int RichiediCodice() { try { //Richiede al sito della sw&More un incrementale da assegnare al db come iddbcliente string XX = "newid"; while ((XX.Length % 8) != 0) { XX += " "; } byte [] B2 = DataAccess.CryptString(XX); string SS2 = QueryCreator.ByteArrayToString(B2); WebClient W = new WebClient(); W.Headers.Add("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"); W.BaseAddress = "http://ticket.temposrl.it/LiveLog/"; byte[] B = W.DownloadData("http://ticket.temposrl.it/LiveLog/DoEasy.aspx?a=" + SS2); string resp = ""; for (int i = 0; i < B.Length; i++) { resp = resp + (char)B[i]; } resp = resp.Trim(); return(CfgFn.GetNoNullInt32(resp)); } catch { return(0); } }
// private string getNuovoAlfa1(string passwordDipart) { // byte[] alfa = mainConn.sha256UserPassword(); // byte[] g1 = DataAccess.CryptString(passwordDipart.PadRight(31)); // byte[] alfa1 = xor(alfa, g1); // return QueryCreator.ByteArrayToString(alfa1); // } public void MetaData_BeforePost() { DataRow rDepartment = HelpForm.GetLastSelected(DS.dbdepartment); if (rDepartment == null) { return; } string passwordDipart = rDepartment["!password"] as string; textBox1.Text = passwordDipart; string userAmmin = (string)Meta.Conn.GetSys("user"); MetaData metaDBAccess = MetaData.GetMetaData(this, "dbaccess"); MetaData metaDBUser = MetaData.GetMetaData(this, "dbuser"); UTF8Encoding encoding = new UTF8Encoding(); string filtroUtente = "(login="******")"; DataTable tUtenti = DataAccess.RUN_SELECT(mainConn, "dbuser", null, null, filtroUtente, null, null, true); DataRow[] rUtenti = tUtenti.Select(filtroUtente); if (rUtenti.Length == 0) { MetaData.SetDefault(DS.dbuser, "login", userAmmin); metaDBUser.Get_New_Row(null, DS.dbuser); } string filtroAccesso = filtroUtente + " and (iddbdepartment=" + QueryCreator.quotedstrvalue(rDepartment["iddbdepartment"], true) + ")"; DataAccess.RUN_SELECT_INTO_TABLE(mainConn, DS.dbaccess, null, filtroAccesso, null, true); MetaData.SetDefault(DS.dbaccess, "login", userAmmin); string iddbdepartment = (string)rDepartment["iddbdepartment"]; string errore; byte[] g1 = mainConn.getDepartmentPassword(iddbdepartment, out errore); if (g1 == null) { metaDBAccess.Get_New_Row(rDepartment, DS.dbaccess); g1 = Easy_DataAccess.CryptString(passwordDipart.PadRight(31)); } DataRow[] righeAccesso = rDepartment.GetChildRows("dbdepartmentdbaccess"); foreach (DataRow rAccess in righeAccesso) { byte[] alfa = mainConn.sha256UserPassword(); byte[] alfa1 = xor(alfa, g1); rAccess["alpha1"] = QueryCreator.ByteArrayToString(alfa1); } }
public void MetaData_AfterGetFormData() { string filtroAmmin = "(login="******"user"), false) + ")"; DataTable tDipAmmin = DataAccess.RUN_SELECT(Meta.Conn, "dbaccess", null, null, filtroAmmin, null, null, true); DataRow[] righeAggiunte = DS.dbaccess.Select(null, null, DataViewRowState.Added); foreach (DataRow r in righeAggiunte) { string filtroDip = "(iddbdepartment=" + QueryCreator.quotedstrvalue(r["iddbdepartment"], false) + ")"; DataRow[] rAmm = tDipAmmin.Select(filtroDip); if (rAmm.Length == 0) { MessageBox.Show(this, "Non si dispone dei diritti di amministratore sul dipartimento '" + r["iddbdepartment"] + "'"); r.RejectChanges(); } } UTF8Encoding encoding = new UTF8Encoding(); SHA256 shaM = new SHA256Managed(); righeAggiunte = DS.dbaccess.Select(null, null, DataViewRowState.Added); foreach (DataRow rAccess in righeAggiunte) { // DataRow rDepartment = rAccess.GetParentRow("dbdepartmentdbaccess"); // DataRow rUser = rAccess.GetParentRow("dbuserdbaccess"); // string passwordDip = leggiPasswordDelDipCambiata(tDipAmmin, rDepartment["iddbdepartment"]); // if (!Easy_DataAccess.checkPasswordSyntax(passwordDip)) { // passwordDip = leggiPasswordDelDipIniziale(tDipAmmin, rDepartment["iddbdepartment"]); // } // byte[] g1 = DataAccess.CryptString(passwordDip.PadRight(31)); byte[] initialPassword = encoding.GetBytes(Easy_DataAccess.INITIAL_PASSWORD); byte[] alfa = shaM.ComputeHash(initialPassword); string errore; byte[] g1 = dataAccess.getDepartmentPassword((string)rAccess["iddbdepartment"], out errore); byte[] nuovoAlfa1 = xor(alfa, g1); rAccess["alpha1"] = QueryCreator.ByteArrayToString(nuovoAlfa1); } }