/// <summary>
/// 修改口令
/// </summary>
/// <param name="name"></param>
/// <param name="oldPass"></param>
/// <param name="newPass"></param>
/// <returns></returns>
public bool WsSignPk(string name, string oldPass, string newPass, XmlWriter writer)
{
var dba = new DBAccess();
dba.AddTable(DBConst.C3010400);
dba.AddColumn(DBConst.C3010402);
dba.AddWhere(DBConst.C3010400, CharUtil.Text2DB(name));
var dt = dba.ExecuteSelect();
if (dt.Rows.Count != 1)
{
writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!");
return false;
}
string code = dt.Rows[0][DBConst.C3010402] as string;
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddColumn(DBConst.APWD0002);
dba.AddColumn(DBConst.APWD0003);
dba.AddWhere(DBConst.APWD0001, code);
dba.AddSort(DBConst.APWD0002, true);
dt = dba.ExecuteSelect();
if (dt.Rows.Count != 4)
{
writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!");
return false;
}
string data = dt.Rows[0][DBConst.APWD0003] as string;
if (string.IsNullOrEmpty(data))
{
writer.WriteElementString("Error", "系统异常,请与管理员联系:[email protected]!");
return false;
}
byte[] b = Convert.FromBase64String(data);
string info = dt.Rows[0][DBConst.APWD0003] as string;
string main = dt.Rows[0][DBConst.APWD0003] as string;
string safe = dt.Rows[0][DBConst.APWD0003] as string;
// 已有口令校验
if (info != Digest(name, oldPass, b))
{
writer.WriteElementString("Error", "请确认您的登录口令及登录口令是否正确!");
return false;
}
// 口令
byte[] k = GenK(name, code, oldPass);
// 向量
byte[] v = GenV(name, code, oldPass);
byte[] t = Convert.FromBase64String(main);
#region AES 加密
AesManaged aes1 = new AesManaged();
using (MemoryStream mStream = new MemoryStream())
{
using (CryptoStream cStream = new CryptoStream(mStream, aes1.CreateDecryptor(k, v), CryptoStreamMode.Write))
{
cStream.Write(t, 0, t.Length);
cStream.FlushFinalBlock();
t = mStream.ToArray();
}
}
aes1.Clear();
#endregion
new Random().NextBytes(b);
// 口令
k = GenK(name, code, newPass);
// 向量
v = GenV(name, code, newPass);
#region AES 加密
AesManaged aes2 = new AesManaged();
using (MemoryStream mStream = new MemoryStream())
{
using (CryptoStream cStream = new CryptoStream(mStream, aes2.CreateEncryptor(k, v), CryptoStreamMode.Write))
{
cStream.Write(t, 0, t.Length);
cStream.FlushFinalBlock();
t = mStream.ToArray();
}
}
aes1.Clear();
#endregion
// 摘要用户登录信息
info = Digest(name, newPass, b);
data = Convert.ToBase64String(b);
main = Convert.ToBase64String(t);
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddWhere(DBConst.APWD0001, code);
dba.AddDeleteBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Data");
dba.AddParam(DBConst.APWD0003, data);
dba.AddInsertBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Info");
dba.AddParam(DBConst.APWD0003, info);
dba.AddInsertBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Main");
dba.AddParam(DBConst.APWD0003, main);
dba.AddInsertBatch();
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddParam(DBConst.APWD0001, code);
dba.AddParam(DBConst.APWD0002, "Safe");
dba.AddParam(DBConst.APWD0003, safe);
dba.AddInsertBatch();
dba.ExecuteBatch();
writer.WriteElementString("Code", code);
writer.WriteElementString("Data", data);
writer.WriteElementString("Info", info);
writer.WriteElementString("Main", main);
writer.WriteElementString("Safe", safe);
return true;
}
protected void Page_Load(object sender, EventArgs e)
{
UserModel userModel = UserModel.Current(Session);
if (userModel.Rank < IUser.LEVEL_02)
{
Response.Redirect("~/Index.aspx");
return;
}
if (IsPostBack)
{
return;
}
DBAccess dba = new DBAccess();
dba.AddTable(DBConst.APWD0000);
dba.AddColumn(DBConst.APWD0002);
dba.AddColumn(DBConst.APWD0003);
dba.AddWhere(DBConst.APWD0001, userModel.Code);
dba.AddSort(DBConst.APWD0002, true);
DataTable dt = dba.ExecuteSelect();
if (dt.Rows.Count != 4)
{
TrRegInfo.Visible = false;
return;
}
TrRegData1.Visible = false;
TrRegData2.Visible = false;
StringBuilder buffer = new StringBuilder();
XmlWriter writer = XmlWriter.Create(buffer);
writer.WriteStartElement("Amon");
writer.WriteStartElement("User");
writer.WriteElementString("Code", userModel.Code);
foreach (DataRow row in dt.Rows)
{
if ("Data" == row[DBConst.APWD0002] as string)
{
writer.WriteElementString("Data", row[DBConst.APWD0003] as string);
continue;
}
if ("Info" == row[DBConst.APWD0002] as string)
{
writer.WriteElementString("Info", row[DBConst.APWD0003] as string);
continue;
}
if ("Main" == row[DBConst.APWD0002] as string)
{
writer.WriteElementString("Main", row[DBConst.APWD0003] as string);
continue;
}
if ("Safe" == row[DBConst.APWD0002] as string)
{
writer.WriteElementString("Safe", row[DBConst.APWD0003] as string);
continue;
}
}
writer.WriteEndElement();
writer.WriteEndElement();
writer.Flush();
writer.Close();
TBData.Text = buffer.Replace("encoding=\"utf-16\"", "encoding=\"utf-8\"").ToString();
}
private void SignIn(HttpContext context, XmlWriter writer)
{
string d = context.Request["d"];
if (!CharUtil.IsValidate(d))
{
SendError(writer, "请输入【登录用户】!");
return;
}
if (!CharUtil.IsValidateName(d))
{
SendError(writer, "【登录用户】应在 4 到 32 个字符之间,且仅能为大小写字母、下划线及英文点号!");
return;
}
DBAccess dba = new DBAccess();
dba.AddTable(DBConst.C3010400);
dba.AddColumn(DBConst.C3010402);
dba.AddWhere(DBConst.C3010405, d);
DataTable dt = dba.ExecuteSelect();
if (dt.Rows.Count != 1)
{
SendError(writer, "请确认您输入的【登录用户】或【登录口令】是否正确!");
return;
}
string code = dt.Rows[0][DBConst.C3010402] as string;
if (!CharUtil.IsValidateCode(code))
{
SendError(writer, "请确认您输入的【登录用户】或【登录口令】是否正确!");
return;
}
dba.ReInit();
dba.AddTable(DBConst.APWD0000);
dba.AddColumn(DBConst.APWD0002);
dba.AddColumn(DBConst.APWD0003);
dba.AddWhere(DBConst.APWD0001, code);
dba.AddSort(DBConst.APWD0002, true);
dt = dba.ExecuteSelect();
if (dt.Rows.Count < 1)
{
writer.WriteElementString("Error", "请确认您是否已经开通密码箱的功能!");
return;
}
writer.WriteStartElement("User");
writer.WriteElementString("Code", code);
foreach (DataRow row in dt.Rows)
{
if ("Data" == row[DBConst.APWD0002] as string)
{
writer.WriteElementString("Data", row[DBConst.APWD0003] as string);
continue;
}
if ("Info" == row[DBConst.APWD0002] as string)
{
writer.WriteElementString("Info", row[DBConst.APWD0003] as string);
continue;
}
if ("Main" == row[DBConst.APWD0002] as string)
{
writer.WriteElementString("Main", row[DBConst.APWD0003] as string);
continue;
}
if ("Safe" == row[DBConst.APWD0002] as string)
{
writer.WriteElementString("Safe", row[DBConst.APWD0003] as string);
continue;
}
}
writer.WriteEndElement();
}
private void ListUdc(DBAccess dba, XmlWriter writer, string code)
{
writer.WriteElementString("App", "APwd");
writer.WriteElementString("Ver", "1");
dba.ReInit();
dba.AddTable(DBConst.AUDC0100);
dba.AddColumn(DBConst.AUDC0103);
dba.AddColumn(DBConst.AUDC0104);
dba.AddColumn(DBConst.AUDC0105);
dba.AddColumn(DBConst.AUDC0106);
dba.AddColumn(DBConst.AUDC0107);
dba.AddWhere(DBConst.AUDC0102, code);
dba.AddSort(DBConst.AUDC0101, true);
writer.WriteStartElement("Udcs");
using (DataTable dt = dba.ExecuteSelect())
{
foreach (DataRow row in dt.Rows)
{
Udc item = new Udc();
item.Load(row);
item.ToXml(writer);
}
}
writer.WriteEndElement();
}
private void ListLib(DBAccess dba, XmlWriter writer, string code)
{
writer.WriteElementString("App", "APwd");
writer.WriteElementString("Ver", "2");
dba.ReInit();
dba.AddTable(DBConst.APWD0300);
dba.AddColumn(DBConst.APWD0301);
dba.AddColumn(DBConst.APWD0304);
dba.AddColumn(DBConst.APWD0306);
dba.AddColumn(DBConst.APWD0308);
dba.AddWhere(DBConst.APWD0302, "0");
dba.AddWhere(DBConst.APWD0303, code);
dba.AddSort(DBConst.APWD0301, true);
writer.WriteStartElement("Libs");
using (DataTable dt1 = dba.ExecuteSelect())
{
foreach (DataRow r1 in dt1.Rows)
{
LibHeader header = new LibHeader();
header.Load(r1);
dba.ReInit();
dba.AddTable(DBConst.APWD0300);
dba.AddColumn(DBConst.APWD0301);
dba.AddColumn(DBConst.APWD0302);
dba.AddColumn(DBConst.APWD0304);
dba.AddColumn(DBConst.APWD0306);
dba.AddColumn(DBConst.APWD0307);
dba.AddColumn(DBConst.APWD0308);
dba.AddWhere(DBConst.APWD0305, header.Id);
dba.AddWhere(DBConst.APWD0303, code);
dba.AddSort(DBConst.APWD0301, true);
DataTable dt2 = dba.ExecuteSelect();
foreach (DataRow r2 in dt2.Rows)
{
LibDetail detail = new LibDetail();
detail.Load(r2);
header.Details.Add(detail);
}
header.ToXml(writer);
}
}
writer.WriteEndElement();
}
private void ListKey(string code, string catId)
{
DBAccess dba = new DBAccess();
dba.ReInit();
dba.AddTable(DBConst.APWD0100);
dba.AddWhere(DBConst.APWD0104, code);
dba.AddWhere(DBConst.APWD0106, catId);
dba.AddWhere(DBConst.APWD0115, "!=", Key.OPT_DELETE.ToString(), false);
dba.AddSort(DBConst.APWD0101, false);
using (DataTable d1 = dba.ExecuteSelect())
{
foreach (DataRow r1 in d1.Rows)
{
Key key = new Key();
key.Load(r1);
dba.ReInit();
dba.AddTable(DBConst.APWD0200);
dba.AddColumn(DBConst.APWD0204);
dba.AddWhere(DBConst.APWD0202, code);
dba.AddWhere(DBConst.APWD0203, key.Id);
dba.AddSort(DBConst.APWD0201, true);
using (DataTable d2 = dba.ExecuteSelect())
{
StringBuilder buffer = new StringBuilder();
foreach (DataRow r2 in d2.Rows)
{
buffer.Append(r2[DBConst.APWD0204] as string);
}
key.Password = buffer.ToString();
}
}
}
}