yiming/17168ERP
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

migrate to new git

Browse Source
This commit is contained in:
yiming
2025-08-29 01:27:25 +08:00
parent 946eb9961e
commit af2c152ef6
8623 changed files with 1000453 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

473
web/admin/index.aspx.cs Normal file
View File

@@ -0,0 +1,473 @@
using System;
using System.Collections;
using System.Data;
using System.Data.OleDb;
using System.Web.UI;
using System.Configuration;
using Newtonsoft.Json;
using System.Web;
using System.Web.UI.HtmlControls;
public partial class admin_index : MyWeb.function
{
string db = ConfigurationManager.ConnectionStrings["shopConn"].ConnectionString;
string p_name = ConfigurationManager.ConnectionStrings["shopConn"].ProviderName;
string scc = ConfigurationManager.AppSettings["shopCarCode"].ToString();
public MyWeb.Recaptcha recaptcha = new MyWeb.Recaptcha();
MyWeb.encrypt encrypt = new MyWeb.encrypt();
MyWeb.function function = new MyWeb.function();
MyWeb.sql sql = new MyWeb.sql();
MyWeb.admin admin = new MyWeb.admin();
protected void Page_Load(object sender, EventArgs e)
{
var m = (admin_Templates_TBS5ADM001_MasterPage)Page.Master;
m.set_navs(false, "nav_hide home");
if (MyWeb.admin.chkAdmIP && (MyWeb.admin.chkTwIP || MyWeb.admin.chkAdmIP_Enable))
{
if (!IsPostBack)
{
MyWeb.security security = new MyWeb.security();
psdRule.ValidationExpression = security.PasswordValidator();
psdRule.ErrorMessage = security.PasswordNotice();
if (isStrNull(psdRule.ValidationExpression))
psdRule.Visible = false;
if (admin.isLoign(false))
{
admin.ClearInfo();
Response.Cookies[scc + "_menu_oid"].Expires = DateTime.Now.AddDays(-1);
Response.Redirect(Request.Url.AbsoluteUri);
}
if (!isStrNull(Request["msg"]))
{
if (Request["msg"] == "A")
{
this.L_msg.Text = "您尚未登錄系統或登錄時間逾時,請重新登錄!";
}
else if (Request["msg"] == "B")
{
this.L_msg.Text = "您的帳號已被停權,請洽管理者!";
}
else if (Request["msg"] == "C")
{
this.L_msg.Text = "您的帳號重複登入,請檢查是否有人使用相同帳號!";
}
else if (Request["msg"] == "D")
{
this.L_msg.Text = "您的帳號不存在,請洽管理者!";
}
else if (Request["msg"] == "E")
{
this.L_msg.Text = "您的網路環境已變動,請重新登入!";
}
}
if (recaptcha.Used)
{
MultiView1.ActiveViewIndex = 1;
}
else
{
chksum_img.ImageUrl = "~/App_Script/chksum.ashx";
}
DesignModeButton.Visible = MyWeb.master.chkDesignIP();
}
}
else
{
HttpContext.Current.Response.Clear();
HttpContext.Current.Response.StatusCode = 404;
HttpContext.Current.Response.End();
}
}
#region
protected void chksum_img_Load(object sender, EventArgs e)
{
if (Session["chknum"] != null)
{
ViewState["chknum"] = Session["chknum"];
}
}
protected void rechk_Click(object sender, EventArgs e)
{
chksum_img.ImageUrl = "~/App_Script/chksum.ashx?time=" + DateTime.Now.ToString("yyyyMMddHHmmss");
}
#endregion
#region
protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
{
Response.Redirect("~/index.aspx");
}
#endregion
#region
protected void Button1_Click(object sender, EventArgs e)
{
msg.Text = "";
int LoginTryCount = Val(ConfigurationManager.AppSettings["LoginTryCount"].ToString());
int LoginTryLockMin = Val(ConfigurationManager.AppSettings["LoginTryLockMin"].ToString());
if (LoginTryCount > 0 && !isStrNull(Session[scc + "ezLgErr"]))
{
ezLgErr ezLgErr = JsonConvert.DeserializeObject<ezLgErr>(ValString(Session[scc + "ezLgErr"]));
if (ezLgErr.count >= LoginTryCount && DateTime.Now < ezLgErr.reg_time.AddMinutes(LoginTryLockMin))
{
TimeSpan ts = ezLgErr.reg_time.AddMinutes(LoginTryLockMin) - DateTime.Now;
ScriptMsg("您嘗試登入失敗太多次,請稍待 " + Math.Round(ts.TotalMinutes) + " 分鐘後再嘗試!", "", msgIcon.warning);
return;
}
}
bool isOk = false;
if (MultiView1.ActiveViewIndex == 0)
{
if (isStrNull(ViewState["chknum"]))
{
msg.Text = "檢核碼逾時,請重新輸入!";
chksum_img.ImageUrl = "~/App_Script/chksum.ashx";
}
else if (ViewState["chknum"].ToString() == this.chknum.Text.ToUpper())
{
isOk = true;
}
else
{
msg.Text = "您所輸入的檢核碼有誤!";
chksum_img.ImageUrl = "~/App_Script/chksum.ashx";
}
}
else if (recaptcha.Verification())
{
isOk = true;
}
else
{
msg.Text = "驗證未通過!";
}
if (isOk)
{
OleDbConnection sqlConn = sql.conn(db, p_name);
try
{
sqlConn.Open();
bool isErr = true;
OleDbCommand sqlCmd = new OleDbCommand("", sqlConn);
sqlCmd.CommandText = "Select * from admin where u_id=?";
sqlCmd.Parameters.Add(new OleDbParameter("u_id", u_id.Text));
DataTable dt = sql.dataTable(sqlCmd);
if (dt.Rows.Count > 0)
{
var userr = dt.Rows[0];
if (u_password.Text == encrypt.DecryptAutoKey(userr["u_password"].ToString()))
{
isErr = false;
if ((bool)userr["online"])
{
string log = chk_setting(Val(userr["num"]), userr["u_id"].ToString(), userr["power"].ToString());
if (log == null)
{
if (!isStrNull(Session[scc + "ezLgErr"]))
Session[scc + "ezLgErr"] = null;
if (!(userr["gauth_enabled"] is System.DBNull) &&
(bool)(userr["gauth_enabled"]))
{
GoogleAuth gauth = new GoogleAuth();
gauth.User = userr["u_id"].ToString();
gauth.Password = userr["u_password"].ToString();
gauth.SecretKey = userr["gauth_key"].ToString();
string ValidateCode = u_gauth.Text;
isErr = !(gauth.ValidateGoogleAuthCode(ValidateCode));
}
if (!isErr)
{
Response.Redirect("index2.aspx");
}
}
else
{
this.msg.Text = log;
chksum_img.ImageUrl = "~/App_Script/chksum.ashx";
}
}
else
{
LoginHistoryAdd(sqlConn, userr["u_id"].ToString(), Model.admin_log.Detail.Disable);
msg.Text = "您的帳號已停權,請洽管理者!";
chksum_img.ImageUrl = "~/App_Script/chksum.ashx";
}
}
}
if (isErr)
{
LoginHistoryAdd(sqlConn, u_id.Text, Model.admin_log.Detail.Incorrect);
msg.Text = "您所輸入的帳號或密碼有誤!";
chksum_img.ImageUrl = "~/App_Script/chksum.ashx";
if (LoginTryCount > 0)
{
ezLgErr ezLgErr = new ezLgErr();
ezLgErr.count = 0;
if (!isStrNull(Session[scc + "ezLgErr"]))
ezLgErr = JsonConvert.DeserializeObject<ezLgErr>(ValString(Session[scc + "ezLgErr"]));
ezLgErr.count++;
ezLgErr.reg_time = DateTime.Now;
Session[scc + "ezLgErr"] = JsonConvert.SerializeObject(ezLgErr);
}
}
}
catch (Exception ex)
{
msg.Text = "資料庫連接錯誤";
chksum_img.ImageUrl = "~/App_Script/chksum.ashx";
}
finally
{
sqlConn.Close(); sqlConn.Dispose();
}
}
}
public class ezLgErr
{
public int count;
public DateTime reg_time;
}
public string chk_setting(int num, string u_id, string g_name)
{
string myip = MyWeb.admin.MyIP;
if (myip != "127.0.0.1")
{
myip = Request.UserHostAddress;
if (g_name.ToUpper() == "EZ" & myip != "211.20.239.58")
{
return "禁止登入";
}
}
string login_code = function.randCode(10);
string log = null;
OleDbConnection sqlConn = sql.conn(db, p_name);
try
{
sqlConn.Open();
OleDbCommand sqlCmd = new OleDbCommand("", sqlConn);
sqlCmd.CommandText = "Select log_class,menu from company";
DataTable dt = sql.dataTable(sqlCmd);
if (dt.Rows.Count > 0)
{
bool log_class = (bool)dt.Rows[0]["log_class"];
string menu = dt.Rows[0]["menu"].ToString();
OleDbCommand sqlCmd2 = new OleDbCommand("", sqlConn);
sqlCmd2.CommandText = "SELECT items FROM admin_group where g_name=?";
sqlCmd2.Parameters.Add(new OleDbParameter("g_name", g_name));
DataTable dt2 = sql.dataTable(sqlCmd2);
if (dt2.Rows.Count > 0)
{
DateTime ntime = DateTime.Now;
MyWeb.admin.AdmItem aItem = new MyWeb.admin.AdmItem();
aItem.num = num;
aItem.power = dt2.Rows[0]["items"].ToString();
aItem.group = g_name;
aItem.u_id = u_id;
aItem.login_time = ntime;
aItem.login_code = login_code;
aItem.login_ip = myip;
aItem.menu = menu;
admin.SaveInfo(aItem, log_class);
//記錄登入時間和ip
sqlCmd = new OleDbCommand("", sqlConn);
sqlCmd.CommandText = "update admin set login_time=?, login_ip=?, login_code=? where num=?";
sqlCmd.Parameters.Add(new OleDbParameter("login_time", ntime.ToString("yyyy/MM/dd HH:mm:ss")));
sqlCmd.Parameters.Add(new OleDbParameter("login_ip", myip));
sqlCmd.Parameters.Add(new OleDbParameter("login_code", login_code));
sqlCmd.Parameters.Add(new OleDbParameter("num", num));
sqlCmd.ExecuteNonQuery();
LoginHistoryAdd(sqlConn, u_id, Model.admin_log.Detail.Success);
}
else
{
LoginHistoryAdd(sqlConn,u_id, Model.admin_log.Detail.PermissionsNotSet);
log = "您所屬的群組未設定使用權限,請洽管理員";
}
}
else
{
LoginHistoryAdd(sqlConn, u_id, Model.admin_log.Detail.GroupNotExist);
log = "您所屬的群組不存在,請洽管理員";
}
}
catch (Exception ex)
{
log = "資料庫連接錯誤";
}
finally
{
sqlConn.Close(); sqlConn.Dispose();
}
return log;
}
#endregion
#region
protected void DesignModeButton_Click(object sender, EventArgs e)
{
if (MyWeb.master.chkDesignIP())
{
string u_id = "Designer";
string g_name = "EZ";
MyWeb.sql sql = new MyWeb.sql();
MyWeb.function function = new MyWeb.function();
string login_code = function.randCode(10);
string log = null;
OleDbConnection sqlConn = sql.conn(db, p_name);
try
{
sqlConn.Open();
OleDbCommand sqlCmd = new OleDbCommand("", sqlConn);
sqlCmd.CommandText = "Select log_class,menu from company";
DataTable dt = sql.dataTable(sqlCmd);
if (dt.Rows.Count > 0)
{
bool log_class = (bool)dt.Rows[0]["log_class"];
string menu = dt.Rows[0]["menu"].ToString();
OleDbCommand sqlCmd2 = new OleDbCommand("", sqlConn);
sqlCmd2.CommandText = "SELECT items FROM admin_group where g_name=?";
sqlCmd2.Parameters.Add(new OleDbParameter("g_name", g_name));
DataTable dt2 = sql.dataTable(sqlCmd2);
if (dt2.Rows.Count > 0)
{
DateTime ntime = DateTime.Now;
MyWeb.admin.AdmItem aItem = new MyWeb.admin.AdmItem();
aItem.num = 0;
aItem.power = dt2.Rows[0]["items"].ToString();
aItem.group = g_name;
aItem.u_id = u_id;
aItem.login_time = ntime;
aItem.login_code = login_code;
aItem.login_ip = MyWeb.admin.MyIP;
aItem.menu = menu;
admin.SaveInfo(aItem, log_class);
LoginHistoryAdd(sqlConn, u_id, Model.admin_log.Detail.Success);
}
else
{
LoginHistoryAdd(sqlConn, u_id, Model.admin_log.Detail.GroupNotExist);
log = "設計師群組不存在,無法登入";
}
}
else
{
LoginHistoryAdd(sqlConn, u_id, Model.admin_log.Detail.GroupNotExist);
log = "您所屬的群組不存在,請洽管理員";
}
}
catch (Exception ex)
{
log = "資料庫連接錯誤";
}
finally
{
sqlConn.Close(); sqlConn.Dispose();
}
if (log == null)
{
Response.Redirect("index2.aspx");
}
else
{
Response.Write("<script>alert('設計師群組不存在,無法登入')</script>");
}
}
}
#endregion
#region
protected void LoginHistoryAdd(OleDbConnection sqlConn, string u_id, Model.admin_log.Detail status)
{
try
{
OleDbCommand sqlCmd = new OleDbCommand("", sqlConn);
string cu = "u_id,login_time,login_ip,status,word,agent";
sqlCmd.CommandText = "INSERT INTO [admin_log] (" + cu + ") VALUES (" + sql.mark(cu) + ")";
sqlCmd.Parameters.Add(new OleDbParameter("u_id", u_id));
sqlCmd.Parameters.Add(new OleDbParameter("login_time", DateTime.Now.ToString("yyyy/MM/dd HH:mm:ss")));
sqlCmd.Parameters.Add(new OleDbParameter("login_ip", Model.admin.MyIP.Replace("本機", "127.0.0.1")));
sqlCmd.Parameters.Add(new OleDbParameter("status", (int)Model.admin_log.Status.Login));
sqlCmd.Parameters.Add(new OleDbParameter("word", GetEnumsDescription(status)));
sqlCmd.Parameters.Add(new OleDbParameter("agent", Model.admin_log.UserAgent));
sqlCmd.ExecuteNonQuery();
//只保留1年內的登入記錄
sqlCmd = new OleDbCommand("", sqlConn);
sqlCmd.CommandText = "delete from [admin_log] where login_time<?";
sqlCmd.Parameters.Add(new OleDbParameter("login_time", DateTime.Now.AddYears(-1).ToString("yyyy/MM/dd HH:mm:ss")));
sqlCmd.ExecuteNonQuery();
}
catch (Exception ex)
{
// ex.Message;
}
}
#endregion
}