using BizCom; using SiteCore.Redis; using SQLData; using System; using System.Collections.Generic; using System.Data; using System.Reflection; using System.Text.RegularExpressions; using System.Web; using Utils; namespace SiteCore.Handler { public partial class sync : BaseHandler, IHttpHandler { //private static log4net.ILog logger = log4net.LogManager.GetLogger("Logger"); //private static readonly log4net.ILog applicationInfoLog = log4net.LogManager.GetLogger("ApplicationInfoLog"); public void ProcessRequest(HttpContext context) { //if (CurrentUser == null) //{ // ReturnLoginMsg("操作己过期,请重新登录!"); // return; //} con = context; string methodName = GetString("t"); Type type = this.GetType(); MethodInfo method = type.GetMethod(methodName); if (method == null) throw new Exception("method is null"); if (isLoginOut()) { if (methodName != "erp_user_login" && methodName != "loginout" && methodName != "file_client_down_url") { returnErrorMsg("操作己过期,请重新登录!"); return; } } try { method.Invoke(this, null); if (CurrentUser != null) { LogOperate.Save(CurrentUser.UserID, CurrentUser.UserName, CurrentUser.User.LoginIP, methodName); } /*if (operate_Tag != "") WebLog.SysLog(CurrentUser.UserID,operate_Tag); else WebLog.SysLog(CurrentUser.UserID, methodName);*/ } catch (Exception ex) { //WebLog.SysLog(CurrentUser.UserID, ex); returnErrorMsg("操作失败!" + ex.Message); } //if (methodName.IndexOf("get_") == -1) //{ // using (new SessionScope()) // { // } //} //else //{ // try // { // method.Invoke(this, null); // } // catch (Exception ex) // { // XLog.SaveLog(CurrentUser.UserID, ex.Message); // returnErrorMsg("操作失败!" + ex.Message); // } //} } public void isAccLogin() { HttpCookie lcCookie = HttpContext.Current.Request.Cookies[webConfig.CookieName]; if (lcCookie != null) { if (CurrentUser != null && CurrentUser.User.IsMultiLogin == 1) { returnSuccessMsg("1"); return; } string name = HttpUtility.UrlDecode(lcCookie.Values["user"]); string ticket = lcCookie.Values["ticket"]; string dl_ticket = erpRedis.RedisHelper.StringGet("dl_" + name); if (ticket != dl_ticket) returnSuccessMsg("0"); else returnSuccessMsg("1"); //if (String.IsNullOrEmpty(dl_ticket)) //{ // erpRedis.RedisHelper.StringSet("dl_" + name, ticket); // returnSuccessMsg("1"); //} //else //{ //} return; } returnSuccessMsg("0"); } public void trans_user_role() { if (UrlPostParmsCheck("r")) { string user = CurrentUser.User.Account; string pwd = CurrentUser.User.PassWord; user = user.Split('_')[0]; int r = GetPostInt("r"); switch (r) { case 1: user = user + "_kf"; break; case 2: user = user + "_sj"; break; case 3: user = user + "_sh"; break; case 4: user = user + "_cw"; break; default: break; } CeErpUser entity = CeErpUser.GetByLogin(user, pwd); if (entity != null) { entity.LoginIP = CommonHelper.ClientIP; entity.Ticket = WebHelper.getLoginTicket(entity.Account, entity.LoginIP); if (entity.CurLoginTime.ToString() != "") entity.PreLoginTime = Convert.ToDateTime(entity.CurLoginTime); entity.CurLoginTime = DateTime.Now; entity.Update(); HttpCookie cookie = new HttpCookie(webConfig.CookieName); cookie.Values.Clear(); cookie.Values.Add("user", user); cookie.Values.Add("ticket", entity.Ticket); cookie.Path = "/"; //cookie.Domain = SiteDomain; //if (chkWeek.Checked) cookie.Expires = DateTime.Now.AddDays(14); cookie.Expires = DateTime.Now.AddDays(2); HttpContext.Current.Response.Cookies.Add(cookie); returnSuccessMsg(HttpUtility.UrlEncode(SecurityHelper.EncryptSymmetric(user + "|" + DateTime.Now.ToString("yyyy-MM-dd")))); return; } } returnErrorMsg("无法切换,可能没有该角色!"); } public static FrequencyControler LoginFrequency = new FrequencyControler("erplogin", 10, 4); public void erp_user_login() { if (LoginFrequency.IsTooFrequently(true)) { returnErrorMsg("访问太频繁"); return; } //XLog.SaveLog(0, "123"); if (!UrlPostParmsCheck("user,pwd")) { returnErrorMsg("参数有误!"); return; } string account = GetPostString("user"); string pwd = GetPostString("pwd"); if (account == "" || pwd == "") { returnErrorMsg("请输入用户名或密码!"); return; } string code = GetPostString("code"); if (con.Session["vCode"] != null) { if (code == "" || code.ToLower() != con.Session["vCode"].ToString().ToLower()) { returnErrorMsg("验证码不正确!"); return; } } CeErpUser entity = CeErpUser.GetByLogin(account, SecurityHelper.EncryptSymmetric(pwd)); string ip = WebHelper.GetIP(); if (SiteInfo.isPassIp(ip) == false) { if (!(entity != null && entity.State == 5)) { returnErrorMsg("未授权的IP:" + ip); return; } } if (!string.IsNullOrEmpty(erpRedis.RedisHelper.StringGet("lock_" + account))) { returnErrorMsg("账户于" + erpRedis.RedisHelper.StringGet("lock_" + account) + "锁定!"); return; } //XLog.SaveLog(0, "456"); if (entity == null) { if (con.Session["lerr" + account] != null) con.Session["lerr" + account] = Convert.ToInt32(con.Session["lerr" + account]) + 1; else con.Session["lerr" + account] = 1; con.Session["lerr"] = con.Session["lerr" + account]; string errMsg = ""; if (Convert.ToInt32(con.Session["lerr"]) > 5) { erpRedis.RedisHelper.StringSet("lock_" + account, DateTime.Now.ToLongTimeString(), new TimeSpan(0, 10, 0)); errMsg = con.Session["lerr"] + "|账号或密码不正确!账户锁定10分钟。"; } else { errMsg = con.Session["lerr"] + "|账号或密码不正确!"; } Log_Login.Save(account, ip, false, errMsg); returnErrorMsg(errMsg); return; } if (entity.State == 1) { returnErrorMsg("账户已被冻结!"); Log_Login.Save(account, ip, false, "账户已被冻结!"); return; } entity.LoginIP = ip; entity.Ticket = WebHelper.getLoginTicket(entity.Account + DateTime.Now.ToString("yyyyMMddHHmmssffff")); if (entity.CurLoginTime.ToString() != "") { entity.PreLoginTime = Convert.ToDateTime(entity.CurLoginTime); } entity.CurLoginTime = DateTime.Now; //查询上次登录时间是否为昨天,一天第一次登录清空设计师派单数据 //DateTime ispre = Convert.ToDateTime(entity.CurLoginTime).AddDays(-1); //if(ispre.Day == Convert.ToDateTime(entity.PreLoginTime).Day) //{ // CeErpUserInfo userInfo = CeErpUserInfo.Get(entity.ID); // userInfo.DayOrderPer = 0; // userInfo.DayOrderReceive = 0; // userInfo.OnDuty = 0; // userInfo.Update(); //} entity.Update(); Log_Login.Save(account, ip, false, "登录成功!"); string isFromClient = GetPostString("isFromClient");//C端登录 if ("1" == isFromClient) { returnSuccessMsg(entity.ID.ToString()); return; } HttpCookie cookie = new HttpCookie(webConfig.CookieName); cookie.Values.Clear(); cookie.Values.Add("user", HttpUtility.UrlEncode(account)); cookie.Values.Add("ticket", entity.Ticket); //cookie.Values.Add("mullogin", entity.IsMultiLogin.ToString()); cookie.Path = "/"; //cookie.Domain = SiteDomain; //if (chkWeek.Checked) cookie.Expires = DateTime.Now.AddDays(14); cookie.Expires = DateTime.Now.AddHours(18); HttpContext.Current.Response.Cookies.Add(cookie); erpRedis.RedisHelper.StringSet("dl_" + account, entity.Ticket, new TimeSpan(18, 0, 0)); //erpRedis.RedisHelper.StringSet(user, con.Session.SessionID); //erpRedis.RedisHelper.StringSet("PUB_" + user, con.Session.SessionID); con.Session["vCode"] = null; con.Session["lerr"] = null; con.Session["userId"] = entity.ID; //WebUser.SetUser(account, entity.Ticket); con.Session["_t"] = DateTime.Now.ToString("yyyyMMddHHmmssffff"); if (isSimplePwd(pwd)) con.Session["isSimplePwd"] = 1; else con.Session["isSimplePwd"] = null; returnSuccessMsg("登录成功!"); return; } private bool isSimplePwd(string pwd) { Match result = Regex.Match(pwd, "(?=.*[0-9])(?=.*[a-zA-Z])(?=.*[^a-zA-Z0-9]).{6,20}"); if (result.Length > 0) { return false; } return true; } private bool isLoginOut() { ////人员是否已登录 //if(con.Session["userId"] == null || con.Session["userId"].ToString() == "") // return true; //传过来的Ticket是否有效 HttpCookie lcCookie = HttpContext.Current.Request.Cookies[webConfig.CookieName]; if (lcCookie == null) { return true; } string name = lcCookie.Values["user"]; string ticket = lcCookie.Values["ticket"]; if (name == null || ticket == null || name == "" || ticket == "") { return true; } name = HttpUtility.UrlDecode(name); string dl_ticket = erpRedis.RedisHelper.StringGet("dl_" + name); if (ticket != dl_ticket) { return true; } return false; } public void loginout() { HttpCookie cookie = HttpContext.Current.Request.Cookies[webConfig.CookieName]; string name = cookie.Values["user"]; if (name != null && name != null) { name = HttpUtility.UrlDecode(name); bool b = erpRedis.RedisHelper.KeyDelete("dl_" + name); WebUser.RemoveUserCache(name); WebUser.RemovePermissionCache(name); } cookie.Expires = DateTime.Now.AddDays(-1d); HttpContext.Current.Response.Cookies.Add(cookie); cookie.Values.Clear(); HttpContext.Current.Session["WEBUSER"] = null; con.Session["userId"] = null; con.Session["_t"] = null; returnSuccessMsg("退出成功!"); } public static FrequencyControler DoFrequency = new FrequencyControler("xinyue", 10, 3); //定义访问控制器允许10秒内3次请求 public void get_syslog() { DataStruct dStruct = GetPostStruct(); dStruct.Order = "id desc"; DataTable dt = WebCache.GetData("x_log", dStruct); string data = Utils.Serialization.JsonString.DataTable2MiniAjaxJson(dt); data = data.Replace("\\", "\\\\"); writeGridJson(dStruct.TotalCount, data); } public void clear_syslog() { string sql = "truncate table x_log"; DbHelper.DbConn.ExecuteNonQuery(sql); returnSuccessMsg("清空完成"); } public void get_erp_ipWhitelist() { DataStruct dStruct = GetPostStruct(); dStruct.Order = "id desc"; List lw = new List(); string ip = GetPostString("ip"); if (ip.Length > 0) lw.Add(string.Format("ip_white_list like '%{0}%'", ip)); string remark = GetPostString("remark"); if (remark.Length > 0) lw.Add(string.Format("remark like '%{0}%'", remark)); dStruct.MainWhere = string.Join(" and ", lw.ToArray()); DataTable dt = WebCache.GetData("SiteInfo", dStruct); writeGridDataTableJson(dStruct.TotalCount, dt); } public void get_login_list() { DataStruct dStruct = GetPostStruct(); dStruct.Order = "login_time desc"; List lw = new List(); lw.Add(string.Format("user_name != '{0}'", "xfd666")); string ip = GetPostString("ip"); if (ip.Length > 0) lw.Add(string.Format("login_ip like '%{0}%'", ip)); string name = GetPostString("uName"); if (name.Length > 0) lw.Add(string.Format("user_name like '%{0}%'", name)); string sTime = GetPostString("sTime"); string eTime = GetPostString("eTime"); if (sTime.Length > 0) { string dw = GetDateMinuteWhere("login_time", sTime, eTime); if (dw.Length > 0) lw.Add(dw); } dStruct.MainWhere = string.Join(" and ", lw.ToArray()); DataTable dt = WebCache.GetData("Log_Login", dStruct); writeGridDataTableJson(dStruct.TotalCount, dt); } public void get_supplierlog() { DataStruct dStruct = GetPostStruct(); dStruct.Order = "id desc"; DataTable dt = WebCache.GetData("SupplierLog", dStruct); string data = Utils.Serialization.JsonString.DataTable2MiniAjaxJson(dt); data = data.Replace("\\", "\\\\"); writeGridJson(dStruct.TotalCount, data); } } }