예제 #1
0
파일: UserModel.cs 프로젝트: burstas/rmps
        /// <summary>
        /// 用户注册
        /// </summary>
        /// <returns></returns>
        public bool WsSignUp(string name, string pass, XmlWriter writer)
        {
            name = name.ToLower();
            Random r = new Random();

            // 口令
            byte[] t = new byte[72];
            int i = 0;
            byte[] a = Encoding.UTF8.GetBytes(_Code);
            Array.Copy(a, 0, t, i, a.Length);
            i += a.Length;

            _Salt = new byte[16];
            r.NextBytes(_Salt);
            Array.Copy(_Salt, 0, t, i, _Salt.Length);
            i += _Salt.Length;

            _Keys = new byte[32];
            r.NextBytes(_Keys);
            Array.Copy(_Keys, 0, t, i, _Keys.Length);
            i += _Keys.Length;

            _Mask = CharUtil.GenerateUserChar();
            a = Encoding.UTF8.GetBytes(_Mask);
            Array.Copy(a, 0, t, i, a.Length);

            #region AES 加密
            byte[] k = GenK(name, _Code, pass);
            byte[] v = GenV(name, _Code, pass);
            AesManaged aes = new AesManaged();
            using (MemoryStream mStream = new MemoryStream())
            {
                using (CryptoStream cStream = new CryptoStream(mStream, aes.CreateEncryptor(k, v), CryptoStreamMode.Write))
                {
                    cStream.Write(t, 0, t.Length);
                    cStream.FlushFinalBlock();
                    t = mStream.ToArray();
                }
            }
            aes.Clear();
            #endregion

            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.APWD0000);
            dba.AddWhere(DBConst.APWD0001, _Code);
            dba.AddDeleteBatch();

            a = new byte[256];
            r.NextBytes(a);
            string data = Convert.ToBase64String(a);
            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, _Code);
            dba.AddParam(DBConst.APWD0002, "Data");
            dba.AddParam(DBConst.APWD0003, data);
            dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
            dba.AddInsertBatch();

            string info = Digest(name, pass, a);
            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, _Code);
            dba.AddParam(DBConst.APWD0002, "Info");
            dba.AddParam(DBConst.APWD0003, info);
            dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
            dba.AddInsertBatch();

            string main = Convert.ToBase64String(t);
            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, _Code);
            dba.AddParam(DBConst.APWD0002, "Main");
            dba.AddParam(DBConst.APWD0003, main);
            dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
            dba.AddInsertBatch();

            string safe = "";
            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, _Code);
            dba.AddParam(DBConst.APWD0002, "Safe");
            dba.AddParam(DBConst.APWD0003, safe);
            dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
            dba.AddInsertBatch();
            dba.ExecuteBatch();

            a = new byte[256];
            new Random().NextBytes(a);
            writer.WriteElementString("Code", _Code);
            writer.WriteElementString("Data", data);
            writer.WriteElementString("Info", info);
            writer.WriteElementString("Main", main);
            writer.WriteElementString("Safe", safe);
            return true;
        }
예제 #2
0
파일: UserModel.cs 프로젝트: burstas/rmps
        /// <summary>
        /// 用户注册(网页方式)
        /// </summary>
        /// <param name="name">登录用户</param>
        /// <param name="pass">用户口令</param>
        /// <param name="mail">电子邮件</param>
        /// <returns></returns>
        public int WpSignUp(string name, string pass, string mail)
        {
            #region 用户名判断
            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.C3010400);
            dba.AddColumn(DBConst.C3010402);
            dba.AddWhere(string.Format("{0}='{1}' OR {2}='{3}'", DBConst.C3010405, name, DBConst.C3010406, mail));
            DataTable dt = dba.ExecuteSelect();
            if (dt.Rows.Count != 0)
            {
                return IMsg.MSG_SIGNUP_EXIST;
            }
            #endregion

            #region 用户信息
            dba.ReInit();
            dba.AddTable(DBConst.C3010400);
            dba.AddColumn(string.Format("MAX({0}) {0}", DBConst.C3010402));
            dba.AddWhere(string.Format("LENGTH({0})=8", DBConst.C3010402));
            dt = dba.ExecuteSelect();
            string code = "";
            if (dt != null && dt.Rows.Count > 0)
            {
                code = dt.Rows[0][0].ToString();
            }
            if (CharUtil.IsValidateCode(code))
            {
                code = CharUtil.GenerateUserCode(code);
            }
            else
            {
                code = "A0000000";
            }
            #endregion

            string hash = HashUtil.UtcTimeInHex(false);

            #region 真实信息
            dba.ReInit();
            dba.AddTable(DBConst.C3010300);
            dba.AddParam(DBConst.C3010301, hash);
            dba.AddParam(DBConst.C3010302, code);
            dba.AddParam(DBConst.C3010303, "");
            dba.AddParam(DBConst.C3010304, "");
            dba.AddParam(DBConst.C3010305, 1);
            dba.AddParam(DBConst.C3010306, null);
            dba.AddParam(DBConst.C3010307, "");
            dba.AddParam(DBConst.C3010308, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C3010309, DBConst.SQL_NOW, false);
            if (dba.ExecuteInsert() != 1)
            {
                return IMsg.MSG_SIGNUP_INNER;
            }
            #endregion

            #region 在线信息
            dba.ReInit();
            dba.AddTable(DBConst.C3010400);
            dba.AddParam(DBConst.C3010401, hash);
            dba.AddParam(DBConst.C3010402, code);
            dba.AddParam(DBConst.C3010403, "0");
            dba.AddParam(DBConst.C3010404, "0");
            dba.AddParam(DBConst.C3010405, name);
            dba.AddParam(DBConst.C3010406, mail);
            dba.AddParam(DBConst.C3010407, name);
            dba.AddParam(DBConst.C3010408, "0");
            dba.AddParam(DBConst.C3010409, "");
            dba.AddParam(DBConst.C301040A, "");
            dba.AddParam(DBConst.C301040B, "");
            dba.AddParam(DBConst.C301040C, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C301040D, DBConst.SQL_NOW, false);
            if (dba.ExecuteInsert() != 1)
            {
                return IMsg.MSG_SIGNUP_INNER;
            }
            #endregion

            #region 联系方式
            dba.ReInit();
            dba.AddTable(DBConst.C3010500);
            dba.AddParam(DBConst.C3010501, "0");
            dba.AddParam(DBConst.C3010502, IUser.MAJOR_04);
            dba.AddParam(DBConst.C3010503, hash);
            dba.AddParam(DBConst.C3010504, code);
            dba.AddParam(DBConst.C3010505, "sctteqacvfxgqgtb");// 电子邮件
            dba.AddParam(DBConst.C3010506, mail);
            dba.AddParam(DBConst.C3010507, "");
            dba.AddParam(DBConst.C3010508, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C3010509, DBConst.SQL_NOW, false);
            if (dba.ExecuteInsert() != 1)
            {
                return IMsg.MSG_SIGNUP_INNER;
            }
            #endregion

            #region 安全信息
            _Data = new byte[256];
            new Random().NextBytes(_Data);
            string info = Digest(name.ToLower(), pass, _Data);
            dba.ReInit();
            dba.AddTable(DBConst.C3010600);
            dba.AddParam(DBConst.C3010601, hash);
            dba.AddParam(DBConst.C3010602, hash);
            dba.AddParam(DBConst.C3010603, info);
            dba.AddParam(DBConst.C3010604, mail);
            dba.AddParam(DBConst.C3010605, "");
            dba.AddParam(DBConst.C3010606, "");
            dba.AddParam(DBConst.C3010607, "");
            dba.AddParam(DBConst.C3010608, "");
            dba.AddParam(DBConst.C3010609, "");
            dba.AddParam(DBConst.C301060A, "");
            dba.AddParam(DBConst.C301060B, "");
            dba.AddParam(DBConst.C301060C, "");
            dba.AddParam(DBConst.C301060D, "");
            dba.AddParam(DBConst.C301060E, "");
            dba.AddParam(DBConst.C301060F, Convert.ToBase64String(_Data));
            dba.AddParam(DBConst.C3010610, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C3010611, DBConst.SQL_NOW, false);
            if (dba.ExecuteInsert() != 1)
            {
                return IMsg.MSG_SIGNUP_INNER;
            }
            #endregion

            #region 权限分配
            dba.ReInit();
            dba.AddTable(DBConst.C3010200);
            dba.AddParam(DBConst.C3010201, hash);
            dba.AddParam(DBConst.C3010202, hash);
            dba.AddParam(DBConst.C3010203, "sctvsxyttfzeqqgq");//一般用户
            dba.AddParam(DBConst.C3010204, "APWD0000");
            dba.AddParam(DBConst.C3010205, "");
            dba.AddParam(DBConst.C3010206, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C3010207, DBConst.SQL_NOW, false);
            if (dba.ExecuteInsert() != 1)
            {
                return IMsg.MSG_SIGNUP_INNER;
            }
            #endregion

            _Name = name;
            _Code = code;
            _Rank = IUser.LEVEL_02;//一般用户

            return IMsg.MSG_SIGNUP_SUCCESS;
        }
예제 #3
0
파일: UserModel.cs 프로젝트: burstas/rmps
        /// <summary>
        /// 修改口令
        /// </summary>
        /// <param name="name"></param>
        /// <param name="oldPass"></param>
        /// <param name="newPass"></param>
        /// <returns></returns>
        public bool WsSignPk(string name, string oldPass, string newPass, XmlWriter writer)
        {
            var dba = new DBAccess();
            dba.AddTable(DBConst.C3010400);
            dba.AddColumn(DBConst.C3010402);
            dba.AddWhere(DBConst.C3010400, CharUtil.Text2DB(name));
            var dt = dba.ExecuteSelect();
            if (dt.Rows.Count != 1)
            {
                writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!");
                return false;
            }

            string code = dt.Rows[0][DBConst.C3010402] as string;
            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddColumn(DBConst.APWD0002);
            dba.AddColumn(DBConst.APWD0003);
            dba.AddWhere(DBConst.APWD0001, code);
            dba.AddSort(DBConst.APWD0002, true);
            dt = dba.ExecuteSelect();
            if (dt.Rows.Count != 4)
            {
                writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!");
                return false;
            }

            string data = dt.Rows[0][DBConst.APWD0003] as string;
            if (string.IsNullOrEmpty(data))
            {
                writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!");
                return false;
            }
            byte[] b = Convert.FromBase64String(data);
            string info = dt.Rows[0][DBConst.APWD0003] as string;
            string main = dt.Rows[0][DBConst.APWD0003] as string;
            string safe = dt.Rows[0][DBConst.APWD0003] as string;

            // 已有口令校验
            if (info != Digest(name, oldPass, b))
            {
                writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!");
                return false;
            }

            // 口令
            byte[] k = GenK(name, code, oldPass);
            // 向量
            byte[] v = GenV(name, code, oldPass);
            byte[] t = Convert.FromBase64String(main);
            #region AES 加密
            AesManaged aes1 = new AesManaged();
            using (MemoryStream mStream = new MemoryStream())
            {
                using (CryptoStream cStream = new CryptoStream(mStream, aes1.CreateDecryptor(k, v), CryptoStreamMode.Write))
                {
                    cStream.Write(t, 0, t.Length);
                    cStream.FlushFinalBlock();
                    t = mStream.ToArray();
                }
            }
            aes1.Clear();
            #endregion

            new Random().NextBytes(b);
            // 口令
            k = GenK(name, code, newPass);
            // 向量
            v = GenV(name, code, newPass);

            #region AES 加密
            AesManaged aes2 = new AesManaged();
            using (MemoryStream mStream = new MemoryStream())
            {
                using (CryptoStream cStream = new CryptoStream(mStream, aes2.CreateEncryptor(k, v), CryptoStreamMode.Write))
                {
                    cStream.Write(t, 0, t.Length);
                    cStream.FlushFinalBlock();
                    t = mStream.ToArray();
                }
            }
            aes1.Clear();
            #endregion

            // 摘要用户登录信息
            info = Digest(name, newPass, b);
            data = Convert.ToBase64String(b);
            main = Convert.ToBase64String(t);

            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddWhere(DBConst.APWD0001, code);
            dba.AddDeleteBatch();

            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, code);
            dba.AddParam(DBConst.APWD0002, "Data");
            dba.AddParam(DBConst.APWD0003, data);
            dba.AddInsertBatch();

            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, code);
            dba.AddParam(DBConst.APWD0002, "Info");
            dba.AddParam(DBConst.APWD0003, info);
            dba.AddInsertBatch();

            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, code);
            dba.AddParam(DBConst.APWD0002, "Main");
            dba.AddParam(DBConst.APWD0003, main);
            dba.AddInsertBatch();

            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, code);
            dba.AddParam(DBConst.APWD0002, "Safe");
            dba.AddParam(DBConst.APWD0003, safe);
            dba.AddInsertBatch();

            dba.ExecuteBatch();

            writer.WriteElementString("Code", code);
            writer.WriteElementString("Data", data);
            writer.WriteElementString("Info", info);
            writer.WriteElementString("Main", main);
            writer.WriteElementString("Safe", safe);
            return true;
        }
예제 #4
0
파일: UserModel.cs 프로젝트: burstas/rmps
        /// <summary>
        /// 修改登录口令
        /// </summary>
        /// <param name="oldPass"></param>
        /// <param name="newPass"></param>
        /// <returns></returns>
        public bool WpSignPk(string oldPass, string newPass)
        {
            // 口令验证
            string tmpPwds = Digest(_Name, oldPass, _Data);

            // 执行查询
            var dba = new DBAccess();
            dba.AddTable(DBConst.C3010600);
            dba.AddColumn(DBConst.C3010603);
            dba.AddWhere(DBConst.C3010602, _Hash);
            DataTable dt = dba.ExecuteSelect();

            // 数据验证
            if (dt.Rows.Count != 1)
            {
                return false;
            }
            oldPass = dt.Rows[0][0].ToString();
            if (tmpPwds != oldPass)
            {
                return false;
            }

            tmpPwds = Digest(_Name, newPass, _Data);

            // 修改口令
            dba.ReInit();
            dba.AddTable(DBConst.C3010600);
            dba.AddParam(DBConst.C3010603, tmpPwds);
            dba.AddParam(DBConst.C3010610, DBConst.SQL_NOW, false);
            dba.AddWhere(DBConst.C3010602, _Hash);
            return 1 == dba.ExecuteUpdate();
        }
예제 #5
0
파일: UserModel.cs 프로젝트: burstas/rmps
        public void InitUserData()
        {
            #region 数据初始化
            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.ACAT0200);
            dba.AddWhere(DBConst.ACAT0202, Code);
            dba.AddDeleteBatch();

            dba.ReInit();
            dba.AddParam(DBConst.ACAT0201, DBConst.ACAT0201, false);
            dba.AddParam(DBConst.ACAT0202, Code);
            dba.AddParam(DBConst.ACAT0203, DBConst.ACAT0203, false);
            dba.AddParam(DBConst.ACAT0204, DBConst.ACAT0204, false);
            dba.AddParam(DBConst.ACAT0205, DBConst.ACAT0205, false);
            dba.AddParam(DBConst.ACAT0206, DBConst.ACAT0206, false);
            dba.AddParam(DBConst.ACAT0207, DBConst.ACAT0207, false);
            dba.AddParam(DBConst.ACAT0208, DBConst.ACAT0208, false);
            dba.AddParam(DBConst.ACAT0209, DBConst.ACAT0209, false);
            dba.AddParam(DBConst.ACAT020A, DBConst.ACAT020A, false);
            dba.AddParam(DBConst.ACAT020B, DBConst.ACAT020B, false);
            dba.AddParam(DBConst.ACAT020C, 1);
            dba.AddParam(DBConst.ACAT020D, 1);
            dba.AddWhere(DBConst.ACAT0202, IUser.AMON_CODE);
            dba.AddBackupBatch(DBConst.ACAT0200, DBConst.ACAT0200);

            dba.ReInit();
            dba.AddTable(DBConst.APWD0300);
            dba.AddWhere(DBConst.APWD0303, Code);
            dba.AddDeleteBatch();

            dba.ReInit();
            dba.AddParam(DBConst.APWD0301, DBConst.APWD0301, false);
            dba.AddParam(DBConst.APWD0302, DBConst.APWD0302, false);
            dba.AddParam(DBConst.APWD0303, Code);
            dba.AddParam(DBConst.APWD0304, DBConst.APWD0304, false);
            dba.AddParam(DBConst.APWD0305, DBConst.APWD0305, false);
            dba.AddParam(DBConst.APWD0306, DBConst.APWD0306, false);
            dba.AddParam(DBConst.APWD0307, DBConst.APWD0307, false);
            dba.AddParam(DBConst.APWD0308, DBConst.APWD0308, false);
            dba.AddParam(DBConst.APWD0309, DBConst.APWD0309, false);
            dba.AddParam(DBConst.APWD030A, DBConst.APWD030A, false);
            dba.AddParam(DBConst.APWD030B, 1);
            dba.AddParam(DBConst.APWD030C, 1);
            dba.AddWhere(DBConst.APWD0303, IUser.AMON_CODE);
            dba.AddBackupBatch(DBConst.APWD0300, DBConst.APWD0300);

            dba.ReInit();
            dba.AddTable(DBConst.AUDC0100);
            dba.AddWhere(DBConst.AUDC0102, Code);
            dba.AddDeleteBatch();

            dba.ReInit();
            dba.AddParam(DBConst.AUDC0101, DBConst.AUDC0101, false);
            dba.AddParam(DBConst.AUDC0102, Code);
            dba.AddParam(DBConst.AUDC0103, DBConst.AUDC0103, false);
            dba.AddParam(DBConst.AUDC0104, DBConst.AUDC0104, false);
            dba.AddParam(DBConst.AUDC0105, DBConst.AUDC0105, false);
            dba.AddParam(DBConst.AUDC0106, DBConst.AUDC0106, false);
            dba.AddParam(DBConst.AUDC0107, DBConst.AUDC0107, false);
            dba.AddParam(DBConst.AUDC0108, DBConst.AUDC0108, false);
            dba.AddParam(DBConst.AUDC0109, DBConst.AUDC0109, false);
            dba.AddParam(DBConst.AUDC010A, 1);
            dba.AddParam(DBConst.AUDC010B, 1);
            dba.AddWhere(DBConst.AUDC0102, IUser.AMON_CODE);
            dba.AddBackupBatch(DBConst.AUDC0100, DBConst.AUDC0100);

            dba.ExecuteBatch();
            #endregion
        }
예제 #6
0
파일: Cat.cs 프로젝트: burstas/rmps
        public override bool Save(DBAccess dba, bool update)
        {
            dba.ReInit();
            dba.AddTable(DBConst.ACAT0200);
            dba.AddParam(DBConst.ACAT0201, Order);
            dba.AddParam(DBConst.ACAT0204, Parent);
            dba.AddParam(DBConst.ACAT0205, Text);
            dba.AddParam(DBConst.ACAT0206, Tips);
            dba.AddParam(DBConst.ACAT0207, Icon);
            dba.AddParam(DBConst.ACAT0208, Meta);
            dba.AddParam(DBConst.ACAT0209, Memo);
            dba.AddParam(DBConst.ACAT020A, DBConst.SQL_NOW, false);

            if (update)
            {
                dba.AddWhere(DBConst.ACAT0202, UserCode);
                dba.AddWhere(DBConst.ACAT0203, Id);
                dba.AddVcs(DBConst.ACAT020C, DBConst.ACAT020D, Operate, Cat.OPT_UPDATE);
                return 1 == dba.ExecuteUpdate();
            }

            dba.AddParam(DBConst.ACAT0202, UserCode);
            dba.AddParam(DBConst.ACAT0203, Id);
            dba.AddParam(DBConst.ACAT020B, DBConst.SQL_NOW, false);
            dba.AddVcs(DBConst.ACAT020C, DBConst.ACAT020D);
            return 1 == dba.ExecuteInsert();
        }
예제 #7
0
파일: s.ashx.cs 프로젝트: burstas/rmps
        private void ProcessRSA(XmlWriter writer)
        {
            string t = HashUtil.UtcTimeInHex();

            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.C3010000);
            dba.AddParam(DBConst.C3010001, t);
            dba.AddParam(DBConst.C3010002, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C3010003, CharUtil.Text2DB(rsa.ToXmlString(true)));
            dba.AddParam(DBConst.C3010004, 0);
            dba.ExecuteInsert();

            writer.WriteStartElement("RSA");
            writer.WriteElementString("t", t);
            writer.WriteElementString("k", rsa.ToXmlString(false));
            writer.WriteEndElement();
        }
예제 #8
0
파일: s.ashx.cs 프로젝트: burstas/rmps
        private byte[] Encrypt(string t, byte[] data)
        {
            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.C3010000);
            dba.AddColumn(DBConst.C3010003);
            dba.AddWhere(DBConst.C3010001, CharUtil.Text2DB(t));
            dba.AddWhere(DBConst.C3010004, "0");
            DataTable dt = dba.ExecuteSelect();
            if (dt.Rows.Count != 1)
            {
                return null;
            }
            string key = dt.Rows[0][0] as string;

            using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
            {
                rsa.FromXmlString(key);
                data = rsa.Encrypt(data, false);
            }

            dba.ReInit();
            dba.AddTable(DBConst.C3010000);
            dba.AddParam(DBConst.C3010004, 1);
            dba.AddWhere(DBConst.C3010001, CharUtil.Text2DB(t));
            dba.AddWhere(DBConst.C3010004, "0", false);
            dba.ExecuteUpdate();

            return data;
        }