Ejemplo n.º 1
0
    public void OnActionExecuting(ActionExecutingContext filterContext)
    {
        var actionParameters = filterContext.ActionDescriptor.GetParameters();

        foreach (var p in actionParameters)
        {
            if (p.ParameterType == typeof(string))
            {
                if (filterContext.ActionParameters[p.ParameterName] != null)
                {
                    filterContext.ActionParameters[p.ParameterName] = HelperForHtml.FilterSql(filterContext.ActionParameters[p.ParameterName].ToString());
                }
            }
        }
    }
Ejemplo n.º 2
0
    protected override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        PersistenceStore.Current.PersistenceCode = System.Web.HttpContext.Current.Session.SessionID;
        BasicProperty.ClientInfo = new ClientInformation()
        {
            CurrentSysUser = Environment.UserName,
            System         = Request.UserAgent,
            Machine        = Request.UserHostName,
            IP             = Request.UserHostAddress,
            LogID          = System.Web.HttpContext.Current.Session.SessionID,
            TransferMethod = TransferType.Json
        };
        //防注入
        var actionParameters = filterContext.ActionDescriptor.GetParameters();

        foreach (var p in actionParameters)
        {
            if (p.ParameterType == typeof(string))
            {
                if (filterContext.ActionParameters[p.ParameterName] != null)
                {
                    filterContext.ActionParameters[p.ParameterName] = HelperForHtml.FilterSql(filterContext.ActionParameters[p.ParameterName].ToString());
                }
            }
        }

        if (Request.HttpMethod.ToUpper() == "POST")
        {
            string token = Request["__RequestVerificationToken"];
            object saved = Session["RequestVerificationToken"];

            if (saved == null || saved.ToString() != token)
            {
                Session["RequestVerificationToken"] = token;
            }
            else
            {
                this.IsRepeat = true;
            }
        }

        this.PageNumber = string.IsNullOrEmpty(Request["__PageNumber"]) ? 1 : int.Parse(Request["__PageNumber"]);
        //获取User信息
        string userID = Session["UserID"] as string;

        if (string.IsNullOrEmpty(userID))
        {
            if (filterContext.HttpContext.Request.IsAjaxRequest())
            {
                filterContext.Result = new JsonResult
                {
                    Data = new I.Report.Config.ReturnResult()
                    {
                        Result  = -1,
                        Message = "登陆超时",
                        Data    = ""
                    }
                };
            }
            else
            {
                FormsAuthentication.RedirectToLoginPage();
            }

            return;
        }

        //初始化公司信息
        HttpCookie cookieCompany = Request.Cookies["CompanyCode"];

        if (!string.IsNullOrEmpty(Session["CompanyCode"] as string))
        {
            this.CompanyCode = Session["CompanyCode"] as string;
        }
        else if (cookieCompany != null)
        {
            this.CompanyCode = cookieCompany.Value;
        }
        else
        {
            FormsAuthentication.RedirectToLoginPage();
            return;
        }
        //初始化工厂
        if (!string.IsNullOrEmpty(Session["FactoryCode"] as string))
        {
            this.FactoryCode = Session["FactoryCode"] as string;
        }
        else
        {
            FormsAuthentication.RedirectToLoginPage();
            return;
        }

        this.UserID = userID;

        this.UserName = Session["UserName"] as string;
        //int sessionTimeout = Session.Timeout;
        //UserID = "EmsEngLead01"; //EmsDBZZ01 EmsMaintain01 EmsEngineer01

        string page = filterContext.RouteData.Values["Controller"] + "." + filterContext.RouteData.Values["Action"];

        //初始化Log
        Log = Logger.CurrentLog;
        string controllerName = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
        string actionName     = filterContext.ActionDescriptor.ActionName;
        string param          = "";

        foreach (var p in filterContext.ActionParameters)
        {
            param += "," + p.Key + "=" + p.Value.ToString2();
        }
        if (param != "")
        {
            param = param.Substring(1);
        }

        //获取机器名
        //this.MachineName = Request.ServerVariables["REMOTE_HOST"];
        this.MachineName = BasicProperty.ClientInfo.Machine;

        Log.Info("开始执行 Controller:" + controllerName + " Action:" + actionName + " (" + param + ")");
        base.OnActionExecuting(filterContext);
    }