/// <summary> /// 写入操作日志信息 /// </summary> /// <returns></returns> public static void AddOpera(Model.System.sys_LoginUser loginUserModel, int menuId, string operaType, string memo) { Model.System.sys_Config configModel = new BLL.System.sys_Config().loadConfig(); if (configModel.logstatus == 1) { Model.System.sys_OperaLog operaModel = new Model.System.sys_OperaLog(); if (loginUserModel != null) { operaModel.PerId = loginUserModel.ID; operaModel.PerName = loginUserModel.PerName; operaModel.PerAccount = loginUserModel.Account; operaModel.MenuId = menuId; operaModel.OperaType = operaType; operaModel.Memo = memo; operaModel.OperaTime = DateTime.Now; operaModel.LoginIP = loginUserModel.LoginIP; try { new BLL.System.sys_OperaLog().Add(operaModel); } catch { throw; } } } }
private void GetData(HttpContext context, string btn) { if (btn != "show") { context.Response.Write("{\"status\":\"0.2\",\"msg\":\"对不起,您没有操作权限!\"}"); return; } try { BLL.System.sys_Config bll = new BLL.System.sys_Config(); Model.System.sys_Config model = bll.loadConfig(); StringBuilder jsonStr = new StringBuilder(); jsonStr.Append("{\"status\":\"1\",\"msg\":\"数据获取成功!\",\"info\":"); jsonStr.Append("{\"webname\":\"" + model.webname + "\",\"webversiontime\":\"" + model.webversiontime + "\",\"webinsideurl\":\"" + model.webinsideurl + "\",\"weburl\":\"" + model.weburl + "\",\"weblogo\":\"" + model.weblogo + "\",\"webcompany\":\"" + model.webcompany + "\",\"webaddress\":\"" + model.webaddress + "\",\"webtel\":\"" + model.webtel + "\",\"webfax\":\"" + model.webfax + "\",\"webcrod\":\"" + model.webcrod + "\""); jsonStr.Append(",\"mobilestatus\":" + model.mobilestatus.ToString() + ",\"mobiledomain\":\"" + model.mobiledomain + "\",\"logstatus\":" + model.logstatus.ToString() + ",\"webstatus\":" + model.webstatus + ",\"webclosereason\":\"" + model.webclosereason + "\""); jsonStr.Append(",\"smsapiurl\":\"" + model.smsapiurl + "\",\"smsusername\":\"" + model.smsusername + "\",\"smspassword\":\"" + DESEncrypt.Encrypt(model.smspassword, model.sysencryptstring) + "\",\"smsnickname\":\"" + model.smsnickname + "\""); jsonStr.Append(",\"emailsmtp\":\"" + model.emailsmtp + "\",\"emailport\":" + model.emailport.ToString() + ",\"emailfrom\":\"" + model.emailfrom + "\",\"emailusername\":\"" + model.emailusername + "\",\"emailpassword\":\"" + DESEncrypt.Encrypt(model.emailpassword, model.sysencryptstring) + "\",\"emailnickname\":\"" + model.emailnickname + "\""); jsonStr.Append(",\"fileextension\":\"" + model.fileextension + "\",\"attachsize\":" + model.attachsize.ToString() + ",\"imgsize\":" + model.imgsize.ToString() + ",\"imgmaxheight\":" + model.imgmaxheight.ToString() + ",\"imgmaxwidth\":" + model.imgmaxwidth.ToString() + ",\"thumbnailheight\":" + model.thumbnailheight.ToString() + ",\"thumbnailwidth\":" + model.thumbnailwidth.ToString() + ",\"watermarktype\":" + model.watermarktype.ToString() + ",\"watermarkposition\":" + model.watermarkposition.ToString() + ",\"watermarkimgquality\":" + model.watermarkimgquality.ToString() + ""); jsonStr.Append(",\"watermarkpic\":\"" + model.watermarkpic + "\",\"watermarktransparency\":" + model.watermarktransparency.ToString() + ",\"watermarktext\":\"" + model.watermarktext + "\",\"watermarkfont\":\"" + model.watermarkfont + "\",\"watermarkfontsize\":" + model.watermarkfontsize.ToString()); jsonStr.Append(",\"smscount\":\"" + GetSmsCount() + "\""); jsonStr.Append(",\"wxcorpid\":\"" + model.WxCorpid + "\",\"wxintentioncorpsecret\":\"" + model.WxIntentionCorpSecret + "\",\"wxschedulecorpsecret\":\"" + model.WxScheduleCorpSecret + "\",\"wxschedulesearchcorpsecret\":\"" + model.WxscheduleSearchCorpSecret + "\",\"wxschedulerewardcorpsecret\":\"" + model.WxscheduleRewardCorpSecret + "\",\"wxschedulerewardmanagercorpsecret\":\"" + model.WxscheduleRewardManagerCorpSecret + "\""); jsonStr.Append("}}"); context.Response.Write(jsonStr.ToString()); } catch (Exception e) { context.Response.Write("{\"status\":\"0\",\"msg\":\"对不起,系统出错:" + Utils.HtmlEncode(e.Message) + "\"}"); return; } }
/// <summary> /// 检查是否为合法的上传文件 /// </summary> private bool CheckFileExt(string _fileExt) { Model.System.sys_Config siteConfig = new BLL.System.sys_Config().loadConfig(); //检查危险文件 string[] excExt = { "asp", "aspx", "php", "jsp", "htm", "html" }; for (int i = 0; i < excExt.Length; i++) { if (excExt[i].ToLower() == _fileExt.ToLower()) { return(false); } } //检查合法文件 string fileExtension = siteConfig.fileextension; string[] allowExt = fileExtension.Split(','); for (int i = 0; i < allowExt.Length; i++) { if (allowExt[i].ToLower() == _fileExt.ToLower()) { return(true); } } return(false); }
private void GetHomePage(HttpContext context) { try { string loginSalt = RequestHelper.GetQueryString("LoginSalt"); Model.System.sys_LoginUser loginUserModel = BaseWeb.GetLoginInfo(); if (loginUserModel == null || loginUserModel.Salt != loginSalt) { context.Response.Write("{\"status\":\"0.1\",\"msg\":\"对不起,登录超时,请重新登录!\"}"); return; } string vt = new BLL.System.sys_Config().loadConfig().webversiontime; BLL.System.sys_Mail_Send mailBll = new BLL.System.sys_Mail_Send(); int receiveNoRead = mailBll.GetReceiveNoRead(loginUserModel.ID); BLL.sys_Bulletin bll = new BLL.sys_Bulletin(); int recordNumBulletin = RequestHelper.GetInt("recordNumBulletin", 0); string strWhere = ""; DataTable bulletinDT = bll.GetListByPower(strWhere, recordNumBulletin, loginUserModel.DepId).Tables[0]; string bulletinInfo = Utils.ToJson(bulletinDT); BLL.System.sys_Menu menuBll = new BLL.System.sys_Menu(); DataTable todoDT = menuBll.GetTodoList(loginUserModel.ID).Tables[0]; string todoInfo = Utils.ToJson(todoDT); DataTable nodoDT = menuBll.GetNodoList(loginUserModel.ID).Tables[0]; string nodoInfo = Utils.ToJson(nodoDT); StringBuilder jsonStr = new StringBuilder(); jsonStr.Append("{\"status\":\"1\",\"msg\":\"数据获取成功!\",\"vt\":\"" + vt + "\""); jsonStr.Append(",\"receiveNoRead\":" + receiveNoRead); jsonStr.Append(",\"bulletinInfo\":" + bulletinInfo); jsonStr.Append(",\"todoInfo\":" + todoInfo); jsonStr.Append(",\"nodoInfo\":" + nodoInfo); jsonStr.Append("}"); context.Response.Write(jsonStr); } catch (Exception e) { context.Response.Write("{\"status\":\"0\",\"msg\":\"" + e.Message + "\"}"); } }
/// <summary> /// 校验页面传入参数 /// </summary> /// <param name="loginSalt">客户端Salt</param> /// <param name="menuId">页面ID</param> /// <param name="url">页面URL</param> /// <returns></returns> public static string CheckPageParam(string loginSalt, string menuId, string url, Model.System.sys_LoginUser loginUserModel) { string result = ""; if (url == "") { result = "{\"status\":\"0.1\",\"msg\":\"非法传入页面!\"}"; return(result); } if (menuId == "") { result = "{\"status\":\"0.1\",\"msg\":\"菜单ID不能为空!\"}"; return(result); } if (loginSalt == "") { result = "{\"status\":\"0.1\",\"msg\":\"Salt不能为空!\"}"; return(result); } if (loginUserModel == null || loginUserModel.Salt != loginSalt) { result = "{\"status\":\"0.1\",\"msg\":\"对不起,登录超时,请重新登录!\"}"; return(result); } String domain = Utils.GetUrlDomain(url).ToLower(); Model.System.sys_Config configModel = new BLL.System.sys_Config().loadConfig(); //string[] domainArray = (configModel.webinsideurl + "," + configModel.weburl).Split(','); //if (domain != "wx.ssccm.cn:8080" || RequestHelper.GetIP() != "127.0.0.1") //{ // if (domain == "" || !domainArray.Contains(domain)) // { // result = "{\"status\":\"0.1\",\"msg\":\"非法传入页面!\"}"; // return result; // } //} return(result); }
/// <summary> /// 检查文件大小是否合法 /// </summary> /// <param name="_fileExt">文件扩展名,不含“.”</param> /// <param name="_fileSize">文件大小(B)</param> private bool CheckFileSize(string _fileExt, int _fileSize) { Model.System.sys_Config siteConfig = new BLL.System.sys_Config().loadConfig(); //判断是否为图片文件 if (IsImage(_fileExt)) { if (siteConfig.imgsize > 0 && _fileSize > siteConfig.imgsize * 1024) { return(false); } } else { if (siteConfig.attachsize > 0 && _fileSize > siteConfig.attachsize * 1024) { return(false); } } return(true); }
private void Login(HttpContext context) { try { string account = RequestHelper.GetString("account"); string pwd = RequestHelper.GetString("pwd"); string url = RequestHelper.GetUrlReferrer(); //判断登录错误次数 if (context.Session["LoginNum"] != null && Convert.ToInt32(context.Session["LoginNum"]) > 5) { context.Response.Write("{\"status\":\"0\",\"msg\":\"错误超过5次,关闭浏览器重新登录!\"}"); return; } if (account.Trim() == "") { WriteError(context); context.Response.Write("{\"status\":\"0\",\"msg\":\"账号不能为空!\"}"); return; } if (pwd.Trim() == "") { WriteError(context); context.Response.Write("{\"status\":\"0\",\"msg\":\"密码不能为空!\"}"); return; } if (url.Trim() == "") { WriteError(context); context.Response.Write("{\"status\":\"0.1\",\"msg\":\"非法传入页面!\"}"); return; } String domain = Utils.GetUrlDomain(url).ToLower(); if (domain != "localhost" || RequestHelper.GetIP() != "127.0.0.1") { Model.System.sys_Config configModel = new BLL.System.sys_Config().loadConfig(); string[] domainArray = (configModel.webinsideurl + "," + configModel.weburl).Split(','); if (domain == "" || !domainArray.Contains(domain)) { WriteError(context); context.Response.Write("{\"status\":\"0.1\",\"msg\":\"非法传入页面!\"}"); return; } } BLL.System.sys_Person bll = new BLL.System.sys_Person(); Model.System.sys_LoginUser model = bll.GetModel(account, pwd, true); if (model == null) { WriteError(context); context.Response.Write("{\"status\":\"0\",\"msg\":\"用户名或密码有误,请重试!\"}"); return; } model.Salt = Utils.GetLetterOrNumberRandom(10); model.LoginTime = DateTime.Now; model.LoginIP = RequestHelper.GetIP(); // 保存登录人的Sessin context.Session[Keys.SESSION_LoginUser] = model; context.Session.Timeout = 45; //写入登录日志 string operaAction = Enums.ActionEnum.Login.ToString(); string operaMemo = "用户登录"; BaseWeb.AddOpera(model, 0, operaAction, operaMemo); context.Response.Write("{\"status\":\"1\",\"msg\":\"权限获取成功!\",\"userName\":\"" + model.PerName + "\",\"loginSalt\":\"" + model.Salt + "\"}"); } catch (Exception e) { context.Response.Write("{\"status\":\"0\",\"msg\":\"" + e.Message + "\"}"); } }
private void SaveData(HttpContext context, string btn) { if (btn != "btnSave") { context.Response.Write("{\"status\":\"0.2\",\"msg\":\"对不起,您没有操作权限!\"}"); return; } string id = RequestHelper.GetString("id"); BLL.System.sys_Config bll = new BLL.System.sys_Config(); Model.System.sys_Config model = bll.loadConfig(); model.webname = RequestHelper.GetString("webname"); model.webversiontime = RequestHelper.GetString("webversiontime"); model.webinsideurl = RequestHelper.GetString("webinsideurl"); model.weburl = RequestHelper.GetString("weburl"); model.webcrod = RequestHelper.GetString("webcrod"); model.webcompany = RequestHelper.GetString("webcompany"); model.webaddress = RequestHelper.GetString("webaddress"); model.webtel = RequestHelper.GetString("webtel"); model.webfax = RequestHelper.GetString("webfax"); model.mobilestatus = RequestHelper.GetInt("mobilestatus", 0); model.logstatus = RequestHelper.GetInt("logstatus", 1); model.webstatus = RequestHelper.GetInt("webstatus", 1); model.webclosereason = RequestHelper.GetString("webclosereason"); model.smsapiurl = RequestHelper.GetString("smsapiurl"); model.smsusername = RequestHelper.GetString("smsusername"); if (DESEncrypt.Encrypt(model.smspassword, model.sysencryptstring) != RequestHelper.GetString("smspassword")) { model.smspassword = RequestHelper.GetString("smspassword"); } model.smsnickname = RequestHelper.GetString("smsnickname"); model.emailsmtp = RequestHelper.GetString("emailsmtp"); model.emailport = RequestHelper.GetInt("emailport", 25); model.emailfrom = RequestHelper.GetString("emailfrom"); model.emailusername = RequestHelper.GetString("emailusername"); if (DESEncrypt.Encrypt(model.emailpassword, model.sysencryptstring) != RequestHelper.GetString("emailpassword")) { model.emailpassword = RequestHelper.GetString("emailpassword"); } model.emailnickname = RequestHelper.GetString("emailnickname"); model.fileextension = RequestHelper.GetString("fileextension"); model.attachsize = RequestHelper.GetInt("attachsize", 0); model.imgsize = RequestHelper.GetInt("imgsize", 0); model.imgmaxwidth = RequestHelper.GetInt("imgmaxwidth", 0); model.imgmaxheight = RequestHelper.GetInt("imgmaxheight", 0); model.thumbnailwidth = RequestHelper.GetInt("thumbnailwidth", 0); model.thumbnailheight = RequestHelper.GetInt("thumbnailheight", 0); model.watermarktype = RequestHelper.GetInt("watermarktype", 0); model.watermarkposition = RequestHelper.GetInt("watermarkposition", 5); model.watermarkimgquality = RequestHelper.GetInt("watermarkimgquality", 80); model.watermarkpic = RequestHelper.GetString("watermarkpic"); model.watermarktransparency = RequestHelper.GetInt("watermarktransparency", 5); model.watermarktext = RequestHelper.GetString("watermarktext"); model.watermarkfont = RequestHelper.GetString("watermarkfont"); model.watermarkfontsize = RequestHelper.GetInt("watermarkfontsize", 12); model.WxCorpid = RequestHelper.GetString("wxcorpid"); model.WxIntentionCorpSecret = RequestHelper.GetString("wxintentioncorpsecret"); model.WxScheduleCorpSecret = RequestHelper.GetString("wxschedulecorpsecret"); model.WxscheduleSearchCorpSecret = RequestHelper.GetString("wxschedulesearchcorpsecret"); model.WxscheduleRewardCorpSecret = RequestHelper.GetString("wxschedulerewardcorpsecret"); model.WxscheduleRewardManagerCorpSecret = RequestHelper.GetString("wxschedulerewardmanagercorpsecret"); Model.System.sys_LoginUser loginUserModel = BaseWeb.GetLoginInfo(); string status = "0"; string operaAction = ""; string operaMemo = ""; try { bll.saveConifg(model); status = "1"; operaAction = Enums.ActionEnum.Edit.ToString(); operaMemo = "修改系统配置"; //写入操作日志 BaseWeb.AddOpera(loginUserModel, int.Parse(RequestHelper.GetQueryString("MenuId")), operaAction, operaMemo); context.Response.Write("{\"status\":\"" + status + "\",\"msg\":\"修改成功!\"}"); return; } catch (Exception e) { context.Response.Write("{\"status\":\"0\",\"msg\":\"对不起,系统出错:" + Utils.HtmlEncode(e.Message) + "\"}"); return; } }
/// <summary> /// 文件上传方法 /// </summary> /// <param name="postedFile">文件流</param> /// <param name="isThumbnail">是否生成缩略图</param> /// <param name="isWater">是否打水印</param> /// <param name="level">文件级次用于生成预览路径</param> /// <returns>上传后文件信息</returns> public string fileSaveAs(HttpPostedFile postedFile, string upLoadPath, bool isThumbnail, bool isWater, string fileType) { try { string jsFileName = postedFile.FileName; if (jsFileName.Contains(":\\")) { jsFileName = jsFileName.Substring(jsFileName.LastIndexOf("\\") + 1); } string fileExt = Utils.GetFileExt(jsFileName); //文件扩展名,不含“.” int fileSize = postedFile.ContentLength; //获得文件大小,以字节为单位 string fileName = jsFileName.Substring(0, jsFileName.LastIndexOf(".")); //取得原文件名 string newFileName = fileName + "_" + Utils.GetRamCode() + "." + fileExt; //随机生成新的文件名 string newThumbnailFileName = "thumb_" + newFileName; //随机生成缩略图文件名 if (upLoadPath == "") { upLoadPath = GetUpLoadPath();//上传目录相对路径 } else { upLoadPath = GetUpLoadPath() + upLoadPath + "/"; //上传目录相对路径 } string fullUpLoadPath = Utils.GetMapPath(upLoadPath); //上传目录的物理路径 string newFilePath = upLoadPath + newFileName; //上传后的路径 string newThumbnailPath = upLoadPath + newThumbnailFileName; //上传后的缩略图路径 if (fileType == "xls") { if (!CheckFileExtXLS(fileExt)) { return("{\"status\": 0, \"msg\": \"请选择Excel类型的文件!\"}"); } } else { //检查文件扩展名是否合法 if (!CheckFileExt(fileExt)) { return("{\"status\": 0, \"msg\": \"不允许上传" + fileExt + "类型的文件!\"}"); } } //检查文件大小是否合法 if (!CheckFileSize(fileExt, fileSize)) { return("{\"status\": 0, \"msg\": \"文件超过限制的大小啦!\"}"); } //检查上传的物理路径是否存在,不存在则创建 if (!Directory.Exists(fullUpLoadPath)) { Directory.CreateDirectory(fullUpLoadPath); } //保存文件 postedFile.SaveAs(fullUpLoadPath + newFileName); Model.System.sys_Config siteConfig = new BLL.System.sys_Config().loadConfig(); //如果是图片,检查图片是否超出最大尺寸,是则裁剪 if (IsImage(fileExt) && (siteConfig.imgmaxheight > 0 || siteConfig.imgmaxwidth > 0)) { Thumbnail.MakeThumbnailImage(fullUpLoadPath + newFileName, fullUpLoadPath + newFileName, siteConfig.imgmaxwidth, siteConfig.imgmaxheight); } //如果是图片,检查是否需要生成缩略图,是则生成 if (IsImage(fileExt) && isThumbnail && siteConfig.thumbnailwidth > 0 && siteConfig.thumbnailheight > 0) { Thumbnail.MakeThumbnailImage(fullUpLoadPath + newFileName, fullUpLoadPath + newThumbnailFileName, siteConfig.thumbnailwidth, siteConfig.thumbnailheight, "Cut"); } //如果是图片,检查是否需要打水印 if (IsWaterMark(fileExt) && isWater) { switch (siteConfig.watermarktype) { case 1: WaterMark.AddImageSignText(newFilePath, newFilePath, siteConfig.watermarktext, siteConfig.watermarkposition, siteConfig.watermarkimgquality, siteConfig.watermarkfont, siteConfig.watermarkfontsize); break; case 2: WaterMark.AddImageSignPic(newFilePath, newFilePath, siteConfig.watermarkpic, siteConfig.watermarkposition, siteConfig.watermarkimgquality, siteConfig.watermarktransparency); break; } } //处理完毕,返回JOSN格式的文件信息 return("{\"status\": 1, \"msg\": \"上传文件成功!\", \"name\": \"" + jsFileName + "\", \"path\": \"" + newFilePath + "\", \"thumb\": \"" + newThumbnailPath + "\", \"size\": " + fileSize + ", \"ext\": \"" + fileExt + "\"}"); } catch { return("{\"status\": 0, \"msg\": \"上传过程中发生意外错误!\"}"); } }