public static string Login(string name, string pwd)
{
string sql = "select * from table_users where c_login_name='" + DALSecurityTool.TransferInsertField(name) + "' and c_pwd='"+
DALSecurityTool.TransferInsertField(SecurityFactory.GetSecurity().Encrypt(pwd))+"'";
ArrayList lists=FT.DAL.Orm.SimpleOrmOperator.QueryList(typeof(UserObject),sql);
if (lists.Count == 0)
{
return "2";
}
else
{
UserObject user=lists[0] as UserObject;
RoleObject role = FT.DAL.Orm.SimpleOrmOperator.Query<RoleObject>(user.RoleId);
DepartMent dept = FT.DAL.Orm.SimpleOrmOperator.Query<DepartMent>(user.DepId);
OperatorTick ot = new OperatorTick(user.Id, user.FullName, user.DepId,role.RoleString, pwd);
ot.Desp1 = user.WorkId;
ot.Desp2 = dept.ParentCode;
ot.Desp3 = dept.DepCode;
ot.Desp4 = dept.DepFullName;
ot.Desp5 = user.FullName;
ot.Desp6 = role.RoleName;
ot.Desp7 = user.Km;
ot.Desp8 = string.Empty;
return FT.Web.OperatorTick.GenerateOpTicket(ot);
}
//return "1";
}
public static string GenerateOpTicket(OperatorTick op, string secret)
{
if ((secret == null) || (secret.Length == 0))
{
throw new ArgumentNullException("Invalid Argument");
}
try
{
string OpInfoStr = op.GenerateOpInfo();
byte[] Key = TicketTool.GetKey(secret);
byte[] OpInfoByte = Encoding.Unicode.GetBytes(OpInfoStr);
MemoryStream MSTicket = new MemoryStream();
MSTicket.Write(TicketTool.ConvertLength(OpInfoByte.Length), 0, 2);
MSTicket.Write(OpInfoByte, 0, OpInfoByte.Length);
MSTicket.Write(TicketTool.ConvertLength(Key.Length), 0, 2);
MSTicket.Write(Key, 0, Key.Length);
byte[] OpTicketCryptByte = TicketTool.Crypt(MSTicket.ToArray(), Key);
string OpTicketCryptStr = Encoding.ASCII.GetString(TicketTool.Base64Encode(OpTicketCryptByte));
return(OpTicketCryptStr);
}
catch (Exception e)
{
throw e;
}
}
public static OperatorTick GetFromString(string opinfo, string secret)
{
try
{
byte[] Key = TicketTool.GetKey(secret);
byte[] OpLoginTicketCry = TicketTool.Base64Decode(Encoding.ASCII.GetBytes(opinfo));
byte[] OpLoginTicketDec = TicketTool.Decrypt(OpLoginTicketCry, Key);
byte[] OpLoginInfoByte;
if (OpLoginTicketDec.Length < 2)
{
throw new System.Exception("Invalid ticket");
}
int OpNextLen = TicketTool.GetPart(OpLoginTicketDec, 0, out OpLoginInfoByte);
byte[] TickKey;
if (OpLoginTicketDec.Length < OpNextLen + 2)
{
throw new System.Exception("Invalid ticket");
}
OpNextLen = TicketTool.GetPart(OpLoginTicketDec, OpNextLen, out TickKey);
if (!TicketTool.CompareByteArrays(Key, TickKey))
{
throw new System.Exception("Invalid ticket");
}
string OpLoginInfo = Encoding.Unicode.GetString(OpLoginInfoByte);
string[] arra = OpLoginInfo.Split('\n');
if (arra.Length == 13)
{
OperatorTick op = new OperatorTick(Convert.ToInt32(arra[0]), arra[1], Convert.ToInt32(arra[2]), arra[3], arra[4]);
op.Desp1 = arra[5];
op.Desp2 = arra[6];
op.Desp3 = arra[7];
op.Desp4 = arra[8];
op.Desp5 = arra[9];
op.Desp6 = arra[10];
op.Desp7 = arra[11];
op.Desp8 = arra[12];
return(op);
}
else
{
throw new Exception("转换OperatorTick参数个数不对!");
}
}
catch
{
return(null);
}
}
protected void Button1_Click(object sender, EventArgs e)
{
string userName = FT.DAL.DALSecurityTool.TransferInsertField(this.txtUserName.Text);
string pwd = FT.DAL.DALSecurityTool.TransferInsertField(this.txtPassword.Text);
pwd = DATA_CONVERT.CryptPasswd(pwd);
DataTable dt=FT.DAL.DataAccessFactory.GetDataAccess().SelectDataTable("select a.*,b.rolestring from users a left join roletable b on a.userole=b.roleid where cusername='******' and cpassword='******'","temptable");
if(dt!=null&&dt.Rows.Count>0)
{
DataRow dr = dt.Rows[0];
OperatorTick op = new OperatorTick(Convert.ToInt32(dr[0].ToString()), dr[1].ToString(), Convert.ToInt32(dr[10].ToString()), dr[13].ToString(), this.txtPassword.Text);
Session["OperatorInfo"] = OperatorTick.GenerateOpTicket(op);
Response.Redirect("../SystemAdmin/admin.htm");
}
else
{
FT.Web.Tools.WebTools.Alert(this.Page, "登陆失败,请检查用户名和密码!");
}
}
public static string Login(string name, string pwd)
{
string sql = "select * from table_users where c_login_name='" + DALSecurityTool.TransferInsertField(name) + "' and c_pwd='"+
DALSecurityTool.TransferInsertField(SecurityFactory.GetSecurity().Encrypt(pwd))+"'";
ArrayList lists=FT.DAL.Orm.SimpleOrmOperator.QueryList(typeof(UserObject),sql);
if (lists.Count == 0)
{
return "2";
}
else
{
UserObject user=lists[0] as UserObject;
OperatorTick ot = new OperatorTick(user.Id, user.FullName, -1,"", pwd);
ot.Desp5 = user.FullName;
ot.Desp8 = string.Empty;
return FT.Web.OperatorTick.GenerateOpTicket(ot);
}
//return "1";
}
/// <summary>
/// 生成操作员登录信息串,由WriteLoginTicket方法调用
/// </summary>
/// <param name="opInfoTicket">操作员信息</param>
/// <param name="secret">加密密钥</param>
/// <returns>返回加密后操作员信息串</returns>
public static string GenerateOpTicket(OperatorTick op)
{
string result = GenerateOpTicket(op, OperatorTick.MySecret);
return(result);
}
public static string Login(string name, string pwd)
{
string sql = "select * from table_user_info where c_login_name='" + DALSecurityTool.TransferInsertField(name) + "' and c_pwd='" +
DALSecurityTool.TransferInsertField(SecurityFactory.GetSecurity().Encrypt(pwd)) + "'";
ArrayList lists = FT.DAL.Orm.SimpleOrmOperator.QueryList(typeof(UserInfo), sql);
if (lists.Count == 0)
{
return "2";
}
else
{
UserInfo user = lists[0] as UserInfo;
RoleInfo role = FT.DAL.Orm.SimpleOrmOperator.Query<RoleInfo>(user.RoleId);
DepartmentInfo dept = FT.DAL.Orm.SimpleOrmOperator.Query<DepartmentInfo>(user.DepId);
OperatorTick ot = new OperatorTick(user.Id, user.FullName, user.DepId, role.MenuStr, pwd);
ot.Desp1 = user.WorkId;
ot.Desp2 = dept.GlbmCode;
ot.Desp3 = dept.DepCode;
ot.Desp4 = dept.DepFullName;
ot.Desp5 = user.FullName;
ot.Desp6 = role.MenuStr;
ot.Desp7 = role.RightStr;
ot.Desp8 = user.Km.ToString();
return FT.Web.OperatorTick.GenerateOpTicket(ot);
}
//return "1";
}
public static OperatorTick GetFromString(string opinfo, string secret)
{
try
{
byte[] Key = TicketTool.GetKey(secret);
byte[] OpLoginTicketCry = TicketTool.Base64Decode(Encoding.ASCII.GetBytes(opinfo));
byte[] OpLoginTicketDec = TicketTool.Decrypt(OpLoginTicketCry, Key);
byte[] OpLoginInfoByte;
if (OpLoginTicketDec.Length < 2)
throw new System.Exception("Invalid ticket");
int OpNextLen = TicketTool.GetPart(OpLoginTicketDec, 0, out OpLoginInfoByte);
byte[] TickKey;
if (OpLoginTicketDec.Length < OpNextLen + 2)
throw new System.Exception("Invalid ticket");
OpNextLen = TicketTool.GetPart(OpLoginTicketDec, OpNextLen, out TickKey);
if (!TicketTool.CompareByteArrays(Key, TickKey))
throw new System.Exception("Invalid ticket");
string OpLoginInfo = Encoding.Unicode.GetString(OpLoginInfoByte);
string[] arra = OpLoginInfo.Split('\n');
if (arra.Length ==13)
{
OperatorTick op=new OperatorTick(Convert.ToInt32(arra[0]), arra[1], Convert.ToInt32(arra[2]), arra[3],arra[4]);
op.Desp1 = arra[5];
op.Desp2 = arra[6];
op.Desp3 = arra[7];
op.Desp4 = arra[8];
op.Desp5 = arra[9];
op.Desp6 = arra[10];
op.Desp7 = arra[11];
op.Desp8 = arra[12];
return op;
}
else
{
throw new Exception("转换OperatorTick参数个数不对!");
}
}
catch
{
return null;
}
}
public static string GenerateOpTicket(OperatorTick op,string secret)
{
if ((secret == null) || (secret.Length == 0))
throw new ArgumentNullException("Invalid Argument");
try
{
string OpInfoStr = op.GenerateOpInfo();
byte[] Key = TicketTool.GetKey(secret);
byte[] OpInfoByte = Encoding.Unicode.GetBytes(OpInfoStr);
MemoryStream MSTicket = new MemoryStream();
MSTicket.Write(TicketTool.ConvertLength(OpInfoByte.Length), 0, 2);
MSTicket.Write(OpInfoByte, 0, OpInfoByte.Length);
MSTicket.Write(TicketTool.ConvertLength(Key.Length), 0, 2);
MSTicket.Write(Key, 0, Key.Length);
byte[] OpTicketCryptByte = TicketTool.Crypt(MSTicket.ToArray(), Key);
string OpTicketCryptStr = Encoding.ASCII.GetString(TicketTool.Base64Encode(OpTicketCryptByte));
return OpTicketCryptStr;
}
catch (Exception e)
{
throw e;
}
}
/// <summary>
/// 生成操作员登录信息串,由WriteLoginTicket方法调用
/// </summary>
/// <param name="opInfoTicket">操作员信息</param>
/// <param name="secret">加密密钥</param>
/// <returns>返回加密后操作员信息串</returns>
public static string GenerateOpTicket(OperatorTick op)
{
string result=GenerateOpTicket(op, OperatorTick.MySecret);
return result;
}
