public override bool Save(DBAccess dba, bool update) { dba.ReInit(); dba.AddTable(DBConst.ACAT0200); dba.AddParam(DBConst.ACAT0201, Order); dba.AddParam(DBConst.ACAT0204, Parent); dba.AddParam(DBConst.ACAT0205, Text); dba.AddParam(DBConst.ACAT0206, Tips); dba.AddParam(DBConst.ACAT0207, Icon); dba.AddParam(DBConst.ACAT0208, Meta); dba.AddParam(DBConst.ACAT0209, Memo); dba.AddParam(DBConst.ACAT020A, DBConst.SQL_NOW, false); if (update) { dba.AddWhere(DBConst.ACAT0202, UserCode); dba.AddWhere(DBConst.ACAT0203, Id); dba.AddVcs(DBConst.ACAT020C, DBConst.ACAT020D, Operate, Cat.OPT_UPDATE); return 1 == dba.ExecuteUpdate(); } dba.AddParam(DBConst.ACAT0202, UserCode); dba.AddParam(DBConst.ACAT0203, Id); dba.AddParam(DBConst.ACAT020B, DBConst.SQL_NOW, false); dba.AddVcs(DBConst.ACAT020C, DBConst.ACAT020D); return 1 == dba.ExecuteInsert(); }
public void InitUserData() { #region 数据初始化 DBAccess dba = new DBAccess(); dba.AddTable(DBConst.ACAT0200); dba.AddWhere(DBConst.ACAT0202, Code); dba.AddDeleteBatch(); dba.ReInit(); dba.AddParam(DBConst.ACAT0201, DBConst.ACAT0201, false); dba.AddParam(DBConst.ACAT0202, Code); dba.AddParam(DBConst.ACAT0203, DBConst.ACAT0203, false); dba.AddParam(DBConst.ACAT0204, DBConst.ACAT0204, false); dba.AddParam(DBConst.ACAT0205, DBConst.ACAT0205, false); dba.AddParam(DBConst.ACAT0206, DBConst.ACAT0206, false); dba.AddParam(DBConst.ACAT0207, DBConst.ACAT0207, false); dba.AddParam(DBConst.ACAT0208, DBConst.ACAT0208, false); dba.AddParam(DBConst.ACAT0209, DBConst.ACAT0209, false); dba.AddParam(DBConst.ACAT020A, DBConst.ACAT020A, false); dba.AddParam(DBConst.ACAT020B, DBConst.ACAT020B, false); dba.AddParam(DBConst.ACAT020C, 1); dba.AddParam(DBConst.ACAT020D, 1); dba.AddWhere(DBConst.ACAT0202, IUser.AMON_CODE); dba.AddBackupBatch(DBConst.ACAT0200, DBConst.ACAT0200); dba.ReInit(); dba.AddTable(DBConst.APWD0300); dba.AddWhere(DBConst.APWD0303, Code); dba.AddDeleteBatch(); dba.ReInit(); dba.AddParam(DBConst.APWD0301, DBConst.APWD0301, false); dba.AddParam(DBConst.APWD0302, DBConst.APWD0302, false); dba.AddParam(DBConst.APWD0303, Code); dba.AddParam(DBConst.APWD0304, DBConst.APWD0304, false); dba.AddParam(DBConst.APWD0305, DBConst.APWD0305, false); dba.AddParam(DBConst.APWD0306, DBConst.APWD0306, false); dba.AddParam(DBConst.APWD0307, DBConst.APWD0307, false); dba.AddParam(DBConst.APWD0308, DBConst.APWD0308, false); dba.AddParam(DBConst.APWD0309, DBConst.APWD0309, false); dba.AddParam(DBConst.APWD030A, DBConst.APWD030A, false); dba.AddParam(DBConst.APWD030B, 1); dba.AddParam(DBConst.APWD030C, 1); dba.AddWhere(DBConst.APWD0303, IUser.AMON_CODE); dba.AddBackupBatch(DBConst.APWD0300, DBConst.APWD0300); dba.ReInit(); dba.AddTable(DBConst.AUDC0100); dba.AddWhere(DBConst.AUDC0102, Code); dba.AddDeleteBatch(); dba.ReInit(); dba.AddParam(DBConst.AUDC0101, DBConst.AUDC0101, false); dba.AddParam(DBConst.AUDC0102, Code); dba.AddParam(DBConst.AUDC0103, DBConst.AUDC0103, false); dba.AddParam(DBConst.AUDC0104, DBConst.AUDC0104, false); dba.AddParam(DBConst.AUDC0105, DBConst.AUDC0105, false); dba.AddParam(DBConst.AUDC0106, DBConst.AUDC0106, false); dba.AddParam(DBConst.AUDC0107, DBConst.AUDC0107, false); dba.AddParam(DBConst.AUDC0108, DBConst.AUDC0108, false); dba.AddParam(DBConst.AUDC0109, DBConst.AUDC0109, false); dba.AddParam(DBConst.AUDC010A, 1); dba.AddParam(DBConst.AUDC010B, 1); dba.AddWhere(DBConst.AUDC0102, IUser.AMON_CODE); dba.AddBackupBatch(DBConst.AUDC0100, DBConst.AUDC0100); dba.ExecuteBatch(); #endregion }
public abstract bool Save(DBAccess dba, bool update);
protected void Page_Load(object sender, EventArgs e) { UserModel userModel = UserModel.Current(Session); if (userModel.Rank < IUser.LEVEL_02) { Response.Redirect("~/Index.aspx"); return; } if (IsPostBack) { return; } DBAccess dba = new DBAccess(); dba.AddTable(DBConst.APWD0000); dba.AddColumn(DBConst.APWD0002); dba.AddColumn(DBConst.APWD0003); dba.AddWhere(DBConst.APWD0001, userModel.Code); dba.AddSort(DBConst.APWD0002, true); DataTable dt = dba.ExecuteSelect(); if (dt.Rows.Count != 4) { TrRegInfo.Visible = false; return; } TrRegData1.Visible = false; TrRegData2.Visible = false; StringBuilder buffer = new StringBuilder(); XmlWriter writer = XmlWriter.Create(buffer); writer.WriteStartElement("Amon"); writer.WriteStartElement("User"); writer.WriteElementString("Code", userModel.Code); foreach (DataRow row in dt.Rows) { if ("Data" == row[DBConst.APWD0002] as string) { writer.WriteElementString("Data", row[DBConst.APWD0003] as string); continue; } if ("Info" == row[DBConst.APWD0002] as string) { writer.WriteElementString("Info", row[DBConst.APWD0003] as string); continue; } if ("Main" == row[DBConst.APWD0002] as string) { writer.WriteElementString("Main", row[DBConst.APWD0003] as string); continue; } if ("Safe" == row[DBConst.APWD0002] as string) { writer.WriteElementString("Safe", row[DBConst.APWD0003] as string); continue; } } writer.WriteEndElement(); writer.WriteEndElement(); writer.Flush(); writer.Close(); TBData.Text = buffer.Replace("encoding=\"utf-16\"", "encoding=\"utf-8\"").ToString(); }
/// <summary> /// 用户注册 /// </summary> /// <returns></returns> public bool WsSignUp(string name, string pass, XmlWriter writer) { name = name.ToLower(); Random r = new Random(); // 口令 byte[] t = new byte[72]; int i = 0; byte[] a = Encoding.UTF8.GetBytes(_Code); Array.Copy(a, 0, t, i, a.Length); i += a.Length; _Salt = new byte[16]; r.NextBytes(_Salt); Array.Copy(_Salt, 0, t, i, _Salt.Length); i += _Salt.Length; _Keys = new byte[32]; r.NextBytes(_Keys); Array.Copy(_Keys, 0, t, i, _Keys.Length); i += _Keys.Length; _Mask = CharUtil.GenerateUserChar(); a = Encoding.UTF8.GetBytes(_Mask); Array.Copy(a, 0, t, i, a.Length); #region AES 加密 byte[] k = GenK(name, _Code, pass); byte[] v = GenV(name, _Code, pass); AesManaged aes = new AesManaged(); using (MemoryStream mStream = new MemoryStream()) { using (CryptoStream cStream = new CryptoStream(mStream, aes.CreateEncryptor(k, v), CryptoStreamMode.Write)) { cStream.Write(t, 0, t.Length); cStream.FlushFinalBlock(); t = mStream.ToArray(); } } aes.Clear(); #endregion DBAccess dba = new DBAccess(); dba.AddTable(DBConst.APWD0000); dba.AddWhere(DBConst.APWD0001, _Code); dba.AddDeleteBatch(); a = new byte[256]; r.NextBytes(a); string data = Convert.ToBase64String(a); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, _Code); dba.AddParam(DBConst.APWD0002, "Data"); dba.AddParam(DBConst.APWD0003, data); dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false); dba.AddInsertBatch(); string info = Digest(name, pass, a); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, _Code); dba.AddParam(DBConst.APWD0002, "Info"); dba.AddParam(DBConst.APWD0003, info); dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false); dba.AddInsertBatch(); string main = Convert.ToBase64String(t); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, _Code); dba.AddParam(DBConst.APWD0002, "Main"); dba.AddParam(DBConst.APWD0003, main); dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false); dba.AddInsertBatch(); string safe = ""; dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, _Code); dba.AddParam(DBConst.APWD0002, "Safe"); dba.AddParam(DBConst.APWD0003, safe); dba.AddParam(DBConst.APWD0004, DBConst.SQL_NOW, false); dba.AddInsertBatch(); dba.ExecuteBatch(); a = new byte[256]; new Random().NextBytes(a); writer.WriteElementString("Code", _Code); writer.WriteElementString("Data", data); writer.WriteElementString("Info", info); writer.WriteElementString("Main", main); writer.WriteElementString("Safe", safe); return true; }
public override bool Read(DBAccess dba, string Id) { return true; }
private void ProcessRSA(XmlWriter writer) { string t = HashUtil.UtcTimeInHex(); RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(); DBAccess dba = new DBAccess(); dba.AddTable(DBConst.C3010000); dba.AddParam(DBConst.C3010001, t); dba.AddParam(DBConst.C3010002, DBConst.SQL_NOW, false); dba.AddParam(DBConst.C3010003, CharUtil.Text2DB(rsa.ToXmlString(true))); dba.AddParam(DBConst.C3010004, 0); dba.ExecuteInsert(); writer.WriteStartElement("RSA"); writer.WriteElementString("t", t); writer.WriteElementString("k", rsa.ToXmlString(false)); writer.WriteEndElement(); }
/// <summary> /// 用户注册(网页方式) /// </summary> /// <param name="name">登录用户</param> /// <param name="pass">用户口令</param> /// <param name="mail">电子邮件</param> /// <returns></returns> public int WpSignUp(string name, string pass, string mail) { #region 用户名判断 DBAccess dba = new DBAccess(); dba.AddTable(DBConst.C3010400); dba.AddColumn(DBConst.C3010402); dba.AddWhere(string.Format("{0}='{1}' OR {2}='{3}'", DBConst.C3010405, name, DBConst.C3010406, mail)); DataTable dt = dba.ExecuteSelect(); if (dt.Rows.Count != 0) { return IMsg.MSG_SIGNUP_EXIST; } #endregion #region 用户信息 dba.ReInit(); dba.AddTable(DBConst.C3010400); dba.AddColumn(string.Format("MAX({0}) {0}", DBConst.C3010402)); dba.AddWhere(string.Format("LENGTH({0})=8", DBConst.C3010402)); dt = dba.ExecuteSelect(); string code = ""; if (dt != null && dt.Rows.Count > 0) { code = dt.Rows[0][0].ToString(); } if (CharUtil.IsValidateCode(code)) { code = CharUtil.GenerateUserCode(code); } else { code = "A0000000"; } #endregion string hash = HashUtil.UtcTimeInHex(false); #region 真实信息 dba.ReInit(); dba.AddTable(DBConst.C3010300); dba.AddParam(DBConst.C3010301, hash); dba.AddParam(DBConst.C3010302, code); dba.AddParam(DBConst.C3010303, ""); dba.AddParam(DBConst.C3010304, ""); dba.AddParam(DBConst.C3010305, 1); dba.AddParam(DBConst.C3010306, null); dba.AddParam(DBConst.C3010307, ""); dba.AddParam(DBConst.C3010308, DBConst.SQL_NOW, false); dba.AddParam(DBConst.C3010309, DBConst.SQL_NOW, false); if (dba.ExecuteInsert() != 1) { return IMsg.MSG_SIGNUP_INNER; } #endregion #region 在线信息 dba.ReInit(); dba.AddTable(DBConst.C3010400); dba.AddParam(DBConst.C3010401, hash); dba.AddParam(DBConst.C3010402, code); dba.AddParam(DBConst.C3010403, "0"); dba.AddParam(DBConst.C3010404, "0"); dba.AddParam(DBConst.C3010405, name); dba.AddParam(DBConst.C3010406, mail); dba.AddParam(DBConst.C3010407, name); dba.AddParam(DBConst.C3010408, "0"); dba.AddParam(DBConst.C3010409, ""); dba.AddParam(DBConst.C301040A, ""); dba.AddParam(DBConst.C301040B, ""); dba.AddParam(DBConst.C301040C, DBConst.SQL_NOW, false); dba.AddParam(DBConst.C301040D, DBConst.SQL_NOW, false); if (dba.ExecuteInsert() != 1) { return IMsg.MSG_SIGNUP_INNER; } #endregion #region 联系方式 dba.ReInit(); dba.AddTable(DBConst.C3010500); dba.AddParam(DBConst.C3010501, "0"); dba.AddParam(DBConst.C3010502, IUser.MAJOR_04); dba.AddParam(DBConst.C3010503, hash); dba.AddParam(DBConst.C3010504, code); dba.AddParam(DBConst.C3010505, "sctteqacvfxgqgtb");// 电子邮件 dba.AddParam(DBConst.C3010506, mail); dba.AddParam(DBConst.C3010507, ""); dba.AddParam(DBConst.C3010508, DBConst.SQL_NOW, false); dba.AddParam(DBConst.C3010509, DBConst.SQL_NOW, false); if (dba.ExecuteInsert() != 1) { return IMsg.MSG_SIGNUP_INNER; } #endregion #region 安全信息 _Data = new byte[256]; new Random().NextBytes(_Data); string info = Digest(name.ToLower(), pass, _Data); dba.ReInit(); dba.AddTable(DBConst.C3010600); dba.AddParam(DBConst.C3010601, hash); dba.AddParam(DBConst.C3010602, hash); dba.AddParam(DBConst.C3010603, info); dba.AddParam(DBConst.C3010604, mail); dba.AddParam(DBConst.C3010605, ""); dba.AddParam(DBConst.C3010606, ""); dba.AddParam(DBConst.C3010607, ""); dba.AddParam(DBConst.C3010608, ""); dba.AddParam(DBConst.C3010609, ""); dba.AddParam(DBConst.C301060A, ""); dba.AddParam(DBConst.C301060B, ""); dba.AddParam(DBConst.C301060C, ""); dba.AddParam(DBConst.C301060D, ""); dba.AddParam(DBConst.C301060E, ""); dba.AddParam(DBConst.C301060F, Convert.ToBase64String(_Data)); dba.AddParam(DBConst.C3010610, DBConst.SQL_NOW, false); dba.AddParam(DBConst.C3010611, DBConst.SQL_NOW, false); if (dba.ExecuteInsert() != 1) { return IMsg.MSG_SIGNUP_INNER; } #endregion #region 权限分配 dba.ReInit(); dba.AddTable(DBConst.C3010200); dba.AddParam(DBConst.C3010201, hash); dba.AddParam(DBConst.C3010202, hash); dba.AddParam(DBConst.C3010203, "sctvsxyttfzeqqgq");//一般用户 dba.AddParam(DBConst.C3010204, "APWD0000"); dba.AddParam(DBConst.C3010205, ""); dba.AddParam(DBConst.C3010206, DBConst.SQL_NOW, false); dba.AddParam(DBConst.C3010207, DBConst.SQL_NOW, false); if (dba.ExecuteInsert() != 1) { return IMsg.MSG_SIGNUP_INNER; } #endregion _Name = name; _Code = code; _Rank = IUser.LEVEL_02;//一般用户 return IMsg.MSG_SIGNUP_SUCCESS; }
private void ListLib(DBAccess dba, XmlWriter writer, string code) { writer.WriteElementString("App", "APwd"); writer.WriteElementString("Ver", "2"); dba.ReInit(); dba.AddTable(DBConst.APWD0300); dba.AddColumn(DBConst.APWD0301); dba.AddColumn(DBConst.APWD0304); dba.AddColumn(DBConst.APWD0306); dba.AddColumn(DBConst.APWD0308); dba.AddWhere(DBConst.APWD0302, "0"); dba.AddWhere(DBConst.APWD0303, code); dba.AddSort(DBConst.APWD0301, true); writer.WriteStartElement("Libs"); using (DataTable dt1 = dba.ExecuteSelect()) { foreach (DataRow r1 in dt1.Rows) { LibHeader header = new LibHeader(); header.Load(r1); dba.ReInit(); dba.AddTable(DBConst.APWD0300); dba.AddColumn(DBConst.APWD0301); dba.AddColumn(DBConst.APWD0302); dba.AddColumn(DBConst.APWD0304); dba.AddColumn(DBConst.APWD0306); dba.AddColumn(DBConst.APWD0307); dba.AddColumn(DBConst.APWD0308); dba.AddWhere(DBConst.APWD0305, header.Id); dba.AddWhere(DBConst.APWD0303, code); dba.AddSort(DBConst.APWD0301, true); DataTable dt2 = dba.ExecuteSelect(); foreach (DataRow r2 in dt2.Rows) { LibDetail detail = new LibDetail(); detail.Load(r2); header.Details.Add(detail); } header.ToXml(writer); } } writer.WriteEndElement(); }
private void ListUdc(DBAccess dba, XmlWriter writer, string code) { writer.WriteElementString("App", "APwd"); writer.WriteElementString("Ver", "1"); dba.ReInit(); dba.AddTable(DBConst.AUDC0100); dba.AddColumn(DBConst.AUDC0103); dba.AddColumn(DBConst.AUDC0104); dba.AddColumn(DBConst.AUDC0105); dba.AddColumn(DBConst.AUDC0106); dba.AddColumn(DBConst.AUDC0107); dba.AddWhere(DBConst.AUDC0102, code); dba.AddSort(DBConst.AUDC0101, true); writer.WriteStartElement("Udcs"); using (DataTable dt = dba.ExecuteSelect()) { foreach (DataRow row in dt.Rows) { Udc item = new Udc(); item.Load(row); item.ToXml(writer); } } writer.WriteEndElement(); }
private void ListKey(string code, string catId) { DBAccess dba = new DBAccess(); dba.ReInit(); dba.AddTable(DBConst.APWD0100); dba.AddWhere(DBConst.APWD0104, code); dba.AddWhere(DBConst.APWD0106, catId); dba.AddWhere(DBConst.APWD0115, "!=", Key.OPT_DELETE.ToString(), false); dba.AddSort(DBConst.APWD0101, false); using (DataTable d1 = dba.ExecuteSelect()) { foreach (DataRow r1 in d1.Rows) { Key key = new Key(); key.Load(r1); dba.ReInit(); dba.AddTable(DBConst.APWD0200); dba.AddColumn(DBConst.APWD0204); dba.AddWhere(DBConst.APWD0202, code); dba.AddWhere(DBConst.APWD0203, key.Id); dba.AddSort(DBConst.APWD0201, true); using (DataTable d2 = dba.ExecuteSelect()) { StringBuilder buffer = new StringBuilder(); foreach (DataRow r2 in d2.Rows) { buffer.Append(r2[DBConst.APWD0204] as string); } key.Password = buffer.ToString(); } } } }
private void ListCat(DBAccess dba, XmlWriter writer, string code, string catId) { writer.WriteElementString("App", "APwd"); writer.WriteElementString("Ver", "1"); dba.ReInit(); dba.AddTable(DBConst.ACAT0200); dba.AddColumn(DBConst.ACAT0201); dba.AddColumn(DBConst.ACAT0203); dba.AddColumn(DBConst.ACAT0204); dba.AddColumn(DBConst.ACAT0205); dba.AddColumn(DBConst.ACAT0206); dba.AddColumn(DBConst.ACAT0207); dba.AddColumn(DBConst.ACAT0208); dba.AddColumn(DBConst.ACAT0209); dba.AddColumn(DBConst.ACAT020E); dba.AddWhere(DBConst.ACAT0202, code); if (catId == "0" || CharUtil.IsValidateHash(catId)) { dba.AddWhere(DBConst.ACAT0204, catId); } dba.AddWhere(DBConst.ACAT020D, ">", Cat.OPT_DELETE.ToString(), false); writer.WriteStartElement("Cats"); using (DataTable dt = dba.ExecuteSelect()) { Cat cat = new Cat(); foreach (DataRow row in dt.Rows) { cat.Load(row); cat.ToXml(writer); } } writer.WriteEndElement(); }
private byte[] Encrypt(string t, byte[] data) { DBAccess dba = new DBAccess(); dba.AddTable(DBConst.C3010000); dba.AddColumn(DBConst.C3010003); dba.AddWhere(DBConst.C3010001, CharUtil.Text2DB(t)); dba.AddWhere(DBConst.C3010004, "0"); DataTable dt = dba.ExecuteSelect(); if (dt.Rows.Count != 1) { return null; } string key = dt.Rows[0][0] as string; using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider()) { rsa.FromXmlString(key); data = rsa.Encrypt(data, false); } dba.ReInit(); dba.AddTable(DBConst.C3010000); dba.AddParam(DBConst.C3010004, 1); dba.AddWhere(DBConst.C3010001, CharUtil.Text2DB(t)); dba.AddWhere(DBConst.C3010004, "0", false); dba.ExecuteUpdate(); return data; }
/// <summary> /// 网页登录 /// </summary> /// <returns></returns> public bool WpSignIn(string name, string pass) { var dba = new DBAccess(); // 登录用户验证 dba.ReInit(); dba.AddTable(DBConst.C3010400); dba.AddTable(DBConst.C3010300); dba.AddColumn(DBConst.C3010401); dba.AddColumn(DBConst.C3010302); dba.AddColumn(DBConst.C3010407); dba.AddWhere(DBConst.C3010405, HttpUtil.Text2Db(name)); dba.AddWhere(DBConst.C3010402, DBConst.C3010302, false); DataTable dt = dba.ExecuteSelect(); if (dt == null || dt.Rows.Count != 1) { return false; } string tmpHash = dt.Rows[0][DBConst.C3010401] as string; string tmpCode = dt.Rows[0][DBConst.C3010302] as string; _Name = dt.Rows[0][DBConst.C3010407] as string; // 登录口令验证 dba.ReInit(); dba.AddTable(DBConst.C3010600); dba.AddColumn(DBConst.C3010603); dba.AddColumn(DBConst.C301060F); dba.AddWhere(DBConst.C3010602, tmpHash); dt = dba.ExecuteSelect(); if (dt == null || dt.Rows.Count != 1) { return false; } string t = dt.Rows[0][DBConst.C301060F] as string; if (string.IsNullOrEmpty(t)) { return false; } _Data = Convert.FromBase64String(t); string tmpPwds = Digest(name.ToLower(), pass, _Data); if (tmpPwds != dt.Rows[0][DBConst.C3010603].ToString()) { return false; } // 登录权限读取 dba.ReInit(); dba.AddTable(DBConst.C3010F00); dba.AddTable(DBConst.C3010200); dba.AddColumn(DBConst.C3010F02); dba.AddWhere(DBConst.C3010203, DBConst.C3010F03, false); dba.AddWhere(DBConst.C3010202, tmpHash); dba.AddWhere(DBConst.C3010204, "APWD0000"); dt = dba.ExecuteSelect(); if (dt == null || dt.Rows.Count != 1) { return false; } _Code = tmpCode; _Hash = tmpHash; _Rank = (int)dt.Rows[0][DBConst.C3010F02]; return true; }
private Cat ReadCat(DBAccess dba, string code, string catId) { return null; }
/// <summary> /// 修改登录口令 /// </summary> /// <param name="oldPass"></param> /// <param name="newPass"></param> /// <returns></returns> public bool WpSignPk(string oldPass, string newPass) { // 口令验证 string tmpPwds = Digest(_Name, oldPass, _Data); // 执行查询 var dba = new DBAccess(); dba.AddTable(DBConst.C3010600); dba.AddColumn(DBConst.C3010603); dba.AddWhere(DBConst.C3010602, _Hash); DataTable dt = dba.ExecuteSelect(); // 数据验证 if (dt.Rows.Count != 1) { return false; } oldPass = dt.Rows[0][0].ToString(); if (tmpPwds != oldPass) { return false; } tmpPwds = Digest(_Name, newPass, _Data); // 修改口令 dba.ReInit(); dba.AddTable(DBConst.C3010600); dba.AddParam(DBConst.C3010603, tmpPwds); dba.AddParam(DBConst.C3010610, DBConst.SQL_NOW, false); dba.AddWhere(DBConst.C3010602, _Hash); return 1 == dba.ExecuteUpdate(); }
private void SignIn(HttpContext context, XmlWriter writer) { string d = context.Request["d"]; if (!CharUtil.IsValidate(d)) { SendError(writer, "请输入【登录用户】!"); return; } if (!CharUtil.IsValidateName(d)) { SendError(writer, "【登录用户】应在 4 到 32 个字符之间,且仅能为大小写字母、下划线及英文点号!"); return; } DBAccess dba = new DBAccess(); dba.AddTable(DBConst.C3010400); dba.AddColumn(DBConst.C3010402); dba.AddWhere(DBConst.C3010405, d); DataTable dt = dba.ExecuteSelect(); if (dt.Rows.Count != 1) { SendError(writer, "请确认您输入的【登录用户】或【登录口令】是否正确!"); return; } string code = dt.Rows[0][DBConst.C3010402] as string; if (!CharUtil.IsValidateCode(code)) { SendError(writer, "请确认您输入的【登录用户】或【登录口令】是否正确!"); return; } dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddColumn(DBConst.APWD0002); dba.AddColumn(DBConst.APWD0003); dba.AddWhere(DBConst.APWD0001, code); dba.AddSort(DBConst.APWD0002, true); dt = dba.ExecuteSelect(); if (dt.Rows.Count < 1) { writer.WriteElementString("Error", "请确认您是否已经开通密码箱的功能!"); return; } writer.WriteStartElement("User"); writer.WriteElementString("Code", code); foreach (DataRow row in dt.Rows) { if ("Data" == row[DBConst.APWD0002] as string) { writer.WriteElementString("Data", row[DBConst.APWD0003] as string); continue; } if ("Info" == row[DBConst.APWD0002] as string) { writer.WriteElementString("Info", row[DBConst.APWD0003] as string); continue; } if ("Main" == row[DBConst.APWD0002] as string) { writer.WriteElementString("Main", row[DBConst.APWD0003] as string); continue; } if ("Safe" == row[DBConst.APWD0002] as string) { writer.WriteElementString("Safe", row[DBConst.APWD0003] as string); continue; } } writer.WriteEndElement(); }
/// <summary> /// 修改口令 /// </summary> /// <param name="name"></param> /// <param name="oldPass"></param> /// <param name="newPass"></param> /// <returns></returns> public bool WsSignPk(string name, string oldPass, string newPass, XmlWriter writer) { var dba = new DBAccess(); dba.AddTable(DBConst.C3010400); dba.AddColumn(DBConst.C3010402); dba.AddWhere(DBConst.C3010400, CharUtil.Text2DB(name)); var dt = dba.ExecuteSelect(); if (dt.Rows.Count != 1) { writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!"); return false; } string code = dt.Rows[0][DBConst.C3010402] as string; dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddColumn(DBConst.APWD0002); dba.AddColumn(DBConst.APWD0003); dba.AddWhere(DBConst.APWD0001, code); dba.AddSort(DBConst.APWD0002, true); dt = dba.ExecuteSelect(); if (dt.Rows.Count != 4) { writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!"); return false; } string data = dt.Rows[0][DBConst.APWD0003] as string; if (string.IsNullOrEmpty(data)) { writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!"); return false; } byte[] b = Convert.FromBase64String(data); string info = dt.Rows[0][DBConst.APWD0003] as string; string main = dt.Rows[0][DBConst.APWD0003] as string; string safe = dt.Rows[0][DBConst.APWD0003] as string; // 已有口令校验 if (info != Digest(name, oldPass, b)) { writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!"); return false; } // 口令 byte[] k = GenK(name, code, oldPass); // 向量 byte[] v = GenV(name, code, oldPass); byte[] t = Convert.FromBase64String(main); #region AES 加密 AesManaged aes1 = new AesManaged(); using (MemoryStream mStream = new MemoryStream()) { using (CryptoStream cStream = new CryptoStream(mStream, aes1.CreateDecryptor(k, v), CryptoStreamMode.Write)) { cStream.Write(t, 0, t.Length); cStream.FlushFinalBlock(); t = mStream.ToArray(); } } aes1.Clear(); #endregion new Random().NextBytes(b); // 口令 k = GenK(name, code, newPass); // 向量 v = GenV(name, code, newPass); #region AES 加密 AesManaged aes2 = new AesManaged(); using (MemoryStream mStream = new MemoryStream()) { using (CryptoStream cStream = new CryptoStream(mStream, aes2.CreateEncryptor(k, v), CryptoStreamMode.Write)) { cStream.Write(t, 0, t.Length); cStream.FlushFinalBlock(); t = mStream.ToArray(); } } aes1.Clear(); #endregion // 摘要用户登录信息 info = Digest(name, newPass, b); data = Convert.ToBase64String(b); main = Convert.ToBase64String(t); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddWhere(DBConst.APWD0001, code); dba.AddDeleteBatch(); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, code); dba.AddParam(DBConst.APWD0002, "Data"); dba.AddParam(DBConst.APWD0003, data); dba.AddInsertBatch(); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, code); dba.AddParam(DBConst.APWD0002, "Info"); dba.AddParam(DBConst.APWD0003, info); dba.AddInsertBatch(); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, code); dba.AddParam(DBConst.APWD0002, "Main"); dba.AddParam(DBConst.APWD0003, main); dba.AddInsertBatch(); dba.ReInit(); dba.AddTable(DBConst.APWD0000); dba.AddParam(DBConst.APWD0001, code); dba.AddParam(DBConst.APWD0002, "Safe"); dba.AddParam(DBConst.APWD0003, safe); dba.AddInsertBatch(); dba.ExecuteBatch(); writer.WriteElementString("Code", code); writer.WriteElementString("Data", data); writer.WriteElementString("Info", info); writer.WriteElementString("Main", main); writer.WriteElementString("Safe", safe); return true; }
private void SyncCat(DBAccess dba, XmlReader reader, string code) { Cat newCat = new Cat(); if (!newCat.FromXml(reader)) { SendError(null, "类别数据解析错误!"); return; } Cat oldCat = ReadCat(dba, code, newCat.Id); if (oldCat == null) { // 追加 newCat.Save(dba, false); return; } // 版本过低 if (newCat.Version <= oldCat.Version) { SendError(null, "类别数据版本冲突!"); return; } newCat.Save(dba, true); }
protected void BtSignUp_Click(object sender, EventArgs e) { string userName = TbName.Text; if (string.IsNullOrEmpty(userName)) { LbErrMsg.Text = "请输入【登录用户】!"; TrErrMsg.Attributes.Add("style", "display:;"); TbName.Focus(); return; } Regex reg = new Regex("^\\w+[\\w\\d\\.]*$"); if (!reg.IsMatch(userName)) { LbErrMsg.Text = "您输入的【登录用户】不合法:登录用户仅能为大小写字母、下划线及英文点号!"; TrErrMsg.Attributes.Add("style", "display:;"); TbName.Focus(); return; } if (!CharUtil.IsValidate(userName, 4, 32)) { LbErrMsg.Text = "【登录用户】字符串长度应在 4 到 32 个字符之间!"; TrErrMsg.Attributes.Add("style", "display:;"); TbName.Focus(); return; } string userPwds = TbPass1.Text; if (string.IsNullOrEmpty(userPwds)) { LbErrMsg.Text = "请输入【登录口令】!"; TrErrMsg.Attributes.Add("style", "display:;"); TbPass1.Focus(); return; } if (userPwds.Length < 4) { LbErrMsg.Text = "【登录口令】字符串长度不能小于 4 位!"; TrErrMsg.Attributes.Add("style", "display:;"); TbPass1.Focus(); return; } if (userPwds != TbPass2.Text) { LbErrMsg.Text = "您两次输入的口令不一致,请重新输入!"; TrErrMsg.Attributes.Add("style", "display:;"); TbPass1.Text = ""; TbPass2.Text = ""; TbPass1.Focus(); return; } string userMail = TbMail.Text; if (!CharUtil.IsValidate(userMail)) { LbErrMsg.Text = "请输入【电子邮件】!"; TrErrMsg.Attributes.Add("style", "display:;"); TbMail.Focus(); return; } reg = new Regex("^\\w+[\\w\\.]*@\\w+(\\.[\\w\\.]+)+$"); if (!reg.IsMatch(userMail)) { LbErrMsg.Text = "您输入的【电子邮件】格式不正确,正确格式为:[email protected]!"; TrErrMsg.Attributes.Add("style", "display:;"); TbMail.Focus(); return; } // 用户名重复检测 DBAccess dba = new DBAccess(); dba.AddTable(DBConst.C3010400); dba.AddColumn(DBConst.C3010405); dba.AddWhere(DBConst.C3010405, userName); DataTable dv = dba.ExecuteSelect(); if (dv != null && dv.Rows.Count > 0) { LbErrMsg.Text = string.Format("用户名 {0} 已存在,请选择其它用户名!", userName); TrErrMsg.Attributes.Add("style", "display:;"); TbName.Focus(); return; } UserModel userModel = UserModel.Current(Session); if (IMsg.MSG_SIGNUP_SUCCESS == userModel.WpSignUp(userName, userPwds, userMail)) { tr_RegData1.Visible = false; tr_RegData2.Visible = false; tr_RegInfo.Visible = true; } else { LbErrMsg.Text = "用户注册失败,请稍后重试!"; TrErrMsg.Attributes.Add("style", "display:;"); } }
private void SyncUdc(DBAccess dba, XmlDocument reader, string code) { }
public override bool Save(DBAccess dba, bool update) { return true; }
public abstract bool Read(DBAccess dba, string Id);