Ejemplo n.º 1
0
        private void Login()
        {
            string UID       = g_Context.Request["user_id"];
            string PWD       = g_Context.Request["password"];
            string PWD_MD5   = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(PWD, "MD5");
            User   user      = WebUserBase.GetUser(UID);
            bool   isSuccess = false;

            if (user.PWD == PWD_MD5)
            {
                isSuccess = true;
            }
            if (isSuccess)
            {
                //记录Session
                g_Context.Session["LoginStatus"] = UID;
                SendError sendError = new SendError("200", "登陆成功", "user_id");
                Send(sendError);
            }
            else
            {
                SendError sendError = new SendError("100", "登陆失败,账号密码有误,请重试!", "user_id");
                Send(sendError);
            }
        }
Ejemplo n.º 2
0
        private void CODE_OPERTAE()
        {
            string       EntityName = g_Context.Request["EntityName"];
            string       FormData   = g_Context.Request["data"];
            JObject      tokens     = JObject.Parse(FormData);
            IARES_ENTITY a          = AresEntityFactory.MakeAresEntity(EntityName, tokens);
            string       CODE       = tokens["CODE"].ToString();
            string       sql        = "";

            if (CODE == "")
            {
                CODE           = Snowflake.Instance().GetId().ToString();
                tokens["CODE"] = CODE;
                sql            = GetCodeInsertSql(EntityName, tokens);
            }
            else
            {
                sql = GetCodeUpdateSql(EntityName, tokens);
            }
            try
            {
                DbHelperSQL.ExecuteSql(sql);
                SendError sendError = new SendError("200", "数据操作成功", "auth_code");
                Send(sendError);
                return;
            }
            catch (Exception e)
            {
                SendError sendError = new SendError("100", e.ToString(), "auth_code");
                Send(sendError);
                return;
            }
        }
Ejemplo n.º 3
0
        private void GetUserInfo()
        {
            User u = WebUserBase.GetUser(SessionUID);

            if (u.ID == null)
            {
                SendError sendError = new SendError("100", "不存在小伙伴信息", "user_id");
                Send(sendError);
            }
            else
            {
                SendError sendError = new SendError("201", JsonConvert.SerializeObject(u), "user_id");
                Send(sendError);
            }
        }
Ejemplo n.º 4
0
        private void CODE_LIST()
        {
            string TableName = g_Context.Request["EntityName"];
            string searchVal = g_Context.Request["searchVal"];
            string sql       = "select * from VIEW_" + TableName;

            if (!string.IsNullOrWhiteSpace(searchVal))
            {
                sql += string.Format(" where ENG_NAME like '%" + searchVal + "%'");
            }
            DataTable dt = DbHelperSQL.QueryTable(sql);

            SendError sendError = new SendError("201", JsonConvert.SerializeObject(dt), "user_id");

            Send(sendError);
        }
Ejemplo n.º 5
0
        private void CODE_DELETE()
        {
            string    CODE      = g_Context.Request["CODE"];
            string    TableNAME = g_Context.Request["EntityName"];
            Hashtable hs        = new Hashtable();

            hs.Add("delete from " + TableNAME + " where CODE=@CODE", new SqlParameter[] {
                new SqlParameter("@CODE", CODE)
            });
            try
            {
                DbHelperSQL.ExecuteSqlTran(hs);
                SendError sendError = new SendError("200", "删除成功", "auth_code");
                Send(sendError);
                return;
            }
            catch (Exception e)
            {
                SendError sendError = new SendError("100", e.ToString(), "auth_code");
                Send(sendError);
                return;
            }
        }
Ejemplo n.º 6
0
        private void ChangePassword()
        {
            string password = g_Context.Request["password"];

            password = System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(password, "MD5");

            string sql = string.Format("update ARES_USER set PWD='{0}' where UID='{1}'", password, SessionUID);

            try
            {
                int r = DbHelperSQL.ExecuteSql(sql);

                SendError sendError = new SendError("200", (r > 0 ? "密码修改成功" : "密码修改失败"), "auth_code");
                Send(sendError);
                return;
            }
            catch (Exception e)
            {
                SendError sendError = new SendError("100", e.ToString(), "auth_code");
                Send(sendError);
                return;
            }
        }
Ejemplo n.º 7
0
        private void Register()
        {
            string UID  = g_Context.Request["user_id"];
            string NAME = g_Context.Request["user_name"];

            if (string.IsNullOrEmpty(NAME))
            {
                NAME = UID;
            }
            string PWD       = g_Context.Request["password"];
            string PWD_CK    = g_Context.Request["password_ck"];
            string AUTH_CODE = g_Context.Request["auth_code"];

            if (UID == "")
            {
                SendError sendError = new SendError("100", "登陆名不能为空", "user_id");
                Send(sendError);
                return;
            }
            System.Text.RegularExpressions.Regex reg1 = new System.Text.RegularExpressions.Regex(@"^[A-Za-z0-9]+$");
            if (!reg1.IsMatch(UID))
            {
                SendError sendError = new SendError("100", "登陆名只能是英文字母或者数字", "user_id");
                Send(sendError);
                return;
            }
            if (PWD == "")
            {
                SendError sendError = new SendError("100", "密码不能为空", "password");
                Send(sendError);
                return;
            }
            if (PWD_CK == "")
            {
                SendError sendError = new SendError("100", "密码确认不能为空", "password_ck");
                Send(sendError);
                return;
            }
            if (PWD != PWD_CK)
            {
                SendError sendError = new SendError("100", "两次输入密码不一致", "password");
                Send(sendError);
                return;
            }
            if (AUTH_CODE == "")
            {
                SendError sendError = new SendError("100", "注册邀请码不能为空", "auth_code");
                Send(sendError);
                return;
            }
            //验证账户登录名的有效性
            string sql = string.Format(@"SELECT COUNT(1) AS T,'A' AS F FROM ARES_USER WHERE UID=@UID
            UNION ALL 
            SELECT COUNT(1),'B' FROM ARES_AUTHCODE WHERE AUTH_CODE=@AUTH_CODE AND STATUS=0");

            DataTable dt = DbHelperSQL.QueryTable(sql, new SqlParameter[] {
                new SqlParameter("@UID", UID),
                new SqlParameter("@AUTH_CODE", AUTH_CODE)
            });

            if (dt != null && dt.Rows.Count > 0)
            {
                bool CanReg = false;
                foreach (DataRow row in dt.Rows)
                {
                    if (row["F"].ToString() == "A")
                    {
                        if (Convert.ToInt32(row["T"]) > 0)
                        {
                            SendError sendError = new SendError("100", "用户名已存在,请更换后重试", "user_id");
                            Send(sendError);
                            return;
                        }
                        else
                        {
                            CanReg = true;
                        }
                    }
                    else
                    {
                        if (Convert.ToInt32(row["T"]) == 0)
                        {
                            SendError sendError = new SendError("100", "注册邀请码已经失效,请更换后重试", "auth_code");
                            Send(sendError);
                            return;
                        }
                    }
                }
                if (CanReg)
                {
                    //注册信息
                    Hashtable hs = new Hashtable();
                    hs.Add("insert into ARES_USER (UID,NAME,PWD,RegistDate,AdminLv) values(@UID,@NAME,@PWD,GETDATE(),@AdminLv)", new SqlParameter[] {
                        new SqlParameter("@UID", UID),
                        new SqlParameter("@NAME", NAME),
                        new SqlParameter("@PWD", System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(PWD, "MD5")),
                        new SqlParameter("@AdminLv", "1")
                    });
                    //更新邀请码状态
                    hs.Add("update ARES_AUTHCODE set STATUS=1,UID=@UID where AUTH_CODE=@AUTH_CODE", new SqlParameter[] {
                        new SqlParameter("@UID", UID),
                        new SqlParameter("@AUTH_CODE", AUTH_CODE)
                    });
                    //分配菜单 (上线前请注释)
                    hs.Add("insert into  ARES_USER_ROLE_LINK (USER_ID,ROLE_ID) values(@UID,1)", new SqlParameter[] {
                        new SqlParameter("@UID", UID)
                    });
                    try
                    {
                        DbHelperSQL.ExecuteSqlTran(hs);
                        SendError sendError = new SendError("200", "注册成功,请返回登陆!", "auth_code");
                        Send(sendError);
                        return;
                    }
                    catch (Exception e)
                    {
                        SendError sendError = new SendError("100", e.ToString(), "auth_code");
                        Send(sendError);
                        return;
                    }
                }
            }
        }