/// <summary>
/// 用户注册
/// </summary>
/// <returns></returns>
public bool WsSignUp(string name, string pass, XmlWriter writer)
{
name = name.ToLower();
Random r = new Random();
// 口令
byte[] t = new byte[72];
int i = 0;
byte[] a = Encoding.UTF8.GetBytes(_Code);
Array.Copy(a, 0, t, i, a.Length);
i += a.Length;
_Salt = new byte[16];
r.NextBytes(_Salt);
Array.Copy(_Salt, 0, t, i, _Salt.Length);
i += _Salt.Length;
_Keys = new byte[32];
r.NextBytes(_Keys);
Array.Copy(_Keys, 0, t, i, _Keys.Length);
i += _Keys.Length;
_Mask = CharUtil.GenerateUserChar();
a = Encoding.UTF8.GetBytes(_Mask);
Array.Copy(a, 0, t, i, a.Length);
#region AES 加密
byte[] k = GenK(name, _Code, pass);
byte[] v = GenV(name, _Code, pass);
AesManaged aes = new AesManaged();
using (MemoryStream mStream = new MemoryStream())
{
using (CryptoStream cStream = new CryptoStream(mStream, aes.CreateEncryptor(k, v), CryptoStreamMode.Write))
{
cStream.Write(t, 0, t.Length);
cStream.FlushFinalBlock();
t = mStream.ToArray();
}
}
aes.Clear();
#endregion
DBAccess dba = new DBAccess();
dba.AddTable(DBConst.APWD0000);
dba.AddWhere(DBConst.APWD0001, _Code);
dba.AddDeleteBatch();
a = new byte[256];
r.NextBytes(a);
string data = Convert.ToBase64String(a);
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, _Code);
dba.AddParam(DBConst.APWD0002, "Data");
dba.AddParam(DBConst.APWD0003, data);
dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
dba.AddInsertBatch();
string info = Digest(name, pass, a);
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, _Code);
dba.AddParam(DBConst.APWD0002, "Info");
dba.AddParam(DBConst.APWD0003, info);
dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
dba.AddInsertBatch();
string main = Convert.ToBase64String(t);
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, _Code);
dba.AddParam(DBConst.APWD0002, "Main");
dba.AddParam(DBConst.APWD0003, main);
dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
dba.AddInsertBatch();
string safe = "";
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, _Code);
dba.AddParam(DBConst.APWD0002, "Safe");
dba.AddParam(DBConst.APWD0003, safe);
dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
dba.AddInsertBatch();
dba.ExecuteBatch();
a = new byte[256];
new Random().NextBytes(a);
writer.WriteElementString("Code", _Code);
writer.WriteElementString("Data", data);
writer.WriteElementString("Info", info);
writer.WriteElementString("Main", main);
writer.WriteElementString("Safe", safe);
return true;
}
/// <summary>
/// 用户注册(网页方式)
/// </summary>
/// <param name="name">登录用户</param>
/// <param name="pass">用户口令</param>
/// <param name="mail">电子邮件</param>
/// <returns></returns>
public int WpSignUp(string name, string pass, string mail)
{
#region 用户名判断
DBAccess dba = new DBAccess();
dba.AddTable(DBConst.C3010400);
dba.AddColumn(DBConst.C3010402);
dba.AddWhere(string.Format("{0}='{1}' OR {2}='{3}'", DBConst.C3010405, name, DBConst.C3010406, mail));
DataTable dt = dba.ExecuteSelect();
if (dt.Rows.Count != 0)
{
return IMsg.MSG_SIGNUP_EXIST;
}
#endregion
#region 用户信息
dba.ReInit();
dba.AddTable(DBConst.C3010400);
dba.AddColumn(string.Format("MAX({0}) {0}", DBConst.C3010402));
dba.AddWhere(string.Format("LENGTH({0})=8", DBConst.C3010402));
dt = dba.ExecuteSelect();
string code = "";
if (dt != null && dt.Rows.Count > 0)
{
code = dt.Rows[0][0].ToString();
}
if (CharUtil.IsValidateCode(code))
{
code = CharUtil.GenerateUserCode(code);
}
else
{
code = "A0000000";
}
#endregion
string hash = HashUtil.UtcTimeInHex(false);
#region 真实信息
dba.ReInit();
dba.AddTable(DBConst.C3010300);
dba.AddParam(DBConst.C3010301, hash);
dba.AddParam(DBConst.C3010302, code);
dba.AddParam(DBConst.C3010303, "");
dba.AddParam(DBConst.C3010304, "");
dba.AddParam(DBConst.C3010305, 1);
dba.AddParam(DBConst.C3010306, null);
dba.AddParam(DBConst.C3010307, "");
dba.AddParam(DBConst.C3010308, DBConst.SQL_NOW, false);
dba.AddParam(DBConst.C3010309, DBConst.SQL_NOW, false);
if (dba.ExecuteInsert() != 1)
{
return IMsg.MSG_SIGNUP_INNER;
}
#endregion
#region 在线信息
dba.ReInit();
dba.AddTable(DBConst.C3010400);
dba.AddParam(DBConst.C3010401, hash);
dba.AddParam(DBConst.C3010402, code);
dba.AddParam(DBConst.C3010403, "0");
dba.AddParam(DBConst.C3010404, "0");
dba.AddParam(DBConst.C3010405, name);
dba.AddParam(DBConst.C3010406, mail);
dba.AddParam(DBConst.C3010407, name);
dba.AddParam(DBConst.C3010408, "0");
dba.AddParam(DBConst.C3010409, "");
dba.AddParam(DBConst.C301040A, "");
dba.AddParam(DBConst.C301040B, "");
dba.AddParam(DBConst.C301040C, DBConst.SQL_NOW, false);
dba.AddParam(DBConst.C301040D, DBConst.SQL_NOW, false);
if (dba.ExecuteInsert() != 1)
{
return IMsg.MSG_SIGNUP_INNER;
}
#endregion
#region 联系方式
dba.ReInit();
dba.AddTable(DBConst.C3010500);
dba.AddParam(DBConst.C3010501, "0");
dba.AddParam(DBConst.C3010502, IUser.MAJOR_04);
dba.AddParam(DBConst.C3010503, hash);
dba.AddParam(DBConst.C3010504, code);
dba.AddParam(DBConst.C3010505, "sctteqacvfxgqgtb");// 电子邮件
dba.AddParam(DBConst.C3010506, mail);
dba.AddParam(DBConst.C3010507, "");
dba.AddParam(DBConst.C3010508, DBConst.SQL_NOW, false);
dba.AddParam(DBConst.C3010509, DBConst.SQL_NOW, false);
if (dba.ExecuteInsert() != 1)
{
return IMsg.MSG_SIGNUP_INNER;
}
#endregion
#region 安全信息
_Data = new byte[256];
new Random().NextBytes(_Data);
string info = Digest(name.ToLower(), pass, _Data);
dba.ReInit();
dba.AddTable(DBConst.C3010600);
dba.AddParam(DBConst.C3010601, hash);
dba.AddParam(DBConst.C3010602, hash);
dba.AddParam(DBConst.C3010603, info);
dba.AddParam(DBConst.C3010604, mail);
dba.AddParam(DBConst.C3010605, "");
dba.AddParam(DBConst.C3010606, "");
dba.AddParam(DBConst.C3010607, "");
dba.AddParam(DBConst.C3010608, "");
dba.AddParam(DBConst.C3010609, "");
dba.AddParam(DBConst.C301060A, "");
dba.AddParam(DBConst.C301060B, "");
dba.AddParam(DBConst.C301060C, "");
dba.AddParam(DBConst.C301060D, "");
dba.AddParam(DBConst.C301060E, "");
dba.AddParam(DBConst.C301060F, Convert.ToBase64String(_Data));
dba.AddParam(DBConst.C3010610, DBConst.SQL_NOW, false);
dba.AddParam(DBConst.C3010611, DBConst.SQL_NOW, false);
if (dba.ExecuteInsert() != 1)
{
return IMsg.MSG_SIGNUP_INNER;
}
#endregion
#region 权限分配
dba.ReInit();
dba.AddTable(DBConst.C3010200);
dba.AddParam(DBConst.C3010201, hash);
dba.AddParam(DBConst.C3010202, hash);
dba.AddParam(DBConst.C3010203, "sctvsxyttfzeqqgq");//一般用户
dba.AddParam(DBConst.C3010204, "APWD0000");
dba.AddParam(DBConst.C3010205, "");
dba.AddParam(DBConst.C3010206, DBConst.SQL_NOW, false);
dba.AddParam(DBConst.C3010207, DBConst.SQL_NOW, false);
if (dba.ExecuteInsert() != 1)
{
return IMsg.MSG_SIGNUP_INNER;
}
#endregion
_Name = name;
_Code = code;
_Rank = IUser.LEVEL_02;//一般用户
return IMsg.MSG_SIGNUP_SUCCESS;
}
/// <summary>
/// 修改口令
/// </summary>
/// <param name="name"></param>
/// <param name="oldPass"></param>
/// <param name="newPass"></param>
/// <returns></returns>
public bool WsSignPk(string name, string oldPass, string newPass, XmlWriter writer)
{
var dba = new DBAccess();
dba.AddTable(DBConst.C3010400);
dba.AddColumn(DBConst.C3010402);
dba.AddWhere(DBConst.C3010400, CharUtil.Text2DB(name));
var dt = dba.ExecuteSelect();
if (dt.Rows.Count != 1)
{
writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!");
return false;
}
string code = dt.Rows[0][DBConst.C3010402] as string;
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddColumn(DBConst.APWD0002);
dba.AddColumn(DBConst.APWD0003);
dba.AddWhere(DBConst.APWD0001, code);
dba.AddSort(DBConst.APWD0002, true);
dt = dba.ExecuteSelect();
if (dt.Rows.Count != 4)
{
writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!");
return false;
}
string data = dt.Rows[0][DBConst.APWD0003] as string;
if (string.IsNullOrEmpty(data))
{
writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!");
return false;
}
byte[] b = Convert.FromBase64String(data);
string info = dt.Rows[0][DBConst.APWD0003] as string;
string main = dt.Rows[0][DBConst.APWD0003] as string;
string safe = dt.Rows[0][DBConst.APWD0003] as string;
// 已有口令校验
if (info != Digest(name, oldPass, b))
{
writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!");
return false;
}
// 口令
byte[] k = GenK(name, code, oldPass);
// 向量
byte[] v = GenV(name, code, oldPass);
byte[] t = Convert.FromBase64String(main);
#region AES 加密
AesManaged aes1 = new AesManaged();
using (MemoryStream mStream = new MemoryStream())
{
using (CryptoStream cStream = new CryptoStream(mStream, aes1.CreateDecryptor(k, v), CryptoStreamMode.Write))
{
cStream.Write(t, 0, t.Length);
cStream.FlushFinalBlock();
t = mStream.ToArray();
}
}
aes1.Clear();
#endregion
new Random().NextBytes(b);
// 口令
k = GenK(name, code, newPass);
// 向量
v = GenV(name, code, newPass);
#region AES 加密
AesManaged aes2 = new AesManaged();
using (MemoryStream mStream = new MemoryStream())
{
using (CryptoStream cStream = new CryptoStream(mStream, aes2.CreateEncryptor(k, v), CryptoStreamMode.Write))
{
cStream.Write(t, 0, t.Length);
cStream.FlushFinalBlock();
t = mStream.ToArray();
}
}
aes1.Clear();
#endregion
// 摘要用户登录信息
info = Digest(name, newPass, b);
data = Convert.ToBase64String(b);
main = Convert.ToBase64String(t);
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddWhere(DBConst.APWD0001, code);
dba.AddDeleteBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Data");
dba.AddParam(DBConst.APWD0003, data);
dba.AddInsertBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Info");
dba.AddParam(DBConst.APWD0003, info);
dba.AddInsertBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Main");
dba.AddParam(DBConst.APWD0003, main);
dba.AddInsertBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Safe");
dba.AddParam(DBConst.APWD0003, safe);
dba.AddInsertBatch();
dba.ExecuteBatch();
writer.WriteElementString("Code", code);
writer.WriteElementString("Data", data);
writer.WriteElementString("Info", info);
writer.WriteElementString("Main", main);
writer.WriteElementString("Safe", safe);
return true;
}
/// <summary>
/// 修改登录口令
/// </summary>
/// <param name="oldPass"></param>
/// <param name="newPass"></param>
/// <returns></returns>
public bool WpSignPk(string oldPass, string newPass)
{
// 口令验证
string tmpPwds = Digest(_Name, oldPass, _Data);
// 执行查询
var dba = new DBAccess();
dba.AddTable(DBConst.C3010600);
dba.AddColumn(DBConst.C3010603);
dba.AddWhere(DBConst.C3010602, _Hash);
DataTable dt = dba.ExecuteSelect();
// 数据验证
if (dt.Rows.Count != 1)
{
return false;
}
oldPass = dt.Rows[0][0].ToString();
if (tmpPwds != oldPass)
{
return false;
}
tmpPwds = Digest(_Name, newPass, _Data);
// 修改口令
dba.ReInit();
dba.AddTable(DBConst.C3010600);
dba.AddParam(DBConst.C3010603, tmpPwds);
dba.AddParam(DBConst.C3010610, DBConst.SQL_NOW, false);
dba.AddWhere(DBConst.C3010602, _Hash);
return 1 == dba.ExecuteUpdate();
}
public void InitUserData()
{
#region 数据初始化
DBAccess dba = new DBAccess();
dba.AddTable(DBConst.ACAT0200);
dba.AddWhere(DBConst.ACAT0202, Code);
dba.AddDeleteBatch();
dba.ReInit();
dba.AddParam(DBConst.ACAT0201, DBConst.ACAT0201, false);
dba.AddParam(DBConst.ACAT0202, Code);
dba.AddParam(DBConst.ACAT0203, DBConst.ACAT0203, false);
dba.AddParam(DBConst.ACAT0204, DBConst.ACAT0204, false);
dba.AddParam(DBConst.ACAT0205, DBConst.ACAT0205, false);
dba.AddParam(DBConst.ACAT0206, DBConst.ACAT0206, false);
dba.AddParam(DBConst.ACAT0207, DBConst.ACAT0207, false);
dba.AddParam(DBConst.ACAT0208, DBConst.ACAT0208, false);
dba.AddParam(DBConst.ACAT0209, DBConst.ACAT0209, false);
dba.AddParam(DBConst.ACAT020A, DBConst.ACAT020A, false);
dba.AddParam(DBConst.ACAT020B, DBConst.ACAT020B, false);
dba.AddParam(DBConst.ACAT020C, 1);
dba.AddParam(DBConst.ACAT020D, 1);
dba.AddWhere(DBConst.ACAT0202, IUser.AMON_CODE);
dba.AddBackupBatch(DBConst.ACAT0200, DBConst.ACAT0200);
dba.ReInit();
dba.AddTable(DBConst.APWD0300);
dba.AddWhere(DBConst.APWD0303, Code);
dba.AddDeleteBatch();
dba.ReInit();
dba.AddParam(DBConst.APWD0301, DBConst.APWD0301, false);
dba.AddParam(DBConst.APWD0302, DBConst.APWD0302, false);
dba.AddParam(DBConst.APWD0303, Code);
dba.AddParam(DBConst.APWD0304, DBConst.APWD0304, false);
dba.AddParam(DBConst.APWD0305, DBConst.APWD0305, false);
dba.AddParam(DBConst.APWD0306, DBConst.APWD0306, false);
dba.AddParam(DBConst.APWD0307, DBConst.APWD0307, false);
dba.AddParam(DBConst.APWD0308, DBConst.APWD0308, false);
dba.AddParam(DBConst.APWD0309, DBConst.APWD0309, false);
dba.AddParam(DBConst.APWD030A, DBConst.APWD030A, false);
dba.AddParam(DBConst.APWD030B, 1);
dba.AddParam(DBConst.APWD030C, 1);
dba.AddWhere(DBConst.APWD0303, IUser.AMON_CODE);
dba.AddBackupBatch(DBConst.APWD0300, DBConst.APWD0300);
dba.ReInit();
dba.AddTable(DBConst.AUDC0100);
dba.AddWhere(DBConst.AUDC0102, Code);
dba.AddDeleteBatch();
dba.ReInit();
dba.AddParam(DBConst.AUDC0101, DBConst.AUDC0101, false);
dba.AddParam(DBConst.AUDC0102, Code);
dba.AddParam(DBConst.AUDC0103, DBConst.AUDC0103, false);
dba.AddParam(DBConst.AUDC0104, DBConst.AUDC0104, false);
dba.AddParam(DBConst.AUDC0105, DBConst.AUDC0105, false);
dba.AddParam(DBConst.AUDC0106, DBConst.AUDC0106, false);
dba.AddParam(DBConst.AUDC0107, DBConst.AUDC0107, false);
dba.AddParam(DBConst.AUDC0108, DBConst.AUDC0108, false);
dba.AddParam(DBConst.AUDC0109, DBConst.AUDC0109, false);
dba.AddParam(DBConst.AUDC010A, 1);
dba.AddParam(DBConst.AUDC010B, 1);
dba.AddWhere(DBConst.AUDC0102, IUser.AMON_CODE);
dba.AddBackupBatch(DBConst.AUDC0100, DBConst.AUDC0100);
dba.ExecuteBatch();
#endregion
}
public override bool Save(DBAccess dba, bool update)
{
dba.ReInit();
dba.AddTable(DBConst.ACAT0200);
dba.AddParam(DBConst.ACAT0201, Order);
dba.AddParam(DBConst.ACAT0204, Parent);
dba.AddParam(DBConst.ACAT0205, Text);
dba.AddParam(DBConst.ACAT0206, Tips);
dba.AddParam(DBConst.ACAT0207, Icon);
dba.AddParam(DBConst.ACAT0208, Meta);
dba.AddParam(DBConst.ACAT0209, Memo);
dba.AddParam(DBConst.ACAT020A, DBConst.SQL_NOW, false);
if (update)
{
dba.AddWhere(DBConst.ACAT0202, UserCode);
dba.AddWhere(DBConst.ACAT0203, Id);
dba.AddVcs(DBConst.ACAT020C, DBConst.ACAT020D, Operate, Cat.OPT_UPDATE);
return 1 == dba.ExecuteUpdate();
}
dba.AddParam(DBConst.ACAT0202, UserCode);
dba.AddParam(DBConst.ACAT0203, Id);
dba.AddParam(DBConst.ACAT020B, DBConst.SQL_NOW, false);
dba.AddVcs(DBConst.ACAT020C, DBConst.ACAT020D);
return 1 == dba.ExecuteInsert();
}
private void ProcessRSA(XmlWriter writer)
{
string t = HashUtil.UtcTimeInHex();
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
DBAccess dba = new DBAccess();
dba.AddTable(DBConst.C3010000);
dba.AddParam(DBConst.C3010001, t);
dba.AddParam(DBConst.C3010002, DBConst.SQL_NOW, false);
dba.AddParam(DBConst.C3010003, CharUtil.Text2DB(rsa.ToXmlString(true)));
dba.AddParam(DBConst.C3010004, 0);
dba.ExecuteInsert();
writer.WriteStartElement("RSA");
writer.WriteElementString("t", t);
writer.WriteElementString("k", rsa.ToXmlString(false));
writer.WriteEndElement();
}
private byte[] Encrypt(string t, byte[] data)
{
DBAccess dba = new DBAccess();
dba.AddTable(DBConst.C3010000);
dba.AddColumn(DBConst.C3010003);
dba.AddWhere(DBConst.C3010001, CharUtil.Text2DB(t));
dba.AddWhere(DBConst.C3010004, "0");
DataTable dt = dba.ExecuteSelect();
if (dt.Rows.Count != 1)
{
return null;
}
string key = dt.Rows[0][0] as string;
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
rsa.FromXmlString(key);
data = rsa.Encrypt(data, false);
}
dba.ReInit();
dba.AddTable(DBConst.C3010000);
dba.AddParam(DBConst.C3010004, 1);
dba.AddWhere(DBConst.C3010001, CharUtil.Text2DB(t));
dba.AddWhere(DBConst.C3010004, "0", false);
dba.ExecuteUpdate();
return data;
}