Пример #1
0
        public override bool Save(DBAccess dba, bool update)
        {
            dba.ReInit();
            dba.AddTable(DBConst.ACAT0200);
            dba.AddParam(DBConst.ACAT0201, Order);
            dba.AddParam(DBConst.ACAT0204, Parent);
            dba.AddParam(DBConst.ACAT0205, Text);
            dba.AddParam(DBConst.ACAT0206, Tips);
            dba.AddParam(DBConst.ACAT0207, Icon);
            dba.AddParam(DBConst.ACAT0208, Meta);
            dba.AddParam(DBConst.ACAT0209, Memo);
            dba.AddParam(DBConst.ACAT020A, DBConst.SQL_NOW, false);

            if (update)
            {
                dba.AddWhere(DBConst.ACAT0202, UserCode);
                dba.AddWhere(DBConst.ACAT0203, Id);
                dba.AddVcs(DBConst.ACAT020C, DBConst.ACAT020D, Operate, Cat.OPT_UPDATE);
                return 1 == dba.ExecuteUpdate();
            }

            dba.AddParam(DBConst.ACAT0202, UserCode);
            dba.AddParam(DBConst.ACAT0203, Id);
            dba.AddParam(DBConst.ACAT020B, DBConst.SQL_NOW, false);
            dba.AddVcs(DBConst.ACAT020C, DBConst.ACAT020D);
            return 1 == dba.ExecuteInsert();
        }
Пример #2
0
        public void InitUserData()
        {
            #region 数据初始化
            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.ACAT0200);
            dba.AddWhere(DBConst.ACAT0202, Code);
            dba.AddDeleteBatch();

            dba.ReInit();
            dba.AddParam(DBConst.ACAT0201, DBConst.ACAT0201, false);
            dba.AddParam(DBConst.ACAT0202, Code);
            dba.AddParam(DBConst.ACAT0203, DBConst.ACAT0203, false);
            dba.AddParam(DBConst.ACAT0204, DBConst.ACAT0204, false);
            dba.AddParam(DBConst.ACAT0205, DBConst.ACAT0205, false);
            dba.AddParam(DBConst.ACAT0206, DBConst.ACAT0206, false);
            dba.AddParam(DBConst.ACAT0207, DBConst.ACAT0207, false);
            dba.AddParam(DBConst.ACAT0208, DBConst.ACAT0208, false);
            dba.AddParam(DBConst.ACAT0209, DBConst.ACAT0209, false);
            dba.AddParam(DBConst.ACAT020A, DBConst.ACAT020A, false);
            dba.AddParam(DBConst.ACAT020B, DBConst.ACAT020B, false);
            dba.AddParam(DBConst.ACAT020C, 1);
            dba.AddParam(DBConst.ACAT020D, 1);
            dba.AddWhere(DBConst.ACAT0202, IUser.AMON_CODE);
            dba.AddBackupBatch(DBConst.ACAT0200, DBConst.ACAT0200);

            dba.ReInit();
            dba.AddTable(DBConst.APWD0300);
            dba.AddWhere(DBConst.APWD0303, Code);
            dba.AddDeleteBatch();

            dba.ReInit();
            dba.AddParam(DBConst.APWD0301, DBConst.APWD0301, false);
            dba.AddParam(DBConst.APWD0302, DBConst.APWD0302, false);
            dba.AddParam(DBConst.APWD0303, Code);
            dba.AddParam(DBConst.APWD0304, DBConst.APWD0304, false);
            dba.AddParam(DBConst.APWD0305, DBConst.APWD0305, false);
            dba.AddParam(DBConst.APWD0306, DBConst.APWD0306, false);
            dba.AddParam(DBConst.APWD0307, DBConst.APWD0307, false);
            dba.AddParam(DBConst.APWD0308, DBConst.APWD0308, false);
            dba.AddParam(DBConst.APWD0309, DBConst.APWD0309, false);
            dba.AddParam(DBConst.APWD030A, DBConst.APWD030A, false);
            dba.AddParam(DBConst.APWD030B, 1);
            dba.AddParam(DBConst.APWD030C, 1);
            dba.AddWhere(DBConst.APWD0303, IUser.AMON_CODE);
            dba.AddBackupBatch(DBConst.APWD0300, DBConst.APWD0300);

            dba.ReInit();
            dba.AddTable(DBConst.AUDC0100);
            dba.AddWhere(DBConst.AUDC0102, Code);
            dba.AddDeleteBatch();

            dba.ReInit();
            dba.AddParam(DBConst.AUDC0101, DBConst.AUDC0101, false);
            dba.AddParam(DBConst.AUDC0102, Code);
            dba.AddParam(DBConst.AUDC0103, DBConst.AUDC0103, false);
            dba.AddParam(DBConst.AUDC0104, DBConst.AUDC0104, false);
            dba.AddParam(DBConst.AUDC0105, DBConst.AUDC0105, false);
            dba.AddParam(DBConst.AUDC0106, DBConst.AUDC0106, false);
            dba.AddParam(DBConst.AUDC0107, DBConst.AUDC0107, false);
            dba.AddParam(DBConst.AUDC0108, DBConst.AUDC0108, false);
            dba.AddParam(DBConst.AUDC0109, DBConst.AUDC0109, false);
            dba.AddParam(DBConst.AUDC010A, 1);
            dba.AddParam(DBConst.AUDC010B, 1);
            dba.AddWhere(DBConst.AUDC0102, IUser.AMON_CODE);
            dba.AddBackupBatch(DBConst.AUDC0100, DBConst.AUDC0100);

            dba.ExecuteBatch();
            #endregion
        }
Пример #3
0
 public abstract bool Save(DBAccess dba, bool update);
Пример #4
0
        protected void Page_Load(object sender, EventArgs e)
        {
            UserModel userModel = UserModel.Current(Session);
            if (userModel.Rank < IUser.LEVEL_02)
            {
                Response.Redirect("~/Index.aspx");
                return;
            }

            if (IsPostBack)
            {
                return;
            }

            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.APWD0000);
            dba.AddColumn(DBConst.APWD0002);
            dba.AddColumn(DBConst.APWD0003);
            dba.AddWhere(DBConst.APWD0001, userModel.Code);
            dba.AddSort(DBConst.APWD0002, true);
            DataTable dt = dba.ExecuteSelect();
            if (dt.Rows.Count != 4)
            {
                TrRegInfo.Visible = false;
                return;
            }

            TrRegData1.Visible = false;
            TrRegData2.Visible = false;

            StringBuilder buffer = new StringBuilder();
            XmlWriter writer = XmlWriter.Create(buffer);
            writer.WriteStartElement("Amon");
            writer.WriteStartElement("User");
            writer.WriteElementString("Code", userModel.Code);
            foreach (DataRow row in dt.Rows)
            {
                if ("Data" == row[DBConst.APWD0002] as string)
                {
                    writer.WriteElementString("Data", row[DBConst.APWD0003] as string);
                    continue;
                }
                if ("Info" == row[DBConst.APWD0002] as string)
                {
                    writer.WriteElementString("Info", row[DBConst.APWD0003] as string);
                    continue;
                }
                if ("Main" == row[DBConst.APWD0002] as string)
                {
                    writer.WriteElementString("Main", row[DBConst.APWD0003] as string);
                    continue;
                }
                if ("Safe" == row[DBConst.APWD0002] as string)
                {
                    writer.WriteElementString("Safe", row[DBConst.APWD0003] as string);
                    continue;
                }
            }
            writer.WriteEndElement();
            writer.WriteEndElement();
            writer.Flush();
            writer.Close();

            TBData.Text = buffer.Replace("encoding=\"utf-16\"", "encoding=\"utf-8\"").ToString();
        }
Пример #5
0
        /// <summary>
        /// 用户注册
        /// </summary>
        /// <returns></returns>
        public bool WsSignUp(string name, string pass, XmlWriter writer)
        {
            name = name.ToLower();
            Random r = new Random();

            // 口令
            byte[] t = new byte[72];
            int i = 0;
            byte[] a = Encoding.UTF8.GetBytes(_Code);
            Array.Copy(a, 0, t, i, a.Length);
            i += a.Length;

            _Salt = new byte[16];
            r.NextBytes(_Salt);
            Array.Copy(_Salt, 0, t, i, _Salt.Length);
            i += _Salt.Length;

            _Keys = new byte[32];
            r.NextBytes(_Keys);
            Array.Copy(_Keys, 0, t, i, _Keys.Length);
            i += _Keys.Length;

            _Mask = CharUtil.GenerateUserChar();
            a = Encoding.UTF8.GetBytes(_Mask);
            Array.Copy(a, 0, t, i, a.Length);

            #region AES 加密
            byte[] k = GenK(name, _Code, pass);
            byte[] v = GenV(name, _Code, pass);
            AesManaged aes = new AesManaged();
            using (MemoryStream mStream = new MemoryStream())
            {
                using (CryptoStream cStream = new CryptoStream(mStream, aes.CreateEncryptor(k, v), CryptoStreamMode.Write))
                {
                    cStream.Write(t, 0, t.Length);
                    cStream.FlushFinalBlock();
                    t = mStream.ToArray();
                }
            }
            aes.Clear();
            #endregion

            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.APWD0000);
            dba.AddWhere(DBConst.APWD0001, _Code);
            dba.AddDeleteBatch();

            a = new byte[256];
            r.NextBytes(a);
            string data = Convert.ToBase64String(a);
            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, _Code);
            dba.AddParam(DBConst.APWD0002, "Data");
            dba.AddParam(DBConst.APWD0003, data);
            dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
            dba.AddInsertBatch();

            string info = Digest(name, pass, a);
            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, _Code);
            dba.AddParam(DBConst.APWD0002, "Info");
            dba.AddParam(DBConst.APWD0003, info);
            dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
            dba.AddInsertBatch();

            string main = Convert.ToBase64String(t);
            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, _Code);
            dba.AddParam(DBConst.APWD0002, "Main");
            dba.AddParam(DBConst.APWD0003, main);
            dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
            dba.AddInsertBatch();

            string safe = "";
            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, _Code);
            dba.AddParam(DBConst.APWD0002, "Safe");
            dba.AddParam(DBConst.APWD0003, safe);
            dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false);
            dba.AddInsertBatch();
            dba.ExecuteBatch();

            a = new byte[256];
            new Random().NextBytes(a);
            writer.WriteElementString("Code", _Code);
            writer.WriteElementString("Data", data);
            writer.WriteElementString("Info", info);
            writer.WriteElementString("Main", main);
            writer.WriteElementString("Safe", safe);
            return true;
        }
Пример #6
0
 public override bool Read(DBAccess dba, string Id)
 {
     return true;
 }
Пример #7
0
        private void ProcessRSA(XmlWriter writer)
        {
            string t = HashUtil.UtcTimeInHex();

            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.C3010000);
            dba.AddParam(DBConst.C3010001, t);
            dba.AddParam(DBConst.C3010002, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C3010003, CharUtil.Text2DB(rsa.ToXmlString(true)));
            dba.AddParam(DBConst.C3010004, 0);
            dba.ExecuteInsert();

            writer.WriteStartElement("RSA");
            writer.WriteElementString("t", t);
            writer.WriteElementString("k", rsa.ToXmlString(false));
            writer.WriteEndElement();
        }
Пример #8
0
        /// <summary>
        /// 用户注册(网页方式)
        /// </summary>
        /// <param name="name">登录用户</param>
        /// <param name="pass">用户口令</param>
        /// <param name="mail">电子邮件</param>
        /// <returns></returns>
        public int WpSignUp(string name, string pass, string mail)
        {
            #region 用户名判断
            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.C3010400);
            dba.AddColumn(DBConst.C3010402);
            dba.AddWhere(string.Format("{0}='{1}' OR {2}='{3}'", DBConst.C3010405, name, DBConst.C3010406, mail));
            DataTable dt = dba.ExecuteSelect();
            if (dt.Rows.Count != 0)
            {
                return IMsg.MSG_SIGNUP_EXIST;
            }
            #endregion

            #region 用户信息
            dba.ReInit();
            dba.AddTable(DBConst.C3010400);
            dba.AddColumn(string.Format("MAX({0}) {0}", DBConst.C3010402));
            dba.AddWhere(string.Format("LENGTH({0})=8", DBConst.C3010402));
            dt = dba.ExecuteSelect();
            string code = "";
            if (dt != null && dt.Rows.Count > 0)
            {
                code = dt.Rows[0][0].ToString();
            }
            if (CharUtil.IsValidateCode(code))
            {
                code = CharUtil.GenerateUserCode(code);
            }
            else
            {
                code = "A0000000";
            }
            #endregion

            string hash = HashUtil.UtcTimeInHex(false);

            #region 真实信息
            dba.ReInit();
            dba.AddTable(DBConst.C3010300);
            dba.AddParam(DBConst.C3010301, hash);
            dba.AddParam(DBConst.C3010302, code);
            dba.AddParam(DBConst.C3010303, "");
            dba.AddParam(DBConst.C3010304, "");
            dba.AddParam(DBConst.C3010305, 1);
            dba.AddParam(DBConst.C3010306, null);
            dba.AddParam(DBConst.C3010307, "");
            dba.AddParam(DBConst.C3010308, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C3010309, DBConst.SQL_NOW, false);
            if (dba.ExecuteInsert() != 1)
            {
                return IMsg.MSG_SIGNUP_INNER;
            }
            #endregion

            #region 在线信息
            dba.ReInit();
            dba.AddTable(DBConst.C3010400);
            dba.AddParam(DBConst.C3010401, hash);
            dba.AddParam(DBConst.C3010402, code);
            dba.AddParam(DBConst.C3010403, "0");
            dba.AddParam(DBConst.C3010404, "0");
            dba.AddParam(DBConst.C3010405, name);
            dba.AddParam(DBConst.C3010406, mail);
            dba.AddParam(DBConst.C3010407, name);
            dba.AddParam(DBConst.C3010408, "0");
            dba.AddParam(DBConst.C3010409, "");
            dba.AddParam(DBConst.C301040A, "");
            dba.AddParam(DBConst.C301040B, "");
            dba.AddParam(DBConst.C301040C, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C301040D, DBConst.SQL_NOW, false);
            if (dba.ExecuteInsert() != 1)
            {
                return IMsg.MSG_SIGNUP_INNER;
            }
            #endregion

            #region 联系方式
            dba.ReInit();
            dba.AddTable(DBConst.C3010500);
            dba.AddParam(DBConst.C3010501, "0");
            dba.AddParam(DBConst.C3010502, IUser.MAJOR_04);
            dba.AddParam(DBConst.C3010503, hash);
            dba.AddParam(DBConst.C3010504, code);
            dba.AddParam(DBConst.C3010505, "sctteqacvfxgqgtb");// 电子邮件
            dba.AddParam(DBConst.C3010506, mail);
            dba.AddParam(DBConst.C3010507, "");
            dba.AddParam(DBConst.C3010508, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C3010509, DBConst.SQL_NOW, false);
            if (dba.ExecuteInsert() != 1)
            {
                return IMsg.MSG_SIGNUP_INNER;
            }
            #endregion

            #region 安全信息
            _Data = new byte[256];
            new Random().NextBytes(_Data);
            string info = Digest(name.ToLower(), pass, _Data);
            dba.ReInit();
            dba.AddTable(DBConst.C3010600);
            dba.AddParam(DBConst.C3010601, hash);
            dba.AddParam(DBConst.C3010602, hash);
            dba.AddParam(DBConst.C3010603, info);
            dba.AddParam(DBConst.C3010604, mail);
            dba.AddParam(DBConst.C3010605, "");
            dba.AddParam(DBConst.C3010606, "");
            dba.AddParam(DBConst.C3010607, "");
            dba.AddParam(DBConst.C3010608, "");
            dba.AddParam(DBConst.C3010609, "");
            dba.AddParam(DBConst.C301060A, "");
            dba.AddParam(DBConst.C301060B, "");
            dba.AddParam(DBConst.C301060C, "");
            dba.AddParam(DBConst.C301060D, "");
            dba.AddParam(DBConst.C301060E, "");
            dba.AddParam(DBConst.C301060F, Convert.ToBase64String(_Data));
            dba.AddParam(DBConst.C3010610, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C3010611, DBConst.SQL_NOW, false);
            if (dba.ExecuteInsert() != 1)
            {
                return IMsg.MSG_SIGNUP_INNER;
            }
            #endregion

            #region 权限分配
            dba.ReInit();
            dba.AddTable(DBConst.C3010200);
            dba.AddParam(DBConst.C3010201, hash);
            dba.AddParam(DBConst.C3010202, hash);
            dba.AddParam(DBConst.C3010203, "sctvsxyttfzeqqgq");//一般用户
            dba.AddParam(DBConst.C3010204, "APWD0000");
            dba.AddParam(DBConst.C3010205, "");
            dba.AddParam(DBConst.C3010206, DBConst.SQL_NOW, false);
            dba.AddParam(DBConst.C3010207, DBConst.SQL_NOW, false);
            if (dba.ExecuteInsert() != 1)
            {
                return IMsg.MSG_SIGNUP_INNER;
            }
            #endregion

            _Name = name;
            _Code = code;
            _Rank = IUser.LEVEL_02;//一般用户

            return IMsg.MSG_SIGNUP_SUCCESS;
        }
Пример #9
0
        private void ListLib(DBAccess dba, XmlWriter writer, string code)
        {
            writer.WriteElementString("App", "APwd");
            writer.WriteElementString("Ver", "2");

            dba.ReInit();
            dba.AddTable(DBConst.APWD0300);
            dba.AddColumn(DBConst.APWD0301);
            dba.AddColumn(DBConst.APWD0304);
            dba.AddColumn(DBConst.APWD0306);
            dba.AddColumn(DBConst.APWD0308);
            dba.AddWhere(DBConst.APWD0302, "0");
            dba.AddWhere(DBConst.APWD0303, code);
            dba.AddSort(DBConst.APWD0301, true);

            writer.WriteStartElement("Libs");
            using (DataTable dt1 = dba.ExecuteSelect())
            {
                foreach (DataRow r1 in dt1.Rows)
                {
                    LibHeader header = new LibHeader();
                    header.Load(r1);

                    dba.ReInit();
                    dba.AddTable(DBConst.APWD0300);
                    dba.AddColumn(DBConst.APWD0301);
                    dba.AddColumn(DBConst.APWD0302);
                    dba.AddColumn(DBConst.APWD0304);
                    dba.AddColumn(DBConst.APWD0306);
                    dba.AddColumn(DBConst.APWD0307);
                    dba.AddColumn(DBConst.APWD0308);
                    dba.AddWhere(DBConst.APWD0305, header.Id);
                    dba.AddWhere(DBConst.APWD0303, code);
                    dba.AddSort(DBConst.APWD0301, true);

                    DataTable dt2 = dba.ExecuteSelect();
                    foreach (DataRow r2 in dt2.Rows)
                    {
                        LibDetail detail = new LibDetail();
                        detail.Load(r2);
                        header.Details.Add(detail);
                    }
                    header.ToXml(writer);
                }
            }
            writer.WriteEndElement();
        }
Пример #10
0
        private void ListUdc(DBAccess dba, XmlWriter writer, string code)
        {
            writer.WriteElementString("App", "APwd");
            writer.WriteElementString("Ver", "1");

            dba.ReInit();
            dba.AddTable(DBConst.AUDC0100);
            dba.AddColumn(DBConst.AUDC0103);
            dba.AddColumn(DBConst.AUDC0104);
            dba.AddColumn(DBConst.AUDC0105);
            dba.AddColumn(DBConst.AUDC0106);
            dba.AddColumn(DBConst.AUDC0107);
            dba.AddWhere(DBConst.AUDC0102, code);
            dba.AddSort(DBConst.AUDC0101, true);

            writer.WriteStartElement("Udcs");
            using (DataTable dt = dba.ExecuteSelect())
            {
                foreach (DataRow row in dt.Rows)
                {
                    Udc item = new Udc();
                    item.Load(row);
                    item.ToXml(writer);
                }
            }
            writer.WriteEndElement();
        }
Пример #11
0
        private void ListKey(string code, string catId)
        {
            DBAccess dba = new DBAccess();
            dba.ReInit();
            dba.AddTable(DBConst.APWD0100);
            dba.AddWhere(DBConst.APWD0104, code);
            dba.AddWhere(DBConst.APWD0106, catId);
            dba.AddWhere(DBConst.APWD0115, "!=", Key.OPT_DELETE.ToString(), false);
            dba.AddSort(DBConst.APWD0101, false);
            using (DataTable d1 = dba.ExecuteSelect())
            {
                foreach (DataRow r1 in d1.Rows)
                {
                    Key key = new Key();
                    key.Load(r1);

                    dba.ReInit();
                    dba.AddTable(DBConst.APWD0200);
                    dba.AddColumn(DBConst.APWD0204);
                    dba.AddWhere(DBConst.APWD0202, code);
                    dba.AddWhere(DBConst.APWD0203, key.Id);
                    dba.AddSort(DBConst.APWD0201, true);
                    using (DataTable d2 = dba.ExecuteSelect())
                    {
                        StringBuilder buffer = new StringBuilder();
                        foreach (DataRow r2 in d2.Rows)
                        {
                            buffer.Append(r2[DBConst.APWD0204] as string);
                        }
                        key.Password = buffer.ToString();
                    }
                }
            }
        }
Пример #12
0
        private void ListCat(DBAccess dba, XmlWriter writer, string code, string catId)
        {
            writer.WriteElementString("App", "APwd");
            writer.WriteElementString("Ver", "1");

            dba.ReInit();
            dba.AddTable(DBConst.ACAT0200);
            dba.AddColumn(DBConst.ACAT0201);
            dba.AddColumn(DBConst.ACAT0203);
            dba.AddColumn(DBConst.ACAT0204);
            dba.AddColumn(DBConst.ACAT0205);
            dba.AddColumn(DBConst.ACAT0206);
            dba.AddColumn(DBConst.ACAT0207);
            dba.AddColumn(DBConst.ACAT0208);
            dba.AddColumn(DBConst.ACAT0209);
            dba.AddColumn(DBConst.ACAT020E);
            dba.AddWhere(DBConst.ACAT0202, code);
            if (catId == "0" || CharUtil.IsValidateHash(catId))
            {
                dba.AddWhere(DBConst.ACAT0204, catId);
            }
            dba.AddWhere(DBConst.ACAT020D, ">", Cat.OPT_DELETE.ToString(), false);

            writer.WriteStartElement("Cats");
            using (DataTable dt = dba.ExecuteSelect())
            {
                Cat cat = new Cat();
                foreach (DataRow row in dt.Rows)
                {
                    cat.Load(row);
                    cat.ToXml(writer);
                }
            }
            writer.WriteEndElement();
        }
Пример #13
0
        private byte[] Encrypt(string t, byte[] data)
        {
            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.C3010000);
            dba.AddColumn(DBConst.C3010003);
            dba.AddWhere(DBConst.C3010001, CharUtil.Text2DB(t));
            dba.AddWhere(DBConst.C3010004, "0");
            DataTable dt = dba.ExecuteSelect();
            if (dt.Rows.Count != 1)
            {
                return null;
            }
            string key = dt.Rows[0][0] as string;

            using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
            {
                rsa.FromXmlString(key);
                data = rsa.Encrypt(data, false);
            }

            dba.ReInit();
            dba.AddTable(DBConst.C3010000);
            dba.AddParam(DBConst.C3010004, 1);
            dba.AddWhere(DBConst.C3010001, CharUtil.Text2DB(t));
            dba.AddWhere(DBConst.C3010004, "0", false);
            dba.ExecuteUpdate();

            return data;
        }
Пример #14
0
        /// <summary>
        /// 网页登录
        /// </summary>
        /// <returns></returns>
        public bool WpSignIn(string name, string pass)
        {
            var dba = new DBAccess();

            // 登录用户验证
            dba.ReInit();
            dba.AddTable(DBConst.C3010400);
            dba.AddTable(DBConst.C3010300);
            dba.AddColumn(DBConst.C3010401);
            dba.AddColumn(DBConst.C3010302);
            dba.AddColumn(DBConst.C3010407);
            dba.AddWhere(DBConst.C3010405, HttpUtil.Text2Db(name));
            dba.AddWhere(DBConst.C3010402, DBConst.C3010302, false);
            DataTable dt = dba.ExecuteSelect();
            if (dt == null || dt.Rows.Count != 1)
            {
                return false;
            }

            string tmpHash = dt.Rows[0][DBConst.C3010401] as string;
            string tmpCode = dt.Rows[0][DBConst.C3010302] as string;
            _Name = dt.Rows[0][DBConst.C3010407] as string;

            // 登录口令验证
            dba.ReInit();
            dba.AddTable(DBConst.C3010600);
            dba.AddColumn(DBConst.C3010603);
            dba.AddColumn(DBConst.C301060F);
            dba.AddWhere(DBConst.C3010602, tmpHash);
            dt = dba.ExecuteSelect();
            if (dt == null || dt.Rows.Count != 1)
            {
                return false;
            }

            string t = dt.Rows[0][DBConst.C301060F] as string;
            if (string.IsNullOrEmpty(t))
            {
                return false;
            }
            _Data = Convert.FromBase64String(t);
            string tmpPwds = Digest(name.ToLower(), pass, _Data);
            if (tmpPwds != dt.Rows[0][DBConst.C3010603].ToString())
            {
                return false;
            }

            // 登录权限读取
            dba.ReInit();
            dba.AddTable(DBConst.C3010F00);
            dba.AddTable(DBConst.C3010200);
            dba.AddColumn(DBConst.C3010F02);
            dba.AddWhere(DBConst.C3010203, DBConst.C3010F03, false);
            dba.AddWhere(DBConst.C3010202, tmpHash);
            dba.AddWhere(DBConst.C3010204, "APWD0000");
            dt = dba.ExecuteSelect();
            if (dt == null || dt.Rows.Count != 1)
            {
                return false;
            }

            _Code = tmpCode;
            _Hash = tmpHash;
            _Rank = (int)dt.Rows[0][DBConst.C3010F02];

            return true;
        }
Пример #15
0
 private Cat ReadCat(DBAccess dba, string code, string catId)
 {
     return null;
 }
Пример #16
0
        /// <summary>
        /// 修改登录口令
        /// </summary>
        /// <param name="oldPass"></param>
        /// <param name="newPass"></param>
        /// <returns></returns>
        public bool WpSignPk(string oldPass, string newPass)
        {
            // 口令验证
            string tmpPwds = Digest(_Name, oldPass, _Data);

            // 执行查询
            var dba = new DBAccess();
            dba.AddTable(DBConst.C3010600);
            dba.AddColumn(DBConst.C3010603);
            dba.AddWhere(DBConst.C3010602, _Hash);
            DataTable dt = dba.ExecuteSelect();

            // 数据验证
            if (dt.Rows.Count != 1)
            {
                return false;
            }
            oldPass = dt.Rows[0][0].ToString();
            if (tmpPwds != oldPass)
            {
                return false;
            }

            tmpPwds = Digest(_Name, newPass, _Data);

            // 修改口令
            dba.ReInit();
            dba.AddTable(DBConst.C3010600);
            dba.AddParam(DBConst.C3010603, tmpPwds);
            dba.AddParam(DBConst.C3010610, DBConst.SQL_NOW, false);
            dba.AddWhere(DBConst.C3010602, _Hash);
            return 1 == dba.ExecuteUpdate();
        }
Пример #17
0
        private void SignIn(HttpContext context, XmlWriter writer)
        {
            string d = context.Request["d"];
            if (!CharUtil.IsValidate(d))
            {
                SendError(writer, "请输入【登录用户】!");
                return;
            }
            if (!CharUtil.IsValidateName(d))
            {
                SendError(writer, "【登录用户】应在 4 到 32 个字符之间,且仅能为大小写字母、下划线及英文点号!");
                return;
            }

            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.C3010400);
            dba.AddColumn(DBConst.C3010402);
            dba.AddWhere(DBConst.C3010405, d);
            DataTable dt = dba.ExecuteSelect();
            if (dt.Rows.Count != 1)
            {
                SendError(writer, "请确认您输入的【登录用户】或【登录口令】是否正确!");
                return;
            }
            string code = dt.Rows[0][DBConst.C3010402] as string;
            if (!CharUtil.IsValidateCode(code))
            {
                SendError(writer, "请确认您输入的【登录用户】或【登录口令】是否正确!");
                return;
            }

            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddColumn(DBConst.APWD0002);
            dba.AddColumn(DBConst.APWD0003);
            dba.AddWhere(DBConst.APWD0001, code);
            dba.AddSort(DBConst.APWD0002, true);
            dt = dba.ExecuteSelect();
            if (dt.Rows.Count < 1)
            {
                writer.WriteElementString("Error", "请确认您是否已经开通密码箱的功能!");
                return;
            }

            writer.WriteStartElement("User");
            writer.WriteElementString("Code", code);
            foreach (DataRow row in dt.Rows)
            {
                if ("Data" == row[DBConst.APWD0002] as string)
                {
                    writer.WriteElementString("Data", row[DBConst.APWD0003] as string);
                    continue;
                }
                if ("Info" == row[DBConst.APWD0002] as string)
                {
                    writer.WriteElementString("Info", row[DBConst.APWD0003] as string);
                    continue;
                }
                if ("Main" == row[DBConst.APWD0002] as string)
                {
                    writer.WriteElementString("Main", row[DBConst.APWD0003] as string);
                    continue;
                }
                if ("Safe" == row[DBConst.APWD0002] as string)
                {
                    writer.WriteElementString("Safe", row[DBConst.APWD0003] as string);
                    continue;
                }
            }
            writer.WriteEndElement();
        }
Пример #18
0
        /// <summary>
        /// 修改口令
        /// </summary>
        /// <param name="name"></param>
        /// <param name="oldPass"></param>
        /// <param name="newPass"></param>
        /// <returns></returns>
        public bool WsSignPk(string name, string oldPass, string newPass, XmlWriter writer)
        {
            var dba = new DBAccess();
            dba.AddTable(DBConst.C3010400);
            dba.AddColumn(DBConst.C3010402);
            dba.AddWhere(DBConst.C3010400, CharUtil.Text2DB(name));
            var dt = dba.ExecuteSelect();
            if (dt.Rows.Count != 1)
            {
                writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!");
                return false;
            }

            string code = dt.Rows[0][DBConst.C3010402] as string;
            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddColumn(DBConst.APWD0002);
            dba.AddColumn(DBConst.APWD0003);
            dba.AddWhere(DBConst.APWD0001, code);
            dba.AddSort(DBConst.APWD0002, true);
            dt = dba.ExecuteSelect();
            if (dt.Rows.Count != 4)
            {
                writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!");
                return false;
            }

            string data = dt.Rows[0][DBConst.APWD0003] as string;
            if (string.IsNullOrEmpty(data))
            {
                writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!");
                return false;
            }
            byte[] b = Convert.FromBase64String(data);
            string info = dt.Rows[0][DBConst.APWD0003] as string;
            string main = dt.Rows[0][DBConst.APWD0003] as string;
            string safe = dt.Rows[0][DBConst.APWD0003] as string;

            // 已有口令校验
            if (info != Digest(name, oldPass, b))
            {
                writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!");
                return false;
            }

            // 口令
            byte[] k = GenK(name, code, oldPass);
            // 向量
            byte[] v = GenV(name, code, oldPass);
            byte[] t = Convert.FromBase64String(main);
            #region AES 加密
            AesManaged aes1 = new AesManaged();
            using (MemoryStream mStream = new MemoryStream())
            {
                using (CryptoStream cStream = new CryptoStream(mStream, aes1.CreateDecryptor(k, v), CryptoStreamMode.Write))
                {
                    cStream.Write(t, 0, t.Length);
                    cStream.FlushFinalBlock();
                    t = mStream.ToArray();
                }
            }
            aes1.Clear();
            #endregion

            new Random().NextBytes(b);
            // 口令
            k = GenK(name, code, newPass);
            // 向量
            v = GenV(name, code, newPass);

            #region AES 加密
            AesManaged aes2 = new AesManaged();
            using (MemoryStream mStream = new MemoryStream())
            {
                using (CryptoStream cStream = new CryptoStream(mStream, aes2.CreateEncryptor(k, v), CryptoStreamMode.Write))
                {
                    cStream.Write(t, 0, t.Length);
                    cStream.FlushFinalBlock();
                    t = mStream.ToArray();
                }
            }
            aes1.Clear();
            #endregion

            // 摘要用户登录信息
            info = Digest(name, newPass, b);
            data = Convert.ToBase64String(b);
            main = Convert.ToBase64String(t);

            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddWhere(DBConst.APWD0001, code);
            dba.AddDeleteBatch();

            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, code);
            dba.AddParam(DBConst.APWD0002, "Data");
            dba.AddParam(DBConst.APWD0003, data);
            dba.AddInsertBatch();

            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, code);
            dba.AddParam(DBConst.APWD0002, "Info");
            dba.AddParam(DBConst.APWD0003, info);
            dba.AddInsertBatch();

            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, code);
            dba.AddParam(DBConst.APWD0002, "Main");
            dba.AddParam(DBConst.APWD0003, main);
            dba.AddInsertBatch();

            dba.ReInit();
            dba.AddTable(DBConst.APWD0000);
            dba.AddParam(DBConst.APWD0001, code);
            dba.AddParam(DBConst.APWD0002, "Safe");
            dba.AddParam(DBConst.APWD0003, safe);
            dba.AddInsertBatch();

            dba.ExecuteBatch();

            writer.WriteElementString("Code", code);
            writer.WriteElementString("Data", data);
            writer.WriteElementString("Info", info);
            writer.WriteElementString("Main", main);
            writer.WriteElementString("Safe", safe);
            return true;
        }
Пример #19
0
        private void SyncCat(DBAccess dba, XmlReader reader, string code)
        {
            Cat newCat = new Cat();
            if (!newCat.FromXml(reader))
            {
                SendError(null, "类别数据解析错误!");
                return;
            }

            Cat oldCat = ReadCat(dba, code, newCat.Id);
            if (oldCat == null)
            {
                // 追加
                newCat.Save(dba, false);
                return;
            }

            // 版本过低
            if (newCat.Version <= oldCat.Version)
            {
                SendError(null, "类别数据版本冲突!");
                return;
            }

            newCat.Save(dba, true);
        }
Пример #20
0
        protected void BtSignUp_Click(object sender, EventArgs e)
        {
            string userName = TbName.Text;
            if (string.IsNullOrEmpty(userName))
            {
                LbErrMsg.Text = "请输入【登录用户】!";
                TrErrMsg.Attributes.Add("style", "display:;");
                TbName.Focus();
                return;
            }
            Regex reg = new Regex("^\\w+[\\w\\d\\.]*$");
            if (!reg.IsMatch(userName))
            {
                LbErrMsg.Text = "您输入的【登录用户】不合法:登录用户仅能为大小写字母、下划线及英文点号!";
                TrErrMsg.Attributes.Add("style", "display:;");
                TbName.Focus();
                return;
            }
            if (!CharUtil.IsValidate(userName, 4, 32))
            {
                LbErrMsg.Text = "【登录用户】字符串长度应在 4 到 32 个字符之间!";
                TrErrMsg.Attributes.Add("style", "display:;");
                TbName.Focus();
                return;
            }

            string userPwds = TbPass1.Text;
            if (string.IsNullOrEmpty(userPwds))
            {
                LbErrMsg.Text = "请输入【登录口令】!";
                TrErrMsg.Attributes.Add("style", "display:;");
                TbPass1.Focus();
                return;
            }
            if (userPwds.Length < 4)
            {
                LbErrMsg.Text = "【登录口令】字符串长度不能小于 4 位!";
                TrErrMsg.Attributes.Add("style", "display:;");
                TbPass1.Focus();
                return;
            }
            if (userPwds != TbPass2.Text)
            {
                LbErrMsg.Text = "您两次输入的口令不一致,请重新输入!";
                TrErrMsg.Attributes.Add("style", "display:;");
                TbPass1.Text = "";
                TbPass2.Text = "";
                TbPass1.Focus();
                return;
            }

            string userMail = TbMail.Text;
            if (!CharUtil.IsValidate(userMail))
            {
                LbErrMsg.Text = "请输入【电子邮件】!";
                TrErrMsg.Attributes.Add("style", "display:;");
                TbMail.Focus();
                return;
            }
            reg = new Regex("^\\w+[\\w\\.]*@\\w+(\\.[\\w\\.]+)+$");
            if (!reg.IsMatch(userMail))
            {
                LbErrMsg.Text = "您输入的【电子邮件】格式不正确,正确格式为:[email protected]!";
                TrErrMsg.Attributes.Add("style", "display:;");
                TbMail.Focus();
                return;
            }

            // 用户名重复检测
            DBAccess dba = new DBAccess();
            dba.AddTable(DBConst.C3010400);
            dba.AddColumn(DBConst.C3010405);
            dba.AddWhere(DBConst.C3010405, userName);
            DataTable dv = dba.ExecuteSelect();
            if (dv != null && dv.Rows.Count > 0)
            {
                LbErrMsg.Text = string.Format("用户名 {0} 已存在,请选择其它用户名!", userName);
                TrErrMsg.Attributes.Add("style", "display:;");
                TbName.Focus();
                return;
            }

            UserModel userModel = UserModel.Current(Session);
            if (IMsg.MSG_SIGNUP_SUCCESS == userModel.WpSignUp(userName, userPwds, userMail))
            {
                tr_RegData1.Visible = false;
                tr_RegData2.Visible = false;
                tr_RegInfo.Visible = true;
            }
            else
            {
                LbErrMsg.Text = "用户注册失败,请稍后重试!";
                TrErrMsg.Attributes.Add("style", "display:;");
            }
        }
Пример #21
0
 private void SyncUdc(DBAccess dba, XmlDocument reader, string code)
 {
 }
Пример #22
0
 public override bool Save(DBAccess dba, bool update)
 {
     return true;
 }
Пример #23
0
 public abstract bool Read(DBAccess dba, string Id);