防登陆暴力破解

bdc44684 · WeiCong · 88d37b6a · bdc44684
Commit bdc44684 authored Sep 26, 2020 by WeiCong
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 5 deletions

DatabaseLoginContextForELCS.java ...com/brilliance/eibs/auth/DatabaseLoginContextForELCS.java +5 -5

No files found.
--- a/src/main/java/cn/com/brilliance/eibs/auth/DatabaseLoginContextForELCS.java
+++ b/src/main/java/cn/com/brilliance/eibs/auth/DatabaseLoginContextForELCS.java
@@ -251,6 +251,11 @@ public class DatabaseLoginContextForELCS extends AbstractLoginContext {
        ResultSet rs = null;
        PreparedStatement stmt = null;
        try {
+            if (sendcode == null || verifycode == null || !sendcode.equalsIgnoreCase(verifycode)) {
+                log.info("验证码验证失败,待校验:" + sendcode + ",原始:" + verifycode);
+                parameterMap.put(ERROR, ErrorCode.LOGIN_VERIFYCODE_ERROR);
+                return setLogon(false, userName, ErrorCode.LOGIN_VERIFYCODE_ERROR.getCode(), ErrorCode.LOGIN_VERIFYCODE_ERROR.getMessage(), stmt, rs);
+            }
            String sql = "SELECT inr,pwd,fltcnt,sta,etyextkey,usg,pwdamedat,ukey FROM usr WHERE nam=?";
            stmt = conn.prepareStatement(sql);
            stmt.setString(1, userName);
@@ -266,11 +271,6 @@ public class DatabaseLoginContextForELCS extends AbstractLoginContext {
                sessionTimeout = -1;
                return setLogon(true, userName, null, "游客成功登录.", stmt, rs);
            }
-            if (sendcode == null || verifycode == null || !sendcode.equalsIgnoreCase(verifycode)) {
-                log.info("验证码验证失败,待校验:" + sendcode + ",原始:" + verifycode);
-                parameterMap.put(ERROR, ErrorCode.LOGIN_VERIFYCODE_ERROR);
-                return setLogon(false, userName, ErrorCode.LOGIN_VERIFYCODE_ERROR.getCode(), ErrorCode.LOGIN_VERIFYCODE_ERROR.getMessage(), stmt, rs);
-            }
            userId = rs.getString(1);
            log.debug("userId=" + userId);
            String dbPassword = rs.getString(2);