示例#1
0
    public Stream DS_I_USER(Stream requestStream)
    {
        if (!AMSCSRFCore.IsRequestComeFromProxy(HttpContext.Current.Request))
        {
            return(GenerateErrorResponse(null, "Requester IP is not authorized", System.Net.HttpStatusCode.Forbidden));
        }

        QueryParameter queryParam  = null;
        QueryResult    queryResult = null;

        try
        {
            queryParam = new QueryParameter(requestStream);
            var SavePath = AMSCore.WebConfigReadKey("PATH_UPLOAD_UM");
            if (queryParam.Files != null && queryParam.Files.Count > 0)
            {
                if (NetworkConnector.Access(SavePath))
                {
                    if (!string.IsNullOrEmpty(queryParam.Parameter["IMG"].ToString()))
                    {
                        string path = Path.Combine(AMSCore.WebConfigReadKey("PATH_UPLOAD_UM"), queryParam.Parameter["IMG"].ToString());
                        if (File.Exists(path))
                        {
                            System.IO.File.Delete(path);
                        }
                    }

                    var FileName = DateTime.Now.Ticks.ToString() + Path.GetFileName(queryParam.Files[0].Name);
                    queryParam.Files[0].Save(SavePath, FileName);
                    queryParam.Parameter["IMG"] = FileName;
                }
            }
            else
            {
                // queryParam.Parameter["IMG" FileName);
            }
            queryResult = new QueryResult();
            queryResult.AddOutputParam("success", true);
            queryResult.AddOutputParam("params", queryParam.Parameter);
        }
        catch (Exception ex)
        {
            queryResult = new QueryResult(ex);
        }
        return(queryResult.ToStream(true));
    }
        public void ProcessRequest(HttpContext context)
        {
            try
            {
                QueryParameter queryParameter = new QueryParameter(context);
                QueryResult    queryResult    = new QueryResult();

                AppHttpHandler.ProcessRequest(context, queryParameter, AuthenUtil.AuthenMode.BYPASS);

                if (context.Session != null)
                {
                    if (AppSession.GetSession("USER_ID", context.Session) != null)
                    {
                        IDatabaseConnector dbConnector = new DatabaseConnectorClass();

                        string userID  = AppSession.GetSession("USER_ID", context.Session).ToString();
                        string sqlStmt = "SELECT PASSWORD FROM UM_USER WHERE USER_ID=?";
                        queryParameter = new QueryParameter();
                        queryParameter.Add("USER_ID", userID);
                        QueryResult queryUser = dbConnector.ExecuteStatement(sqlStmt, queryParameter);
                        if (queryUser.DataTable != null && queryUser.DataTable.Rows.Count > 0)
                        {
                            queryParameter = new QueryParameter();
                            queryParameter.Add("USERNAME", userID);
                            queryParameter.Add("PASSWORD", queryUser.DataTable.Rows[0][0].ToString());
                            queryUser = dbConnector.ExecuteStoredProcedure("APP_LOGIN_Q", queryParameter);

                            queryParameter = new QueryParameter();
                            queryParameter.Add("APP_SESSION_USER_ID", userID);
                            queryResult = dbConnector.ExecuteStoredProcedure("APP_CONFIG_Q", queryParameter);

                            queryResult.AddOutputParam("userInfo", ConnectorUtil.DataTableToDictionary(queryUser.DataTable, dbConnector.DateTimeFormat, dbConnector.CultureInfo));
                        }
                    }

                    if (AppSession.GetSession("REQUEST_DATA", context.Session) != null)
                    {
                        queryResult.AddOutputParam("requestData", AppSession.GetSession("REQUEST_DATA", context.Session));
                    }
                }
                else
                {
                    throw new Exception("EMPTY_SESSION");
                }

                context.Response.ContentType = "application/json";
                context.Response.Write(queryResult.ToJson());
                context.Response.StatusCode = (int)System.Net.HttpStatusCode.OK;

                AppHttpHandler.ProcessResponse(context);
            }
            catch (Exception exception)
            {
                AppHttpHandler.ProcessException(exception, context);
            }
            finally
            {
                context.Response.Flush();
                context.Response.End();
            }
        }