/// <summary> /// 将登录信息保存到XML文件中。 /// 若不保存用户名密码,那就应该删除掉。 /// </summary> /// <param name="userInfo">登录用户</param> private void SaveLogOnInfo(BaseUserInfo userInfo) { BaseSystemInfo.RememberPassword = this.chkRememberPassword.Checked; if (this.chkRememberPassword.Checked) { BaseSystemInfo.CurrentUserName = userInfo.UserName; // BaseSystemInfo.CurrentUserName = SecretUtil.Encrypt(userInfo.UserName); BaseSystemInfo.CurrentPassword = SecretUtil.Encrypt(this.txtPassword.Text); } else { BaseSystemInfo.CurrentUserName = string.Empty; BaseSystemInfo.CurrentPassword = string.Empty; } // 保存用户的信息 UserConfigHelper.SaveConfig(); /* * // 写入注册表,有时候会没有权限,发生异常信息等,可以考虑写入XML文件 * RegistryKey registryKey = Registry.LocalMachine.CreateSubKey(@"Software\" + BaseConfiguration.COMPANY_NAME + "\\" + BaseSystemInfo.SoftName); * if (this.chkRememberPassword.Checked) * { * // 默认的信息写入注册表,呵呵需要改进一下 * registryKey.SetValue(BaseConfiguration.CURRENT_USERNAME, SecretUtil.Encrypt(userInfo.UserName)); * registryKey.SetValue(BaseConfiguration.CURRENT_PASSWORD, SecretUtil.Encrypt(this.txtPassword.Text)); * } * else * { * registryKey.SetValue(BaseConfiguration.CURRENT_USERNAME, string.Empty); * registryKey.SetValue(BaseConfiguration.CURRENT_PASSWORD, string.Empty); * } */ }
/// <summary> /// 查询用户列表 /// </summary> /// <param name="userInfo">用户</param> /// <param name="recordCount">记录条数</param> /// <param name="pageIndex">第几页</param> /// <param name="pageSize">每页显示条数</param> /// <param name="permissionCode">操作权限</param> /// <param name="conditions">条件</param> /// <param name="sort">排序</param> /// <returns>数据表</returns> public DataTable SearchUserByPage(BaseUserInfo userInfo, out int recordCount, int pageIndex, int pageSize, string permissionCode, string conditions, string sort = null) { string departmentId = string.Empty; int myrecordCount = 0; var dt = new DataTable(BaseUserEntity.TableName); var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { if (SecretUtil.IsSqlSafe(conditions)) { var userManager = new BaseUserManager(dbHelper, userInfo); userManager.ShowUserLogOnInfo = true; dt = userManager.SearchLogByPage(out myrecordCount, pageIndex, pageSize, permissionCode, conditions, sort); dt.TableName = BaseUserEntity.TableName; } else { if (System.Web.HttpContext.Current != null) { // 记录注入日志 FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + conditions, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt"); } } }); recordCount = myrecordCount; return(dt); }
/// <summary> /// 保存商家ID实体序列化加密字符串到本地数据库 /// </summary> void AddElecCustomerInfo() { if (!string.IsNullOrEmpty(txtCustomerID.Text) && !string.IsNullOrEmpty(txtCustomerPassword.Text)) { ZtoElecUserInfoEntity elecUserInfoEntity = new ZtoElecUserInfoEntity(); elecUserInfoEntity.Kehuid = txtCustomerID.Text.Replace(" ", ""); elecUserInfoEntity.Pwd = txtCustomerPassword.Text.Replace(" ", ""); elecUserInfoEntity.Phone = string.IsNullOrEmpty(txtMobile.Text.Trim()) ? txtTelePhone.Text : txtMobile.Text; var areaArray = dgvSearchSendArea.Text.Split('-'); if (areaArray.Length > 0 && areaArray.Length == 3) { elecUserInfoEntity.Province = areaArray[0]; elecUserInfoEntity.City = areaArray[1]; elecUserInfoEntity.Area = areaArray[2]; } elecUserInfoEntity.Result = "false"; elecUserInfoEntity.InterfaceType = "0"; string encryInfo = JsonConvert.SerializeObject(elecUserInfoEntity); BillPrintHelper.SetZtoCustomerInfo(SecretUtil.Encrypt(encryInfo, BaseSystemInfo.SecurityKey)); } else { BillPrintHelper.DeleteElecUserInfoEntity(); } }
/// <summary> /// 分页查询 /// </summary> /// <param name="userInfo">用户</param> /// <param name="recordCount">记录数</param> /// <param name="pageNo">当前页</param> /// <param name="pageSize">每页显示</param> /// <param name="condition">条件</param> /// <param name="dbParameters">参数</param> /// <param name="order">排序</param> /// <returns>数据表</returns> public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, int pageNo, int pageSize, string condition, List <KeyValuePair <string, object> > dbParameters, string order = null) { var result = new DataTable(BaseUserEntity.CurrentTableName); var myRecordCount = 0; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { if (SecretUtil.IsSqlSafe(condition)) { var userManager = new BaseUserManager(dbHelper, userInfo) { ShowUserLogonInfo = false }; result = userManager.GetDataTableByPage(out myRecordCount, pageNo, pageSize, condition, dbHelper.MakeParameters(dbParameters), order); result.TableName = BaseUserEntity.CurrentTableName; } else { // 记录注入日志 LogUtil.WriteLog("userInfo:" + userInfo.Serialize() + " " + condition, "SqlSafe"); } }); recordCount = myRecordCount; return(result); }
public static BaseDepartmentEntity GetObjectByName(BaseUserInfo userInfo, string companyId, string fullName) { BaseDepartmentEntity result = null; string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/DepartmentService.ashx"; WebClient webClient = new WebClient(); NameValueCollection postValues = new NameValueCollection(); postValues.Add("system", BaseSystemInfo.SoftFullName); postValues.Add("systemCode", BaseSystemInfo.SystemCode); postValues.Add("securityKey", BaseSystemInfo.SecurityKey); postValues.Add("function", "GetObjectByName"); postValues.Add("userInfo", userInfo.Serialize()); postValues.Add("encrypted", true.ToString()); postValues.Add("companyId", SecretUtil.Encrypt(companyId)); postValues.Add("fullName", SecretUtil.Encrypt(fullName)); // 向服务器发送POST数据 byte[] responseArray = webClient.UploadValues(url, postValues); string response = Encoding.UTF8.GetString(responseArray); if (!string.IsNullOrEmpty(response)) { result = JsonConvert.DeserializeObject <BaseDepartmentEntity>(response); } return(result); }
/// <summary> /// 获取分页数据(防注入功能的) /// </summary> /// <param name="userInfo">用户信息</param> /// <param name="recordCount">记录条数</param> /// <param name="tableName">数据来源表名</param> /// <param name="selectField">选择字段</param> /// <param name="pageNo">当前页</param> /// <param name="pageSize">每页显示多少条</param> /// <param name="conditions">查询条件</param> /// <param name="dbParameters">查询参数</param> /// <param name="orderBy">排序字段</param> /// <returns>数据表</returns> public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageNo, int pageSize, string conditions, List <KeyValuePair <string, object> > dbParameters, string orderBy) { DataTable result = null; var myRecordCount = 0; var dt = new DataTable(BaseModuleEntity.CurrentTableName); var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { // 判断是否已经登录的用户? var userManager = new BaseUserManager(userInfo); // 判断是否已经登录的用户? if (userManager.UserIsLogon(userInfo)) { if (SecretUtil.IsSqlSafe(conditions)) { myRecordCount = dbHelper.GetCount(tableName, conditions, dbHelper.MakeParameters(dbParameters)); result = DbUtil.GetDataTableByPage(dbHelper, tableName, selectField, pageNo, pageSize, conditions, dbHelper.MakeParameters(dbParameters), orderBy); } else { // 记录注入日志 LogUtil.WriteLog("userInfo:" + userInfo.Serialize() + " " + conditions, "SqlSafe"); } } }); recordCount = myRecordCount; return(result); }
/// <summary> /// 添加用户 /// </summary> /// <param name="entity">用户实体</param> /// <returns>主键</returns> public string Add(BaseUserEntity entity) { string result = string.Empty; this.BeforeAdd(entity); if (this.StatusCode == Status.OKAdd.ToString()) { result = this.AddObject(entity); // 用户访问表里,插入一条记录 BaseUserLogOnEntity userLogOnEntity = new BaseUserLogOnEntity(); userLogOnEntity.Id = entity.Id; userLogOnEntity.CompanyId = entity.CompanyId; // 把一些默认值读取到,系统的默认值,这样增加用户时可以把系统的默认值带入 userLogOnEntity.MultiUserLogin = BaseSystemInfo.CheckOnLine ? 0 : 1; userLogOnEntity.CheckIPAddress = BaseSystemInfo.CheckIPAddress ? 1 : 0; //此处设置密码强度级别 userLogOnEntity.PasswordStrength = SecretUtil.GetUserPassWordRate(userLogOnEntity.UserPassword); // 若是系统需要用加密的密码,这里需要加密密码。 if (BaseSystemInfo.ServerEncryptPassword) { userLogOnEntity.UserPassword = this.EncryptUserPassword(entity.UserPassword); // 安全通讯密码、交易密码也生成好 // userLogOnEntity.UserPassword = this.EncryptUserPassword(entity.CommunicationPassword); } new BaseUserLogOnManager(this.DbHelper, this.UserInfo).Add(userLogOnEntity); this.AfterAdd(entity); } return(result); }
/// <summary> /// 分页查询 /// </summary> /// <param name="userInfo">用户</param> /// <param name="recordCount">记录数</param> /// <param name="pageIndex">当前页</param> /// <param name="pageSize">每页显示</param> /// <param name="whereClause">条件</param> /// <param name="dbParameters">参数</param> /// <param name="order">排序</param> /// <returns>数据表</returns> public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, int pageIndex, int pageSize, string whereClause, List <KeyValuePair <string, object> > dbParameters, string order = null) { var result = new DataTable(BaseMessageEntity.TableName); int myRecordCount = 0; var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessMessageDb(userInfo, parameter, (dbHelper) => { if (SecretUtil.IsSqlSafe(whereClause)) { var messageManager = new BaseMessageManager(dbHelper, userInfo); result = messageManager.GetDataTableByPage(out myRecordCount, pageIndex, pageSize, whereClause, dbHelper.MakeParameters(dbParameters), order); result.TableName = BaseMessageEntity.TableName; // FileUtil.WriteMessage("userInfo1:" + userInfo.Serialize() + " " + whereClause, "D:/Web/DotNet.CommonV4.2/DotNet.WCFService/Log/" + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt"); // FileUtil.WriteMessage("userInfo2:" + userInfo.Serialize() + " " + whereClause, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt"); } else { if (System.Web.HttpContext.Current != null) { // 记录注入日志 FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + whereClause, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt"); } } }); recordCount = myRecordCount; return(result); }
public static BaseAreaEntity GetObject(BaseUserInfo userInfo, string id) { BaseAreaEntity result = null; string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/AreaService.ashx"; WebClient webClient = new WebClient(); NameValueCollection postValues = new NameValueCollection(); postValues.Add("system", BaseSystemInfo.SoftFullName); postValues.Add("systemCode", BaseSystemInfo.SystemCode); postValues.Add("securityKey", BaseSystemInfo.SecurityKey); // 2015-11-25 吉日嘎拉,这里还是从缓存里获取就可以了,提高登录的效率。 postValues.Add("function", "GetObject"); postValues.Add("userInfo", userInfo.Serialize()); postValues.Add("encrypted", true.ToString()); postValues.Add("id", SecretUtil.Encrypt(id)); // 向服务器发送POST数据 byte[] responseArray = webClient.UploadValues(url, postValues); string response = Encoding.UTF8.GetString(responseArray); if (!string.IsNullOrEmpty(response)) { result = JsonConvert.DeserializeObject <BaseAreaEntity>(response); } return(result); }
/// <summary> /// 获取用户能显示的市?查看的范围 /// 由于底层数据可以市,所以需要能选上层的省才可以 /// </summary> /// <returns>市列表</returns> public List <BaseAreaEntity> GetUserCity(string userId, string provinceId, string permissionId) { string tableName = this.UserInfo.SystemCode + "PermissionScope"; provinceId = SecretUtil.SqlSafe(provinceId); List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseUserEntity.TableName)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, userId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionId, permissionId)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0)); BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo, tableName); string[] areaIds = permissionScopeManager.GetProperties(parameters, BasePermissionScopeEntity.FieldTargetId); for (int i = 0; i < areaIds.Length; i++) { areaIds[i] = areaIds[i].Substring(0, 4) + "00"; } parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BaseAreaEntity.FieldParentId, provinceId)); parameters.Add(new KeyValuePair <string, object>(BaseAreaEntity.FieldId, areaIds)); parameters.Add(new KeyValuePair <string, object>(BaseAreaEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair <string, object>(BaseAreaEntity.FieldDeletionStateCode, 0)); return(this.GetList <BaseAreaEntity>(parameters, BaseAreaEntity.FieldSortCode)); }
/// <summary> /// 查询用户列表 /// </summary> /// <param name="userInfo">用户</param> /// <param name="recordCount">记录条数</param> /// <param name="pageNo">第几页</param> /// <param name="pageSize">每页显示条数</param> /// <param name="permissionCode">操作权限</param> /// <param name="conditions">条件</param> /// <param name="sort">排序</param> /// <returns>数据表</returns> public DataTable SearchUserByPage(BaseUserInfo userInfo, out int recordCount, int pageNo, int pageSize, string permissionCode, string conditions, string sort = null) { var departmentId = string.Empty; var myrecordCount = 0; var dt = new DataTable(BaseUserEntity.CurrentTableName); var parameter = ServiceInfo.Create(userInfo, MethodBase.GetCurrentMethod()); ServiceUtil.ProcessUserCenterReadDb(userInfo, parameter, (dbHelper) => { if (SecretUtil.IsSqlSafe(conditions)) { var userManager = new BaseUserManager(dbHelper, userInfo) { ShowUserLogonInfo = true }; dt = userManager.SearchLogByPage(out myrecordCount, pageNo, pageSize, permissionCode, conditions, sort); dt.TableName = BaseUserEntity.CurrentTableName; } else { // 记录注入日志 LogUtil.WriteLog("userInfo:" + userInfo.Serialize() + " " + conditions, "SqlSafe"); } }); recordCount = myrecordCount; return(dt); }
public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageIndex, int pageSize, string conditions, IDbDataParameter[] dbParameters, string orderBy) { DataTable result = null; recordCount = 0; string connectionString = string.Empty; connectionString = ConfigurationHelper.AppSettings("OpenMasDbConnection", BaseSystemInfo.EncryptDbConnection); if (!string.IsNullOrEmpty(connectionString)) { if (SecretUtil.IsSqlSafe(conditions)) { using (IDbHelper dbHelper = DbHelperFactory.GetHelper(CurrentDbType.SqlServer, connectionString)) { recordCount = DbLogic.GetCount(dbHelper, tableName, conditions, dbParameters); result = DbLogic.GetDataTableByPage(dbHelper, tableName, selectField, pageIndex, pageSize, conditions, dbParameters, orderBy); } } else { if (System.Web.HttpContext.Current != null) { // 记录注入日志 FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + conditions, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt"); } } } return(result); }
public static BaseRoleEntity GetObject(BaseUserInfo userInfo, string systemCode, string id) { BaseRoleEntity result = null; string url = BaseSystemInfo.UserCenterHost + "/UserCenterV42/RoleService.ashx"; WebClient webClient = new WebClient(); NameValueCollection postValues = new NameValueCollection(); postValues.Add("system", BaseSystemInfo.SoftFullName); postValues.Add("systemCode", systemCode); postValues.Add("securityKey", BaseSystemInfo.SecurityKey); postValues.Add("function", "GetObject"); postValues.Add("userInfo", userInfo.Serialize()); postValues.Add("encrypted", true.ToString()); postValues.Add("id", SecretUtil.Encrypt(id)); // 向服务器发送POST数据 byte[] responseArray = webClient.UploadValues(url, postValues); string response = Encoding.UTF8.GetString(responseArray); if (!string.IsNullOrEmpty(response)) { JavaScriptSerializer javaScriptSerializer = new JavaScriptSerializer(); result = javaScriptSerializer.Deserialize <BaseRoleEntity>(response); } return(result); }
/// <summary> /// 获取分页数据(防注入功能的) /// </summary> /// <param name="recordCount">记录条数</param> /// <param name="tableName">数据来源表名</param> /// <param name="selectField">选择字段</param> /// <param name="pageIndex">当前页</param> /// <param name="pageSize">每页显示多少条</param> /// <param name="conditions">查询条件</param> /// <param name="dbParameters">查询参数</param> /// <param name="orderBy">排序字段</param> /// <returns>数据表</returns> public DataTable GetDataTableByPage(BaseUserInfo userInfo, out int recordCount, string tableName, string selectField, int pageIndex, int pageSize, string conditions, List <KeyValuePair <string, object> > dbParameters, string orderBy) { DataTable result = null; // 判断是否已经登录的用户? var userManager = new BaseUserManager(userInfo); recordCount = 0; // 判断是否已经登录的用户? if (userManager.UserIsLogOn(userInfo)) { if (SecretUtil.IsSqlSafe(conditions)) { recordCount = DbLogic.GetCount(DbHelper, tableName, conditions, DbHelper.MakeParameters(dbParameters)); result = DbLogic.GetDataTableByPage(DbHelper, tableName, selectField, pageIndex, pageSize, conditions, DbHelper.MakeParameters(dbParameters), orderBy); } else { if (System.Web.HttpContext.Current != null) { // 记录注入日志 DotNet.Utilities.FileUtil.WriteMessage("userInfo:" + userInfo.Serialize() + " " + conditions, System.Web.HttpContext.Current.Server.MapPath("~/Log/") + "SqlSafe" + DateTime.Now.ToString(BaseSystemInfo.DateFormat) + ".txt"); } } } return(result); }
public async Task <string> HandlePaymentCallbackAsync(Func <PaymentCallbackResponse, Task> handle, string input) { var r = new PaymentCallbackResponse(); var xml = XDocument.Parse(input); var root = xml.Element("jdpay"); var result = root.Element("result"); r.Success = result.Element("code").Value == "000000"; r.Message = result.Element("desc").Value; if (r.Success) { var encryptStr = root.Element("encrypt").Value; var key = Convert.FromBase64String(_options.JdPay.Key); var inputStr = SecretUtil.Des3DecryptEcb(key, Encoding.UTF8.GetString(Convert.FromBase64String(encryptStr))); xml = XDocument.Parse(inputStr); root = xml.Element("jdpay"); var status = root.Element("status").Value; r.Success = status == "2"; var orderId = root.Element("tradeNum").Value; r.OrderId = Convert.ToInt64(orderId); var signNode = root.Element("sign"); var sign = signNode.Value; signNode.Remove(); if (!CheckSign(sign, root.ToString())) { throw new SettleException("京东支付异步回调验签失败"); } } await handle.Invoke(r); return("success"); }
/// <summary> /// 保存系统设置 /// </summary> private void SaveConfigInfo() { // 是否加密先保存好 BaseSystemInfo.ClientEncryptPassword = this.chkClientEncryptPassword.Checked; BaseSystemInfo.CurrentUserName = this.txtUser.Text; BaseSystemInfo.CurrentPassword = this.txtClientPassword.Text; if (BaseSystemInfo.ClientEncryptPassword) { BaseSystemInfo.CurrentPassword = SecretUtil.Encrypt(this.txtClientPassword.Text); } if (!string.IsNullOrEmpty(this.cmbCurrentLanguage.Text)) { BaseSystemInfo.CurrentLanguage = this.cmbCurrentLanguage.SelectedItem.ToString(); } BaseSystemInfo.RememberPassword = this.chkRememberPassword.Checked; BaseSystemInfo.AutoLogOn = this.chbAutoLogOn.Checked; BaseSystemInfo.UseMessage = this.chkUseMessage.Checked; BaseSystemInfo.Service = this.cmbService.SelectedItem.ToString(); BaseSystemInfo.MainForm = txtMainForm.Text; BaseSystemInfo.LogOnForm = this.txtLogOnForm.Text; BaseSystemInfo.RecordLog = this.chkRecordLog.Checked; BaseSystemInfo.AllowUserRegister = this.chkAllowUserRegister.Checked; BaseSystemInfo.UseUserPermission = this.chkUseUserPermission.Checked; BaseSystemInfo.UseOrganizePermission = this.chkUseOrganizePermission.Checked; BaseSystemInfo.UseModulePermission = this.chkUseModulePermission.Checked; BaseSystemInfo.UsePermissionScope = this.chkUsePermissionScope.Checked; BaseSystemInfo.UseAuthorizationScope = this.chkUseAuthorizationScope.Checked; BaseSystemInfo.UseTableColumnPermission = this.chkUseTableColumnPermission.Checked; BaseSystemInfo.UseTableScopePermission = this.chkUseTableScopePermission.Checked; BaseSystemInfo.UseWorkFlow = this.chkWorkFlow.Checked; BaseSystemInfo.OnLineLimit = (int)this.nupOnLineLimit.Value; BaseSystemInfo.CustomerCompanyName = this.txtCustomerCompanyName.Text; if (this.cmbUserCenterDbDbType.Text.Length != 0) { BaseSystemInfo.UserCenterDbType = BaseConfiguration.GetDbType(this.cmbUserCenterDbDbType.SelectedItem.ToString()); } if (this.cmbBusinessDbDbType.Text.Length != 0) { BaseSystemInfo.BusinessDbType = BaseConfiguration.GetDbType(this.cmbBusinessDbDbType.SelectedItem.ToString()); } if (this.cmbWorkFlowDbDbType.Text.Length != 0) { BaseSystemInfo.WorkFlowDbType = BaseConfiguration.GetDbType(this.cmbWorkFlowDbDbType.SelectedItem.ToString()); } BaseSystemInfo.EncryptDbConnection = this.chkEncryptDbConnection.Checked; BaseSystemInfo.UserCenterDbConnectionString = this.txtUserCenterDbConnection.Text; BaseSystemInfo.BusinessDbConnectionString = this.txtBusinessDbConnection.Text; BaseSystemInfo.WorkFlowDbConnectionString = this.txtWorkFlowDbConnection.Text; // 保存用户的信息 UserConfigHelper.SaveConfig(); }
static void Main(string[] args) { Application.EnableVisualStyles(); Application.SetCompatibleTextRenderingDefault(false); // System.Console.WriteLine(WindowsIdentity.GetCurrent().Name); // 主应用程序集名 BaseSystemInfo.MainAssembly = System.Reflection.Assembly.GetEntryAssembly().GetName().Name; BaseSystemInfo.StartupPath = Application.StartupPath; BaseSystemInfo.AppIco = Path.Combine(Application.StartupPath, "Resource/Form.ico"); // PermissionItemService permissionItemService = new Business.PermissionItemService(); // BasePermissionItemEntity permissionItemEntity = permissionItemService.GetEntityByCode(BaseSystemInfo.UserInfo, "UserAdmin"); // System.Console.WriteLine(permissionItemEntity); // 获取配置信息 GetConfig(); // 强制使用表数据权限 // BaseSystemInfo.UseTablePermission = true; BaseSystemInfo.WebHostUrl = ConfigurationManager.AppSettings["WebHostUrl"]; // 这里检查是否有外部用户名密码传输进来过 if (args.Length > 0) { for (int i = 0; i < args.Length; i++) { if (args[i].ToString().StartsWith("UserName")) { BaseSystemInfo.CurrentUserName = args[i].ToString().Substring("UserName".Length + 1); } else if (args[i].ToString().StartsWith("Password")) { BaseSystemInfo.CurrentPassword = args[i].ToString().Substring("Password".Length + 1); if (BaseSystemInfo.ClientEncryptPassword) { BaseSystemInfo.CurrentPassword = SecretUtil.Encrypt(BaseSystemInfo.CurrentPassword); } } // Console.WriteLine(i.ToString() + ":" + args[i].ToString()); } } if (BaseSystemInfo.MultiLanguage) { // 多语言国际化加载 ResourceManagerWrapper.Instance.LoadResources(Path.Combine(Application.StartupPath, "Resources/Localization/")); // 从当前指定的语言包读取信息 AppMessage.GetLanguageResource(); } // 初始化服务 DotNetService.Instance.InitService(); // 按配置的登录页面进行登录,这里需要运行的是主程序才可以 Form mainForm = BaseInterfaceLogic.GetForm(BaseSystemInfo.MainAssembly, BaseSystemInfo.MainForm); Application.Run(mainForm); }
/// <summary> /// 保存签名密钥 /// </summary> /// <param name="privateKey">密钥</param> /// <param name="password">签名密码</param> /// <returns>是否成功</returns> private bool SaveDigitalSignature(string privateKey, string password) { bool returnValue = false; // 01: 保存文件路径 string fileName = this.txtOutput.Text + "\\" + UserInfo.RealName + ".Key"; // 这里需要判断文件是否已经存在 if (System.IO.File.Exists(fileName)) { if (MessageBox.Show("签名密钥" + UserInfo.RealName + ".Key" + "已存在,您确认要覆盖原文件吗?", AppMessage.MSG0000, MessageBoxButtons.OKCancel, MessageBoxIcon.Question, MessageBoxDefaultButton.Button2) != DialogResult.OK) { // 文件已经存在,不能覆盖的为好,或者需要提醒才可以。 return(returnValue); } } XmlDocument xmlDocument = new XmlDocument(); XmlNode xmlNode = xmlDocument.CreateXmlDeclaration("1.0", "utf-8", null); xmlDocument.AppendChild(xmlNode); XmlNode root = xmlDocument.CreateElement("DigitalSignature"); xmlDocument.AppendChild(root); XmlElement xmlElement = xmlDocument.CreateElement("Key"); // 02: 当前用户的Id保存到xml文件 xmlElement.SetAttribute("Id", UserInfo.Id); // 03:当前的用户名为文件名 xmlElement.SetAttribute("UserName", UserInfo.UserName); // 04:当前的用户名签名密码(加密保存,单向加密) xmlElement.SetAttribute("SignedPassword", SecretUtil.md5(password, 32)); // 05: 当前创建日期保存到xml文件 xmlElement.SetAttribute("CreateOn", DateTime.Now.ToString(BaseSystemInfo.DateTimeFormat)); // 06: 当前私钥保存到xml文件 xmlElement.SetAttribute("PrivateKey", privateKey); root.AppendChild(xmlElement); // 07: 这里需要加密保存 // xmlDocument.Save("C:\\DigitalSignature.xml"); // 08: 加密文件内容 string keyFile = SecretUtil.Encrypt(xmlDocument.InnerXml); try { // 09: 创建二进制加密文件 FileUtil.WriteBinaryFile(fileName, keyFile); // 10:打开生成文件所在的目录 // Process.Start(this.txtOutput.Text); // 11:记住用户参数 DotNetService.Instance.ParameterService.SetParameter(UserInfo, "User", this.UserInfo.Id, "DigitalSignatureFilePath", this.txtOutput.Text); returnValue = true; } catch { MessageBox.Show("保存签名密钥文件失败、请重新生成签名密钥。", AppMessage.MSG0000, MessageBoxButtons.OK, MessageBoxIcon.Information); returnValue = false; } return(returnValue); }
private void btnSave_Click(object sender, EventArgs e) { if (string.IsNullOrEmpty(txtCustomerID.Text.Trim())) { txtCustomerID.Focus(); txtCustomerID.Select(); txtCustomerID.ShowTip("商家ID必填"); return; } if (string.IsNullOrEmpty(txtCustomerPassword.Text.Trim())) { txtCustomerPassword.Focus(); txtCustomerPassword.Select(); txtCustomerPassword.ShowTip("商家ID密码必填"); return; } if (string.IsNullOrEmpty(txtSiteName.Text.Trim())) { txtSiteName.Focus(); txtSiteName.Select(); txtSiteName.ShowTip("所属网点名称必填"); return; } if (string.IsNullOrEmpty(txtSiteCode.Text.Trim())) { txtSiteCode.Focus(); txtSiteCode.Select(); txtSiteCode.ShowTip("所属网点编号必填"); return; } if (!string.IsNullOrEmpty(txtCustomerID.Text) && !string.IsNullOrEmpty(txtCustomerPassword.Text)) { var elecUserInfoEntity = new ZtoElecUserInfoEntity(); elecUserInfoEntity.Kehuid = txtCustomerID.Text.Replace(" ", ""); elecUserInfoEntity.Pwd = txtCustomerPassword.Text.Replace(" ", ""); elecUserInfoEntity.Result = "false"; elecUserInfoEntity.InterfaceType = "0"; string encryInfo = JsonConvert.SerializeObject(elecUserInfoEntity); // 扩展类保存一下 ZtoElecUserInfoExtendEntity elecUserInfoExtendEntity = new ZtoElecUserInfoExtendEntity(); elecUserInfoExtendEntity.Kehuid = txtCustomerID.Text.Replace(" ", ""); elecUserInfoExtendEntity.Pwd = txtCustomerPassword.Text.Replace(" ", ""); elecUserInfoExtendEntity.Result = "false"; elecUserInfoExtendEntity.InterfaceType = "0"; elecUserInfoExtendEntity.siteCode = txtSiteCode.Text; elecUserInfoExtendEntity.siteName = txtSiteName.Text; string encryExtendInfo = JsonConvert.SerializeObject(elecUserInfoExtendEntity); BillPrintHelper.SetZtoCustomerInfo(SecretUtil.Encrypt(encryInfo, BaseSystemInfo.SecurityKey)); BillPrintHelper.SetZtoCustomerExtendInfo(SecretUtil.Encrypt(encryExtendInfo, BaseSystemInfo.SecurityKey)); XtraMessageBox.Show("绑定成功", AppMessage.MSG0000, MessageBoxButtons.OK, MessageBoxIcon.Information); } else { BillPrintHelper.DeleteElecUserInfoEntity(); } }
/// <summary> /// 获取商家ID的可用电子面单数量 /// </summary> /// <param name="ztoElecUserInfoEntity">申通电子面单线下商家ID实体信息</param> /// <returns></returns> public static string GetElecBillCount(ZtoElecUserInfoEntity ztoElecUserInfoEntity) { // http://testpartner.zto.cn/#mail.counter var entity = new { // 已申请过的最后一个运单号码。 (如提供此单号就以此单号开始统计未使用单号, 如不提供就查询所有未使用单号)。 // lastno string 否 100000000016 已申请过的最后一个运单号码。 (如提供此单号就以此单号开始统计未使用单号, 如不提供就查询所有未使用单号)。 lastno = "" }; // 实体构建完成了,下面开始请求动作 string content = SecretUtil.EncodeBase64("UTF-8", JsonConvert.SerializeObject(entity)); // 正式地址 http://partner.zto.cn//client/interface.php // 测试地址 http://testpartner.zto.cn/client/interface.php var webClient = new WebClient(); string date = DateTime.Now.ToString(BaseSystemInfo.DateTimeFormat); var postValues = new NameValueCollection { { "style", "json" }, { "func", "mail.counter" }, { "content", content }, { "partner", ztoElecUserInfoEntity.Kehuid }, { "datetime", date }, { "verify", System.Web.HttpUtility.UrlEncode(SecretUtil.md5(ztoElecUserInfoEntity.Kehuid + date + content + ztoElecUserInfoEntity.Pwd)) } }; byte[] responseArray = webClient.UploadValues(ElecUrl, postValues); string response = Encoding.UTF8.GetString(responseArray); if (string.IsNullOrEmpty(response)) { return("请求失败,返回值为空,可以尝试重新查询。"); } if (response.Contains("非法的数据签名") || response.Contains("s04")) { return(response + Environment.NewLine + "请右击修改商家ID信息,也可以修改默认发件人的商家ID信息,密码区分大小写,一定要看清楚" + Environment.NewLine + "商家ID和密码可以从申通物料系统通过短信方式获取到,短信上面是什么就填写什么。"); } // 返回值 {"result":"true","counter":{"available":"568"}} // response = "{\"result\": \"false\" ,\"code\": \"s05\",\"remark\": \"缺少必要的参数\"}"; // response = "-Via: 1.1 jq50:88 (Cdn Cache Server V2.0)" + Environment.NewLine + "Connection: keep-alive" +Environment.NewLine + response; // 判断一下返回的是不是json格式的数据 if (JsonSplitHelper.IsJson(response)) { var ztoElecBillCountJsonEntity = JsonConvert.DeserializeObject <ZTOElecBillCountJsonEntity>(response); if (ztoElecBillCountJsonEntity != null) { if (ztoElecBillCountJsonEntity.counter != null) { return(ztoElecBillCountJsonEntity.counter.available); } return(response); } return(response); } return(response); }
private void btnDecrypt_Click(object sender, EventArgs e) { // 如果当前处于已加密状态,则对数据库连接字符窜进行解密操作; if (this.chkEncryptDbConnection.Checked) { this.chkEncryptDbConnection.Checked = false; this.txtUserCenterDbConnection.Text = SecretUtil.Decrypt(this.txtUserCenterDbConnection.Text); this.txtBusinessDbConnection.Text = SecretUtil.Decrypt(this.txtBusinessDbConnection.Text); this.txtWorkFlowDbConnection.Text = SecretUtil.Decrypt(this.txtWorkFlowDbConnection.Text); } }
public bool CheckSign(SettleObject values) { if (!values.IsSet("signature")) { return(false); } var oriByteData = Encoding.UTF8.GetBytes(values.ToUrlForSign()); var sha1 = SHA1.Create().ComputeHash(oriByteData); var data = BitConverter.ToString(sha1).Replace("-", "").ToLower(); return(SecretUtil.RsaVerify1(_publicCert.GetRSAPublicKey(), data, values.GetValue <string>("signature"))); }
public string MakeSign(SettleObject values) { if (_privateCert.SerialNumber != null) { values.SetValue("certId", BigInteger.Parse(_privateCert.SerialNumber, NumberStyles.AllowHexSpecifier).ToString()); } var oriByteData = Encoding.UTF8.GetBytes(values.ToUrlForSign()); var sha1 = SHA1.Create().ComputeHash(oriByteData); var data = BitConverter.ToString(sha1).Replace("-", "").ToLower(); return(SecretUtil.RsaSign1(_privateCert.GetRSAPrivateKey(), data)); }
/// <summary> /// 用户密码加密处理功能 /// /// 用户的密码到底如何加密,数据库中如何存储用户的密码? /// 若是明文方式存储,在管理上会有很多漏洞,虽然调试时不方便,当时加密的密码相对是安全的, /// 而且最好是密码是不可逆的,这样安全性更高一些,各种不同的系统,这里适当的处理一下就饿可以了。 /// </summary> /// <param name="password">用户密码</param> /// <param name="salt">密码盐</param> /// <returns>处理后的密码</returns> public virtual string EncryptUserPassword(string password, string salt = null) { var result = SecretUtil.Md5(password, 32).ToUpper(); if (!string.IsNullOrEmpty(salt) && (salt.Length == 20)) { result = salt.Substring(6) + result + salt.Substring(6, 10); result = SecretUtil.Md5(result, 32).ToUpper(); result += salt; result = SecretUtil.Md5(result, 32).ToUpper(); } return(result); }
public List <BaseAreaEntity> GetDistrict(string cityId) { cityId = SecretUtil.SqlSafe(cityId); // string commandText = "SELECT * FROM BaseArea WHERE ((ParentId = '" + cityId + "' AND Layer = 3) OR (Id = '" + cityId + "' AND Layer = 3)) AND Enabled = 1 AND DeletionStateCode = 0 ORDER BY SortCode"; // string where = "((ParentId = '" + cityId + "' AND Layer = 3) OR (Id = '" + cityId + "' AND Layer = 3)) AND Enabled = 1 AND DeletionStateCode = 0"; // return this.GetList<BaseAreaEntity>(where); List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >(); parameters.Add(new KeyValuePair <string, object>(BaseItemDetailsEntity.FieldParentId, cityId)); parameters.Add(new KeyValuePair <string, object>(BaseItemDetailsEntity.FieldEnabled, 1)); parameters.Add(new KeyValuePair <string, object>(BaseItemDetailsEntity.FieldDeletionStateCode, 0)); return(this.GetList <BaseAreaEntity>(parameters, BaseItemDetailsEntity.FieldSortCode)); }
/// <summary> /// 保存签名密钥 /// </summary> /// <param name="privateKey">密钥</param> /// <param name="password">签名密码</param> /// <returns>是否成功</returns> private bool SaveDigitalSignature(string privateKey, string password) { bool returnValue = false; // 01: 保存文件路径 string fileName = this.txtDigitalSignature.Text; XmlDocument xmlDocument = new XmlDocument(); XmlNode xmlNode = xmlDocument.CreateXmlDeclaration("1.0", "utf-8", null); xmlDocument.AppendChild(xmlNode); XmlNode root = xmlDocument.CreateElement("DigitalSignature"); xmlDocument.AppendChild(root); XmlElement xmlElement = xmlDocument.CreateElement("Key"); // 02: 当前用户的Id保存到xml文件 xmlElement.SetAttribute("Id", UserInfo.Id); // 03:当前的用户名为文件名 xmlElement.SetAttribute("UserName", UserInfo.UserName); // 04:当前的用户名签名密码(加密保存) xmlElement.SetAttribute("SignedPassword", SecretUtil.md5(password, 32)); // 05: 当前创建日期保存到xml文件 xmlElement.SetAttribute("CreateOn", DateTime.Now.ToString(BaseSystemInfo.DateTimeFormat)); // 06: 当前私钥保存到xml文件 xmlElement.SetAttribute("PrivateKey", privateKey); root.AppendChild(xmlElement); // 07: 这里需要加密保存 // xmlDocument.Save("C:\\DigitalSignature.xml"); // 08: 加密文件内容 string keyFile = SecretUtil.Encrypt(xmlDocument.InnerXml); try { // 09: 创建二进制加密文件 FileUtil.WriteBinaryFile(fileName, keyFile); // 10:打开生成文件所在的目录 // Process.Start(this.txtDigitalSignature.Text); // 11:记住用户参数 // DotNetService.Instance.ParameterService.SetParameter(UserInfo, "User", this.UserInfo.Id, "DigitalSignatureFilePath", this.txtOutput.Text); // MessageBox.Show("修改签名密码成功、请妥善保管好签名密钥文件。", AppMessage.MSG0000, MessageBoxButtons.OK, MessageBoxIcon.Information); } catch { MessageBox.Show("修改签名密码失败、请重修改签名密码。", AppMessage.MSG0000, MessageBoxButtons.OK, MessageBoxIcon.Information); returnValue = false; } return(returnValue); }
/// <summary> /// 获取现有的登录信息 /// </summary> private void GetLogOnInfo() { if (this.chkRememberPassword.Checked) { string userName = BaseSystemInfo.CurrentUserName; DataRowView dataRowView = null; for (int i = 0; i < this.cmbUser.Items.Count; i++) { dataRowView = (DataRowView)this.cmbUser.Items[i]; if (dataRowView[BaseUserEntity.FieldUserName].ToString().Equals(userName)) { this.cmbUser.SelectedIndex = i; break; } } // 对密码进行解密操作 string password = BaseSystemInfo.CurrentPassword; password = SecretUtil.Decrypt(password); this.txtPassword.Text = password; // 写入注册表信息,这个往往是会遇到安全问题,出现异常等 /* * RegistryKey registryKey = Registry.LocalMachine.OpenSubKey(@"Software\" + BaseConfiguration.COMPANY_NAME + "\\" + BaseSystemInfo.SoftName, false); * if (registryKey != null) * { * // 这里是保存用户名的读取,对用户名进行解密操作 * string userName = (string)registryKey.GetValue(BaseConfiguration.CURRENT_USERNAME); * userName = SecretUtil.Decrypt(userName); * DataRowView dataRowView = null; * for (int i = 0; i < this.cmbUser.Items.Count; i++) * { * dataRowView = (DataRowView)this.cmbUser.Items[i]; * if (dataRowView[BaseUserEntity.FieldUserName].ToString().Equals(userName)) * { * this.cmbUser.SelectedIndex = i; * // this.cmbUser.SelectedItem = this.cmbUser.Items[i]; * // this.cmbUser.SelectedValue = userName; * break; * } * } * // 对密码进行解密操作 * string password = (string)registryKey.GetValue(BaseConfiguration.CURRENT_PASSWORD); * password = SecretUtil.Decrypt(password); * this.txtPassword.Text = password; * } */ } }
/// <summary> /// 修改密码 /// </summary> private bool ChangePassword() { // 设置鼠标繁忙状态,并保留原先的状态 Cursor holdCursor = this.Cursor; this.Cursor = Cursors.WaitCursor; bool returnValue = false; string statusCode = string.Empty; string statusMessage = string.Empty; DotNetService.Instance.LogOnService.ChangePassword(UserInfo, this.txtOldPassword.Text, this.txtNewPassword.Text, out statusCode, out statusMessage); // 设置为平常状态 this.Cursor = holdCursor; if (statusCode == StatusCode.ChangePasswordOK.ToString()) { if (BaseSystemInfo.ShowInformation) { // 提示修改成功 MessageBox.Show(statusMessage, AppMessage.MSG0000, MessageBoxButtons.OK, MessageBoxIcon.Information); } // 保存用户的密码信息,方便下次登录时直接记住了新密码,否则登录时,还是会出错的。 #if (!DEBUG) if (BaseSystemInfo.ClientEncryptPassword) { BaseSystemInfo.CurrentPassword = SecretUtil.Encrypt(this.txtNewPassword.Text); } UserConfigHelper.SaveConfig(); #endif this.DialogResult = DialogResult.OK; returnValue = true; } else { if (statusCode == StatusCode.PasswordCanNotBeNull.ToString()) { this.ClearOldPassword(); } if (statusCode == StatusCode.OldPasswordError.ToString()) { this.ClearOldPassword(); } MessageBox.Show(statusMessage, AppMessage.MSG0000, MessageBoxButtons.OK, MessageBoxIcon.Information); returnValue = false; } return(returnValue); }
private void InitSourceDBInfo(string inDBType) { try { switch (inDBType) { case "SQLSERVER": this.cmbDBType.SelectedIndex = 0; this.txtServer.Text = Config.Intance().EleSource.GetAttribute("ServerName"); this.txtDataBase.Text = Config.Intance().EleSource.GetAttribute("DataBase"); this.txtUser.Text = Config.Intance().EleSource.GetAttribute("User"); this.txtPassword.Text = SecretUtil.DeSecret(Config.Intance().EleSource.GetAttribute("Password")); return; case "ACCESS": this.cmbDBType.SelectedIndex = 1; this.txtDataBase.Text = "template.mdb"; this.txtPassword.Text = SecretUtil.DeSecret(Config.Intance().EleSource.GetAttribute("Password")); return; case "FOXPRO": this.cmbDBType.SelectedIndex = 2; this.txtDataBase.Text = Application.StartupPath; return; case "ORACLE": this.cmbDBType.SelectedIndex = 3; this.txtServer.Text = Config.Intance().EleSource.GetAttribute("ServerName"); this.txtUser.Text = Config.Intance().EleSource.GetAttribute("User"); this.txtPassword.Text = SecretUtil.DeSecret(Config.Intance().EleSource.GetAttribute("Password")); break; case "TXT": this.cmbDBType.SelectedIndex = 5; this.txtDataBase.Text = Application.StartupPath; break; case "EXCEL": this.cmbDBType.SelectedIndex = 4; this.txtDataBase.Text = Config.Intance().CurrentExcelTemplet; break; } } catch (Exception exception1) { ErrorLog.SaveLog("给源数据配置赋值", exception1); } }
/// <summary> /// 添加用户 /// </summary> /// <param name="entity">用户实体</param> /// <param name="userLogonEntity"></param> /// <returns>主键</returns> public string AddUser(BaseUserEntity entity, BaseUserLogonEntity userLogonEntity = null) { var result = string.Empty; BeforeAdd(entity); if (StatusCode == Status.OkAdd.ToString()) { //添加用户 result = AddEntity(entity); // 用户登录表里,插入一条记录 if (userLogonEntity == null) { userLogonEntity = new BaseUserLogonEntity(); } userLogonEntity.UserId = result.ToInt(); //userLogonEntity.CompanyId = entity.CompanyId; //把一些默认值读取到,系统的默认值,这样增加用户时可以把系统的默认值带入 userLogonEntity.ConcurrentUser = BaseSystemInfo.CheckOnline ? 0 : 1; userLogonEntity.CheckIpAddress = BaseSystemInfo.CheckIpAddress ? 1 : 0; //此处设置密码强度级别 userLogonEntity.PasswordStrength = SecretUtil.GetUserPassWordRate(userLogonEntity.UserPassword); //密码盐 userLogonEntity.Salt = RandomUtil.GetString(20); // 若是系统需要用加密的密码,这里需要加密密码。 if (BaseSystemInfo.ServerEncryptPassword) { userLogonEntity.UserPassword = EncryptUserPassword(userLogonEntity.UserPassword, userLogonEntity.Salt); // 安全通讯密码、交易密码也生成好 // userLogonEntity.UserPassword = this.EncryptUserPassword(entity.CommunicationPassword); } //// 2016.05.21 吉日嘎拉 完善创建信息 //userLogonEntity.CreateTime = DateTime.Now; //userLogonEntity.UpdateTime = DateTime.Now; //if (UserInfo != null) //{ // userLogonEntity.CreateUserId = UserInfo.UserId; // userLogonEntity.CreateBy = UserInfo.RealName; //} new BaseUserLogonManager(DbHelper, UserInfo).Add(userLogonEntity); AfterAdd(entity); } return(result); }