public override void Submit_OnClick(object sender, EventArgs e) { var account = TbAccount.Text; var password = TbPassword.Text; if (!_vcManager.IsCodeValid(TbValidateCode.Text)) // 检测验证码是否正确 { LtlMessage.Text = GetMessageHtml("验证码不正确,请重新输入!"); return; } string userName; string errorMessage; if (!DataProvider.AdministratorDao.ValidateAccount(account, password, out userName, out errorMessage)) // 检测密码是否正确 { LogUtils.AddAdminLog(userName, "后台管理员登录失败"); DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfFailedLogin(userName); // 记录最后登录时间、失败次数+1 LtlMessage.Text = GetMessageHtml(errorMessage); // 把错误信息显示在页面上 return; } DataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfLogin(userName); // 记录最后登录时间、失败次数清零 AuthRequest.AdminLogin(userName); // 写Cookie并记录管理员操作日志 PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty)); // 跳转到登录成功的后台页 }
public void Page_Load(object sender, EventArgs e) { if (IsPostBack) { return; } if (!SystemManager.IsNeedInstall()) { Page.Response.Write("系统已安装成功,向导被禁用"); Page.Response.End(); return; } LtlVersionInfo.Text = SystemManager.Version; SetSetp(1); DatabaseTypeUtils.AddListItems(DdlSqlDatabaseType); EBooleanUtils.AddListItems(DdlIsDefaultPort, "默认数据库端口", "自定义数据库端口"); ControlUtils.SelectSingleItemIgnoreCase(DdlIsDefaultPort, true.ToString()); PhSqlPort.Visible = false; EBooleanUtils.AddListItems(DdlIsProtectData, "加密", "不加密"); ControlUtils.SelectSingleItemIgnoreCase(DdlIsProtectData, false.ToString()); LtlGo.Text = $@"<a class=""btn btn-success m-l-5"" href=""{PageUtils.GetAdminDirectoryUrl(string.Empty)}"">进入后台</a>"; }
public override void Submit_OnClick(object sender, EventArgs e) { var account = TbAccount.Text; var password = TbPassword.Text; if (FileConfigManager.Instance.IsValidateCode) { if (!_vcManager.IsCodeValid(TbValidateCode.Text)) { LtlMessage.Text = GetMessageHtml("验证码不正确,请重新输入!"); return; } } string userName; string errorMessage; if (!BaiRongDataProvider.AdministratorDao.ValidateAccount(account, password, out userName, out errorMessage)) { LogUtils.AddAdminLog(userName, "后台管理员登录失败"); BaiRongDataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfFailedLogin(userName); LtlMessage.Text = GetMessageHtml(errorMessage); return; } BaiRongDataProvider.AdministratorDao.UpdateLastActivityDateAndCountOfLogin(userName); Body.AdministratorLogin(userName); string url = PageUtils.GetAdminDirectoryUrl(string.Empty); PageUtils.Redirect(url); }
public static void VerifyAdministratorPermissions(string administratorName, params string[] permissionArray) { if (HasAdministratorPermissions(administratorName, permissionArray)) { return; } PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty)); }
public void VerifyChannelPermissions(int channelId, params string[] channelPermissions) { if (HasChannelPermissions(channelId, channelPermissions)) { return; } AuthRequest.AdminLogout(); PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty)); }
public void VerifySitePermissions(params string[] sitePermissions) { if (AuthRequest.AdminPermissions.HasSitePermissions(SiteId, sitePermissions)) { return; } AuthRequest.AdminLogout(); PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty)); }
public void VerifyAdministratorPermissions(params string[] permissionArray) { if (AuthRequest.AdminPermissions.HasAdministratorPermissions(permissionArray)) { return; } AuthRequest.AdminLogout(); PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty)); }
public static bool DetermineRedirectToInstaller() { if (!IsNeedInstall()) { return(false); } PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl("Installer")); return(true); }
public static void VerifyChannelPermissions(string administratorName, int publishmentSystemId, int nodeId, params string[] channelPermissionArray) { if (HasChannelPermissions(administratorName, publishmentSystemId, nodeId, channelPermissionArray)) { return; } RequestBody.AdministratorLogout(); PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty)); }
public static void VerifySitePermissions(string administratorName, int siteId, params string[] sitePermissions) { if (HasSitePermissions(administratorName, siteId, sitePermissions)) { return; } var request = new Request(); request.AdminLogout(); PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl(string.Empty)); }
public void Page_Load(object sender, EventArgs e) { if (IsForbidden) { return; } var redirectUrl = PageUtils.GetAdminDirectoryUrl("login.aspx"); RequestBody.AdministratorLogout(); PageUtils.Redirect(PageUtils.ParseNavigationUrl(redirectUrl)); }
// protected void GetCmsMenu(StringBuilder builder,ECmsType type,bool isOpen ) // { // string title = $@" //<tr style='display:' treeItemLevel='1'> // <td nowrap> // <img align=""absmiddle"" style=""cursor: pointer; "" onClick=""displayChildren(this); "" isOpen=""{isOpen}"" src=""/siteserver/assets/icons/tree/{(isOpen? "minus.png":"plus.png")}""/> // <img align=""absmiddle"" src=""/siteserver/assets/icons/menu/content.png""/> // {ECmsTypeUtils.GetText(type)} // </td > //</tr > "; // builder.Append(title); // var _publishmentSystemInfo = PublishmentSystemManager.GetPublishmentSystemInfo(PublishmentSystemId); // try // { // var nodeIdList = DataProvider.NodeDao.GetNodeIdListByLevel(1, ECmsTypeUtils.GetDBType(type)); // foreach (var nodeId in nodeIdList) // { // var nodeInfo = NodeManager.GetNodeInfo(1, nodeId); // if (nodeInfo != null) // { // builder.Append(GetChannelHtml(nodeInfo.PublishmentSystemId, nodeInfo.NodeId, nodeInfo.NodeName,isOpen)); // } // } // } // catch (Exception ex) // { // PageUtils.RedirectToErrorPage(ex.Message); // } // } // protected string GetChannelHtml(int publishmentId,int nodeId,string menuText,bool isDisplay) // { // string menuTemplete = $@" //<tr style='{(isDisplay ? "display:" : "display: none")}' treeItemLevel='2'> // <td nowrap> // <img align = ""absmiddle"" src = ""/siteserver/assets/icons/tree/empty.gif"" /> // <img align = ""absmiddle"" src = ""/siteserver/assets/icons/tree/empty.gif"" /> // <img align = ""absmiddle"" src = ""/siteserver/assets/icons/menu/itemContainer.png"" /> // <a href='/siteserver/cms/pagecontent.aspx?PublishmentSystemID={publishmentId}&NodeID={nodeId}' target = 'right' onclick = 'openFolderByA(this);' isTreeLink = 'true' >{menuText} </a> // </td > //</tr > "; // return menuTemplete; // } /// <summary> /// Creates the markup for the current TabCollection /// </summary> /// <returns></returns> protected void BuildNavigationTree(StringBuilder builder, TabCollection tc, int parentsCount, bool isDisplay) { if (tc?.Tabs == null) { return; } foreach (var parent in tc.Tabs) { // var nodeInfo = NodeManager.GetNodeInfo(1,nodeId);//子站继承主站栏目 // var enabled = AdminUtility.IsOwningNodeIdAll(body.AdministratorName, nodeInfo.NodeId);//管理员拥有权限的栏目 //} // //if (!TabManager.IsValid(parent, PermissionList)) continue; if (parent.MenuType != null && parent.MenuType.Equals("cmsItem", StringComparison.OrdinalIgnoreCase)) { if (!AdminUtility.IsOwningNodeIdByPublishmentSystem(UserName, parent.NodeId)) { continue; } } //if ((parent.MenuType != null && parent.MenuType.Equals("cms", StringComparison.OrdinalIgnoreCase) && !CmsHasChildrenPerminssion(parent))) continue; if (!HasFirstRootMenu(parent)) { continue; } var linkUrl = FormatLink(parent); if (!string.IsNullOrEmpty(linkUrl) && !StringUtils.EqualsIgnoreCase(linkUrl, PageUtils.UnclickedUrl)) { linkUrl = PageUtils.GetLoadingUrl(linkUrl); } if (parent.MenuType != null && parent.MenuType.Equals("cmsItem", StringComparison.OrdinalIgnoreCase)) { linkUrl = PageUtils.GetAdminDirectoryUrl(parent.Href); } var hasChildren = parent.Children != null && parent.Children.Length > 0; var openWindow = !hasChildren && StringUtils.EndsWithIgnoreCase(parent.Href, "main.aspx"); var item = NavigationTreeItem.CreateNavigationBarItem(isDisplay, parent.Selected, parentsCount, hasChildren, openWindow, parent.Text, linkUrl, parent.Target, parent.Enabled, parent.IconUrl); builder.Append(item.GetTrHtml()); if (parent.Children != null && parent.Children.Length > 0) { var tc2 = NodeNaviTabManager.GetTabCollection(parent, PublishmentSystemId); BuildNavigationTree(builder, tc2, parentsCount + 1, parent.Selected); } } }
void dgContents_ItemDataBound(object sender, DataGridItemEventArgs e) { if (e.Item.ItemType == ListItemType.Item || e.Item.ItemType == ListItemType.AlternatingItem) { var publishmentSystemID = (int)e.Item.DataItem; var publishmentSystemInfo = PublishmentSystemManager.GetPublishmentSystemInfo(publishmentSystemID); if (publishmentSystemInfo != null) { var ltlPublishmentSystemName = e.Item.FindControl("ltlPublishmentSystemName") as Literal; var ltlPublishmentSystemType = e.Item.FindControl("ltlPublishmentSystemType") as Literal; var ltlPublishmentSystemDir = e.Item.FindControl("ltlPublishmentSystemDir") as Literal; var ltlAddDate = e.Item.FindControl("ltlAddDate") as Literal; var ltlManage = e.Item.FindControl("ltlManage") as Literal; var ltlBinding = e.Item.FindControl("ltlBinding") as Literal; var ltlDelete = e.Item.FindControl("ltlDelete") as Literal; ltlPublishmentSystemName.Text = publishmentSystemInfo.PublishmentSystemName; ltlPublishmentSystemType.Text = EPublishmentSystemTypeUtils.GetHtml(publishmentSystemInfo.PublishmentSystemType); ltlPublishmentSystemDir.Text = publishmentSystemInfo.PublishmentSystemDir; ltlAddDate.Text = DateUtils.GetDateString(NodeManager.GetAddDate(publishmentSystemID, publishmentSystemID)); var manageUrl = PageUtils.GetLoadingUrl(PageUtils.GetAdminDirectoryUrl( $"main.aspx?publishmentSystemID={publishmentSystemID}")); ltlManage.Text = $@"<a href=""{manageUrl}"" target=""top"">管理</a>"; var bindingUrl = ConsoleAccountBinding.GetRedirectUrl(publishmentSystemID, PageUtils.GetWXUrl("console_account.aspx")); var accountInfo = WeiXinManager.GetAccountInfo(publishmentSystemID); var isBinding = WeiXinManager.IsBinding(accountInfo); if (isBinding) { ltlBinding.Text = $@"<a href=""{bindingUrl}"" class=""btn btn-success"">已绑定微信</a>"; } else { ltlBinding.Text = $@"<a href=""{bindingUrl}"" class=""btn btn-danger"">未绑定微信</a>"; } var urlDelete = PageUtils.GetSTLUrl( $"console_publishmentSystemDelete.aspx?NodeID={publishmentSystemID}"); ltlDelete.Text = $@"<a href=""{urlDelete}"">删除</a>"; } } }
protected override void OnInit(EventArgs e) { base.OnInit(e); AuthRequest = new AuthRequest(Request); if (!IsInstallerPage) { if (string.IsNullOrEmpty(WebConfigUtils.ConnectionString)) { PageUtils.Redirect(PageUtils.GetAdminDirectoryUrl("Installer")); return; } if (ConfigManager.Instance.IsInitialized && ConfigManager.Instance.DatabaseVersion != SystemManager.Version) { PageUtils.Redirect(PageSyncDatabase.GetRedirectUrl()); return; } } if (!IsAccessable) // 如果页面不能直接访问且又没有登录则直接跳登录页 { if (!AuthRequest.IsAdminLoggin || AuthRequest.AdminInfo == null) // 检测管理员是否登录 { IsForbidden = true; PageUtils.RedirectToLoginPage(); return; } if (AuthRequest.AdminInfo.IsLockedOut) // 检测管理员帐号是否被锁定 { IsForbidden = true; PageUtils.RedirectToLoginPage("对不起,您的账号已被锁定,无法进入系统!"); return; } } //防止csrf攻击 Response.AddHeader("X-Frame-Options", "SAMEORIGIN"); //tell Chrome to disable its XSS protection Response.AddHeader("X-XSS-Protection", "0"); }
public string GetRedirectUrl() { var redirectUrl = PageUtils.FilterXss(StringUtils.ValueToUrl(Body.GetQueryString("RedirectUrl"), true)); if (!string.IsNullOrEmpty(redirectUrl)) { var queryStringOriginal = new NameValueCollection(Request.QueryString); queryStringOriginal.Remove("RedirectType"); queryStringOriginal.Remove("RedirectUrl"); queryStringOriginal.Add(PageUtils.GetQueryString(redirectUrl)); var queryString = new NameValueCollection(); foreach (string name in queryStringOriginal.Keys) { //filter xss for load page, update by sessionliang 20160112 queryString[name] = PageUtils.FilterXss(queryStringOriginal[name]); } redirectUrl = PageUtils.GetUrlWithoutQueryString(redirectUrl); if (!PageUtils.IsProtocolUrl(redirectUrl) && !redirectUrl.StartsWith("/")) { redirectUrl = PageUtils.GetAdminDirectoryUrl(redirectUrl); } redirectUrl = StringUtils.ValueFromUrl(redirectUrl, true); //filter xss for preload page, update by sessionliang 20160112 //1. get query string with filter xss var fxQueryString = PageUtils.GetQueryStringFilterXss(redirectUrl); //2. get url without query string redirectUrl = PageUtils.GetUrlWithoutQueryString(redirectUrl); //3. combin redirectUrl = PageUtils.AddQueryString(redirectUrl, fxQueryString); return(PageUtils.AddQueryString(redirectUrl, queryString).Replace('"', ' ').Replace('\n', ' ')); } return(string.Empty); }
public string GetPluginUrl(string relatedUrl = "") { if (string.IsNullOrEmpty(relatedUrl)) { return(string.Empty); } if (PageUtils.IsProtocolUrl(relatedUrl)) { return(relatedUrl); } if (StringUtils.StartsWith(relatedUrl, "~/")) { return(PageUtils.GetRootUrl(relatedUrl.Substring(1))); } if (StringUtils.StartsWith(relatedUrl, "@/")) { return(PageUtils.GetAdminDirectoryUrl(relatedUrl.Substring(1))); } return(PageUtility.GetSiteFilesUrl(ApiManager.ApiUrl, PageUtils.Combine(DirectoryUtils.SiteFiles.Plugins, _metadata.Id, relatedUrl))); }
public string GetAdminDirectoryUrl(string relatedUrl) { return(PageUtils.GetAdminDirectoryUrl(relatedUrl)); }
protected override void Render(HtmlTextWriter writer) { if (!string.IsNullOrEmpty(Src)) { writer.Write($@"<script src=""{(Src.StartsWith("~") ? PageUtils.ParseNavigationUrl(Src) : PageUtils.GetAdminDirectoryUrl(Src))}"" type=""text/javascript""></script>"); } }
public static string GetUrl(string relatedUrl) { return(PageUtils.Combine(PageUtils.GetAdminDirectoryUrl(DirectoryName), relatedUrl)); }
protected override void Render(HtmlTextWriter writer) { if (!string.IsNullOrEmpty(Href)) { writer.Write($@"<link rel=""stylesheet"" href=""{(Href.StartsWith("~") ? PageUtils.ParseNavigationUrl(Href) : PageUtils.GetAdminDirectoryUrl(Href))}"" type=""text/css"" />"); } }
public string GetSiteServerUrl() { return(PageUtils.GetAdminDirectoryUrl(string.Empty)); }