예제 #1
0
        public HttpResponseBase GetSecretInfoLog()
        {
            List<SecretInfoLog> store = new List<SecretInfoLog>();
            string json = string.Empty;
            int totalCount = 0;
            try
            {
                _secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString);

                SecretInfoLog query = new SecretInfoLog();
                query.Start = Convert.ToInt32(Request.Params["start"] ?? "0");

                if (!string.IsNullOrEmpty(Request.Params["limit"]))
                {
                    query.Limit = Convert.ToInt32(Request.Params["limit"]);
                }
                if (!string.IsNullOrEmpty(Request.Params["user_id"]))
                {
                    query.user_id = uint.Parse(Request.Params["user_id"]);
                }
                query.user_email = Request.Params["login_mail"];
                query.ipfrom = Request.Params["login_ipfrom"];
                if (!string.IsNullOrEmpty(Request.Params["start_date"]))
                {
                    query.date_one = Convert.ToDateTime(Request.Params["start_date"]);
                }
                if (!string.IsNullOrEmpty(Request.Params["end"]))
                {
                    query.date_two = Convert.ToDateTime(Request.Params["end"]);
                }
                if (!string.IsNullOrEmpty(Request.Params["sumtotal"]))
                {
                    query.sumtotal = int.Parse(Request.Params["sumtotal"]);
                }
                if (!string.IsNullOrEmpty(Request.Params["is_count"]))
                {
                    int is_count = int.Parse(Request.Params["is_count"]);
                    if (is_count == 1)
                    {
                        if (!string.IsNullOrEmpty(Request.Params["ismail"]))
                        {
                            query.ismail = int.Parse(Request.Params["ismail"]);
                        }
                        if (!string.IsNullOrEmpty(Request.Params["countClass"]))
                        {
                            query.countClass = int.Parse(Request.Params["countClass"]);
                        }
                    }
                    else
                    {
                        query.ismail = -1;
                        query.countClass = -1;
                    }
                }
                if (!string.IsNullOrEmpty(Request.Params["type"]))
                {
                    query.type = int.Parse(Request.Params["type"]);
                }


                DataTable DT = _secretLogMgr.GetSecretInfoLog(query, out totalCount);
                IsoDateTimeConverter timeConverter = new IsoDateTimeConverter();
                //这里使用自定义日期格式,如果不使用的话,默认是ISO8601格式     
                timeConverter.DateTimeFormat = "yyyy-MM-dd HH:mm:ss";
                json = "{success:true,totalCount:" + totalCount + ",data:" + JsonConvert.SerializeObject(DT, Formatting.Indented, timeConverter) + "}";//返回json數據
            }
            catch (Exception ex)
            {
                Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                log.Error(logMessage);
                json = "{success:false,totalCount:0,data:[]}";
            }
            this.Response.Clear();
            this.Response.Write(json);
            this.Response.End();
            return this.Response;
        }
예제 #2
0
        public HttpResponseBase SecretLogin()
        {

            string json = string.Empty;
            try
            {
                SecretAccountSet query = new SecretAccountSet();
                sasMgr = new SecretAccountSetMgr(mySqlConnectionString);
                _secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString);
                query.user_id = Convert.ToUInt32((System.Web.HttpContext.Current.Session["caller"] as Caller).user_id.ToString());
                query.ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                query.status = 1;
                List<SecretAccountSet> store = sasMgr.GetSecretSetList(query);//獲得用戶的密保信息
                if (store.Count != 0)//該用戶有機敏權限
                {
                    if (!string.IsNullOrEmpty(Request.Params["password"]))
                    {
                        HashEncrypt hmd5 = new HashEncrypt();
                        if (store[0].secret_pwd != hmd5.SHA256Encrypt(Request.Params["oldpassword"]) && Request.Params["oldpassword"].ToString() != "" && store[0].pwd_status == 0)
                        {
                            ulaMgr = new UserLoginAttemptsMgr(mySqlConnectionString);
                            UserLoginAttempts ula = new UserLoginAttempts();
                            ula.login_mail = (System.Web.HttpContext.Current.Session["caller"] as Caller).user_email;
                            ula.login_ipfrom = query.ipfrom;
                            ula.login_type = 4;
                            ulaMgr.Insert(ula);
                            SecretAccountSet sas = new SecretAccountSet();
                            store[0].user_login_attempts += 1;
                            store[0].updatedate = DateTime.Now;
                            sasMgr.LoginError(store[0]);
                            int count = 5 - store[0].user_login_attempts;//還有count次登入機會
                            json = "{success:true,error:5,count:" + count + "}";//返回json數據0:密碼錯誤
                        }
                        else
                        {
                            if ((store[0].secret_pwd == hmd5.SHA256Encrypt(Request.Params["password"]) && Request.Params["oldpassword"].ToString() == "") || store[0].pwd_status == 0)//密碼驗證正確
                            {
                                if (store[0].secret_count != 0 || store[0].user_login_attempts != 0 || store[0].pwd_status == 0)
                                {
                                    if (store[0].user_login_attempts != 0)
                                    {
                                        store[0].user_login_attempts = 0;
                                    }
                                    if (store[0].secret_count > 1)
                                    {
                                        store[0].secret_count = 1;
                                    }
                                    if (store[0].pwd_status == 0)
                                    {
                                        store[0].pwd_status = 1;
                                        store[0].secret_pwd = hmd5.SHA256Encrypt(Request.Params["password"]);
                                    }
                                    store[0].updatedate = DateTime.Now;
                                    sasMgr.Update(store[0]);//清空賬戶錯誤預警信息
                                }
                                //獲取最新的一條數據
                                SecretInfoLog info = _secretLogMgr.GetMaxCreateLog(new SecretInfoLog { user_id = query.user_id, ipfrom = query.ipfrom }).FirstOrDefault();
                                if (info.input_pwd_date == DateTime.MinValue)//該條數據是否已經記錄驗證時間,沒有則修改,有則新增
                                {
                                    info.input_pwd_date = DateTime.Now;
                                    _secretLogMgr.UpdateSecretInfoLog(info);
                                }
                                else
                                {
                                    info.input_pwd_date = DateTime.Now;
                                    _secretLogMgr.InsertSecretInfoLog(info);
                                }


                                json = "{success:true,error:0}";//返回json數據

                            }
                            else
                            {//密碼錯誤向
                                ulaMgr = new UserLoginAttemptsMgr(mySqlConnectionString);
                                UserLoginAttempts ula = new UserLoginAttempts();
                                ula.login_mail = (System.Web.HttpContext.Current.Session["caller"] as Caller).user_email;
                                ula.login_ipfrom = query.ipfrom;
                                ula.login_type = 4;
                                ulaMgr.Insert(ula);
                                SecretAccountSet sas = new SecretAccountSet();
                                store[0].user_login_attempts += 1;
                                store[0].updatedate = DateTime.Now;
                                sasMgr.LoginError(store[0]);
                                int count = 5 - store[0].user_login_attempts;//還有count次登入機會
                                if (store[0].secret_pwd != hmd5.SHA256Encrypt(Request.Params["oldpassword"]) && Request.Params["oldpassword"].ToString() != "" && store[0].pwd_status == 0)
                                {
                                    json = "{success:true,error:1,count:" + count + "}";//返回json數據0:密碼錯誤
                                }
                                else
                                {

                                    json = "{success:true,error:1,count:" + count + "}";//返回json數據0:密碼錯誤
                                }
                            }
                        }
                    }
                    else
                    {
                        json = "{success:true,error:3}";//返回json數據,後台未獲取到輸入的密碼 
                    }

                }
                else
                {
                    json = "{success:true,error:2}";//返回json數據1:用戶未註冊資安權限或被鎖定
                }


            }
            catch (Exception ex)
            {
                Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                log.Error(logMessage);
                json = "{success:false}";
            }
            this.Response.Clear();
            this.Response.Write(json);
            this.Response.End();
            return this.Response;
        }
예제 #3
0
        public HttpResponseBase GetSecretLog()
        {
            string json = string.Empty;
            try
            {
                _secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString);
                SecretInfoLog query = new SecretInfoLog();
                query.user_id = Convert.ToUInt32((System.Web.HttpContext.Current.Session["caller"] as Caller).user_id.ToString());
                query.ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                List<SecretInfoLog> store = _secretLogMgr.GetSecretInfoLog(query);//first是輸入密碼最近的
                if (store.Count != 0)
                {
                    DateTime dtNow = DateTime.Now.AddMinutes(-5);
                    if (dtNow.CompareTo(Convert.ToDateTime(store[0].input_pwd_date)) >= 0)
                    {
                        json = "{success:true,data:true}";//超出密保時間,需輸入密碼
                    }
                    else
                    {
                        json = "{success:true,data:false}";//未超出密保時間,則不需輸入密碼
                    }
                }
                else
                {
                    json = "{success:true,data:true}";//超出密保時間,需輸入密碼
                }


            }
            catch (Exception ex)
            {
                Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                log.Error(logMessage);
                json = "{success:false,data:true}";//異常
            }
            this.Response.Clear();
            this.Response.Write(json);
            this.Response.End();
            return this.Response;
        }
예제 #4
0
        /// <summary>
        /// 誰在什麼時候通過哪個頁面訪問了哪筆機敏資料
        /// </summary>
        /// <returns></returns>
        public HttpResponseBase SaveSecretLog()
        {

            string json = "{success:false,isconti:false,ispower:false,pwd_status:\"" + 0 + "\"}";
            try
            {
                _secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString);

                SecretInfoLog query = new SecretInfoLog();
                //誰
                query.user_id = Convert.ToUInt32((System.Web.HttpContext.Current.Session["caller"] as Caller).user_id.ToString());
                query.ipfrom = CommonFunction.GetIP4Address(Request.UserHostAddress.ToString());
                //在哪個時候
                query.createdate = DateTime.Now;
                //訪問了哪個頁面
                if (!string.IsNullOrEmpty(Request.Params["urlRecord"]))
                {
                    query.url = Request.Params["urlRecord"].ToString();
                }
                if (!string.IsNullOrEmpty(Request.Params["secretType"]))
                {
                    query.type = Convert.ToInt32(Request.Params["secretType"].ToString());
                }
                //哪筆機敏資料
                if (!string.IsNullOrEmpty(Request.Params["ralatedId"]))
                {
                    query.related_id = Convert.ToInt32(Request.Params["ralatedId"].ToString());
                }
                sasMgr = new SecretAccountSetMgr(mySqlConnectionString);
                SecretAccountSet querysas = new SecretAccountSet();
                querysas.user_id = query.user_id;
                querysas.ipfrom = query.ipfrom;
                querysas.status = -1;
                List<SecretAccountSet> store = sasMgr.GetSecretSetList(querysas);//獲得用戶的密保信息
                if (store.Count > 0)//該賬號具有機敏權限
                {
                    if ((store[0].secret_count < store[0].secret_limit) && store[0].status == 1)//該賬號查詢次數未達極限
                    {
                        if (_secretLogMgr.InsertSecretInfoLog(query) > 0)//查詢記錄保存成功
                        {
                            store[0].secret_count = store[0].secret_count + 1;
                            store[0].updatedate = DateTime.Now;
                            sasMgr.Update(store[0]);
                            //判斷是否具有權限
                            json = "{success:true,isconti:true,ispower:true,pwd_status:\"" + store[0].pwd_status + "\"}";//正常進行
                        }
                    }
                    else if ((store[0].secret_count >= store[0].secret_limit) && store[0].status == 1)//極限值訪問
                    {
                        store[0].status = 0;
                        store[0].updatedate = DateTime.Now;
                        sasMgr.Update(store[0]);
                        //判斷是否具有權限
                        json = "{success:true,isconti:false,ispower:true,pwd_status:\"" + store[0].pwd_status + "\"}";//已達極限
                    }
                    else if ((store[0].secret_count < store[0].secret_limit) && store[0].status == 0)
                    {//達極限
                        json = "{success:true,isconti:false,ispower:false,pwd_status:\"" + store[0].pwd_status + "\"}";//沒有賬號

                    }
                    else
                    {
                        json = "{success:true,isconti:false,ispower:true,pwd_status:\"" + store[0].pwd_status + "\"}";//已達極限
                    }
                }
                else
                {
                    json = "{success:true,isconti:false,ispower:false,pwd_status:\"" + 0 + "\"}";//沒有賬號
                }

            }
            catch (Exception ex)
            {
                Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
                logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
                logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
                log.Error(logMessage);
            }
            this.Response.Clear();
            this.Response.Write(json);
            this.Response.End();
            return this.Response;
        }
예제 #5
0
 public string QueryPara()
 {
     _secretLogMgr = new SecretInfoLogMgr(mySqlConnectionString);
     string json = string.Empty;
     try
     {
         if (!string.IsNullOrEmpty(Request.QueryString["paraType"]))
         {
             json = _secretLogMgr.QuerySecretType(Request.QueryString["paraType"].ToString());
         }
     }
     catch (Exception ex)
     {
         Log4NetCustom.LogMessage logMessage = new Log4NetCustom.LogMessage();
         logMessage.Content = string.Format("TargetSite:{0},Source:{1},Message:{2}", ex.TargetSite.Name, ex.Source, ex.Message);
         logMessage.MethodName = System.Reflection.MethodBase.GetCurrentMethod().Name;
         log.Error(logMessage);
         json = "[]";
     }
     return json;
 }