+using System;
+using System.Collections.Generic;
+using System.Data;
+using System.IO;
+using System.Linq;
+using System.Text;
+
+namespace CallCenterApi.BLL
+{
+    /// <summary>
+	/// T_Sys_VerificationCode
+	/// </summary>
+	public partial class T_Sys_VerificationCode
+    {
+        private readonly CallCenterApi.DAL.T_Sys_VerificationCode dal = new CallCenterApi.DAL.T_Sys_VerificationCode();
+        public T_Sys_VerificationCode()
+        { }
+        #region  BasicMethod
+
+        /// <summary>
+        /// 得到最大ID
+        /// </summary>
+        public int GetMaxId()
+        {
+            return dal.GetMaxId();
+        }
+
+        /// <summary>
+        /// 是否存在该记录
+        /// </summary>
+        public bool Exists(int F_ID)
+        {
+            return dal.Exists(F_ID);
+        }
+
+        /// <summary>
+        /// 增加一条数据
+        /// </summary>
+        public int Add(CallCenterApi.Model.T_Sys_VerificationCode model)
+        {
+            return dal.Add(model);
+        }
+
+        /// <summary>
+        /// 更新一条数据
+        /// </summary>
+        public bool Update(CallCenterApi.Model.T_Sys_VerificationCode model)
+        {
+            return dal.Update(model);
+        }
+
+        /// <summary>
+        /// 删除一条数据
+        /// </summary>
+        public bool Delete(int F_ID)
+        {
+
+            return dal.Delete(F_ID);
+        }
+        /// <summary>
+        /// 删除一条数据
+        /// </summary>
+        public bool DeleteList(string F_IDlist)
+        {
+            return dal.DeleteList(F_IDlist);
+        }
+
+        /// <summary>
+        /// 得到一个对象实体
+        /// </summary>
+        public CallCenterApi.Model.T_Sys_VerificationCode GetModel(int F_ID)
+        {
+
+            return dal.GetModel(F_ID);
+        }
+
+      
+        /// <summary>
+        /// 获得数据列表
+        /// </summary>
+        public DataSet GetList(string strWhere)
+        {
+            return dal.GetList(strWhere);
+        }
+        /// <summary>
+        /// 获得前几行数据
+        /// </summary>
+        public DataSet GetList(int Top, string strWhere, string filedOrder)
+        {
+            return dal.GetList(Top, strWhere, filedOrder);
+        }
+        /// <summary>
+        /// 获得数据列表
+        /// </summary>
+        public List<CallCenterApi.Model.T_Sys_VerificationCode> GetModelList(string strWhere)
+        {
+            DataSet ds = dal.GetList(strWhere);
+            return DataTableToList(ds.Tables[0]);
+        }
+        /// <summary>
+        /// 获得数据列表
+        /// </summary>
+        public List<CallCenterApi.Model.T_Sys_VerificationCode> DataTableToList(DataTable dt)
+        {
+            List<CallCenterApi.Model.T_Sys_VerificationCode> modelList = new List<CallCenterApi.Model.T_Sys_VerificationCode>();
+            int rowsCount = dt.Rows.Count;
+            if (rowsCount > 0)
+            {
+                CallCenterApi.Model.T_Sys_VerificationCode model;
+                for (int n = 0; n < rowsCount; n++)
+                {
+                    model = dal.DataRowToModel(dt.Rows[n]);
+                    if (model != null)
+                    {
+                        modelList.Add(model);
+                    }
+                }
+            }
+            return modelList;
+        }
+
+        /// <summary>
+        /// 获得数据列表
+        /// </summary>
+        public DataSet GetAllList()
+        {
+            return GetList("");
+        }
+
+        /// <summary>
+        /// 分页获取数据列表
+        /// </summary>
+        public int GetRecordCount(string strWhere)
+        {
+            return dal.GetRecordCount(strWhere);
+        }
+        /// <summary>
+        /// 分页获取数据列表
+        /// </summary>
+        public DataSet GetListByPage(string strWhere, string orderby, int startIndex, int endIndex)
+        {
+            return dal.GetListByPage(strWhere, orderby, startIndex, endIndex);
+        }
+        /// <summary>
+        /// 分页获取数据列表
+        /// </summary>
+        //public DataSet GetList(int PageSize,int PageIndex,string strWhere)
+        //{
+        //return dal.GetList(PageSize,PageIndex,strWhere);
+        //}
+
+        #endregion  BasicMethod
+        #region  ExtensionMethod
+
+        #endregion  ExtensionMethod
+    }
+}

CallCenterApi/CallCenterApi.DAL/CallCenterApi.DAL.csproj

@@ -137,6 +137,7 @@
     <Compile Include="T_Sys_UserClass.cs" />
     <Compile Include="T_Sys_UserGroup.cs" />
     <Compile Include="T_Sys_Users.cs" />
+    <Compile Include="T_Sys_VerificationCode.cs" />
     <Compile Include="T_Sys_WorkCalendar.cs" />
     <Compile Include="T_Sys_WorkFile.cs" />
     <Compile Include="T_Sys_WorkOFFDays.cs" />

CallCenterApi/CallCenterApi.DAL/T_Sys_VerificationCode.cs

@@ -0,0 +1,338 @@
+
+using CallCenterApi.DB;
+using System;
+using System.Collections.Generic;
+using System.Data;
+using System.Data.SqlClient;
+using System.IO;
+using System.Linq;
+using System.Text;
+
+namespace CallCenterApi.DAL
+{
+    /// <summary>
+	/// 数据访问类:T_Sys_VerificationCode
+	/// </summary>
+	public partial class T_Sys_VerificationCode
+    {
+        public T_Sys_VerificationCode()
+        { }
+        #region  BasicMethod
+
+        /// <summary>
+        /// 得到最大ID
+        /// </summary>
+        public int GetMaxId()
+        {
+            return DbHelperSQL.GetMaxID("F_ID", "T_Sys_VerificationCode");
+        }
+
+        /// <summary>
+        /// 是否存在该记录
+        /// </summary>
+        public bool Exists(int F_ID)
+        {
+            StringBuilder strSql = new StringBuilder();
+            strSql.Append("select count(1) from T_Sys_VerificationCode");
+            strSql.Append(" where F_ID=@F_ID");
+            SqlParameter[] parameters = {
+                    new SqlParameter("@F_ID", SqlDbType.Int,4)
+            };
+            parameters[0].Value = F_ID;
+
+            return DbHelperSQL.Exists(strSql.ToString(), parameters);
+        }
+
+
+        /// <summary>
+        /// 增加一条数据
+        /// </summary>
+        public int Add(CallCenterApi.Model.T_Sys_VerificationCode model)
+        {
+            StringBuilder strSql = new StringBuilder();
+            strSql.Append("insert into T_Sys_VerificationCode(");
+            strSql.Append("F_Code,F_CreateTime,F_UserCode,F_Notes,F_Timestamp)");
+            strSql.Append(" values (");
+            strSql.Append("@F_Code,@F_CreateTime,@F_UserCode,@F_Notes,@F_Timestamp)");
+            strSql.Append(";select @@IDENTITY");
+            SqlParameter[] parameters = {
+                    new SqlParameter("@F_Code", SqlDbType.NVarChar,50),
+                    new SqlParameter("@F_CreateTime", SqlDbType.DateTime),
+                    new SqlParameter("@F_UserCode", SqlDbType.NVarChar,50),
+                    new SqlParameter("@F_Notes", SqlDbType.NVarChar,-1),
+                    new SqlParameter("@F_Timestamp", SqlDbType.NVarChar,50)};
+            parameters[0].Value = model.F_Code;
+            parameters[1].Value = model.F_CreateTime;
+            parameters[2].Value = model.F_UserCode;
+            parameters[3].Value = model.F_Notes;
+            parameters[4].Value = model.F_Timestamp;
+
+            object obj = DbHelperSQL.GetSingle(strSql.ToString(), parameters);
+            if (obj == null)
+            {
+                return 0;
+            }
+            else
+            {
+                return Convert.ToInt32(obj);
+            }
+        }
+        /// <summary>
+        /// 更新一条数据
+        /// </summary>
+        public bool Update(CallCenterApi.Model.T_Sys_VerificationCode model)
+        {
+            StringBuilder strSql = new StringBuilder();
+            strSql.Append("update T_Sys_VerificationCode set ");
+            strSql.Append("F_Code=@F_Code,");
+            strSql.Append("F_CreateTime=@F_CreateTime,");
+            strSql.Append("F_UserCode=@F_UserCode,");
+            strSql.Append("F_Notes=@F_Notes,");
+            strSql.Append("F_Timestamp=@F_Timestamp");
+            strSql.Append(" where F_ID=@F_ID");
+            SqlParameter[] parameters = {
+                    new SqlParameter("@F_Code", SqlDbType.NVarChar,50),
+                    new SqlParameter("@F_CreateTime", SqlDbType.DateTime),
+                    new SqlParameter("@F_UserCode", SqlDbType.NVarChar,50),
+                    new SqlParameter("@F_Notes", SqlDbType.NVarChar,-1),
+                    new SqlParameter("@F_Timestamp", SqlDbType.NVarChar,50),
+                    new SqlParameter("@F_ID", SqlDbType.Int,4)};
+            parameters[0].Value = model.F_Code;
+            parameters[1].Value = model.F_CreateTime;
+            parameters[2].Value = model.F_UserCode;
+            parameters[3].Value = model.F_Notes;
+            parameters[4].Value = model.F_Timestamp;
+            parameters[5].Value = model.F_ID;
+
+            int rows = DbHelperSQL.ExecuteSql(strSql.ToString(), parameters);
+            if (rows > 0)
+            {
+                return true;
+            }
+            else
+            {
+                return false;
+            }
+        }
+
+        /// <summary>
+        /// 删除一条数据
+        /// </summary>
+        public bool Delete(int F_ID)
+        {
+
+            StringBuilder strSql = new StringBuilder();
+            strSql.Append("delete from T_Sys_VerificationCode ");
+            strSql.Append(" where F_ID=@F_ID");
+            SqlParameter[] parameters = {
+                    new SqlParameter("@F_ID", SqlDbType.Int,4)
+            };
+            parameters[0].Value = F_ID;
+
+            int rows = DbHelperSQL.ExecuteSql(strSql.ToString(), parameters);
+            if (rows > 0)
+            {
+                return true;
+            }
+            else
+            {
+                return false;
+            }
+        }
+        /// <summary>
+        /// 批量删除数据
+        /// </summary>
+        public bool DeleteList(string F_IDlist)
+        {
+            StringBuilder strSql = new StringBuilder();
+            strSql.Append("delete from T_Sys_VerificationCode ");
+            strSql.Append(" where F_ID in (" + F_IDlist + ")  ");
+            int rows = DbHelperSQL.ExecuteSql(strSql.ToString());
+            if (rows > 0)
+            {
+                return true;
+            }
+            else
+            {
+                return false;
+            }
+        }
+
+
+        /// <summary>
+        /// 得到一个对象实体
+        /// </summary>
+        public CallCenterApi.Model.T_Sys_VerificationCode GetModel(int F_ID)
+        {
+
+            StringBuilder strSql = new StringBuilder();
+            strSql.Append("select  top 1 F_ID,F_Code,F_CreateTime,F_UserCode,F_Notes,F_Timestamp from T_Sys_VerificationCode ");
+            strSql.Append(" where F_ID=@F_ID");
+            SqlParameter[] parameters = {
+                    new SqlParameter("@F_ID", SqlDbType.Int,4)
+            };
+            parameters[0].Value = F_ID;
+
+            CallCenterApi.Model.T_Sys_VerificationCode model = new CallCenterApi.Model.T_Sys_VerificationCode();
+            DataSet ds = DbHelperSQL.Query(strSql.ToString(), parameters);
+            if (ds.Tables[0].Rows.Count > 0)
+            {
+                return DataRowToModel(ds.Tables[0].Rows[0]);
+            }
+            else
+            {
+                return null;
+            }
+        }
+
+
+        /// <summary>
+        /// 得到一个对象实体
+        /// </summary>
+        public CallCenterApi.Model.T_Sys_VerificationCode DataRowToModel(DataRow row)
+        {
+            CallCenterApi.Model.T_Sys_VerificationCode model = new CallCenterApi.Model.T_Sys_VerificationCode();
+            if (row != null)
+            {
+                if (row["F_ID"] != null && row["F_ID"].ToString() != "")
+                {
+                    model.F_ID = int.Parse(row["F_ID"].ToString());
+                }
+                if (row["F_Code"] != null)
+                {
+                    model.F_Code = row["F_Code"].ToString();
+                }
+                if (row["F_CreateTime"] != null && row["F_CreateTime"].ToString() != "")
+                {
+                    model.F_CreateTime = DateTime.Parse(row["F_CreateTime"].ToString());
+                }
+                if (row["F_UserCode"] != null)
+                {
+                    model.F_UserCode = row["F_UserCode"].ToString();
+                }
+                if (row["F_Notes"] != null)
+                {
+                    model.F_Notes = row["F_Notes"].ToString();
+                }
+                if (row["F_Timestamp"] != null)
+                {
+                    model.F_Timestamp = row["F_Timestamp"].ToString();
+                }
+            }
+            return model;
+        }
+
+        /// <summary>
+        /// 获得数据列表
+        /// </summary>
+        public DataSet GetList(string strWhere)
+        {
+            StringBuilder strSql = new StringBuilder();
+            strSql.Append("select F_ID,F_Code,F_CreateTime,F_UserCode,F_Notes,F_Timestamp ");
+            strSql.Append(" FROM T_Sys_VerificationCode ");
+            if (strWhere.Trim() != "")
+            {
+                strSql.Append(" where " + strWhere);
+            }
+            return DbHelperSQL.Query(strSql.ToString());
+        }
+
+        /// <summary>
+        /// 获得前几行数据
+        /// </summary>
+        public DataSet GetList(int Top, string strWhere, string filedOrder)
+        {
+            StringBuilder strSql = new StringBuilder();
+            strSql.Append("select ");
+            if (Top > 0)
+            {
+                strSql.Append(" top " + Top.ToString());
+            }
+            strSql.Append(" F_ID,F_Code,F_CreateTime,F_UserCode,F_Notes,F_Timestamp ");
+            strSql.Append(" FROM T_Sys_VerificationCode ");
+            if (strWhere.Trim() != "")
+            {
+                strSql.Append(" where " + strWhere);
+            }
+            strSql.Append(" order by " + filedOrder);
+            return DbHelperSQL.Query(strSql.ToString());
+        }
+
+        /// <summary>
+        /// 获取记录总数
+        /// </summary>
+        public int GetRecordCount(string strWhere)
+        {
+            StringBuilder strSql = new StringBuilder();
+            strSql.Append("select count(1) FROM T_Sys_VerificationCode ");
+            if (strWhere.Trim() != "")
+            {
+                strSql.Append(" where " + strWhere);
+            }
+            object obj = DbHelperSQL.GetSingle(strSql.ToString());
+            if (obj == null)
+            {
+                return 0;
+            }
+            else
+            {
+                return Convert.ToInt32(obj);
+            }
+        }
+        /// <summary>
+        /// 分页获取数据列表
+        /// </summary>
+        public DataSet GetListByPage(string strWhere, string orderby, int startIndex, int endIndex)
+        {
+            StringBuilder strSql = new StringBuilder();
+            strSql.Append("SELECT * FROM ( ");
+            strSql.Append(" SELECT ROW_NUMBER() OVER (");
+            if (!string.IsNullOrEmpty(orderby.Trim()))
+            {
+                strSql.Append("order by T." + orderby);
+            }
+            else
+            {
+                strSql.Append("order by T.F_ID desc");
+            }
+            strSql.Append(")AS Row, T.*  from T_Sys_VerificationCode T ");
+            if (!string.IsNullOrEmpty(strWhere.Trim()))
+            {
+                strSql.Append(" WHERE " + strWhere);
+            }
+            strSql.Append(" ) TT");
+            strSql.AppendFormat(" WHERE TT.Row between {0} and {1}", startIndex, endIndex);
+            return DbHelperSQL.Query(strSql.ToString());
+        }
+
+        /*
+		/// <summary>
+		/// 分页获取数据列表
+		/// </summary>
+		public DataSet GetList(int PageSize,int PageIndex,string strWhere)
+		{
+			SqlParameter[] parameters = {
+					new SqlParameter("@tblName", SqlDbType.VarChar, 255),
+					new SqlParameter("@fldName", SqlDbType.VarChar, 255),
+					new SqlParameter("@PageSize", SqlDbType.Int),
+					new SqlParameter("@PageIndex", SqlDbType.Int),
+					new SqlParameter("@IsReCount", SqlDbType.Bit),
+					new SqlParameter("@OrderType", SqlDbType.Bit),
+					new SqlParameter("@strWhere", SqlDbType.VarChar,1000),
+					};
+			parameters[0].Value = "T_Sys_VerificationCode";
+			parameters[1].Value = "F_ID";
+			parameters[2].Value = PageSize;
+			parameters[3].Value = PageIndex;
+			parameters[4].Value = 0;
+			parameters[5].Value = 0;
+			parameters[6].Value = strWhere;	
+			return CallCenterApi.RunProcedure("UP_GetRecordByPage",parameters,"ds");
+		}*/
+
+        #endregion  BasicMethod
+        #region  ExtensionMethod
+
+        #endregion  ExtensionMethod
+    }
+}

CallCenterApi/CallCenterApi.Interface/CallCenterApi.Interface/CallCenterApi.Interface.csproj

@@ -216,6 +216,7 @@
     <Compile Include="Controllers\Login\AES256Controller.cs" />
     <Compile Include="Controllers\Login\LoginController.cs" />
     <Compile Include="Controllers\FunctionController.cs" />
+    <Compile Include="Controllers\Login\VerificationCodeController.cs" />
     <Compile Include="Controllers\report\BusinessController.cs" />
     <Compile Include="Controllers\report\CallInController.cs" />
     <Compile Include="Controllers\report\DataAnalysisController.cs" />
@@ -394,6 +395,7 @@
     <Folder Include="Views\UserFeedback\" />
     <Folder Include="Views\UserGrade\" />
     <Folder Include="Views\Validate\" />
+    <Folder Include="Views\VerificationCode\" />
     <Folder Include="Views\Web\" />
     <Folder Include="Views\WeiBoReceive\" />
     <Folder Include="Views\WeiBo\" />
@@ -477,7 +479,7 @@
           <AutoAssignPort>True</AutoAssignPort>
           <DevelopmentServerPort>63662</DevelopmentServerPort>
           <DevelopmentServerVPath>/</DevelopmentServerVPath>
-          <IISUrl>http://localhost:63660/</IISUrl>
+          <IISUrl>http://localhost:63665/</IISUrl>
           <NTLMAuthentication>False</NTLMAuthentication>
           <UseCustomServer>False</UseCustomServer>
           <CustomServerUrl>

CallCenterApi/CallCenterApi.Interface/CallCenterApi.Interface/Controllers/Login/LoginController.cs

@@ -40,6 +40,9 @@ namespace CallCenterApi.Interface.Controllers
                 log.Error(Configs.GetValue("AuthDate"));
                 log.Error(ex.ToString());
             }
+            if (string.IsNullOrEmpty(login.Code))
+                return Error("请输入验证码");
+
             bool appResult = LoodLoop();
             if (appResult)
             {
@@ -69,6 +72,24 @@ namespace CallCenterApi.Interface.Controllers
                     dt = DbHelperSQL.Query(sql, paras).Tables[0];
                     if (dt != null)
                     {
+                     
+                        var code  = new BLL.T_SMS_RecvSMS().GetModelList("F_Timestamp='" + login .Timestamp  + "' " +
+                            "and F_Code='" + login .Code  + "'order by F_CreateTime desc");
+                        if (code != null && code.Count > 0)
+                        {
+                            var modelSms = code.First();
+                            if ((DateTime.Now - modelSms.RecvTime).Minutes > 10)
+                            {
+                                return Error("验证码已失效");
+                            }
+                        }
+                        else
+                        {
+                            return Error("验证码错误");
+                        }  
+
+
+
                         if (dt.Rows.Count > 0)
                         {
                             if (dt.Rows[0]["F_DeleteFlag"] != null && dt.Rows[0]["F_DeleteFlag"].ToString() == "1")
@@ -167,6 +188,33 @@ namespace CallCenterApi.Interface.Controllers
                                     F_Remark = "",
                                     F_State = 0
                                 });
+                                if (dt.Rows[0]["F_DeleteFlag"] != null && dt.Rows[0]["F_DeleteFlag"].ToString() == "1")
+                                {
+                                    return Error("账号已锁定，请联系管理员解锁");
+                                }
+                                if (dt1.Rows[0]["F_TmId"] != null && dt1.Rows[0]["F_TmId"].ToString() != "")
+                                {
+                                    if (int.Parse(dt1.Rows[0]["F_TmId"].ToString()) >= 4)
+                                    {
+                                        string sql2 = $"update T_Sys_UserAccount set F_TmId=0,F_DeleteFlag=1 " +
+                                            $"where F_UserCode='{dt1.Rows[0]["F_UserCode"].ToString()}'";
+                                        var dt2 = DbHelperSQL.ExecuteSql(sql2);
+                                        return Error("账号已锁定，请联系管理员解锁");
+                                    }
+                                    else
+                                    {
+                                        int n = int.Parse(dt1.Rows[0]["F_TmId"].ToString()) + 1;
+                                        string sql2 = $"update T_Sys_UserAccount set F_TmId={n} where " +
+                                            $"F_UserCode='{dt1.Rows[0]["F_UserCode"].ToString()}'";
+                                        var dt2 = DbHelperSQL.ExecuteSql(sql2);
+                                    }
+                                }
+                                else
+                                {
+                                    string sql2 = $"update T_Sys_UserAccount set F_TmId=1 where " +
+                                           $"F_UserCode='{dt1.Rows[0]["F_UserCode"].ToString()}'";
+                                    var dt2 = DbHelperSQL.ExecuteSql(sql2);
+                                }
                             }
                             else
                             {

CallCenterApi/CallCenterApi.Interface/CallCenterApi.Interface/Controllers/Login/VerificationCodeController.cs

@@ -0,0 +1,105 @@
+using CallCenterApi.Interface.Controllers.Base;
+using System;
+using System.Collections.Generic;
+using System.Drawing;
+using System.Linq;
+using System.Text;
+using System.Web;
+using System.Web.Mvc;
+
+namespace CallCenterApi.Interface.Controllers.Login
+{
+    public class VerificationCodeController : BaseController
+    {
+
+        public HttpResponseBase CreateCheckCodeImage(string timestamp)
+        {
+            string checkCode = VerficationCodeSrc(4);
+
+            if (checkCode == null || checkCode.Trim() == String.Empty)
+                return null ;
+
+            //string checkCode = "asfd2";
+            Bitmap image = new Bitmap(90, 28);
+
+            Graphics g = Graphics.FromImage(image);
+            try
+            {
+                //生成随机生成器 
+                Random random = new Random();
+                //清空图片背景色 
+                g.Clear(Color.White);
+                //画图片的背景噪音线 
+                for (int i = 0; i < 2; i++)
+                {
+                    int x1 = random.Next(image.Width);
+                    int x2 = random.Next(image.Width);
+                    int y1 = random.Next(image.Height);
+                    int y2 = random.Next(image.Height);
+                    g.DrawLine(new Pen(Color.Black), x1, y1, x2, y2);
+                }
+                Font font = new Font("Arial", 16, (FontStyle.Bold));
+
+                System.Drawing.Drawing2D.LinearGradientBrush brush = new System.Drawing.Drawing2D.
+                    LinearGradientBrush(new Rectangle(0, 0, image.Width, image.Height), Color.Blue, Color.DarkRed, 1.2f, true);
+
+                g.DrawString(checkCode, font, brush, 2, 2);
+                //画图片的前景噪音点 
+                for (int i = 0; i < 100; i++)
+                {
+                    int x = random.Next(image.Width);
+                    int y = random.Next(image.Height);
+                    image.SetPixel(x, y, Color.FromArgb(random.Next()));
+                }
+                //画图片的边框线 
+                g.DrawRectangle(new Pen(Color.Silver), 0, 0, image.Width - 1, image.Height - 1);
+                System.IO.MemoryStream ms = new System.IO.MemoryStream();
+                image.Save(ms, System.Drawing.Imaging.ImageFormat.Gif);
+                Response.ClearContent();
+                Response.ContentType = "image/Gif";
+                Response.BinaryWrite(ms.ToArray());
+                Model.T_Sys_VerificationCode code = new Model.T_Sys_VerificationCode();
+                code.F_CreateTime = DateTime.Now;
+                code.F_Timestamp = timestamp;
+                code.F_Code  = checkCode;
+                new BLL.T_Sys_VerificationCode().Add(code);
+                return Response;
+            }
+            finally
+            {
+                g.Dispose();
+                image.Dispose();
+               
+            }
+        }
+
+        /// <summary>
+        /// 生成验证码字符串
+        /// </summary>
+        /// <param name="numberOfChars"></param>
+        /// <returns></returns>
+        private string VerficationCodeSrc(int numberOfChars)
+        {
+            if (numberOfChars > 36)
+            {
+                throw new InvalidOperationException("Random Word Charecters can not be greater than 36.");
+            }
+            char[] columns = new char[36];
+            //字母
+            for (int charPos = 97; charPos < 97 + 26; charPos++)
+                columns[charPos - 97] = (char)charPos;
+            //数字
+            for (int intPos = 48; intPos <= 57; intPos++)
+                columns[intPos - 22] = (char)intPos;
+
+            StringBuilder randomBuilder = new StringBuilder();
+            Random randomSeed = new Random();
+            for (int incr = 0; incr < numberOfChars; incr++)
+            {
+                randomBuilder.Append(columns[randomSeed.Next(36)].ToString());
+            }
+
+            return randomBuilder.ToString();
+        }
+    }
+}

CallCenterApi/CallCenterApi.Interface/CallCenterApi.Interface/Controllers/workorder/WorkOrderController.cs

@@ -325,9 +325,8 @@ namespace CallCenterApi.Interface.Controllers.workorder
                 var dtdc = DbHelperSQL.Query(" select " + top + " F_CreateTime 日期, F_OldWorkOrderId 工单号,F_ComTitle 诉求标题,F_CusName 反映人,F_CusPhone 电话号码,F_ComContent 诉求内容,dbo.GetDictionaryName(F_Key) 主题词, "
                    + " dbo.GetDeptNames(F_MainDeptId) 承办单位, "
                    + " (select top 1 F_Situation from T_Bus_Feedback WITH(NOLOCK) where F_State=1 and F_Type!=3 and F_IsDelete=0 and  F_WorkOrderId =wo.F_WorkOrderId order by F_CreateTime) 办理结果,"
-                   + " (select top 1 (case F_IsSatisfie when 1 then'满意' when 0 then '不满意'when 2 then '基本满意' else '未评价' end) F_Satisfie from T_Bus_VisitResult WITH(NOLOCK) where F_State = 1 and F_IsDelete = 0 and F_WorkOrderId = wo.F_WorkOrderId order by F_Id desc) 承办单位回访结果, case F_Satisfaction when 0 then '不满意'when 1 then" +
-                   "'基本满意' when 2 then '满意' else '未评价'end 郑州回访结果"
-                   + " from T_Bus_WorkOrder wo WITH(NOLOCK) where 1=1 " + sql + sort).Tables[0];
+                   + " (select top 1 (case F_IsSatisfie when 1 then'满意' when 0 then '不满意'when 2 then '基本满意' else '未评价' end) F_Satisfie from T_Bus_VisitResult WITH(NOLOCK) where F_State = 1 and F_IsDelete = 0 and F_WorkOrderId = wo.F_WorkOrderId order by F_Id desc) 承办单位回访结果" +
+                          " from T_Bus_WorkOrder wo WITH(NOLOCK) where 1=1 " + sql + sort).Tables[0];
 
                 var msg = new NPOIHelper().ExportToExcel("工单列表", dtdc);
                 if (msg == "")
@@ -797,9 +796,8 @@ namespace CallCenterApi.Interface.Controllers.workorder
                 var dtdc = DbHelperSQL.Query(" select " + top + " F_CreateTime 日期, F_OldWorkOrderId 工单号,F_ComTitle 诉求标题,F_CusName 反映人,F_CusPhone 电话号码,F_ComContent 诉求内容,dbo.GetDictionaryName(F_Key) 主题词, "
                    + " dbo.GetDeptNames(F_MainDeptId) 承办单位, "
                    + " (select top 1 F_Situation from T_Bus_Feedback WITH(NOLOCK) where F_State=1 and F_Type!=3 and F_IsDelete=0 and  F_WorkOrderId =wo.F_WorkOrderId order by F_CreateTime) 办理结果,"
-                   + " (select top 1 (case F_IsSatisfie when 1 then'满意' when 0 then '不满意'when 2 then '基本满意' else '未评价' end) F_Satisfie from T_Bus_VisitResult WITH(NOLOCK) where F_State = 1 and F_IsDelete = 0 and F_WorkOrderId = wo.F_WorkOrderId order by F_Id desc) 承办单位回访结果, case F_Satisfaction when 0 then '不满意'when 1 then" +
-                   "'基本满意' when 2 then '满意' else '未评价'end 郑州回访结果"
-                   + " from T_Bus_WorkOrder wo WITH(NOLOCK) where 1=1 " + sql + sort).Tables[0];
+                   + " (select top 1 (case F_IsSatisfie when 1 then'满意' when 0 then '不满意'when 2 then '基本满意' else '未评价' end) F_Satisfie from T_Bus_VisitResult WITH(NOLOCK) where F_State = 1 and F_IsDelete = 0 and F_WorkOrderId = wo.F_WorkOrderId order by F_Id desc) 承办单位回访结果" +
+                    " from T_Bus_WorkOrder wo WITH(NOLOCK) where 1=1 " + sql + sort).Tables[0];
 
                 var msg = new NPOIHelper().ExportToExcel("工单列表", dtdc);
                 if (msg == "")
@@ -862,7 +860,7 @@ namespace CallCenterApi.Interface.Controllers.workorder
                     var dtjb = DbHelperSQL.Query(sqljb).Tables[0];
                     if (dtjb.Rows.Count > 0)
                     {
-                        //if (dtjb.Rows[0]["F_MainDeptId"].ToString().Split(',').Contains(userModel.F_DeptId.ToString())) { iszbdw = "1"; }
+                    
                         if (dr["F_MainDeptId"].ToString() == userModel.F_DeptId.ToString()) { iszbdw = "1"; }
                         dr["DeptName"] = DbHelperSQL.GetSingle(" select dbo.GetDeptNames('" + dr["F_MainDeptId"].ToString() + "')");
                         if (dr["F_OtherDeptIds"] != null && dr["F_OtherDeptIds"].ToString() != "")
@@ -870,43 +868,11 @@ namespace CallCenterApi.Interface.Controllers.workorder
                             dr["OtherDeptName"] = DbHelperSQL.GetSingle(" select dbo.GetDeptNames('" + dr["F_OtherDeptIds"].ToString() + "')");
                         }
                         #region 20191016
-                        //if (dtjb.Rows[0]["F_MainDeptId"].ToString() == userModel.F_DeptId.ToString()) { iszbdw = "1"; }
-                        //dr["DeptName"] = DbHelperSQL.GetSingle(" select dbo.GetDeptNames('" + dtjb.Rows[0]["F_MainDeptId"].ToString() + "')");
-                        //if (dtjb.Rows[0]["F_OtherDeptIds"] != null && dtjb.Rows[0]["F_OtherDeptIds"].ToString() != "")
-                        //{
-                        //    dr["OtherDeptName"] = DbHelperSQL.GetSingle(" select dbo.GetDeptNames('" + dtjb.Rows[0]["F_OtherDeptIds"].ToString() + "')");
-                        //}
+                      
                         #endregion
                         dr["AssignTime"] = dtjb.Rows[0]["F_CreateTime"].ToString();
                         #region
-                        //int did = Int32.Parse(dtjb.Rows[0]["F_MainDeptId"].ToString());
-                        //var deptinfo = new BLL.T_Sys_Department().GetModel(did);
-                        //if (deptinfo != null)
-                        //{
-                        //    if (did == userModel.F_DeptId) { iszbdw = "1"; }
-                        //    dr["DeptName"] = deptinfo.F_DeptName;//交办单位
-                        //}
-                        //if (dtjb.Rows[0]["F_OtherDeptIds"] != null && dtjb.Rows[0]["F_OtherDeptIds"].ToString() != "")
-                        //{
-                        //    string[] strids = dtjb.Rows[0]["F_OtherDeptIds"].ToString().Split(',');
-                        //    string dns = string.Empty;
-                        //    foreach (string strid in strids)
-                        //    {
-                        //        var dinfo = new BLL.T_Sys_Department().GetModel(Int32.Parse(strid));
-                        //        if (dinfo != null)
-                        //        {
-                        //            if (string.IsNullOrEmpty(dns))
-                        //            {
-                        //                dns = dinfo.F_DeptName;//交办单位
-                        //            }
-                        //            else
-                        //            {
-                        //                dns += "," + dinfo.F_DeptName;//交办单位
-                        //            }
-                        //        }
-                        //    }
-                        //    dr["OtherDeptName"] = dns;
-                        //}
+                     
                         #endregion
                         var lt = dr["F_LimitTime"].ToString();//限制时间
                         dr["LimitTime"] = lt;
@@ -2409,9 +2375,8 @@ namespace CallCenterApi.Interface.Controllers.workorder
                 var dtdc = DbHelperSQL.Query(" select " + top + " F_CreateTime 日期, F_OldWorkOrderId 工单号,F_ComTitle 诉求标题,F_CusName 反映人,F_CusPhone 电话号码,F_ComContent 诉求内容,dbo.GetDictionaryName(F_Key) 主题词, "
                    + " dbo.GetDeptNames(F_MainDeptId) 承办单位, "
                    + " (select top 1 F_Situation from T_Bus_Feedback WITH(NOLOCK) where F_State=1 and F_Type!=3 and F_IsDelete=0 and  F_WorkOrderId =wo.F_WorkOrderId order by F_CreateTime) 办理结果,"
-                   + " (select top 1 (case F_IsSatisfie when 1 then'满意' when 0 then '不满意'when 2 then '基本满意' else '未评价' end) F_Satisfie from T_Bus_VisitResult WITH(NOLOCK) where F_State = 1 and F_IsDelete = 0 and F_WorkOrderId = wo.F_WorkOrderId order by F_Id desc) 承办单位回访结果, case F_Satisfaction when 0 then '不满意'when 1 then" +
-                   "'基本满意' when 2 then '满意' else '未评价'end 郑州回访结果"
-                   + " from T_Bus_WorkOrder wo WITH(NOLOCK) where 1=1 " + sql + sort).Tables[0];
+                   + " (select top 1 (case F_IsSatisfie when 1 then'满意' when 0 then '不满意'when 2 then '基本满意' else '未评价' end) F_Satisfie from T_Bus_VisitResult WITH(NOLOCK) where F_State = 1 and F_IsDelete = 0 and F_WorkOrderId = wo.F_WorkOrderId order by F_Id desc) 承办单位回访结果" +
+                  " from T_Bus_WorkOrder wo WITH(NOLOCK) where 1=1 " + sql + sort).Tables[0];
 
                 //var dtdc = DbHelperSQL.Query(" select " + colst + " from T_Bus_WorkOrder WITH(NOLOCK) where 1=1 " + sql).Tables[0];
                 var msg = new NPOIHelper().ExportToExcel("工单列表", dtdc);
@@ -3053,9 +3018,8 @@ namespace CallCenterApi.Interface.Controllers.workorder
                 var dtdc = DbHelperSQL.Query(" select " + top + " F_CreateTime 日期, F_OldWorkOrderId 工单号,F_ComTitle 诉求标题,F_CusName 反映人,F_CusPhone 电话号码,F_ComContent 诉求内容,dbo.GetDictionaryName(F_Key) 主题词, "
                     + " dbo.GetDeptNames(F_MainDeptId) 承办单位, "
                     + " (select top 1 F_Situation from T_Bus_Feedback WITH(NOLOCK) where F_State=1 and F_Type!=3 and F_IsDelete=0 and  F_WorkOrderId =wo.F_WorkOrderId order by F_CreateTime) 办理结果,"
-                    + " (select top 1 (case F_IsSatisfie when 1 then'满意' when 0 then '不满意'when 2 then '基本满意' else '未评价' end) F_Satisfie from T_Bus_VisitResult WITH(NOLOCK) where F_State = 1 and F_IsDelete = 0 and F_WorkOrderId = wo.F_WorkOrderId order by F_Id desc) 承办单位回访结果, case F_Satisfaction when 0 then '不满意'when 1 then" +
-                    "'基本满意' when 2 then '满意' else '未评价'end 郑州回访结果"
-                    + " from T_Bus_WorkOrder wo WITH(NOLOCK) where 1=1 " + sql + orderby).Tables[0];
+                    + " (select top 1 (case F_IsSatisfie when 1 then'满意' when 0 then '不满意'when 2 then '基本满意' else '未评价' end) F_Satisfie from T_Bus_VisitResult WITH(NOLOCK) where F_State = 1 and F_IsDelete = 0 and F_WorkOrderId = wo.F_WorkOrderId order by F_Id desc) 承办单位回访结果" +
+                   " from T_Bus_WorkOrder wo WITH(NOLOCK) where 1=1 " + sql + orderby).Tables[0];
                 var msg = new NPOIHelper().ExportToExcel("工单列表", dtdc);
                 if (msg == "")
                 {
@@ -3244,11 +3208,7 @@ namespace CallCenterApi.Interface.Controllers.workorder
                     var butt = btns.Find(c => c.key == ButtonGroup.turnsee().key);
                     if (recount > 0 && butt != null)
                         btns.Remove(butt);
-                    if (dr["F_Files"].ToString() == "")
-                    {
-                        if (userModel.F_RoleCode.ToUpper() == "WLDW")
-                            btns.Add(ButtonGroup.Upload());
-                    }
+                   
                     #endregion
                 }
                 else
@@ -3269,11 +3229,11 @@ namespace CallCenterApi.Interface.Controllers.workorder
                     {//履职界定待审核
                         if (dr["F_WorkState"].ToString()=="6")
                         btns.Add(ButtonGroup.visit());
-                        if (dr["F_Files"].ToString() == "")
-                        {
-                            if (userModel.F_RoleCode.ToUpper() == "WLDW")
-                                btns.Add(ButtonGroup.Upload());
-                        }
+                        //if (dr["F_Files"].ToString() == "")
+                        //{
+                        //    if (userModel.F_RoleCode.ToUpper() == "WLDW")
+                        //        btns.Add(ButtonGroup.Upload());
+                        //}
                             
                     }
                     else if (Int32.Parse(strtab) == 7 && strisaudit=="0")
@@ -7538,7 +7498,33 @@ namespace CallCenterApi.Interface.Controllers.workorder
                         modelT_Bus_WorkOrder.F_IsClosed = 1;
                         modelT_Bus_WorkOrder.F_CloseUser = userModel.F_UserCode;
                         modelT_Bus_WorkOrder.F_CloseTime = DateTime.Now;
+
+
+
+
                     }
+                    //else if(userModel .F_RoleCode =="WLDW")
+                    //{
+                    //    #region 插入交办记录
+                    //    Model.T_Bus_AssignedInfo modelT_Bus_AssignedInfo = new T_Bus_AssignedInfo();
+                    //    modelT_Bus_AssignedInfo.F_WorkOrderId = modelT_Bus_WorkOrder.F_WorkOrderId;
+                    //    modelT_Bus_AssignedInfo.F_LimitTime = limittime;//办理时限
+                    //    modelT_Bus_AssignedInfo.F_MainDeptId = maindeptid;//主办单位id
+                    //    modelT_Bus_AssignedInfo.F_OtherDeptIds = otherdeptids;//协办单位id
+                    //    modelT_Bus_AssignedInfo.F_AssignedOpinion = assignedopinion;//交办意见
+                    //    modelT_Bus_AssignedInfo.F_State = 1;//0草稿  1正式
+                    //    modelT_Bus_AssignedInfo.F_CreateUser = userModel.F_UserCode;
+                    //    modelT_Bus_AssignedInfo.F_CreateTime = DateTime.Now;
+                    //    modelT_Bus_AssignedInfo.F_IsDelete = 0;
+                    //    modelT_Bus_AssignedInfo.F_IsOverdue = 0;
+                    //    modelT_Bus_AssignedInfo.F_IsSure = 0;
+                    //    modelT_Bus_AssignedInfo.F_IsReload = 0;
+                    //    modelT_Bus_AssignedInfo.F_IsNext = 0;
+                    //    modelT_Bus_AssignedInfo.F_TimeResp = assignBLL.GetRepTimly(DateTime.Now);//及时查收时间点
+                    //    int  aid = assignBLL.Add(modelT_Bus_AssignedInfo);
+                    //    #endregion
+
+                    //}
                     else if (issubmit == 1)
                     {
                         modelT_Bus_WorkOrder.F_SubmitTime = DateTime.Now;
@@ -8898,7 +8884,6 @@ namespace CallCenterApi.Interface.Controllers.workorder
                 int state = RequestString.GetInt("state", 0);
                 int assignid = RequestString.GetInt("assignid", 0);
                 int maindeptid = RequestString.GetInt("maindeptid", 0);
-                //string maindeptid = RequestString.GetFormString("maindeptid");
                 string otherdeptids = RequestString.GetFormString("otherdeptids");
                 DateTime limittime = DateTime.Parse(RequestString.GetFormString("limittime") + " 23:59:59");
                 string assignedopinion = RequestString.GetFormString("assignedopinion");
@@ -10204,6 +10189,115 @@ namespace CallCenterApi.Interface.Controllers.workorder
             }
         }
 
+
+
+
+
+
+
+        /// <summary>
+        /// 上报工单
+        /// </summary>
+        /// <returns></returns>
+        [Authority]
+        public ActionResult Escalation()
+        {
+            int userId = Utils.StrToInt(User.UserData["F_UserID"], 0);
+
+            Model.T_Sys_UserAccount userModel = userBLL.GetModel(userId);
+
+            if (userModel.F_RoleCode == "WLDW" )
+            {
+                string workorderid = RequestString.GetFormString("workorderid");
+
+                Model.T_Bus_WorkOrder modelT_Bus_WorkOrder = workorderBLL.GetModel(workorderid);
+                Model.T_Bus_AssignedInfo modelT_Bus_AssignedInfo = assignBLL.GetNewModelByWorkOrderID(workorderid);
+
+                if (modelT_Bus_WorkOrder != null && modelT_Bus_AssignedInfo != null)
+                {
+                    if (modelT_Bus_AssignedInfo.F_CreateUser != userModel.F_UserCode)
+                    {
+                        return Error("操作失败");
+                    }
+
+                    //if (modelT_Bus_AssignedInfo.F_IsSure == 0 || (modelT_Bus_AssignedInfo.F_IsSure == 1 && modelT_Bus_WorkOrder.F_WorkState == 4))
+                    if (modelT_Bus_AssignedInfo.F_IsSure == 0 || (modelT_Bus_AssignedInfo.F_IsSure == 1 && modelT_Bus_WorkOrder.F_WorkState == (int)EnumWorkState.dealing))
+                    {
+                        using (TransactionScope trans = new TransactionScope())
+                        {
+                           
+
+                            #region 保存工单信息
+                            //modelT_Bus_WorkOrder.F_WorkState = 1;//待交办
+                            modelT_Bus_WorkOrder.F_WorkState = (int)EnumWorkState.submit;//待交办
+                            modelT_Bus_WorkOrder.F_MainDeptId = null;
+                            modelT_Bus_WorkOrder.F_OtherDeptIds = "";
+                            modelT_Bus_WorkOrder.ReminderNum = 0;//清空催办记录
+                            workorderBLL.Update(modelT_Bus_WorkOrder);
+                            #endregion
+
+                            #region 删除交办信息
+                            modelT_Bus_AssignedInfo.F_State = 0;
+
+                            assignBLL.Update(modelT_Bus_AssignedInfo);
+                            #endregion
+
+                            #region 删除派单信息
+                            var pdlist = new BLL.T_Bus_AssignedInfo_Next().GetModelList
+                                (" F_IsDelete=0 and F_WorkOrderId='" + modelT_Bus_WorkOrder.F_WorkOrderId + "' ");
+
+                            foreach (var cg in pdlist)
+                            {
+                                cg.F_State = 0;
+                                new BLL.T_Bus_AssignedInfo_Next().Update(cg);
+                            }
+                            #endregion
+
+                            #region 删除二级单位处理信息
+                            var cglist = new BLL.T_Bus_Feedback_Next().GetModelList(" F_IsDelete=0 and F_WorkOrderId='" + modelT_Bus_WorkOrder.F_WorkOrderId + "' ");
+
+                            foreach (var cg in cglist)
+                            {
+                                cg.F_State = 0;
+                                new BLL.T_Bus_Feedback_Next().Update(cg);
+                            }
+                            #endregion
+
+                            #region 插入操作记录
+                            Model.T_Bus_Operation oper = new Model.T_Bus_Operation();
+                            oper.F_WorkOrderId = modelT_Bus_WorkOrder.F_WorkOrderId;
+                            oper.F_AssignedId = modelT_Bus_AssignedInfo.F_Id;
+                            oper.F_State = modelT_Bus_WorkOrder.F_WorkState;
+
+                            string userinfo = userModel.depname + "-" + userModel.F_UserName + "(" + userModel.F_UserCode + ")";
+                            oper.F_Message = userinfo + " 上报了工单";
+                            oper.F_CreateUser = userModel.F_UserCode;
+                            oper.F_CreateTime = DateTime.Now;
+                            oper.F_IsDelete = 0;
+
+                            operBLL.Add(oper);
+                            #endregion
+
+                            trans.Complete();
+                        }
+                        return Success("操作成功");
+                    }
+                    else
+                    {
+                        return Error("单位已查收，不能收回");
+                    }
+                }
+                else
+                {
+                    return Error("操作失败");
+                }
+            }
+            else
+            {
+                return Error("权限不足");
+            }
+        }
+
         /// <summary>
         /// 查收工单
         /// </summary>

CallCenterApi/CallCenterApi.Interface/CallCenterApi.Interface/Global.asax.cs

@@ -27,6 +27,8 @@ namespace CallCenterApi.Interface
 
         protected void Application_AuthenticateRequest(object sender, EventArgs e)
         {
+            SqlChecker SqlChecker = new SqlChecker(this.Request, this.Response);
+            SqlChecker.Check();
             HttpApplication app = (HttpApplication)sender;
             var context = app.Context;
             if (context == null) throw new ArgumentNullException("context");

CallCenterApi/CallCenterApi.Interface/CallCenterApi.Interface/Models/Common/ButtonGroup.cs

@@ -143,18 +143,18 @@ namespace CallCenterApi.Interface.Models.Common
         {
             return new button(34, "界定审核");
         }
-        public static button IsExport()
-        {
-            return new button(34, "回传");
-        }
+        //public static button IsExport()
+        //{
+        //    return new button(34, "回传");
+        //}
         public static button Result()
         {
             return new button(35, "编辑");
         }
-        public static button Upload()
-        {
-            return new button(36, "上传");
-        }
+        //public static button Upload()
+        //{
+        //    return new button(36, "上传");
+        //}
         public static button Remkers()
         {
             return new button(37, "备注");
@@ -171,11 +171,11 @@ namespace CallCenterApi.Interface.Models.Common
         {
             return new button(40, "催办");
         }
-        public static button thirdBack()
-        {
-            return new button(41, "退回郑州市");
+        //public static button thirdBack()
+        //{
+        //    return new button(41, "退回郑州市");
 
-        }
+        //}
 
         #region 知识库操作按钮
         public static button zsk_query()
@@ -244,7 +244,7 @@ namespace CallCenterApi.Interface.Models.Common
                     {
                         buttons.Add(delete());
                         buttons.Add(edit());
-                        buttons.Add(thirdBack());
+                      //  buttons.Add(thirdBack());
                     }
                        
                     //中心话务员 坐席班长 管理员
@@ -252,7 +252,7 @@ namespace CallCenterApi.Interface.Models.Common
                     {
                         buttons.Add(submit());
                         buttons.Add(edit()); buttons.Add(delete());
-                        buttons.Add(thirdBack());
+                      //  buttons.Add(thirdBack());
                     }
                     break;
                 case "1":
@@ -262,7 +262,7 @@ namespace CallCenterApi.Interface.Models.Common
                     //调度专员 中心领导管理员 管理员
                     if (code == "ZXLD" || code == "ZXLDGLYGLY" || code == "GLY" || code == "DDZG")
                     {
-                        buttons.Add(thirdBack());
+                       // buttons.Add(thirdBack());
                         //    buttons.Add(approval());
                         buttons.Add(edit());
                      //   buttons.Add(back());
@@ -404,8 +404,8 @@ namespace CallCenterApi.Interface.Models.Common
                         buttons.Add(subreload());
                         //   buttons.Add(approval());
                     }
-                    if (code == "WLDW")
-                    buttons.Add(Upload());
+                    //if (code == "WLDW")
+                    //buttons.Add(Upload());
                     break;
                 case "8":
                     //二级网络单位 管理员
@@ -438,15 +438,15 @@ namespace CallCenterApi.Interface.Models.Common
 
                         if (ishc !="1")
                         {
-                            buttons.Add(IsExport());
+                          //  buttons.Add(IsExport());
                            // buttons.Add(subreload());
                             buttons.Add(subreload());
                         }
 
                        
                     }
-                    if (code == "WLDW")
-                        buttons.Add(Upload());
+                    //if (code == "WLDW")
+                    //    buttons.Add(Upload());
                     break;
                 case "10":
                     //坐席班长 管理员

CallCenterApi/CallCenterApi.Interface/CallCenterApi.Interface/Models/Input/LoginModel.cs

@@ -11,5 +11,7 @@ namespace CallCenterApi.Interface.Models.Input
         public string ExtensionPhone { get; set; }
         public string Password { get; set; }
         public string LoginTime { get; set; }
+        public string Timestamp { get; set; }
+        public string Code { get; set; }
     }
 }

CallCenterApi/CallCenterApi.Model/CallCenterApi.Model.csproj

@@ -87,6 +87,7 @@
     <Compile Include="T_Sys_SeatPermissionConfig.cs" />
     <Compile Include="T_Sys_UserClass.cs" />
     <Compile Include="T_Sys_Users.cs" />
+    <Compile Include="T_Sys_VerificationCode.cs" />
     <Compile Include="T_Sys_WorkOFFDays.cs" />
     <Compile Include="WeiBoCommentList.cs" />
     <Compile Include="PageData.cs" />

CallCenterApi/CallCenterApi.Model/T_Sys_VerificationCode.cs

@@ -0,0 +1,76 @@
+
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Text;
+
+namespace CallCenterApi.Model
+{
+    /// <summary>
+    /// T_Sys_VerificationCode:实体类(属性说明自动提取数据库字段的描述信息)
+    /// </summary>
+    [Serializable]
+    public partial class T_Sys_VerificationCode
+    {
+        public T_Sys_VerificationCode()
+        { }
+        #region Model
+        private int _f_id;
+        private string _f_code;
+        private DateTime? _f_createtime;
+        private string _f_usercode;
+        private string _f_notes;
+        private string _f_timestamp;
+        /// <summary>
+        /// 
+        /// </summary>
+        public int F_ID
+        {
+            set { _f_id = value; }
+            get { return _f_id; }
+        }
+        /// <summary>
+        /// 
+        /// </summary>
+        public string F_Code
+        {
+            set { _f_code = value; }
+            get { return _f_code; }
+        }
+        /// <summary>
+        /// 
+        /// </summary>
+        public DateTime? F_CreateTime
+        {
+            set { _f_createtime = value; }
+            get { return _f_createtime; }
+        }
+        /// <summary>
+        /// 
+        /// </summary>
+        public string F_UserCode
+        {
+            set { _f_usercode = value; }
+            get { return _f_usercode; }
+        }
+        /// <summary>
+        /// 
+        /// </summary>
+        public string F_Notes
+        {
+            set { _f_notes = value; }
+            get { return _f_notes; }
+        }
+        /// <summary>
+        /// 
+        /// </summary>
+        public string F_Timestamp
+        {
+            set { _f_timestamp = value; }
+            get { return _f_timestamp; }
+        }
+        #endregion Model
+
+    }
+}

CallCenterCommon/CallCenter.QuartzService/QuartzWorker.cs

@@ -19,7 +19,7 @@ namespace CallCenter.QuartzService
 
             // 远程输出配置
             properties["quartz.scheduler.exporter.type"] = "Quartz.Simpl.RemotingSchedulerExporter, Quartz";
-            properties["quartz.scheduler.exporter.port"] = "556";
+            properties["quartz.scheduler.exporter.port"] = "557";
             properties["quartz.scheduler.exporter.bindName"] = "QuartzScheduler";
             properties["quartz.scheduler.exporter.channelType"] = "tcp";
 

CallCenterCommon/CallCenter.Utility/CallCenter.Utility.csproj

@@ -86,6 +86,7 @@
     <Compile Include="NPOI\InPutType.cs" />
     <Compile Include="RedisHelper.cs" />
     <Compile Include="SaltAndHashHelper.cs" />
+    <Compile Include="SqlChecker.cs" />
     <Compile Include="SysInformationHelper.cs" />
     <Compile Include="Time\DateTimeConvert.cs" />
     <Compile Include="Time\DateTools.cs" />

CallCenterCommon/CallCenter.Utility/SqlChecker.cs

@@ -0,0 +1,191 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Text;
+using System.Web;
+
+
+namespace CallCenter.Utility
+{
+    public class SqlChecker
+    { //当前请求对象
+        private HttpRequest request;
+        //当前响应对象
+        private HttpResponse response;
+        //安全Url,当出现Sql注入时,将导向到的安全页面,如果没赋值,则停留在当前页面
+        private string safeUrl = String.Empty;
+
+        //Sql注入时,可能出现的sql关键字,可根据自己的实际情况进行初始化,每个关键字由'|'分隔开来
+        //private const string StrKeyWord = @"select|insert|delete|from|count(|drop table|update|truncate|asc(|mid(|char(|xp_cmdshell|exec master|netlocalgroup administrators|:|net user|""|or|and";
+        private const string StrKeyWord = @"select|insert|delete|from|drop table|update|truncate|exec master|netlocalgroup administrators|net user|or|and|waitfor delay|waitfor|delay";
+        //Sql注入时,可能出现的特殊符号,,可根据自己的实际情况进行初始化,每个符号由'|'分隔开来
+        //  private const string StrRegex = @"@|*";
+        //private const string StrRegex = @"=|!|'";
+        public SqlChecker()
+        {
+            //
+            // TODO: 在此处添加构造函数逻辑
+            //
+        }
+        /// <summary>
+        /// 由此构造函数创建的对象,在验证Sql注入之后将停留在原来页面上
+        /// </summary>
+        /// <param name="_request">当前请求的 Request 对象</param>
+        /// <param name="_response">当前请求的 Response 对象</param>
+        public SqlChecker(HttpRequest _request, HttpResponse _response)
+        {
+            this.request = _request;
+            this.response = _response;
+        }
+        /// <summary>
+        /// 由此构造函数创建的对象,在验证Sql注入之后将请求将导向由 _safeUrl 指定的安全url页面上
+        /// </summary>
+        /// <param name="_request">当前请求的 Request 对象</param>
+        /// <param name="_response">当前请求的 Response 对象</param>
+        /// <param name="_safeUrl">验证Sql注入之后将导向的安全 url</param>
+        public SqlChecker(HttpRequest _request, HttpResponse _response, string _safeUrl)
+        {
+            this.request = _request;
+            this.response = _response;
+            this.safeUrl = _safeUrl;
+        }
+        /// <summary>
+        /// 只读属性 SQL关键字
+        /// </summary>
+        public string KeyWord
+        {
+            get
+            {
+                return StrKeyWord;
+            }
+        }
+        ///// <summary>
+        ///// 只读属性过滤特殊字符
+        ///// </summary>
+        //public string RegexString
+        //{
+        //    get
+        //    {
+        //        return StrRegex;
+        //    }
+        //}
+        /// <summary>
+        /// 当出现Sql注入时需要提示的错误信息(主要是运行一些客户端的脚本)
+        /// </summary>
+        public string Msg
+        {
+            get
+            {
+                string msg = "<script type='text/javascript'> "
+                + " alert('请勿输入非法字符!'); ";
+
+                if (this.safeUrl == String.Empty)
+                    msg += " window.location.href = '" + request.RawUrl + "'";
+                else
+                    msg += " window.location.href = '" + safeUrl + "'";
+
+                msg += "</script>";
+                return msg;
+            }
+        }
+        /// <summary>
+        /// 检查URL参数中是否带有SQL注入的可能关键字。
+        /// </summary>
+        /// <returns>存在SQL注入关键字时返回 true，否则返回 false</returns>
+        public bool CheckRequestQuery()
+        {
+            bool result = false;
+            if (request.QueryString.Count != 0)
+            {
+                //若URL中参数存在，则逐个检验参数。
+                foreach (string queryName in this.request.QueryString)
+                {
+                    //过虑一些特殊的请求状态值,主要是一些有关页面视图状态的参数
+                    if (queryName == "__VIEWSTATE" || queryName == "__EVENTVALIDATION")
+                        continue;
+                    //开始检查请求参数值是否合法
+                    if (CheckKeyWord(request.QueryString[queryName]))
+                    {
+                        //只要存在一个可能出现Sql注入的参数,则直接退出
+                        result = true;
+                        break;
+                    }
+                }
+            }
+            return result;
+        }
+        /// <summary>
+        /// 检查提交表单中是否存在SQL注入的可能关键字
+        /// </summary>
+        /// <returns>存在SQL注入关键字时返回 true，否则返回 false</returns>
+        public bool CheckRequestForm()
+        {
+            bool result = false;
+            if (request.Form.Count > 0)
+            {
+                //若获取提交的表单项个数不为0,则逐个比较参数
+                foreach (string queryName in this.request.Form)
+                {
+                    //过虑一些特殊的请求状态值,主要是一些有关页面视图状态的参数
+                    if (queryName == "__VIEWSTATE" || queryName == "__EVENTVALIDATION")
+                        continue;
+                    //开始检查提交的表单参数值是否合法
+                    if (CheckKeyWord(request.Form[queryName]))
+                    {
+                        //只要存在一个可能出现Sql注入的参数,则直接退出
+                        result = true;
+                        break;
+                    }
+                }
+            }
+            return result;
+        }
+        /// <summary>
+        /// 检查_sword是否包涵SQL关键字
+        /// </summary>
+        /// <param name="_sWord">需要检查的字符串</param>
+        /// <returns>存在SQL注入关键字时返回 true，否则返回 false</returns>
+        public bool CheckKeyWord(string _sWord)
+        {
+            bool result = false;
+            //模式1 : 对应Sql注入的可能关键字
+            string[] patten1 = StrKeyWord.Split('|');
+            //模式2 : 对应Sql注入的可能特殊符号
+            // string[] patten2 = StrRegex.Split('|');
+            //开始检查 模式1:Sql注入的可能关键字 的注入情况
+            foreach (string sqlKey in patten1)
+            {
+                if (_sWord.IndexOf(" " + sqlKey) >= 0 || _sWord.IndexOf(sqlKey + " ") >= 0)
+                {
+                    //只要存在一个可能出现Sql注入的参数,则直接退出
+                    result = true;
+                    break;
+                }
+            }
+            //开始检查 模式1:Sql注入的可能特殊符号 的注入情况
+            //foreach (string sqlKey in patten2)
+            //{
+            //    if (_sWord.IndexOf(sqlKey) >= 0)
+            //    {
+            //        //只要存在一个可能出现Sql注入的参数,则直接退出
+            //        result = true;
+            //        break;
+            //    }
+            //}
+            return result;
+        }
+        /// <summary>
+        /// 执行Sql注入验证
+        /// </summary>
+        public void Check()
+        {
+            if (CheckRequestQuery() || CheckRequestForm())
+            {
+                response.Write(Msg);
+                response.End();
+            }
+        }
+
+    }
+}