protected void btnSavePwd_Click(object sender, EventArgs e)
{
Model.Administrator admin = new Model.Administrator();
string oldpwd = ((Model.Administrator)Session["Administrator"]).APassword;
string oldpwd2 = Encryption(txtOldPwd.Text);
if (oldpwd != oldpwd2)
{
Response.Write("<script>alert('原密码输入错误!')</script>");
return;
}
admin.AdminID = ((Model.Administrator)Session["Administrator"]).AdminID;
admin.APassword = txtNewPwd.Text;
string str = new BLL.AdministratorBLL().UpdateAdministratorBLL(admin);
if (str.Contains("成功"))
{
Session["Customer"] = null;
Response.Redirect("~/WebLogin.aspx");
}
else
{
lblMsg.Text = str;
}
}
protected void btnSaveBasic_Click(object sender, EventArgs e)
{
Model.Administrator admin = new Model.Administrator();
admin.AdminID = ((Model.Administrator)Session["Administrator"]).AdminID;
admin.AdminName = txtName.Text;
admin.Explains = txtExplains.Text;
lblMsg.Text = new BLL.AdministratorBLL().UpdateAdministratorBLL(admin);
}
protected void Page_Load(object sender, EventArgs e)
{
Model.Administrator admin = Session["Administrator"] as Model.Administrator;
if (admin == null)
{
Response.Redirect("~/WebDefault.aspx");
}
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.Fail("Missing authorization header"));
}
Model.Korisnik user = null;
Model.Administrator admin = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(":");
var username = credentials[0];
var password = credentials[1];
user = _userService.Autentificiraj(username, password);
admin = _adminService.Autentificiraj(username, password);
}
catch
{
return(AuthenticateResult.Fail("Invalid authorization header"));
}
if (user == null && admin == null)
{
return(AuthenticateResult.Fail("Invalid username or password"));
}
List <Claim> claims = null;
if (user != null)
{
claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.Username),
new Claim(ClaimTypes.Name, user.Ime),
new Claim(ClaimTypes.Role, user.Uloga)
};
}
else if (admin != null)
{
claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, admin.Username),
new Claim(ClaimTypes.Name, admin.Ime),
new Claim(ClaimTypes.Role, admin.Uloga)
};
}
var identity = new ClaimsIdentity(claims, Scheme.Name);
var princpal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(princpal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
protected void Page_Load(object sender, EventArgs e)
{
Model.Administrator admin = Session["Administrator"] as Model.Administrator;
if (admin == null)
{
Response.Redirect("~/WebDefault.aspx");
}
if (!IsPostBack)
{
txtName.Text = admin.AdminName;
txtExplains.Text = admin.Explains;
}
}
protected void Page_Load(object sender, EventArgs e)
{
BLL.Administrator bllAdministrator = new BLL.Administrator();
Model.Administrator modelAdministrator = new Model.Administrator();
Common.Common common = new Common.Common();
string ManagerGUID = "";
switch (Request["ActionMethod"])
{
case "OpenCreate":
break;
case "OpenEdit":
ManagerGUID = common.SQLFilter(Request["ManagerGUID"]);
modelAdministrator = bllAdministrator.ExGetModel(ManagerGUID);
txtManagerUserName.Value = modelAdministrator.AdminUser;
txtManagerName.Value = modelAdministrator.AdminAccount;
break;
default:
common.MsgAndClose("服务器错误,请重试!7516", this);
break;
}
}
public void ProcessRequest(HttpContext context)
{
action = context.Request["action"];
switch (action)
{
case "ManagerLogin":
#region 管理员登录
try
{
ManagerName = context.Request["ManagerName"];
ManagerPassword = context.Request["ManagerPassword"];
ManagerName = common.SQLFilter(ManagerName);
ManagerPassword = common.MD5(common.MD5(ManagerPassword));
if (bllAdministrator.ExLogin(ManagerName, ManagerPassword))
{
cookie.Expires = Convert.ToDateTime("2050-12-30"); //设置COOKIE的保存时间
cookie.Values.Add("ManagerName", Server.UrlEncode(ManagerName));
cookie.Values.Add("ManagerPassword", ManagerPassword);
cookie.Values.Add("ManagerLoginDate", DateTime.Now.ToString()); //将当前系统时间保存到COOKIE,作为管理员的登录时间
context.Response.AppendCookie(cookie); //在系统中保存COOKIE数据
context.Response.Write("登录成功,正在进入主程序,请稍等!");
}
else
{
context.Response.Write("登录失败,请检查用户名和密码");
}
}
catch (Exception ex)
{
context.Response.Write("登录出错,请重试!00012");
}
#endregion
break;
case "CreateManager":
#region 创建管理员帐户
try
{
ManagerName = common.SQLFilter(context.Request["ManagerAccount"]);
ManagerUserName = common.SQLFilter(context.Request["ManagerUserName"]);
ManagerPassword = common.MD5(common.MD5(context.Request["AdminPasswrod"]));
modelAdministrator.GUID = Guid.NewGuid().ToString();
modelAdministrator.AdminAccount = ManagerName;
modelAdministrator.AdminPasswrod = ManagerPassword;
modelAdministrator.AdminUser = ManagerUserName;
modelAdministrator.RegisterTime = DateTime.Now;
modelAdministrator.AdminLoginDate = DateTime.Now;
if (bllAdministrator.Add(modelAdministrator) > 0)
{
context.Response.Write("操作成功!");
}
else
{
context.Response.Write("服务器错误,请重试!79009");
}
}
catch (Exception ex)
{
context.Response.Write("服务器错误,请重试!79010");
}
#endregion
break;
case "EditManager":
#region 修改管理员帐户
try
{
GUID = common.SQLFilter(context.Request["ManagerGUID"]);
ManagerName = common.SQLFilter(context.Request["ManagerUserName"]);
ManagerPassword = common.MD5(context.Request["AdminPasswrod"]);
modelAdministrator = bllAdministrator.ExGetModel(GUID);
modelAdministrator.AdminUser = ManagerName;
if (context.Request["AdminPasswrod"] != "")
{
modelAdministrator.AdminPasswrod = ManagerPassword;
}
if (bllAdministrator.Update(modelAdministrator))
{
context.Response.Write("操作成功!");
}
else
{
context.Response.Write("服务器错误,请重试!7111");
}
}
catch (Exception ex)
{
context.Response.Write("服务器错误,请重试!73012");
}
#endregion
break;
case "DeleteManager":
#region 除管理员帐户
GUID = common.SQLFilter(context.Request["ManagerGUID"]);
try
{
if (bllAdministrator.ExDelete(GUID))
{
context.Response.Write("操作成功!");
}
else
{
context.Response.Write("删除失败!79885");
}
}
catch (Exception ex)
{
context.Response.Write("删除失败!79815");
}
break;
#endregion
}
}
