Example #1
0
        protected void AddLogin_Click(object sender, EventArgs e)
        {
            if (Page.IsValid)
            {
                SqlLoginCollection logins;
                SqlServer          server = SqlServer.CurrentServer;
                server.Connect();

                if (server.IsUserValid())
                {
                    logins = server.Logins;
                    try
                    {
                        SqlLogin newLogin = logins.Add(
                            LoginName.Text.Trim(),
                            (SqlLoginType)Enum.Parse(typeof(SqlLoginType), AuthType.SelectedValue),
                            Password.Text.Trim()
                            );

                        // Redirect user to the edit screen so they can edit more properties
                        Response.Redirect("EditServerLogin.aspx?Login=" + newLogin.Name);
                    }
                    catch (Exception ex)
                    {
                        ErrorMessage.Text = ex.Message;
                    }
                }

                server.Disconnect();
            }
        }
Example #2
0
    protected void btnOK_Click(object sender, EventArgs e)
    {
        DataView lg;

        SqlLogin.SelectParameters["LOGIN"].DefaultValue = cripto.Encrypt(txtLogin.Text);
        SqlLogin.SelectParameters["SENHA"].DefaultValue = cripto.Encrypt(txtSenha.Text);

        lg = (DataView)SqlLogin.Select(DataSourceSelectArguments.Empty);

        if (lg.Table.Rows.Count == 0)
        {
            Response.Redirect("Default.aspx");
            lblErro.Text = "Usuário nao cadastrado";
        }
        else
        {
            Session["logado"] = "OK";
            Response.Redirect("telaCompras.aspx");
        }
    }
Example #3
0
        protected void AddLogin_Click(object sender, EventArgs e)
        {
            if (Page.IsValid)
            {
                SqlLoginCollection logins;
                SqlServer          server = SqlServer.CurrentServer;
                try
                {
                    server.Connect();
                }
                catch (System.Exception ex)
                {
                    //Response.Redirect("Error.aspx?errorPassCode=" + 2002);
                    Response.Redirect(String.Format("error.aspx?errormsg={0}&stacktrace={1}", Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace)));
                }

                if (server.IsUserValid())
                {
                    logins = server.Logins;
                    try
                    {
                        SqlLogin newLogin = logins.Add(
                            LoginName.Text.Trim(),
                            (SqlLoginType)Enum.Parse(typeof(SqlLoginType), AuthType.SelectedValue),
                            Password.Text.Trim()
                            );

                        // Redirect user to the edit screen so they can edit more properties
                        Response.Redirect("EditServerLogin.aspx?Login=" + Server.UrlEncode(newLogin.Name));
                    }
                    catch (Exception ex)
                    {
                        ErrorMessage.Text = ex.Message;
                    }
                }

                server.Disconnect();
            }
        }
        protected override void OnLoad(EventArgs e)
        {
            if (Request["Login"] == null)
                Response.Redirect("CreateLogin.aspx");

            LoginLabel.Text = Request["Login"].ToUpper();

            if (!Page.IsPostBack)
            {
                SqlServer server = SqlServer.CurrentServer;
                try
                {
                    server.Connect();
                }
                catch (System.Exception ex)
                {
                    //Response.Redirect("Error.aspx?errorPassCode=" + 2002);
                    Response.Redirect(String.Format("error.aspx?errormsg={0}&stacktrace={1}", Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace)));
                }

                sqlLogin = server.Logins[Request["Login"]];

                if (sqlLogin == null)
                    Response.Redirect("CreateLogin.aspx");

                if (sqlLogin.LoginType == SqlLoginType.NTUser || sqlLogin.LoginType == SqlLoginType.NTGroup)
                {
                    SecurityAccess.Enabled = true;
                    SecurityAccessLabel.Enabled = true;

                    if (sqlLogin.NTLoginAccessType == SqlNtAccessType.Deny)
                    {
                        SecurityAccess.Items[1].Selected = true;
                    }
                    else
                    {
                        SecurityAccess.Items[0].Selected = true;
                    }
                }

                databases = server.Databases;

                DefaultDatabase.DataSource = databases;
                DefaultDatabase.DataBind();

                DatabaseAccessGrid.DataSource = databases;
                DatabaseAccessGrid.DataBind();

                // Select default database
                ListItem databaseItem = DefaultDatabase.Items.FindByValue(sqlLogin.Database);
                if (databaseItem != null)
                {
                    databaseItem.Selected = true;
                }
                else
                {
                    databaseItem = DefaultDatabase.Items.FindByValue("master");
                    if (databaseItem != null)
                        databaseItem.Selected = true;
                }

                allRoles = server.Roles;

                ServerRoles.DataSource = allRoles;
                ServerRoles.DataBind();

                // Select member roles
                foreach (ListItem item in ServerRoles.Items)
                {
                    if (sqlLogin.IsMember(item.Value))
                    {
                        item.Selected = true;
                    }
                }

                DefaultLanguage.DataSource = server.Languages;
                DefaultLanguage.DataBind();

                // Select default language
                ListItem languageItem = DefaultLanguage.Items.FindByValue(sqlLogin.Language);
                if (languageItem != null)
                {
                    languageItem.Selected = true;
                }
                else
                {
                    languageItem = DefaultLanguage.Items.FindByValue("English");
                    if (languageItem != null)
                        languageItem.Selected = true;
                }

                server.Disconnect();
                focusPanel(GeneralPanel);
            }
            base.OnLoad(e);
        }
        private bool Save()
        {
            SqlServer server = SqlServer.CurrentServer;
            try
            {
                server.Connect();
            }
            catch (System.Exception ex)
            {
                //Response.Redirect("Error.aspx?errorPassCode=" + 2002);
                Response.Redirect(String.Format("error.aspx?errormsg={0}&stacktrace={1}", Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace)));
            }

            try
            {
                // Save Login settings
                sqlLogin = server.Logins[Request["Login"]];

                if (SecurityAccess.Enabled)
                {
                    sqlLogin.DenyNTLogin = SecurityAccess.SelectedValue == "Deny" ? true : false;
                }

                sqlLogin.Database = DefaultDatabase.SelectedValue;
                sqlLogin.Language = DefaultLanguage.SelectedValue;

                // Save server roles
                foreach (ListItem item in ServerRoles.Items)
                {
                    if (sqlLogin.IsMember(item.Value) && !item.Selected)
                    {
                        server.Roles[item.Value].DropMember(sqlLogin.Name);
                    }
                    else if (!sqlLogin.IsMember(item.Value) && item.Selected)
                    {
                        server.Roles[item.Value].AddMember(sqlLogin.Name);
                    }
                }

                databases = server.Databases;

                // Save database access
                foreach (DataGridItem item in DatabaseAccessGrid.Items)
                {
                    SqlDatabase database = databases[(string)DatabaseAccessGrid.DataKeys[item.ItemIndex]];
                    CheckBox cb = item.FindControl("DatabaseAccess") as CheckBox;
                    if (database != null && cb != null)
                    {
                        string dbName = sqlLogin.GetUserName(database.Name);
                        if (dbName != null && !cb.Checked)
                        {
                            database.Users[dbName].Remove();
                        }
                        else if (dbName == null && cb.Checked)
                        {
                            database.Users.Add(sqlLogin.Name, sqlLogin.Name);
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                ErrorMessage.Text = ex.Message;
                return false;
            }
            finally
            {
                server.Disconnect();
            }
            return true;
        }
        protected override void OnLoad(EventArgs e)
        {
            if (Request["Login"] == null)
            {
                Response.Redirect("CreateLogin.aspx");
            }

            LoginLabel.Text = Request["Login"].ToUpper();

            if (!Page.IsPostBack)
            {
                SqlServer server = SqlServer.CurrentServer;
                server.Connect();

                sqlLogin = server.Logins[Request["Login"]];

                if (sqlLogin == null)
                {
                    Response.Redirect("CreateLogin.aspx");
                }

                if (sqlLogin.LoginType == SqlLoginType.NTUser || sqlLogin.LoginType == SqlLoginType.NTGroup)
                {
                    SecurityAccess.Enabled      = true;
                    SecurityAccessLabel.Enabled = true;

                    if (sqlLogin.NTLoginAccessType == SqlNtAccessType.Deny)
                    {
                        SecurityAccess.Items[1].Selected = true;
                    }
                    else
                    {
                        SecurityAccess.Items[0].Selected = true;
                    }
                }

                databases = server.Databases;

                DefaultDatabase.DataSource = databases;
                DefaultDatabase.DataBind();

                DatabaseAccessGrid.DataSource = databases;
                DatabaseAccessGrid.DataBind();

                // Select default database
                ListItem databaseItem = DefaultDatabase.Items.FindByValue(sqlLogin.Database);
                if (databaseItem != null)
                {
                    databaseItem.Selected = true;
                }
                else
                {
                    databaseItem = DefaultDatabase.Items.FindByValue("master");
                    if (databaseItem != null)
                    {
                        databaseItem.Selected = true;
                    }
                }

                allRoles = server.Roles;

                ServerRoles.DataSource = allRoles;
                ServerRoles.DataBind();

                // Select member roles
                foreach (ListItem item in ServerRoles.Items)
                {
                    if (sqlLogin.IsMember(item.Value))
                    {
                        item.Selected = true;
                    }
                }

                DefaultLanguage.DataSource = server.Languages;
                DefaultLanguage.DataBind();

                // Select default language
                ListItem languageItem = DefaultLanguage.Items.FindByValue(sqlLogin.Language);
                if (languageItem != null)
                {
                    languageItem.Selected = true;
                }
                else
                {
                    languageItem = DefaultLanguage.Items.FindByValue("English");
                    if (languageItem != null)
                    {
                        languageItem.Selected = true;
                    }
                }

                server.Disconnect();
                focusPanel(GeneralPanel);
            }
            base.OnLoad(e);
        }
        private bool Save()
        {
            SqlServer server = SqlServer.CurrentServer;

            server.Connect();

            try
            {
                // Save Login settings
                sqlLogin = server.Logins[Request["Login"]];

                if (SecurityAccess.Enabled)
                {
                    sqlLogin.DenyNTLogin = SecurityAccess.SelectedValue == "Deny"?true:false;
                }

                sqlLogin.Database = DefaultDatabase.SelectedValue;
                sqlLogin.Language = DefaultLanguage.SelectedValue;

                // Save server roles
                foreach (ListItem item in ServerRoles.Items)
                {
                    if (sqlLogin.IsMember(item.Value) && !item.Selected)
                    {
                        server.Roles[item.Value].DropMember(sqlLogin.Name);
                    }
                    else if (!sqlLogin.IsMember(item.Value) && item.Selected)
                    {
                        server.Roles[item.Value].AddMember(sqlLogin.Name);
                    }
                }

                databases = server.Databases;

                // Save database access
                foreach (DataGridItem item in DatabaseAccessGrid.Items)
                {
                    SqlDatabase database = databases[(string)DatabaseAccessGrid.DataKeys[item.ItemIndex]];
                    CheckBox    cb       = item.FindControl("DatabaseAccess") as CheckBox;
                    if (database != null && cb != null)
                    {
                        string dbName = sqlLogin.GetUserName(database.Name);
                        if (dbName != null && !cb.Checked)
                        {
                            database.Users[dbName].Remove();
                        }
                        else if (dbName == null && cb.Checked)
                        {
                            database.Users.Add(sqlLogin.Name, sqlLogin.Name);
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                ErrorMessage.Text = ex.Message;
                return(false);
            }
            finally
            {
                server.Disconnect();
            }
            return(true);
        }
Example #8
0
    protected void login(object sender, EventArgs e)
    {
        try{
            //Declarando as Variaveis
            DataView dvLogin, dvFunc;
            Session["log"]   = null;
            Session["admin"] = null;

            //Getting UI Data
            string login    = txtUsername.Text;
            string password = txtPassword.Text;

            string encryptedLogin    = Crypto.Encrypt(login);
            string encryptedPassword = Crypto.Encrypt(password);

            //Verificando o Login
            SqlLogin.SelectParameters["LOGIN"].DefaultValue = encryptedLogin;
            SqlLogin.SelectParameters["SENHA"].DefaultValue = encryptedPassword;

            dvLogin = (DataView)SqlLogin.Select(DataSourceSelectArguments.Empty);

            //Verificando o Usuário
            if (dvLogin.Table.Rows.Count > 0)
            {
                //Carregando log com o id do Funcionario
                Session["log"] = Convert.ToInt32((dvLogin.Table.Rows[0]["id_func"]).ToString());
                //Obtendo Funcionario
                dvFunc = (DataView)SqlFunc.Select(DataSourceSelectArguments.Empty);

                // Verificando se é Administrador
                if (Convert.ToInt32((dvFunc.Table.Rows[0]["id_cargo"]).ToString()) == 1)
                {
                    Session["admin"] = "true";
                }
                else
                {
                    Session["admin"] = null;
                }
                //Guardando o id do Funcionario
                Session["log"] = dvFunc.Table.Rows[0]["id_func"].ToString();
                Response.Redirect("~/app/home.aspx");

                // AUDITORIA
                // Gravando Ação no `userlog`
                string curretUser = Session["log"].ToString();
                string acao       = "Start Session";
                // Transformando a data no padrão internacional
                string currentDate = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");

                userLog.InsertParameters["funcionario"].DefaultValue = (curretUser);
                userLog.InsertParameters["acao"].DefaultValue        = Crypto.Encrypt(acao);
                userLog.InsertParameters["time"].DefaultValue        = Crypto.Encrypt(currentDate);

                // Inserindo as informações
                userLog.Insert();
            }
            //Falha na Autênticação
            else
            {
                //Limpando os campos
                txtUsername.Text = String.Empty;
                txtPassword.Text = String.Empty;
                Response.Write("<script>alert('Login ou senha incorretos!');</script>");

                // Adicionando uma tentativa na session logAttempt
                if (Session["failedLogAttempts"] != null)
                {
                    int    failedAttempts = Convert.ToInt32(Session["failedLogAttempts"].ToString());
                    string jsFailed       = failedAttempts.ToString();
                    Session["failedLogAttempts"] = failedAttempts + 1;
                }
                else
                {
                    // Adicionando a primeira falha
                    Session["failedLogAttempts"] = 1;
                }
            }
        }
        catch (Exception ex) {
            // ERRO NA CONEXÃO COM O BANCO DE DADOS
            Response.Write("<script>function dbError() {if (confirm('Ocorreu um erro no banco de dados interno. Você pode detalhar o erro para nossos desenvolvedores?')) {window.open('mailto:[email protected]?subject=Erro+no+Banco+de+Dados&body=Por+favor+detalhe+o+que+estava+fazendo+ao+se+deparar+com+o+erro');}else{alert('Uma menssagem de erro genérica foi enviada ao Desenvolvedor');}} dbError();</script>");
        }
    }
 /// <summary>
 /// When overridden in a provider, it discovers the users identity.
 /// </summary>
 protected override void ProviderDiscoverIdentity()
 {
     this._connectionString = DiscoverConnectionStringSettings(this).ConnectionString;
     using (SqlLogin loginForm = new SqlLogin(this))
     {
         loginForm.ShowDialog();
     }
 }