public static string Login(string name, string pwd) { string sql = "select * from table_users where c_login_name='" + DALSecurityTool.TransferInsertField(name) + "' and c_pwd='"+ DALSecurityTool.TransferInsertField(SecurityFactory.GetSecurity().Encrypt(pwd))+"'"; ArrayList lists=FT.DAL.Orm.SimpleOrmOperator.QueryList(typeof(UserObject),sql); if (lists.Count == 0) { return "2"; } else { UserObject user=lists[0] as UserObject; RoleObject role = FT.DAL.Orm.SimpleOrmOperator.Query<RoleObject>(user.RoleId); DepartMent dept = FT.DAL.Orm.SimpleOrmOperator.Query<DepartMent>(user.DepId); OperatorTick ot = new OperatorTick(user.Id, user.FullName, user.DepId,role.RoleString, pwd); ot.Desp1 = user.WorkId; ot.Desp2 = dept.ParentCode; ot.Desp3 = dept.DepCode; ot.Desp4 = dept.DepFullName; ot.Desp5 = user.FullName; ot.Desp6 = role.RoleName; ot.Desp7 = user.Km; ot.Desp8 = string.Empty; return FT.Web.OperatorTick.GenerateOpTicket(ot); } //return "1"; }
public static string GenerateOpTicket(OperatorTick op, string secret) { if ((secret == null) || (secret.Length == 0)) { throw new ArgumentNullException("Invalid Argument"); } try { string OpInfoStr = op.GenerateOpInfo(); byte[] Key = TicketTool.GetKey(secret); byte[] OpInfoByte = Encoding.Unicode.GetBytes(OpInfoStr); MemoryStream MSTicket = new MemoryStream(); MSTicket.Write(TicketTool.ConvertLength(OpInfoByte.Length), 0, 2); MSTicket.Write(OpInfoByte, 0, OpInfoByte.Length); MSTicket.Write(TicketTool.ConvertLength(Key.Length), 0, 2); MSTicket.Write(Key, 0, Key.Length); byte[] OpTicketCryptByte = TicketTool.Crypt(MSTicket.ToArray(), Key); string OpTicketCryptStr = Encoding.ASCII.GetString(TicketTool.Base64Encode(OpTicketCryptByte)); return(OpTicketCryptStr); } catch (Exception e) { throw e; } }
public static OperatorTick GetFromString(string opinfo, string secret) { try { byte[] Key = TicketTool.GetKey(secret); byte[] OpLoginTicketCry = TicketTool.Base64Decode(Encoding.ASCII.GetBytes(opinfo)); byte[] OpLoginTicketDec = TicketTool.Decrypt(OpLoginTicketCry, Key); byte[] OpLoginInfoByte; if (OpLoginTicketDec.Length < 2) { throw new System.Exception("Invalid ticket"); } int OpNextLen = TicketTool.GetPart(OpLoginTicketDec, 0, out OpLoginInfoByte); byte[] TickKey; if (OpLoginTicketDec.Length < OpNextLen + 2) { throw new System.Exception("Invalid ticket"); } OpNextLen = TicketTool.GetPart(OpLoginTicketDec, OpNextLen, out TickKey); if (!TicketTool.CompareByteArrays(Key, TickKey)) { throw new System.Exception("Invalid ticket"); } string OpLoginInfo = Encoding.Unicode.GetString(OpLoginInfoByte); string[] arra = OpLoginInfo.Split('\n'); if (arra.Length == 13) { OperatorTick op = new OperatorTick(Convert.ToInt32(arra[0]), arra[1], Convert.ToInt32(arra[2]), arra[3], arra[4]); op.Desp1 = arra[5]; op.Desp2 = arra[6]; op.Desp3 = arra[7]; op.Desp4 = arra[8]; op.Desp5 = arra[9]; op.Desp6 = arra[10]; op.Desp7 = arra[11]; op.Desp8 = arra[12]; return(op); } else { throw new Exception("转换OperatorTick参数个数不对!"); } } catch { return(null); } }
protected void Button1_Click(object sender, EventArgs e) { string userName = FT.DAL.DALSecurityTool.TransferInsertField(this.txtUserName.Text); string pwd = FT.DAL.DALSecurityTool.TransferInsertField(this.txtPassword.Text); pwd = DATA_CONVERT.CryptPasswd(pwd); DataTable dt=FT.DAL.DataAccessFactory.GetDataAccess().SelectDataTable("select a.*,b.rolestring from users a left join roletable b on a.userole=b.roleid where cusername='******' and cpassword='******'","temptable"); if(dt!=null&&dt.Rows.Count>0) { DataRow dr = dt.Rows[0]; OperatorTick op = new OperatorTick(Convert.ToInt32(dr[0].ToString()), dr[1].ToString(), Convert.ToInt32(dr[10].ToString()), dr[13].ToString(), this.txtPassword.Text); Session["OperatorInfo"] = OperatorTick.GenerateOpTicket(op); Response.Redirect("../SystemAdmin/admin.htm"); } else { FT.Web.Tools.WebTools.Alert(this.Page, "登陆失败,请检查用户名和密码!"); } }
public static string Login(string name, string pwd) { string sql = "select * from table_users where c_login_name='" + DALSecurityTool.TransferInsertField(name) + "' and c_pwd='"+ DALSecurityTool.TransferInsertField(SecurityFactory.GetSecurity().Encrypt(pwd))+"'"; ArrayList lists=FT.DAL.Orm.SimpleOrmOperator.QueryList(typeof(UserObject),sql); if (lists.Count == 0) { return "2"; } else { UserObject user=lists[0] as UserObject; OperatorTick ot = new OperatorTick(user.Id, user.FullName, -1,"", pwd); ot.Desp5 = user.FullName; ot.Desp8 = string.Empty; return FT.Web.OperatorTick.GenerateOpTicket(ot); } //return "1"; }
/// <summary> /// 生成操作员登录信息串,由WriteLoginTicket方法调用 /// </summary> /// <param name="opInfoTicket">操作员信息</param> /// <param name="secret">加密密钥</param> /// <returns>返回加密后操作员信息串</returns> public static string GenerateOpTicket(OperatorTick op) { string result = GenerateOpTicket(op, OperatorTick.MySecret); return(result); }
public static string Login(string name, string pwd) { string sql = "select * from table_user_info where c_login_name='" + DALSecurityTool.TransferInsertField(name) + "' and c_pwd='" + DALSecurityTool.TransferInsertField(SecurityFactory.GetSecurity().Encrypt(pwd)) + "'"; ArrayList lists = FT.DAL.Orm.SimpleOrmOperator.QueryList(typeof(UserInfo), sql); if (lists.Count == 0) { return "2"; } else { UserInfo user = lists[0] as UserInfo; RoleInfo role = FT.DAL.Orm.SimpleOrmOperator.Query<RoleInfo>(user.RoleId); DepartmentInfo dept = FT.DAL.Orm.SimpleOrmOperator.Query<DepartmentInfo>(user.DepId); OperatorTick ot = new OperatorTick(user.Id, user.FullName, user.DepId, role.MenuStr, pwd); ot.Desp1 = user.WorkId; ot.Desp2 = dept.GlbmCode; ot.Desp3 = dept.DepCode; ot.Desp4 = dept.DepFullName; ot.Desp5 = user.FullName; ot.Desp6 = role.MenuStr; ot.Desp7 = role.RightStr; ot.Desp8 = user.Km.ToString(); return FT.Web.OperatorTick.GenerateOpTicket(ot); } //return "1"; }
public static OperatorTick GetFromString(string opinfo, string secret) { try { byte[] Key = TicketTool.GetKey(secret); byte[] OpLoginTicketCry = TicketTool.Base64Decode(Encoding.ASCII.GetBytes(opinfo)); byte[] OpLoginTicketDec = TicketTool.Decrypt(OpLoginTicketCry, Key); byte[] OpLoginInfoByte; if (OpLoginTicketDec.Length < 2) throw new System.Exception("Invalid ticket"); int OpNextLen = TicketTool.GetPart(OpLoginTicketDec, 0, out OpLoginInfoByte); byte[] TickKey; if (OpLoginTicketDec.Length < OpNextLen + 2) throw new System.Exception("Invalid ticket"); OpNextLen = TicketTool.GetPart(OpLoginTicketDec, OpNextLen, out TickKey); if (!TicketTool.CompareByteArrays(Key, TickKey)) throw new System.Exception("Invalid ticket"); string OpLoginInfo = Encoding.Unicode.GetString(OpLoginInfoByte); string[] arra = OpLoginInfo.Split('\n'); if (arra.Length ==13) { OperatorTick op=new OperatorTick(Convert.ToInt32(arra[0]), arra[1], Convert.ToInt32(arra[2]), arra[3],arra[4]); op.Desp1 = arra[5]; op.Desp2 = arra[6]; op.Desp3 = arra[7]; op.Desp4 = arra[8]; op.Desp5 = arra[9]; op.Desp6 = arra[10]; op.Desp7 = arra[11]; op.Desp8 = arra[12]; return op; } else { throw new Exception("转换OperatorTick参数个数不对!"); } } catch { return null; } }
public static string GenerateOpTicket(OperatorTick op,string secret) { if ((secret == null) || (secret.Length == 0)) throw new ArgumentNullException("Invalid Argument"); try { string OpInfoStr = op.GenerateOpInfo(); byte[] Key = TicketTool.GetKey(secret); byte[] OpInfoByte = Encoding.Unicode.GetBytes(OpInfoStr); MemoryStream MSTicket = new MemoryStream(); MSTicket.Write(TicketTool.ConvertLength(OpInfoByte.Length), 0, 2); MSTicket.Write(OpInfoByte, 0, OpInfoByte.Length); MSTicket.Write(TicketTool.ConvertLength(Key.Length), 0, 2); MSTicket.Write(Key, 0, Key.Length); byte[] OpTicketCryptByte = TicketTool.Crypt(MSTicket.ToArray(), Key); string OpTicketCryptStr = Encoding.ASCII.GetString(TicketTool.Base64Encode(OpTicketCryptByte)); return OpTicketCryptStr; } catch (Exception e) { throw e; } }
/// <summary> /// 生成操作员登录信息串,由WriteLoginTicket方法调用 /// </summary> /// <param name="opInfoTicket">操作员信息</param> /// <param name="secret">加密密钥</param> /// <returns>返回加密后操作员信息串</returns> public static string GenerateOpTicket(OperatorTick op) { string result=GenerateOpTicket(op, OperatorTick.MySecret); return result; }