Esempio n. 1
0
    public void RaiseCallbackEvent(string eventArg)
    {
        //在这里调用登录处理事件
        //处理登录
        string  thePlineCode   = "";
        string  theUserCode    = "";
        string  thePassword    = "";
        string  theLoginStatus = "";
        Boolean theLoginFlag   = false;
        string  theSessionCode = "";
        string  theCompanyCode = "";

        string thePlineName = "";  //20071219 增加生产线名称
        string theUserName  = "";
        string theUserId    = "";
        string theClientIp  = Request.UserHostAddress;



        PubCs thePubCs = new PubCs();
        //测试读取xml
        string theServerPath1 = Server.MapPath("~/").ToString();

        theServerPath1 = theServerPath1 + "Rmes/Pub/Xml/RmesConfig.xml";
        string theRet = thePubCs.ReadFromXml(theServerPath1, "SeparatorStr");

        ArrayList theArrayList = thePubCs.SplitBySeparator(eventArg, theRet);

        string[] theString = thePubCs.ArrayListToString(theArrayList);

        theCompanyCode = theString[0];
        theUserCode    = theString[1].ToUpper();
        thePassword    = theString[2];
        thePlineName   = theString[3];

        //用户代码和用户ID的转换 20110722

        dataConn theDataConn002 = new dataConn();

        theDataConn002.OpenConn();
        theDataConn002.setTheSql("select func_get_user('" + theCompanyCode + "','MES','" + theUserCode + "','A') from dual");
        theUserId = theDataConn002.GetValue();

        theDataConn002.CloseConn();


        //得到当前会话和公司号
        userManager theUserManager1 = (userManager)Session["theUserManager"];

        if (theUserManager1 != null)
        {
            theSessionCode = theUserManager1.theSessionCode;
            //theCompanyCode = theUserManager1.getCompanyCode();
        }
        else
        {
            //theCompanyCode = (string)Session["theCompanyCode"];
        }


        loginManager theLoginManager = new loginManager();

        theLoginManager.setCompanyCode(theCompanyCode);
        theLoginFlag = theLoginManager.ReLoginIn(theUserId, thePubCs.AESEncrypt(thePassword), theClientIp, theSessionCode, thePlineCode);


        //得到用户名称
        theUserName = theLoginManager.getUserName();
        theUserCode = theLoginManager.getUserCode();

        if (theLoginFlag)
        {
            TxtEmployeeCode.Text = "ok";
            TxtPassword.Text     = theLoginManager.theLoginFlag;
        }
        else
        {
            TxtEmployeeCode.Text = "error";
            TxtPassword.Text     = theLoginManager.theLoginFlag;
        }

        theLoginStatus = theLoginManager.theLoginFlag;
        theSessionCode = theLoginManager.theSessionCode;
        theCompanyCode = theLoginManager.getTheCompanyCode();

        //处理不同情况
        switch (theLoginStatus)
        {
        case "0":
            //登录成功
            //处理登录用户信息

            userManager theUserManager = new userManager(theSessionCode);
            theUserManager.setLoginFlag(theLoginFlag);
            theUserManager.setPlineCode(thePlineCode);
            theUserManager.setPlineName(thePlineName);

            theUserManager.setProgValue("/Rmes/Login/RmesIndex.aspx");
            theUserManager.setProgCode("rmesIndex");
            theUserManager.setProgName("系统登录");
            theUserManager.setUserId(theUserId);
            theUserManager.setUserCode(theUserCode);
            theUserManager.setUserName(theUserName);
            theUserManager.setCompanyCode(theCompanyCode);

            Session["theUserManager"] = theUserManager;


            //在新的窗口打开无标题栏等信息


            callbackResult = theLoginStatus;
            break;

        default:
            callbackResult = theLoginStatus;
            break;
        }
    }
Esempio n. 2
0
    protected void Page_Load(object sender, EventArgs e)
    {
        string userAcc1;
        bool   isValid = false, isOld = false;
        string userAcc = System.Web.HttpContext.Current.User.Identity.Name.Trim();

        userAcc1 = userAcc;
        int len = userAcc.IndexOf('\\', 0);

        userAcc = userAcc.Substring(len + 1, userAcc.Length - len - 1).ToUpper();
        //string strDomain = userAcc.Substring(0, len - 1);
        string strDomain = userAcc1.Substring(0, len);

        if (strDomain == "DCEC")
        //if (strDomain != "")
        //if (strDomain == "域名")
        {
            //判断用户名是否合法,并获取密码
            string   sqlY = "select a.user_code,a.user_password,b.company_code,b.company_name from code_user a left join code_company b on a.company_code=b.company_code where upper(user_code)='" + userAcc.ToUpper() + "'";
            dataConn dc   = new dataConn();
            dc.OpenConn();
            dc.setTheSql(sqlY);
            DataTable dt = dc.GetTable();
            if (dt.Rows.Count > 0)
            {
                isValid = true;
                string theUserCode    = dc.GetTable().Rows[0][0].ToString();
                string theCompanyCode = dc.GetTable().Rows[0][2].ToString();
                string thePlineCode   = dc.GetTable().Rows[0][2].ToString();
                string thePassword    = thePubCs.AESDecrypt(dc.GetTable().Rows[0][1].ToString());
                string thePlineName   = dc.GetTable().Rows[0][3].ToString();
                string theClientIp    = Request.UserHostAddress;
                if (theUserCode.ToUpper() == thePassword.ToUpper())
                {
                    isOld = true;
                }

                string sql = string.Format("select func_get_user('{0}','MES','{1}','A') from dual", theCompanyCode, theUserCode);

                string theUserName    = "";
                string theUserId      = "";
                string theLoginStatus = "";
                string theSessionCode = "";
                bool   theLoginFlag   = false;


                dataConn theDataConn002 = new dataConn();
                theDataConn002.OpenConn();
                theDataConn002.setTheSql(sql);
                theUserId = theDataConn002.GetValue();

                theDataConn002.CloseConn();


                //在登录界面,从会话得到公司号,以后都是从用户对象里面得到

                //theCompanyCode = (string)Session["theCompanyCode"];
                loginManager theLoginManager = new loginManager();
                theLoginManager.setCompanyCode(theCompanyCode);
                theLoginFlag = theLoginManager.loginIn(theUserId, thePubCs.AESEncrypt(thePassword), theClientIp, thePlineCode);

                //得到用户名称
                theUserName = theLoginManager.getUserName();
                theUserCode = theLoginManager.getUserCode();


                if (theLoginFlag)
                {
                    TxtEmployeeCode.Text = "ok";
                    TxtPassword.Text     = theLoginManager.theLoginFlag;
                }
                else
                {
                    TxtEmployeeCode.Text = "error";
                    TxtPassword.Text     = theLoginManager.theLoginFlag;
                }

                theLoginStatus = theLoginManager.theLoginFlag;
                theSessionCode = theLoginManager.theSessionCode;
                theCompanyCode = theLoginManager.getTheCompanyCode();

                //处理不同情况
                switch (theLoginStatus)
                {
                case "0":
                    //登录成功
                    //处理登录用户信息

                    userManager theUserManager = new userManager(theSessionCode);
                    theUserManager.setLoginFlag(theLoginFlag);
                    theUserManager.setPlineCode(thePlineCode);
                    theUserManager.setPlineName(thePlineName);
                    if (isOld)
                    {
                        theUserManager.setProgValue("/Rmes/Sam/sam2400/sam2400.aspx");
                        theUserManager.setProgCode("sam2400");
                        theUserManager.setProgName("用户密码维护");
                    }
                    else
                    {
                        theUserManager.setProgValue("/Rmes/Login/RmesIndex.aspx");
                        theUserManager.setProgCode("rmesIndex");
                        theUserManager.setProgName("系统登录");
                    }
                    theUserManager.setUserId(theUserId);
                    theUserManager.setUserCode(theUserCode);
                    theUserManager.setUserName(theUserName);
                    theUserManager.setCompanyCode(theCompanyCode);

                    Session["theUserManager"] = theUserManager;
                    callbackResult            = theLoginStatus;
                    if (isOld)
                    {
                        Response.Redirect("/Rmes/Sam/sam2400/sam2400.aspx?progCode=sam2400&progName=用户密码维护");
                    }
                    else
                    {
                        Response.Redirect("/Rmes/Login/RmesIndex.aspx?progCode=rmesIndex&progName=系统登录");
                    }
                    break;

                default:
                    callbackResult = theLoginStatus;
                    break;
                }
                if (callbackResult == "0" && isOld)
                {
                    callbackResult = "10";
                }
                //Response.Write(callbackResult);

                Response.End();
            }
            else
            {
                isValid = false;
            }
            dc.CloseConn();
        }
        else
        {
            isValid = false;
        }
        //if (!IsPostBack)
        //{
        //    Session.Abandon();
        //    Session.Clear();
        //}
        //现在只处理登录,从QueryString中得到ajax消息
        if (!string.IsNullOrWhiteSpace(Request.QueryString["method"]) && Request.QueryString["method"].Equals("login") && !isValid)
        {
            //document.forms[0]['DropDownListPline'].value
            //document.forms[0]['TxtEmployeeCode'].value
            //document.forms[0]['TxtPassword'].value
            //thePlineName;

            string theUserCode    = Request.QueryString["usercode"];
            string theCompanyCode = Request.QueryString["companycode"];
            string thePlineCode   = Request.QueryString["companycode"];
            string thePassword    = Request.QueryString["password"];
            string thePlineName   = Request.QueryString["companyname"];
            string theClientIp    = Request.UserHostAddress;
            if (theUserCode.ToUpper() == thePassword.ToUpper())
            {
                isOld = true;
            }
            string sql = string.Format("select func_get_user('{0}','MES','{1}','A') from dual", theCompanyCode, theUserCode);

            string theUserName    = "";
            string theUserId      = "";
            string theLoginStatus = "";
            string theSessionCode = "";
            bool   theLoginFlag   = false;


            dataConn theDataConn002 = new dataConn();
            theDataConn002.OpenConn();
            theDataConn002.setTheSql(sql);
            theUserId = theDataConn002.GetValue();

            theDataConn002.CloseConn();


            //在登录界面,从会话得到公司号,以后都是从用户对象里面得到

            //theCompanyCode = (string)Session["theCompanyCode"];
            loginManager theLoginManager = new loginManager();
            theLoginManager.setCompanyCode(theCompanyCode);
            theLoginFlag = theLoginManager.loginIn(theUserId, thePubCs.AESEncrypt(thePassword), theClientIp, thePlineCode);

            //得到用户名称
            theUserName = theLoginManager.getUserName();
            theUserCode = theLoginManager.getUserCode();


            if (theLoginFlag)
            {
                TxtEmployeeCode.Text = "ok";
                TxtPassword.Text     = theLoginManager.theLoginFlag;
            }
            else
            {
                TxtEmployeeCode.Text = "error";
                TxtPassword.Text     = theLoginManager.theLoginFlag;
            }

            theLoginStatus = theLoginManager.theLoginFlag;
            theSessionCode = theLoginManager.theSessionCode;
            theCompanyCode = theLoginManager.getTheCompanyCode();

            //处理不同情况
            switch (theLoginStatus)
            {
            case "0":
                //登录成功
                //处理登录用户信息

                userManager theUserManager = new userManager(theSessionCode);
                theUserManager.setLoginFlag(theLoginFlag);
                theUserManager.setPlineCode(thePlineCode);
                theUserManager.setPlineName(thePlineName);
                if (isOld)
                {
                    theUserManager.setProgValue("/Rmes/Sam/sam2400/sam2400.aspx");
                    theUserManager.setProgCode("sam2400");
                    theUserManager.setProgName("用户密码维护");
                }
                else
                {
                    theUserManager.setProgValue("/Rmes/Login/RmesIndex.aspx");
                    theUserManager.setProgCode("rmesIndex");
                    theUserManager.setProgName("系统登录");
                }
                theUserManager.setUserId(theUserId);
                theUserManager.setUserCode(theUserCode);
                theUserManager.setUserName(theUserName);
                theUserManager.setCompanyCode(theCompanyCode);

                Session["theUserManager"] = theUserManager;
                callbackResult            = theLoginStatus;
                break;

            default:
                callbackResult = theLoginStatus;
                break;
            }
            if (callbackResult == "0" && isOld)
            {
                callbackResult = "10";
            }
            Response.Write(callbackResult);
            Response.End();
        }
    }
Esempio n. 3
0
        public void ProcessRequest(HttpContext httpContext)
        {

            //截获请求,判断程序权限
            string theUrl = httpContext.Request.ServerVariables["URL"];
            int ii = theUrl.IndexOf("/", 1);
            if (ii < 0) ii = 0;
            string theUrlTemp = theUrl.Substring(0, ii);
            string thePath = httpContext.Request.Path;
            //string theProgramValue = thePath.Substring(theUrlTemp.Length, thePath.Length - theUrlTemp.Length);
            string theProgramValue = theUrl;
            string theClientIp = httpContext.Request.UserHostAddress;

            string requestedUrl = "" ;
            string targetUrl="";
            int urlLength=0;

            // save requested, target url
            requestedUrl = httpContext.Request.RawUrl;
 
            targetUrl = requestedUrl;

            // save target url length
            urlLength = targetUrl.IndexOf("?");
            if (urlLength == -1)
                urlLength = targetUrl.Length;
            string theUserId = "";
            //得到session里面的当前用户,结合上面得到的程序,判断是否有权限访问
            userManager theUserManagerTemp = (userManager)httpContext.Session["theUserManager"];
            if (theUserManagerTemp == null)
            {
                if (targetUrl.Length>14 && targetUrl.Substring(1, 14) != "RmesLogin.aspx") //modified by liuzhy 2013/12/24,这里把参数改了一下(原来是从后往前找,如果带参会不正确),修正了url不对的情况会提示超时。。
                {

                    //targetUrl = theUrlTemp + "/Rmes/Login/RmesReLogin.aspx";
                    //改自动重新登录到默认出错页面
                    targetUrl = "~/Rmes/Exception/DefaultException.aspx";
                    urlLength = targetUrl.IndexOf("?");
                    if (urlLength == -1)
                        urlLength = targetUrl.Length;
                }
            }
            else
            {
                theUserId = theUserManagerTemp.getUserId().ToString();
                theCompanyCode = theUserManagerTemp.getCompanyCode().ToString();
            }

            //根据这两个值进行判断是否有登录权限,判断逻辑由存储过程完成

            string theRetStr = "";
            string theRetProgramCode = "";
            string theRetProgramName = "";


            MW_CHECK_USERRIGHT sp = new MW_CHECK_USERRIGHT() { 
                THECOMPANYCODE1 = theCompanyCode,
                THEUSERID1 = theUserId,
                THECLIENTIP1 = theClientIp,
                THEPROGRAMVALUE1 = theProgramValue,
                THERETSTR1="",
                THERETPROGRAMCODE1="",
                THERETPROGRAMNAME1=""
            };

            Procedure.run(sp);

            theRetStr = sp.THERETSTR1;
            theRetProgramCode = sp.THERETPROGRAMCODE1;
            theRetProgramName = sp.THERETPROGRAMNAME1;

            //dataConn theDataConn = new dataConn();
            //theDataConn.theComd.CommandType = CommandType.StoredProcedure;
            //theDataConn.theComd.CommandText = "MW_CHECK_USERRIGHT";

            //theDataConn.theComd.Parameters.Clear();

            //theDataConn.theComd.Parameters.Add("THECOMPANYCODE1", OracleDbType.Varchar2).Value = theCompanyCode;
            ////theDataConn.theComd.Parameters.Add("@THECOMPANYCODE1", SqlDbType.VarChar).Direction = ParameterDirection.Input;

            //theDataConn.theComd.Parameters.Add("THEUSERID1",  OracleDbType.Varchar2).Value = theUserId;
            ////theDataConn.theComd.Parameters.Add("@THEUSERCODE1", SqlDbType.VarChar).Direction = ParameterDirection.Input;

            //theDataConn.theComd.Parameters.Add("THECLIENTIP1", OracleDbType.Varchar2).Value = theClientIp;
            ////theDataConn.theComd.Parameters.Add("@THEUSERCODE1", SqlDbType.VarChar).Direction = ParameterDirection.Input;

            //theDataConn.theComd.Parameters.Add("THEPROGRAMVALUE1", OracleDbType.Varchar2).Value = theProgramValue;
            ////theDataConn.theComd.Parameters.Add("@THEPROGRAMVALUE1", SqlDbType.VarChar).Direction = ParameterDirection.Input;

            //theDataConn.theComd.Parameters.Add("THERETSTR1", OracleDbType.Varchar2, 50).Direction = ParameterDirection.Output;

            //theDataConn.theComd.Parameters.Add("THERETPROGRAMCODE1", OracleDbType.Varchar2, 50).Direction = ParameterDirection.Output;

            //theDataConn.theComd.Parameters.Add("THERETPROGRAMNAME1", OracleDbType.Varchar2, 50).Direction = ParameterDirection.Output;

            //theDataConn.OpenConn();
            //theDataConn.theComd.ExecuteNonQuery();

            //theRetStr = theDataConn.theComd.Parameters["THERETSTR1"].Value.ToString();
            //theRetProgramCode = theDataConn.theComd.Parameters["THERETPROGRAMCODE1"].Value.ToString();
            //theRetProgramName = theDataConn.theComd.Parameters["THERETPROGRAMNAME1"].Value.ToString();

            //theDataConn.CloseConn();


            //根据返回数据判断,进行不同的处理
            switch (theRetStr) { 
                case "0":
                    //无需授权访问,只是继续请求,不做任何处理,包括未定义的程序,定义为无需授权的程序,比如登录和一些公用查询程序
                    
                    //保证登录程序的顺利执行,在session里面传递公司号过去
                    try
                    {
                        httpContext.Session["theCompanyCode"] = theCompanyCode;
                        httpContext.RewritePath(targetUrl);

                        IHttpHandler handler = PageParser.GetCompiledPageInstance(
                        targetUrl.Substring(0, urlLength), null, httpContext);
                        handler.ProcessRequest(httpContext);
                    }
                    catch (Exception ex)
                    {

                    }
                    break;
                case "1":
                    //没有权限,终止请求
                    //httpContext.Response.StatusCode = 400;
                    //httpContext.Response.StatusDescription = "你没有访问权限,请联系系统管理员!";

                    //映射到错误处理界面
                    targetUrl = "~/Rmes/Exception/DefaultException.aspx";
                    urlLength = targetUrl.IndexOf("?");
                    if (urlLength == -1)
                        urlLength = targetUrl.Length;

                    httpContext.Session["theCompanyCode"] = theCompanyCode;
                    httpContext.RewritePath(targetUrl);

                    IHttpHandler handler2 = PageParser.GetCompiledPageInstance(
                    targetUrl.Substring(0, urlLength), null, httpContext);
                    handler2.ProcessRequest(httpContext);
                    break;
                case "2":
                    //有权限访问,更新当前会话的程序号和程序名称信息
                    theUserManagerTemp.setProgCode(theRetProgramCode);
                    theUserManagerTemp.setProgName(theRetProgramName);
                    httpContext.Session["theUserManager"] = theUserManagerTemp;
                    //try
                    //{
                    httpContext.RewritePath(targetUrl);

                    IHttpHandler handler1 = PageParser.GetCompiledPageInstance(
                    targetUrl.Substring(0, urlLength), null, httpContext);

                    //IHttpHandler handler1 = PageParser.GetCompiledPageInstance(thePath, null, httpContext);

                    handler1.ProcessRequest(httpContext);

                    //}
                    //catch
                    //{
                    //    httpContext.RewritePath(targetUrl.Substring(0, urlLength));

                    //    IHttpHandler handler1 = PageParser.GetCompiledPageInstance(
                    //    targetUrl.Substring(0, urlLength), null, httpContext);
                    //    handler1.ProcessRequest(httpContext);
                    //}
                    break;
                default:
                    //没有权限,终止请求
                    httpContext.Response.StatusCode = 400;
                    httpContext.Response.StatusDescription = "你没有访问权限,请联系系统管理员!";
                    break;

            }


        }