public HttpResponseBase GetSecretInfoLog() { List<SecretInfoLog> store = new List<SecretInfoLog>(); string json = string.Empty; int totalCount = 0; try { _secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString); SecretInfoLog query = new SecretInfoLog(); query.Start = Convert.ToInt32(Request.Params["start"] ?? "0"); if (!string.IsNullOrEmpty(Request.Params["limit"])) { query.Limit = Convert.ToInt32(Request.Params["limit"]); } if (!string.IsNullOrEmpty(Request.Params["user_id"])) { query.user_id = uint.Parse(Request.Params["user_id"]); } query.user_email = Request.Params["login_mail"]; query.ipfrom = Request.Params["login_ipfrom"]; if (!string.IsNullOrEmpty(Request.Params["start_date"])) { query.date_one = Convert.ToDateTime(Request.Params["start_date"]); } if (!string.IsNullOrEmpty(Request.Params["end"])) { query.date_two = Convert.ToDateTime(Request.Params["end"]); } if (!string.IsNullOrEmpty(Request.Params["sumtotal"])) { query.sumtotal = int.Parse(Request.Params["sumtotal"]); } if (!string.IsNullOrEmpty(Request.Params["is_count"])) { int is_count = int.Parse(Request.Params["is_count"]); if (is_count == 1) { if (!string.IsNullOrEmpty(Request.Params["ismail"])) { query.ismail = int.Parse(Request.Params["ismail"]); } if (!string.IsNullOrEmpty(Request.Params["countClass"])) { query.countClass = int.Parse(Request.Params["countClass"]); } } else { query.ismail = -1; query.countClass = -1; } } if (!string.IsNullOrEmpty(Request.Params["type"])) { query.type = int.Parse(Request.Params["type"]); } DataTable DT = _secretLogMgr.GetSecretInfoLog(query, out totalCount); IsoDateTimeConverter timeConverter = new IsoDateTimeConverter(); //这里使用自定义日期格式,如果不使用的话,默认是ISO8601格式 timeConverter.DateTimeFormat = "yyyy-MM-dd HH:mm:ss"; json = "{success:true,totalCount:" + totalCount + ",data:" + JsonConvert.SerializeObject(DT, Formatting.Indented, timeConverter) + "}";//返回json數據 } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); json = "{success:false,totalCount:0,data:[]}"; } this.Response.Clear(); this.Response.Write(json); this.Response.End(); return this.Response; }
public HttpResponseBase SecretLogin() { string json = string.Empty; try { SecretAccountSet query = new SecretAccountSet(); sasMgr = new SecretAccountSetMgr(mySqlConnectionString); _secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString); query.user_id = Convert.ToUInt32((System.Web.HttpContext.Current.Session["caller"] as Caller).user_id.ToString()); query.ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString()); query.status = 1; List<SecretAccountSet> store = sasMgr.GetSecretSetList(query);//獲得用戶的密保信息 if (store.Count != 0)//該用戶有機敏權限 { if (!string.IsNullOrEmpty(Request.Params["password"])) { HashEncrypt hmd5 = new HashEncrypt(); if (store[0].secret_pwd != hmd5.SHA256Encrypt(Request.Params["oldpassword"]) && Request.Params["oldpassword"].ToString() != "" && store[0].pwd_status == 0) { ulaMgr = new UserLoginAttemptsMgr(mySqlConnectionString); UserLoginAttempts ula = new UserLoginAttempts(); ula.login_mail = (System.Web.HttpContext.Current.Session["caller"] as Caller).user_email; ula.login_ipfrom = query.ipfrom; ula.login_type = 4; ulaMgr.Insert(ula); SecretAccountSet sas = new SecretAccountSet(); store[0].user_login_attempts += 1; store[0].updatedate = DateTime.Now; sasMgr.LoginError(store[0]); int count = 5 - store[0].user_login_attempts;//還有count次登入機會 json = "{success:true,error:5,count:" + count + "}";//返回json數據0:密碼錯誤 } else { if ((store[0].secret_pwd == hmd5.SHA256Encrypt(Request.Params["password"]) && Request.Params["oldpassword"].ToString() == "") || store[0].pwd_status == 0)//密碼驗證正確 { if (store[0].secret_count != 0 || store[0].user_login_attempts != 0 || store[0].pwd_status == 0) { if (store[0].user_login_attempts != 0) { store[0].user_login_attempts = 0; } if (store[0].secret_count > 1) { store[0].secret_count = 1; } if (store[0].pwd_status == 0) { store[0].pwd_status = 1; store[0].secret_pwd = hmd5.SHA256Encrypt(Request.Params["password"]); } store[0].updatedate = DateTime.Now; sasMgr.Update(store[0]);//清空賬戶錯誤預警信息 } //獲取最新的一條數據 SecretInfoLog info = _secretLogMgr.GetMaxCreateLog(new SecretInfoLog { user_id = query.user_id, ipfrom = query.ipfrom }).FirstOrDefault(); if (info.input_pwd_date == DateTime.MinValue)//該條數據是否已經記錄驗證時間,沒有則修改,有則新增 { info.input_pwd_date = DateTime.Now; _secretLogMgr.UpdateSecretInfoLog(info); } else { info.input_pwd_date = DateTime.Now; _secretLogMgr.InsertSecretInfoLog(info); } json = "{success:true,error:0}";//返回json數據 } else {//密碼錯誤向 ulaMgr = new UserLoginAttemptsMgr(mySqlConnectionString); UserLoginAttempts ula = new UserLoginAttempts(); ula.login_mail = (System.Web.HttpContext.Current.Session["caller"] as Caller).user_email; ula.login_ipfrom = query.ipfrom; ula.login_type = 4; ulaMgr.Insert(ula); SecretAccountSet sas = new SecretAccountSet(); store[0].user_login_attempts += 1; store[0].updatedate = DateTime.Now; sasMgr.LoginError(store[0]); int count = 5 - store[0].user_login_attempts;//還有count次登入機會 if (store[0].secret_pwd != hmd5.SHA256Encrypt(Request.Params["oldpassword"]) && Request.Params["oldpassword"].ToString() != "" && store[0].pwd_status == 0) { json = "{success:true,error:1,count:" + count + "}";//返回json數據0:密碼錯誤 } else { json = "{success:true,error:1,count:" + count + "}";//返回json數據0:密碼錯誤 } } } } else { json = "{success:true,error:3}";//返回json數據,後台未獲取到輸入的密碼 } } else { json = "{success:true,error:2}";//返回json數據1:用戶未註冊資安權限或被鎖定 } } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); json = "{success:false}"; } this.Response.Clear(); this.Response.Write(json); this.Response.End(); return this.Response; }
public HttpResponseBase GetSecretLog() { string json = string.Empty; try { _secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString); SecretInfoLog query = new SecretInfoLog(); query.user_id = Convert.ToUInt32((System.Web.HttpContext.Current.Session["caller"] as Caller).user_id.ToString()); query.ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString()); List<SecretInfoLog> store = _secretLogMgr.GetSecretInfoLog(query);//first是輸入密碼最近的 if (store.Count != 0) { DateTime dtNow = DateTime.Now.AddMinutes(-5); if (dtNow.CompareTo(Convert.ToDateTime(store[0].input_pwd_date)) >= 0) { json = "{success:true,data:true}";//超出密保時間,需輸入密碼 } else { json = "{success:true,data:false}";//未超出密保時間,則不需輸入密碼 } } else { json = "{success:true,data:true}";//超出密保時間,需輸入密碼 } } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); json = "{success:false,data:true}";//異常 } this.Response.Clear(); this.Response.Write(json); this.Response.End(); return this.Response; }
/// <summary> /// 誰在什麼時候通過哪個頁面訪問了哪筆機敏資料 /// </summary> /// <returns></returns> public HttpResponseBase SaveSecretLog() { string json = "{success:false,isconti:false,ispower:false,pwd_status:\"" + 0 + "\"}"; try { _secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString); SecretInfoLog query = new SecretInfoLog(); //誰 query.user_id = Convert.ToUInt32((System.Web.HttpContext.Current.Session["caller"] as Caller).user_id.ToString()); query.ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString()); //在哪個時候 query.createdate = DateTime.Now; //訪問了哪個頁面 if (!string.IsNullOrEmpty(Request.Params["urlRecord"])) { query.url = Request.Params["urlRecord"].ToString(); } if (!string.IsNullOrEmpty(Request.Params["secretType"])) { query.type = Convert.ToInt32(Request.Params["secretType"].ToString()); } //哪筆機敏資料 if (!string.IsNullOrEmpty(Request.Params["ralatedId"])) { query.related_id = Convert.ToInt32(Request.Params["ralatedId"].ToString()); } sasMgr = new SecretAccountSetMgr(mySqlConnectionString); SecretAccountSet querysas = new SecretAccountSet(); querysas.user_id = query.user_id; querysas.ipfrom = query.ipfrom; querysas.status = -1; List<SecretAccountSet> store = sasMgr.GetSecretSetList(querysas);//獲得用戶的密保信息 if (store.Count > 0)//該賬號具有機敏權限 { if ((store[0].secret_count < store[0].secret_limit) && store[0].status == 1)//該賬號查詢次數未達極限 { if (_secretLogMgr.InsertSecretInfoLog(query) > 0)//查詢記錄保存成功 { store[0].secret_count = store[0].secret_count + 1; store[0].updatedate = DateTime.Now; sasMgr.Update(store[0]); //判斷是否具有權限 json = "{success:true,isconti:true,ispower:true,pwd_status:\"" + store[0].pwd_status + "\"}";//正常進行 } } else if ((store[0].secret_count >= store[0].secret_limit) && store[0].status == 1)//極限值訪問 { store[0].status = 0; store[0].updatedate = DateTime.Now; sasMgr.Update(store[0]); //判斷是否具有權限 json = "{success:true,isconti:false,ispower:true,pwd_status:\"" + store[0].pwd_status + "\"}";//已達極限 } else if ((store[0].secret_count < store[0].secret_limit) && store[0].status == 0) {//達極限 json = "{success:true,isconti:false,ispower:false,pwd_status:\"" + store[0].pwd_status + "\"}";//沒有賬號 } else { json = "{success:true,isconti:false,ispower:true,pwd_status:\"" + store[0].pwd_status + "\"}";//已達極限 } } else { json = "{success:true,isconti:false,ispower:false,pwd_status:\"" + 0 + "\"}";//沒有賬號 } } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); } this.Response.Clear(); this.Response.Write(json); this.Response.End(); return this.Response; }
public string QueryPara() { _secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString); string json = string.Empty; try { if (!string.IsNullOrEmpty(Request.QueryString["paraType"])) { json = _secretLogMgr.QuerySecretType(Request.QueryString["paraType"].ToString()); } } catch (Exception ex) { Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage(); logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message); logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name; log.Error(logMessage); json = "[]"; } return json; }