protected void AddLogin_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
SqlLoginCollection logins;
SqlServer server = SqlServer.CurrentServer;
server.Connect();
if (server.IsUserValid())
{
logins = server.Logins;
try
{
SqlLogin newLogin = logins.Add(
LoginName.Text.Trim(),
(SqlLoginType)Enum.Parse(typeof(SqlLoginType), AuthType.SelectedValue),
Password.Text.Trim()
);
// Redirect user to the edit screen so they can edit more properties
Response.Redirect("EditServerLogin.aspx?Login=" + newLogin.Name);
}
catch (Exception ex)
{
ErrorMessage.Text = ex.Message;
}
}
server.Disconnect();
}
}
protected void btnOK_Click(object sender, EventArgs e)
{
DataView lg;
SqlLogin.SelectParameters["LOGIN"].DefaultValue = cripto.Encrypt(txtLogin.Text);
SqlLogin.SelectParameters["SENHA"].DefaultValue = cripto.Encrypt(txtSenha.Text);
lg = (DataView)SqlLogin.Select(DataSourceSelectArguments.Empty);
if (lg.Table.Rows.Count == 0)
{
Response.Redirect("Default.aspx");
lblErro.Text = "Usuário nao cadastrado";
}
else
{
Session["logado"] = "OK";
Response.Redirect("telaCompras.aspx");
}
}
protected void AddLogin_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
SqlLoginCollection logins;
SqlServer server = SqlServer.CurrentServer;
try
{
server.Connect();
}
catch (System.Exception ex)
{
//Response.Redirect("Error.aspx?errorPassCode=" + 2002);
Response.Redirect(String.Format("error.aspx?errormsg={0}&stacktrace={1}", Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace)));
}
if (server.IsUserValid())
{
logins = server.Logins;
try
{
SqlLogin newLogin = logins.Add(
LoginName.Text.Trim(),
(SqlLoginType)Enum.Parse(typeof(SqlLoginType), AuthType.SelectedValue),
Password.Text.Trim()
);
// Redirect user to the edit screen so they can edit more properties
Response.Redirect("EditServerLogin.aspx?Login=" + Server.UrlEncode(newLogin.Name));
}
catch (Exception ex)
{
ErrorMessage.Text = ex.Message;
}
}
server.Disconnect();
}
}
protected override void OnLoad(EventArgs e)
{
if (Request["Login"] == null)
Response.Redirect("CreateLogin.aspx");
LoginLabel.Text = Request["Login"].ToUpper();
if (!Page.IsPostBack)
{
SqlServer server = SqlServer.CurrentServer;
try
{
server.Connect();
}
catch (System.Exception ex)
{
//Response.Redirect("Error.aspx?errorPassCode=" + 2002);
Response.Redirect(String.Format("error.aspx?errormsg={0}&stacktrace={1}", Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace)));
}
sqlLogin = server.Logins[Request["Login"]];
if (sqlLogin == null)
Response.Redirect("CreateLogin.aspx");
if (sqlLogin.LoginType == SqlLoginType.NTUser || sqlLogin.LoginType == SqlLoginType.NTGroup)
{
SecurityAccess.Enabled = true;
SecurityAccessLabel.Enabled = true;
if (sqlLogin.NTLoginAccessType == SqlNtAccessType.Deny)
{
SecurityAccess.Items[1].Selected = true;
}
else
{
SecurityAccess.Items[0].Selected = true;
}
}
databases = server.Databases;
DefaultDatabase.DataSource = databases;
DefaultDatabase.DataBind();
DatabaseAccessGrid.DataSource = databases;
DatabaseAccessGrid.DataBind();
// Select default database
ListItem databaseItem = DefaultDatabase.Items.FindByValue(sqlLogin.Database);
if (databaseItem != null)
{
databaseItem.Selected = true;
}
else
{
databaseItem = DefaultDatabase.Items.FindByValue("master");
if (databaseItem != null)
databaseItem.Selected = true;
}
allRoles = server.Roles;
ServerRoles.DataSource = allRoles;
ServerRoles.DataBind();
// Select member roles
foreach (ListItem item in ServerRoles.Items)
{
if (sqlLogin.IsMember(item.Value))
{
item.Selected = true;
}
}
DefaultLanguage.DataSource = server.Languages;
DefaultLanguage.DataBind();
// Select default language
ListItem languageItem = DefaultLanguage.Items.FindByValue(sqlLogin.Language);
if (languageItem != null)
{
languageItem.Selected = true;
}
else
{
languageItem = DefaultLanguage.Items.FindByValue("English");
if (languageItem != null)
languageItem.Selected = true;
}
server.Disconnect();
focusPanel(GeneralPanel);
}
base.OnLoad(e);
}
private bool Save()
{
SqlServer server = SqlServer.CurrentServer;
try
{
server.Connect();
}
catch (System.Exception ex)
{
//Response.Redirect("Error.aspx?errorPassCode=" + 2002);
Response.Redirect(String.Format("error.aspx?errormsg={0}&stacktrace={1}", Server.UrlEncode(ex.Message), Server.UrlEncode(ex.StackTrace)));
}
try
{
// Save Login settings
sqlLogin = server.Logins[Request["Login"]];
if (SecurityAccess.Enabled)
{
sqlLogin.DenyNTLogin = SecurityAccess.SelectedValue == "Deny" ? true : false;
}
sqlLogin.Database = DefaultDatabase.SelectedValue;
sqlLogin.Language = DefaultLanguage.SelectedValue;
// Save server roles
foreach (ListItem item in ServerRoles.Items)
{
if (sqlLogin.IsMember(item.Value) && !item.Selected)
{
server.Roles[item.Value].DropMember(sqlLogin.Name);
}
else if (!sqlLogin.IsMember(item.Value) && item.Selected)
{
server.Roles[item.Value].AddMember(sqlLogin.Name);
}
}
databases = server.Databases;
// Save database access
foreach (DataGridItem item in DatabaseAccessGrid.Items)
{
SqlDatabase database = databases[(string)DatabaseAccessGrid.DataKeys[item.ItemIndex]];
CheckBox cb = item.FindControl("DatabaseAccess") as CheckBox;
if (database != null && cb != null)
{
string dbName = sqlLogin.GetUserName(database.Name);
if (dbName != null && !cb.Checked)
{
database.Users[dbName].Remove();
}
else if (dbName == null && cb.Checked)
{
database.Users.Add(sqlLogin.Name, sqlLogin.Name);
}
}
}
}
catch (Exception ex)
{
ErrorMessage.Text = ex.Message;
return false;
}
finally
{
server.Disconnect();
}
return true;
}
protected override void OnLoad(EventArgs e)
{
if (Request["Login"] == null)
{
Response.Redirect("CreateLogin.aspx");
}
LoginLabel.Text = Request["Login"].ToUpper();
if (!Page.IsPostBack)
{
SqlServer server = SqlServer.CurrentServer;
server.Connect();
sqlLogin = server.Logins[Request["Login"]];
if (sqlLogin == null)
{
Response.Redirect("CreateLogin.aspx");
}
if (sqlLogin.LoginType == SqlLoginType.NTUser || sqlLogin.LoginType == SqlLoginType.NTGroup)
{
SecurityAccess.Enabled = true;
SecurityAccessLabel.Enabled = true;
if (sqlLogin.NTLoginAccessType == SqlNtAccessType.Deny)
{
SecurityAccess.Items[1].Selected = true;
}
else
{
SecurityAccess.Items[0].Selected = true;
}
}
databases = server.Databases;
DefaultDatabase.DataSource = databases;
DefaultDatabase.DataBind();
DatabaseAccessGrid.DataSource = databases;
DatabaseAccessGrid.DataBind();
// Select default database
ListItem databaseItem = DefaultDatabase.Items.FindByValue(sqlLogin.Database);
if (databaseItem != null)
{
databaseItem.Selected = true;
}
else
{
databaseItem = DefaultDatabase.Items.FindByValue("master");
if (databaseItem != null)
{
databaseItem.Selected = true;
}
}
allRoles = server.Roles;
ServerRoles.DataSource = allRoles;
ServerRoles.DataBind();
// Select member roles
foreach (ListItem item in ServerRoles.Items)
{
if (sqlLogin.IsMember(item.Value))
{
item.Selected = true;
}
}
DefaultLanguage.DataSource = server.Languages;
DefaultLanguage.DataBind();
// Select default language
ListItem languageItem = DefaultLanguage.Items.FindByValue(sqlLogin.Language);
if (languageItem != null)
{
languageItem.Selected = true;
}
else
{
languageItem = DefaultLanguage.Items.FindByValue("English");
if (languageItem != null)
{
languageItem.Selected = true;
}
}
server.Disconnect();
focusPanel(GeneralPanel);
}
base.OnLoad(e);
}
private bool Save()
{
SqlServer server = SqlServer.CurrentServer;
server.Connect();
try
{
// Save Login settings
sqlLogin = server.Logins[Request["Login"]];
if (SecurityAccess.Enabled)
{
sqlLogin.DenyNTLogin = SecurityAccess.SelectedValue == "Deny"?true:false;
}
sqlLogin.Database = DefaultDatabase.SelectedValue;
sqlLogin.Language = DefaultLanguage.SelectedValue;
// Save server roles
foreach (ListItem item in ServerRoles.Items)
{
if (sqlLogin.IsMember(item.Value) && !item.Selected)
{
server.Roles[item.Value].DropMember(sqlLogin.Name);
}
else if (!sqlLogin.IsMember(item.Value) && item.Selected)
{
server.Roles[item.Value].AddMember(sqlLogin.Name);
}
}
databases = server.Databases;
// Save database access
foreach (DataGridItem item in DatabaseAccessGrid.Items)
{
SqlDatabase database = databases[(string)DatabaseAccessGrid.DataKeys[item.ItemIndex]];
CheckBox cb = item.FindControl("DatabaseAccess") as CheckBox;
if (database != null && cb != null)
{
string dbName = sqlLogin.GetUserName(database.Name);
if (dbName != null && !cb.Checked)
{
database.Users[dbName].Remove();
}
else if (dbName == null && cb.Checked)
{
database.Users.Add(sqlLogin.Name, sqlLogin.Name);
}
}
}
}
catch (Exception ex)
{
ErrorMessage.Text = ex.Message;
return(false);
}
finally
{
server.Disconnect();
}
return(true);
}
protected void login(object sender, EventArgs e)
{
try{
//Declarando as Variaveis
DataView dvLogin, dvFunc;
Session["log"] = null;
Session["admin"] = null;
//Getting UI Data
string login = txtUsername.Text;
string password = txtPassword.Text;
string encryptedLogin = Crypto.Encrypt(login);
string encryptedPassword = Crypto.Encrypt(password);
//Verificando o Login
SqlLogin.SelectParameters["LOGIN"].DefaultValue = encryptedLogin;
SqlLogin.SelectParameters["SENHA"].DefaultValue = encryptedPassword;
dvLogin = (DataView)SqlLogin.Select(DataSourceSelectArguments.Empty);
//Verificando o Usuário
if (dvLogin.Table.Rows.Count > 0)
{
//Carregando log com o id do Funcionario
Session["log"] = Convert.ToInt32((dvLogin.Table.Rows[0]["id_func"]).ToString());
//Obtendo Funcionario
dvFunc = (DataView)SqlFunc.Select(DataSourceSelectArguments.Empty);
// Verificando se é Administrador
if (Convert.ToInt32((dvFunc.Table.Rows[0]["id_cargo"]).ToString()) == 1)
{
Session["admin"] = "true";
}
else
{
Session["admin"] = null;
}
//Guardando o id do Funcionario
Session["log"] = dvFunc.Table.Rows[0]["id_func"].ToString();
Response.Redirect("~/app/home.aspx");
// AUDITORIA
// Gravando Ação no `userlog`
string curretUser = Session["log"].ToString();
string acao = "Start Session";
// Transformando a data no padrão internacional
string currentDate = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
userLog.InsertParameters["funcionario"].DefaultValue = (curretUser);
userLog.InsertParameters["acao"].DefaultValue = Crypto.Encrypt(acao);
userLog.InsertParameters["time"].DefaultValue = Crypto.Encrypt(currentDate);
// Inserindo as informações
userLog.Insert();
}
//Falha na Autênticação
else
{
//Limpando os campos
txtUsername.Text = String.Empty;
txtPassword.Text = String.Empty;
Response.Write("<script>alert('Login ou senha incorretos!');</script>");
// Adicionando uma tentativa na session logAttempt
if (Session["failedLogAttempts"] != null)
{
int failedAttempts = Convert.ToInt32(Session["failedLogAttempts"].ToString());
string jsFailed = failedAttempts.ToString();
Session["failedLogAttempts"] = failedAttempts + 1;
}
else
{
// Adicionando a primeira falha
Session["failedLogAttempts"] = 1;
}
}
}
catch (Exception ex) {
// ERRO NA CONEXÃO COM O BANCO DE DADOS
Response.Write("<script>function dbError() {if (confirm('Ocorreu um erro no banco de dados interno. Você pode detalhar o erro para nossos desenvolvedores?')) {window.open('mailto:[email protected]?subject=Erro+no+Banco+de+Dados&body=Por+favor+detalhe+o+que+estava+fazendo+ao+se+deparar+com+o+erro');}else{alert('Uma menssagem de erro genérica foi enviada ao Desenvolvedor');}} dbError();</script>");
}
}
/// <summary>
/// When overridden in a provider, it discovers the users identity.
/// </summary>
protected override void ProviderDiscoverIdentity()
{
this._connectionString = DiscoverConnectionStringSettings(this).ConnectionString;
using (SqlLogin loginForm = new SqlLogin(this))
{
loginForm.ShowDialog();
}
}