public override void Submit_OnClick(object sender, EventArgs e)
{
var account = TbAccount.Text;
var password = TbPassword.Text;
if (!_vcManager.IsCodeValid(TbValidateCode.Text)) // 检测验证码是否正确
{
LtlMessage.Text = GetMessageHtml("验证码不正确,请重新输入!");
return;
}
string userName;
string errorMessage;
if (!DataProvider.AdministratorDao.ValidateAccount(account, password, out userName, out errorMessage)) // 检测密码是否正确
{
LogUtils.AddAdminLog(userName, "后台管理员登录失败");
DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfFailedLogin(userName); // 记录最后登录时间、失败次数+1
LtlMessage.Text = GetMessageHtml(errorMessage); // 把错误信息显示在页面上
return;
}
DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfLogin(userName); // 记录最后登录时间、失败次数清零
AuthRequest.AdminLogin(userName); // 写Cookie并记录管理员操作日志
PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty)); // 跳转到登录成功的后台页
}
public void Page_Load(object sender, EventArgs e)
{
if (IsPostBack)
{
return;
}
if (!SystemManager.IsNeedInstall())
{
Page.Response.Write("系统已安装成功,向导被禁用");
Page.Response.End();
return;
}
LtlVersionInfo.Text = SystemManager.Version;
SetSetp(1);
DatabaseTypeUtils.AddListItems(DdlSqlDatabaseType);
EBooleanUtils.AddListItems(DdlIsDefaultPort, "默认数据库端口", "自定义数据库端口");
ControlUtils.SelectSingleItemIgnoreCase(DdlIsDefaultPort, true.ToString());
PhSqlPort.Visible = false;
EBooleanUtils.AddListItems(DdlIsProtectData, "加密", "不加密");
ControlUtils.SelectSingleItemIgnoreCase(DdlIsProtectData, false.ToString());
LtlGo.Text = $@"<a class=""btn btn-success m-l-5"" href=""{PageUtils.GetAdminDirectoryUrl(string.Empty)}"">进入后台</a>";
}
public override void Submit_OnClick(object sender, EventArgs e)
{
var account = TbAccount.Text;
var password = TbPassword.Text;
if (FileConfigManager.Instance.IsValidateCode)
{
if (!_vcManager.IsCodeValid(TbValidateCode.Text))
{
LtlMessage.Text = GetMessageHtml("验证码不正确,请重新输入!");
return;
}
}
string userName;
string errorMessage;
if (!BaiRongDataProvider.AdministratorDao.ValidateAccount(account, password, out userName, out errorMessage))
{
LogUtils.AddAdminLog(userName, "后台管理员登录失败");
BaiRongDataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfFailedLogin(userName);
LtlMessage.Text = GetMessageHtml(errorMessage);
return;
}
BaiRongDataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfLogin(userName);
Body.AdministratorLogin(userName);
string url = PageUtils.GetAdminDirectoryUrl(string.Empty);
PageUtils.Redirect(url);
}
public static void VerifyAdministratorPermissions(string administratorName, params string[] permissionArray)
{
if (HasAdministratorPermissions(administratorName, permissionArray))
{
return;
}
PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty));
}
public void VerifyChannelPermissions(int channelId, params string[] channelPermissions)
{
if (HasChannelPermissions(channelId, channelPermissions))
{
return;
}
AuthRequest.AdminLogout();
PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty));
}
public void VerifySitePermissions(params string[] sitePermissions)
{
if (AuthRequest.AdminPermissions.HasSitePermissions(SiteId, sitePermissions))
{
return;
}
AuthRequest.AdminLogout();
PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty));
}
public void VerifyAdministratorPermissions(params string[] permissionArray)
{
if (AuthRequest.AdminPermissions.HasAdministratorPermissions(permissionArray))
{
return;
}
AuthRequest.AdminLogout();
PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty));
}
public static bool DetermineRedirectToInstaller()
{
if (!IsNeedInstall())
{
return(false);
}
PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl("Installer"));
return(true);
}
public static void VerifyChannelPermissions(string administratorName, int publishmentSystemId, int nodeId, params string[] channelPermissionArray)
{
if (HasChannelPermissions(administratorName, publishmentSystemId, nodeId, channelPermissionArray))
{
return;
}
RequestBody.AdministratorLogout();
PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty));
}
public static void VerifySitePermissions(string administratorName, int siteId, params string[] sitePermissions)
{
if (HasSitePermissions(administratorName, siteId, sitePermissions))
{
return;
}
var request = new Request();
request.AdminLogout();
PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty));
}
public void Page_Load(object sender, EventArgs e)
{
if (IsForbidden)
{
return;
}
var redirectUrl = PageUtils.GetAdminDirectoryUrl("login.aspx");
RequestBody.AdministratorLogout();
PageUtils.Redirect(PageUtils.ParseNavigationUrl(redirectUrl));
}
// protected void GetCmsMenu(StringBuilder builder,ECmsType type,bool isOpen )
// {
// string title = $@"
//<tr style='display:' treeItemLevel='1'>
// <td nowrap>
// <img align=""absmiddle"" style=""cursor: pointer; "" onClick=""displayChildren(this); "" isOpen=""{isOpen}"" src=""/siteserver/assets/icons/tree/{(isOpen? "minus.png":"plus.png")}""/>
// <img align=""absmiddle"" src=""/siteserver/assets/icons/menu/content.png""/>
// {ECmsTypeUtils.GetText(type)}
// </td >
//</tr > ";
// builder.Append(title);
// var _publishmentSystemInfo = PublishmentSystemManager.GetPublishmentSystemInfo(PublishmentSystemId);
// try
// {
// var nodeIdList = DataProvider.NodeDao.GetNodeIdListByLevel(1, ECmsTypeUtils.GetDBType(type));
// foreach (var nodeId in nodeIdList)
// {
// var nodeInfo = NodeManager.GetNodeInfo(1, nodeId);
// if (nodeInfo != null)
// {
// builder.Append(GetChannelHtml(nodeInfo.PublishmentSystemId, nodeInfo.NodeId, nodeInfo.NodeName,isOpen));
// }
// }
// }
// catch (Exception ex)
// {
// PageUtils.RedirectToErrorPage(ex.Message);
// }
// }
// protected string GetChannelHtml(int publishmentId,int nodeId,string menuText,bool isDisplay)
// {
// string menuTemplete = $@"
//<tr style='{(isDisplay ? "display:" : "display: none")}' treeItemLevel='2'>
// <td nowrap>
// <img align = ""absmiddle"" src = ""/siteserver/assets/icons/tree/empty.gif"" />
// <img align = ""absmiddle"" src = ""/siteserver/assets/icons/tree/empty.gif"" />
// <img align = ""absmiddle"" src = ""/siteserver/assets/icons/menu/itemContainer.png"" />
// <a href='/siteserver/cms/pagecontent.aspx?PublishmentSystemID={publishmentId}&NodeID={nodeId}' target = 'right' onclick = 'openFolderByA(this);' isTreeLink = 'true' >{menuText} </a>
// </td >
//</tr > ";
// return menuTemplete;
// }
/// <summary>
/// Creates the markup for the current TabCollection
/// </summary>
/// <returns></returns>
protected void BuildNavigationTree(StringBuilder builder, TabCollection tc, int parentsCount, bool isDisplay)
{
if (tc?.Tabs == null)
{
return;
}
foreach (var parent in tc.Tabs)
{
// var nodeInfo = NodeManager.GetNodeInfo(1,nodeId);//子站继承主站栏目
// var enabled = AdminUtility.IsOwningNodeIdAll(body.AdministratorName, nodeInfo.NodeId);//管理员拥有权限的栏目
//}
//
//if (!TabManager.IsValid(parent, PermissionList)) continue;
if (parent.MenuType != null && parent.MenuType.Equals("cmsItem", StringComparison.OrdinalIgnoreCase))
{
if (!AdminUtility.IsOwningNodeIdByPublishmentSystem(UserName, parent.NodeId))
{
continue;
}
}
//if ((parent.MenuType != null && parent.MenuType.Equals("cms", StringComparison.OrdinalIgnoreCase) && !CmsHasChildrenPerminssion(parent))) continue;
if (!HasFirstRootMenu(parent))
{
continue;
}
var linkUrl = FormatLink(parent);
if (!string.IsNullOrEmpty(linkUrl) && !StringUtils.EqualsIgnoreCase(linkUrl, PageUtils.UnclickedUrl))
{
linkUrl = PageUtils.GetLoadingUrl(linkUrl);
}
if (parent.MenuType != null && parent.MenuType.Equals("cmsItem", StringComparison.OrdinalIgnoreCase))
{
linkUrl = PageUtils.GetAdminDirectoryUrl(parent.Href);
}
var hasChildren = parent.Children != null && parent.Children.Length > 0;
var openWindow = !hasChildren && StringUtils.EndsWithIgnoreCase(parent.Href, "main.aspx");
var item = NavigationTreeItem.CreateNavigationBarItem(isDisplay, parent.Selected, parentsCount, hasChildren, openWindow, parent.Text, linkUrl, parent.Target, parent.Enabled, parent.IconUrl);
builder.Append(item.GetTrHtml());
if (parent.Children != null && parent.Children.Length > 0)
{
var tc2 = NodeNaviTabManager.GetTabCollection(parent, PublishmentSystemId);
BuildNavigationTree(builder, tc2, parentsCount + 1, parent.Selected);
}
}
}
void dgContents_ItemDataBound(object sender, DataGridItemEventArgs e)
{
if (e.Item.ItemType == ListItemType.Item || e.Item.ItemType == ListItemType.AlternatingItem)
{
var publishmentSystemID = (int)e.Item.DataItem;
var publishmentSystemInfo = PublishmentSystemManager.GetPublishmentSystemInfo(publishmentSystemID);
if (publishmentSystemInfo != null)
{
var ltlPublishmentSystemName = e.Item.FindControl("ltlPublishmentSystemName") as Literal;
var ltlPublishmentSystemType = e.Item.FindControl("ltlPublishmentSystemType") as Literal;
var ltlPublishmentSystemDir = e.Item.FindControl("ltlPublishmentSystemDir") as Literal;
var ltlAddDate = e.Item.FindControl("ltlAddDate") as Literal;
var ltlManage = e.Item.FindControl("ltlManage") as Literal;
var ltlBinding = e.Item.FindControl("ltlBinding") as Literal;
var ltlDelete = e.Item.FindControl("ltlDelete") as Literal;
ltlPublishmentSystemName.Text = publishmentSystemInfo.PublishmentSystemName;
ltlPublishmentSystemType.Text = EPublishmentSystemTypeUtils.GetHtml(publishmentSystemInfo.PublishmentSystemType);
ltlPublishmentSystemDir.Text = publishmentSystemInfo.PublishmentSystemDir;
ltlAddDate.Text = DateUtils.GetDateString(NodeManager.GetAddDate(publishmentSystemID, publishmentSystemID));
var manageUrl = PageUtils.GetLoadingUrl(PageUtils.GetAdminDirectoryUrl(
$"main.aspx?publishmentSystemID={publishmentSystemID}"));
ltlManage.Text = $@"<a href=""{manageUrl}"" target=""top"">管理</a>";
var bindingUrl = ConsoleAccountBinding.GetRedirectUrl(publishmentSystemID, PageUtils.GetWXUrl("console_account.aspx"));
var accountInfo = WeiXinManager.GetAccountInfo(publishmentSystemID);
var isBinding = WeiXinManager.IsBinding(accountInfo);
if (isBinding)
{
ltlBinding.Text = $@"<a href=""{bindingUrl}"" class=""btn btn-success"">已绑定微信</a>";
}
else
{
ltlBinding.Text = $@"<a href=""{bindingUrl}"" class=""btn btn-danger"">未绑定微信</a>";
}
var urlDelete = PageUtils.GetSTLUrl(
$"console_publishmentSystemDelete.aspx?NodeID={publishmentSystemID}");
ltlDelete.Text = $@"<a href=""{urlDelete}"">删除</a>";
}
}
}
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
AuthRequest = new AuthRequest(Request);
if (!IsInstallerPage)
{
if (string.IsNullOrEmpty(WebConfigUtils.ConnectionString))
{
PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl("Installer"));
return;
}
if (ConfigManager.Instance.IsInitialized && ConfigManager.Instance.DatabaseVersion != SystemManager.Version)
{
PageUtils.Redirect(PageSyncDatabase.GetRedirectUrl());
return;
}
}
if (!IsAccessable) // 如果页面不能直接访问且又没有登录则直接跳登录页
{
if (!AuthRequest.IsAdminLoggin || AuthRequest.AdminInfo == null) // 检测管理员是否登录
{
IsForbidden = true;
PageUtils.RedirectToLoginPage();
return;
}
if (AuthRequest.AdminInfo.IsLockedOut) // 检测管理员帐号是否被锁定
{
IsForbidden = true;
PageUtils.RedirectToLoginPage("对不起,您的账号已被锁定,无法进入系统!");
return;
}
}
//防止csrf攻击
Response.AddHeader("X-Frame-Options", "SAMEORIGIN");
//tell Chrome to disable its XSS protection
Response.AddHeader("X-XSS-Protection", "0");
}
public string GetRedirectUrl()
{
var redirectUrl = PageUtils.FilterXss(StringUtils.ValueToUrl(Body.GetQueryString("RedirectUrl"), true));
if (!string.IsNullOrEmpty(redirectUrl))
{
var queryStringOriginal = new NameValueCollection(Request.QueryString);
queryStringOriginal.Remove("RedirectType");
queryStringOriginal.Remove("RedirectUrl");
queryStringOriginal.Add(PageUtils.GetQueryString(redirectUrl));
var queryString = new NameValueCollection();
foreach (string name in queryStringOriginal.Keys)
{
//filter xss for load page, update by sessionliang 20160112
queryString[name] = PageUtils.FilterXss(queryStringOriginal[name]);
}
redirectUrl = PageUtils.GetUrlWithoutQueryString(redirectUrl);
if (!PageUtils.IsProtocolUrl(redirectUrl) && !redirectUrl.StartsWith("/"))
{
redirectUrl = PageUtils.GetAdminDirectoryUrl(redirectUrl);
}
redirectUrl = StringUtils.ValueFromUrl(redirectUrl, true);
//filter xss for preload page, update by sessionliang 20160112
//1. get query string with filter xss
var fxQueryString = PageUtils.GetQueryStringFilterXss(redirectUrl);
//2. get url without query string
redirectUrl = PageUtils.GetUrlWithoutQueryString(redirectUrl);
//3. combin
redirectUrl = PageUtils.AddQueryString(redirectUrl, fxQueryString);
return(PageUtils.AddQueryString(redirectUrl, queryString).Replace('"', ' ').Replace('\n', ' '));
}
return(string.Empty);
}
public string GetPluginUrl(string relatedUrl = "")
{
if (string.IsNullOrEmpty(relatedUrl))
{
return(string.Empty);
}
if (PageUtils.IsProtocolUrl(relatedUrl))
{
return(relatedUrl);
}
if (StringUtils.StartsWith(relatedUrl, "~/"))
{
return(PageUtils.GetRootUrl(relatedUrl.Substring(1)));
}
if (StringUtils.StartsWith(relatedUrl, "@/"))
{
return(PageUtils.GetAdminDirectoryUrl(relatedUrl.Substring(1)));
}
return(PageUtility.GetSiteFilesUrl(ApiManager.ApiUrl, PageUtils.Combine(DirectoryUtils.SiteFiles.Plugins, _metadata.Id, relatedUrl)));
}
public string GetAdminDirectoryUrl(string relatedUrl)
{
return(PageUtils.GetAdminDirectoryUrl(relatedUrl));
}
protected override void Render(HtmlTextWriter writer)
{
if (!string.IsNullOrEmpty(Src))
{
writer.Write($@"<script src=""{(Src.StartsWith("~") ? PageUtils.ParseNavigationUrl(Src) : PageUtils.GetAdminDirectoryUrl(Src))}"" type=""text/javascript""></script>");
}
}
public static string GetUrl(string relatedUrl)
{
return(PageUtils.Combine(PageUtils.GetAdminDirectoryUrl(DirectoryName), relatedUrl));
}
protected override void Render(HtmlTextWriter writer)
{
if (!string.IsNullOrEmpty(Href))
{
writer.Write($@"<link rel=""stylesheet"" href=""{(Href.StartsWith("~") ? PageUtils.ParseNavigationUrl(Href) : PageUtils.GetAdminDirectoryUrl(Href))}"" type=""text/css"" />");
}
}
public string GetSiteServerUrl()
{
return(PageUtils.GetAdminDirectoryUrl(string.Empty));
}