public Stream DS_I_USER(Stream requestStream)
{
if (!AMSCSRFCore.IsRequestComeFromProxy(HttpContext.Current.Request))
{
return(GenerateErrorResponse(null, "Requester IP is not authorized", System.Net.HttpStatusCode.Forbidden));
}
QueryParameter queryParam = null;
QueryResult queryResult = null;
try
{
queryParam = new QueryParameter(requestStream);
var SavePath = AMSCore.WebConfigReadKey("PATH_UPLOAD_UM");
if (queryParam.Files != null && queryParam.Files.Count > 0)
{
if (NetworkConnector.Access(SavePath))
{
if (!string.IsNullOrEmpty(queryParam.Parameter["IMG"].ToString()))
{
string path = Path.Combine(AMSCore.WebConfigReadKey("PATH_UPLOAD_UM"), queryParam.Parameter["IMG"].ToString());
if (File.Exists(path))
{
System.IO.File.Delete(path);
}
}
var FileName = DateTime.Now.Ticks.ToString() + Path.GetFileName(queryParam.Files[0].Name);
queryParam.Files[0].Save(SavePath, FileName);
queryParam.Parameter["IMG"] = FileName;
}
}
else
{
// queryParam.Parameter["IMG" FileName);
}
queryResult = new QueryResult();
queryResult.AddOutputParam("success", true);
queryResult.AddOutputParam("params", queryParam.Parameter);
}
catch (Exception ex)
{
queryResult = new QueryResult(ex);
}
return(queryResult.ToStream(true));
}
public void ProcessRequest(HttpContext context)
{
try
{
QueryParameter queryParameter = new QueryParameter(context);
QueryResult queryResult = new QueryResult();
AppHttpHandler.ProcessRequest(context, queryParameter, AuthenUtil.AuthenMode.BYPASS);
if (context.Session != null)
{
if (AppSession.GetSession("USER_ID", context.Session) != null)
{
IDatabaseConnector dbConnector = new DatabaseConnectorClass();
string userID = AppSession.GetSession("USER_ID", context.Session).ToString();
string sqlStmt = "SELECT PASSWORD FROM UM_USER WHERE USER_ID=?";
queryParameter = new QueryParameter();
queryParameter.Add("USER_ID", userID);
QueryResult queryUser = dbConnector.ExecuteStatement(sqlStmt, queryParameter);
if (queryUser.DataTable != null && queryUser.DataTable.Rows.Count > 0)
{
queryParameter = new QueryParameter();
queryParameter.Add("USERNAME", userID);
queryParameter.Add("PASSWORD", queryUser.DataTable.Rows[0][0].ToString());
queryUser = dbConnector.ExecuteStoredProcedure("APP_LOGIN_Q", queryParameter);
queryParameter = new QueryParameter();
queryParameter.Add("APP_SESSION_USER_ID", userID);
queryResult = dbConnector.ExecuteStoredProcedure("APP_CONFIG_Q", queryParameter);
queryResult.AddOutputParam("userInfo", ConnectorUtil.DataTableToDictionary(queryUser.DataTable, dbConnector.DateTimeFormat, dbConnector.CultureInfo));
}
}
if (AppSession.GetSession("REQUEST_DATA", context.Session) != null)
{
queryResult.AddOutputParam("requestData", AppSession.GetSession("REQUEST_DATA", context.Session));
}
}
else
{
throw new Exception("EMPTY_SESSION");
}
context.Response.ContentType = "application/json";
context.Response.Write(queryResult.ToJson());
context.Response.StatusCode = (int)System.Net.HttpStatusCode.OK;
AppHttpHandler.ProcessResponse(context);
}
catch (Exception exception)
{
AppHttpHandler.ProcessException(exception, context);
}
finally
{
context.Response.Flush();
context.Response.End();
}
}