protected void Page_Load(object sender, EventArgs e)
{
/**
* 最开始的网页
* 侦测admin被攻击的状态
* 如果达到4级,直接打到攻击警告页面重置
*/
Session["UsersID"] = 0;
long lJudgementValue = 0L;
AdminInfoBusiness AdminInfoBusiness = new AdminInfoBusiness();
AdminInfoEntity ThreateningLevel = new AdminInfoEntity();
ThreateningLevel = AdminInfoBusiness.GetAdminInfoByAdminAccount();
lJudgementValue = ThreateningLevel.iadminInfoHackedThreateningLevel;
if (lJudgementValue != 4)
{
Response.Redirect("~/00Default.aspx");
}
else if (lJudgementValue == 4)
{
AttractedWarning AttractedWarningSolution4 = new Level4Warning();
AttractedWarningSolution4.WarningMethod();
}
}
private void AttractedWarningDefaultDisplay()
{
LBLWarningContent.Text = "管理员账户遭到爆破攻击!请立即修改相关信息!";
AdminInfoBusiness AdminInfoBusiness = new AdminInfoBusiness();
AdminInfoEntity AdminInfo = new AdminInfoEntity();
AdminInfo = AdminInfoBusiness.GetAdminInfoByAdminAccount();
if (AdminInfo.iadminInfoHackedThreateningLevel == 2)
{
LBLWarningLevel.Text = "二级警告!";
LBLSolution.Visible = false;
TBBoardKey.Visible = false;
}
else if (AdminInfo.iadminInfoHackedThreateningLevel == 3)
{
LBLWarningLevel.Text = "三级警告!";
LBLSolution.Text = "请通知任一董事会成员输入密钥以解锁";
TBResetAccount.Visible = false;
TBResetPassword.Visible = false;
TBResetPasswordConfirm.Visible = false;
}
else if (AdminInfo.iadminInfoHackedThreateningLevel == 4)
{
LBLWarningLevel.Text = "四级警告!";
LBLWarningContent.Text = "本网站正遭受攻击,为保证您的数据安全,我们务必暂时封锁网站,给您带来的不便还请谅解";
LBLSolution.Text = "请通知全部董事会成员输入密钥以解锁";
TBResetAccount.Visible = false;
TBResetPassword.Visible = false;
TBResetPasswordConfirm.Visible = false;
}
}
protected void BTNAdminInfoResetConfirm_Click(object sender, EventArgs e)
{
/**
* 根据需求,Click产生不同状态
*/
AdminInfoBusiness AdminInfoBusiness = new AdminInfoBusiness();
AdminInfoEntity AdminInfo = new AdminInfoEntity();
AdminInfo = AdminInfoBusiness.GetAdminInfoByAdminAccount();
if (AdminInfo.iadminInfoHackedThreateningLevel == 3)
{
BoardInfoBusiness BoardInfoBusiness = new BoardInfoBusiness();
if ((int)BoardInfoBusiness.BoardKeyExistJudgement(TBBoardKey.Text) > 0)
{
LBLSolution.Text = "请重置管理员的信息";
TBBoardKey.Visible = false;
TBResetAccount.Visible = true;
TBResetPassword.Visible = true;
TBResetPasswordConfirm.Visible = true;
}
else
{
LBLWarningLevel.Text = "三级警告!";
LBLSolution.Text = "请通知任一董事会成员输入密钥以解锁";
TBResetAccount.Visible = false;
TBResetPassword.Visible = false;
TBResetPasswordConfirm.Visible = false;
}
}
else if (AdminInfo.iadminInfoHackedThreateningLevel == 4)
{
BoardInfoBusiness BoardInfoBusiness = new BoardInfoBusiness();
int iBoardMemberAmount = int.Parse(BoardInfoBusiness.GetAllBoardMemberAmount().ToString());
BoardKeyMethod(TBBoardKey.Text, iBoardMemberAmount);
if (int.Parse(ViewState["SuccessTimes"].ToString()) < iBoardMemberAmount)
{
LBLWarningLevel.Text = "四级警告!";
LBLSolution.Text = "请通知任一董事会成员输入密钥以解锁";
TBBoardKey.Visible = true;
TBResetAccount.Visible = false;
TBResetPassword.Visible = false;
TBResetPasswordConfirm.Visible = false;
}
else if (int.Parse(ViewState["SuccessTimes"].ToString()) == iBoardMemberAmount)
{
LBLSolution.Text = "请立即重置管理员的信息";
TBBoardKey.Visible = false;
TBResetAccount.Visible = true;
TBResetPassword.Visible = true;
TBResetPasswordConfirm.Visible = true;
}
LBLTest.Text = ViewState["SuccessTimes"].ToString();
}
}
public override int WarningMethod()
{
int iResult = 3;
AdminInfoBusiness Admininfo = new AdminInfoBusiness();
Admininfo.AdminInfoThreateningLevel(iResult);
System.Web.HttpContext.Current.Response.Redirect("0000.aspx");
return(iResult);
}
public int AdminHistoricalPasswordDetect(string sNewAdminPassword)
{
int iAdminPasswordHistoricalDetect = 0;
AdminInfoBusiness AdminInfoBusiness = new AdminInfoBusiness();
AdminInfoEntity AdminInfo = new AdminInfoEntity();
AdminInfo = AdminInfoBusiness.GetAdminInfoByAdminAccount();
string[] saAdminHistoricalPasswords = AdminInfo.saadminPasswords; //应该从数据库传过来数据
int[] iaAdminHistoricalPasswordLength = new int[saAdminHistoricalPasswords.Length]; //将历史密码的字符串型数组长度存入左边的int型数组
for (int iCounter = 0; iCounter < saAdminHistoricalPasswords.Length; iCounter++)
{
iaAdminHistoricalPasswordLength[iCounter] = saAdminHistoricalPasswords[iCounter].Length;
}
//快速排序算法的应用
int iTemporaryVariable; //临时整型变量,用于暂存长度
string sTemporaryVariable; //临时字符串型变量,用于暂存字符串型数组中的单个字符串
for (int iCounter = 1; iCounter < iaAdminHistoricalPasswordLength.Length; iCounter++)
{
if (iaAdminHistoricalPasswordLength[iCounter - 1] > iaAdminHistoricalPasswordLength[iCounter])
{
iTemporaryVariable = iaAdminHistoricalPasswordLength[iCounter];
sTemporaryVariable = saAdminHistoricalPasswords[iCounter];
for (int iCounterDeeper = iCounter; iCounterDeeper >= 0; iCounterDeeper--)
{
if (iCounterDeeper > 0 && iaAdminHistoricalPasswordLength[iCounterDeeper - 1] > iTemporaryVariable)
{
iaAdminHistoricalPasswordLength[iCounterDeeper] = iaAdminHistoricalPasswordLength[iCounterDeeper - 1];
saAdminHistoricalPasswords[iCounterDeeper] = saAdminHistoricalPasswords[iCounterDeeper - 1];
}
else
{
iaAdminHistoricalPasswordLength[iCounterDeeper] = iTemporaryVariable;
saAdminHistoricalPasswords[iCounterDeeper] = sTemporaryVariable;
break;
}
}
}
}
//此时数组排好序了
for (int iCounter = 0; iCounter < saAdminHistoricalPasswords.Length; iCounter++)
{
//将传送来的数组(即新密码sNewAdminPassword)与旧密码数组进行比较
if (sNewAdminPassword == saAdminHistoricalPasswords[iCounter])
{
iAdminPasswordHistoricalDetect++;//如果存在,则自增
}
}
return(iAdminPasswordHistoricalDetect);
}
private void DefaultDisPlayInfo()
{
AdminInfoBusiness AdminInfoBusiness = new AdminInfoBusiness();
AdminInfoEntity AdminInfo = new AdminInfoEntity();
AdminInfo = AdminInfoBusiness.GetAdminInfoByAdminAccount();
if (!IsPostBack)
{
MultipurposeMultiplexingClass DataEncrypt = new MultipurposeMultiplexingClass();
TBAdminAccount.Text = AdminInfo.sadminAccount;
string sDecipherPassword = DataEncrypt.DataDecipherMethod(AdminInfo.saadminPasswords[0]);
LBLAdminPasswordShow.Text = sDecipherPassword;
}
}
private void AdminAllInfoUpdate(string sEncryptPassword)
{
Response.Write("<script>alert('修改成功!')</script>");
AdminInfoBusiness AdminInfoUpdate = new AdminInfoBusiness();
AdminInfoEntity AdminInfo = new AdminInfoEntity();
AdminInfo = AdminInfoUpdate.GetAdminInfoByAdminAccount();
string sAdminNewAccount = TBAdminAccount.Text + "A";
if (AdminHistoricalPasswordDetect(sEncryptPassword) == 0)
{
string sAdminUsedPassword = AdminInfo.saadminPasswords[0];
AdminInfoUpdate.AdminPasswordUpdate(sEncryptPassword, sAdminUsedPassword, sAdminNewAccount);
}
}
private void AttractedWarning()
{
AdminInfoBusiness AdminInfoBusiness = new AdminInfoBusiness();
AdminInfoEntity AdminInfo = new AdminInfoEntity();
AdminInfo = AdminInfoBusiness.GetAdminInfoByAdminAccount();
if (AdminInfo.iadminInfoHackedThreateningLevel == 1)
{
LBLAttractedAlert.Text = "检测到爆破攻击!建议修改密码!";
}
else if (AdminInfo.iadminInfoHackedThreateningLevel > 1)
{
Response.Redirect("~/11AttractedWarning.aspx");
}
else
{
LBLAttractedAlert.Visible = false;
}
}
private void AdminLogin()
{
/**
* 查询是否存在 管理员
*/
string sPasswordReceive = TBAdministratorPassword.Text;
AdminInfoBusiness GetAdminInfo = new AdminInfoBusiness();
AdminInfoEntity AdminInfo = new AdminInfoEntity();
AdminInfo = GetAdminInfo.GetAdminInfoByAdminAccount();
int iReturnValue = (int)GetAdminInfo.AdminExistJudgementByAdminAccount(TBAdministratorAccount.Text);
if (iReturnValue > 0)
{
MultipurposeMultiplexingClass DataEncrypt = new MultipurposeMultiplexingClass();
string sEncryptPassword = DataEncrypt.DataEncryptMethod(TBAdministratorPassword.Text);
string sAdminPassword = AdminInfo.saadminPasswords[0];
MultipurposeMultiplexingClass AttractedWarningLevel = new MultipurposeMultiplexingClass();
int iReturnLevel = AttractedWarningLevel.SimilarityDetect(sEncryptPassword, sAdminPassword);//相似度检测算法,用以防止爆破攻击
if (iReturnLevel == 100)
{
Response.Redirect("~/01AdminCentre.aspx");
}
else
{
Response.Redirect("~/0000.aspx");
}
}
else
{
Response.Redirect("~/0000.aspx");
}
}
public AdminInfoController()
{
_adminBusiness = new AdminInfoBusiness();
}
