yiming/17168ERP
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

權限與靜態檔控制改進:

Browse Source 
- 修正 admin 目錄預設頁路由,避免 403.14 與不必要的延遲重導
- 停用未使用的 Sites 多站點初始化,減少應用程式啟動成本
- 修正 Response.Redirect 後未 return 的流程,避免 1.8 分鐘超時
- 將資料庫 Connection Timeout 降為 10 秒,加速失敗回應
- 將 runAllManagedModulesForAllRequests 設為 false,讓 JS/CSS 等靜態檔案直接由 IIS 回應
This commit is contained in:
yiming
2025-11-12 20:45:34 +08:00
parent ae09a6f487
commit b04c07a5eb
8 changed files with 46 additions and 262 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
web/App_Code/RouteConfig.cs
View File

@@ -18,6 +18,8 @@ public class RouteConfig
* */
public static void RegisterRoutes(RouteCollection routes)
{
// Web Forms 專案不使用路由忽略
// 靜態檔案效能優化改在 web.config 的 <handlers> 和 <modules> 中設定
//routes.IgnoreRoute("{resource}.axd/{*pathInfo}");
//routes.MapRoute(
// name: "thumb",

4
web/App_Code/Sites.cs
View File

@@ -43,11 +43,15 @@ public static class Sites
public static double MaxAge = 3600 * 24 * 365;
static Sites()
{
// 多站點功能暫時停用,未來有需要再啟用
// 如需啟用,取消下方註解即可
/*
JObject o=get_jsonfile(@"sites\sites-config.json");
sites = o["sites"].ToObject<List<Site>>();
resource = o["resource"].ToObject<SiteResource>();
//resource.Add(new KeyValuePair<string, string>("assets", "assets"));
//resource.Add(new KeyValuePair<string, string>("config", "config"));
*/
}
private static JObject get_jsonfile(string jsonfile)
{

5
web/App_Code/api/FilesController.cs
View File

@@ -25,7 +25,8 @@ public class FilesController : ApiController
[Route("upload/{*url}")]
public async Task<HttpResponseMessage> get_upload(string url)
{
var path = Sites.get_url("upload", url);
// 改用標準路徑(原本使用 Sites 多站點功能,目前已停用)
var path = HttpContext.Current.Server.MapPath($"~/upload/{url}");
if (!System.IO.File.Exists(path))
{
throw new HttpResponseException(HttpStatusCode.NotFound);
@@ -38,7 +39,7 @@ public class FilesController : ApiController
response.Headers.CacheControl = new CacheControlHeaderValue()
{
Public = true,
MaxAge = TimeSpan.FromSeconds(Sites.MaxAge)
MaxAge = TimeSpan.FromSeconds(Sites.MaxAge) // MaxAge 常數仍可使用
};
return response;

4
web/App_Code/config.cs
View File

@@ -385,12 +385,14 @@ namespace MyWeb
if (!admin.isLoign())
{
HttpContext.Current.Response.Redirect("~/admin/index.aspx?msg=A1");
return; // 立即終止,避免繼續執行後面的資料庫查詢
}
else
{
if (admin.info.login_ip != admin.MyIP)
{
HttpContext.Current.Response.Redirect("~/admin/index.aspx?msg=E");
return; // 立即終止
}
foreach (string key in HttpContext.Current.Request.Form)
@@ -1023,12 +1025,14 @@ namespace MyWeb
if (!admin.isLoign())
{
HttpContext.Current.Response.Redirect("~/admin/index.aspx?msg=A2");
return; // 立即終止
}
else
{
if (admin.info.login_ip != admin.MyIP)
{
HttpContext.Current.Response.Redirect("~/admin/index.aspx?msg=E");
return; // 立即終止
}
this.Page.MasterPageFile = "~/admin/Templates/TBS5ADM001/MasterPage.master";
//this.Theme = "Theme1";

6
web/App_Code/master.cs
View File

@@ -34,11 +34,13 @@ namespace MyWeb
if (!admin.isLoign())
{
HttpContext.Current.Response.Redirect("~/admin/index.aspx?msg=A3");
return; // 立即終止,避免繼續執行後面的資料庫查詢
}
if (admin.info.login_ip != admin.MyIP)
{
HttpContext.Current.Response.Redirect("~/admin/index.aspx?msg=E");
return; // 立即終止
}
//檢查是否被停權
@@ -60,12 +62,13 @@ namespace MyWeb
{
sqlConn.Close(); sqlConn.Dispose();
HttpContext.Current.Response.Redirect("~/admin/index.aspx?msg=B");
//帳號停權
return; //帳號停權,立即終止
}
if (SingleIn == "Y" && dt.Rows[0]["login_code"].ToString() != admin.info.login_code)
{
sqlConn.Close(); sqlConn.Dispose();
HttpContext.Current.Response.Redirect("~/admin/index.aspx?msg=C"); //不允許同一個帳號多重登入
return; // 立即終止
}
}
else
@@ -73,6 +76,7 @@ namespace MyWeb
//帳號不存在
sqlConn.Close(); sqlConn.Dispose();
HttpContext.Current.Response.Redirect("~/admin/index.aspx?msg=D");
return; // 立即終止
}
}
catch (Exception ex)