177 lines
6.3 KiB
Plaintext
177 lines
6.3 KiB
Plaintext
<%@ WebHandler Language="C#" Class="chromeGetShortCode" %>
|
|
|
|
using System;
|
|
using System.Web;
|
|
using System.Collections.Generic;
|
|
using System.Runtime.Serialization.Json;
|
|
using Newtonsoft.Json;
|
|
using Newtonsoft.Json.Linq;
|
|
using System.Web.Services.Protocols;
|
|
using System.Security.Cryptography;
|
|
using System.Text;
|
|
using System.Web.SessionState;
|
|
using System.Data;
|
|
|
|
public class chromeGetShortCode : IHttpHandler {
|
|
|
|
public void ProcessRequest (HttpContext context) {
|
|
result objRet = new result();
|
|
DataContractJsonSerializer json = new DataContractJsonSerializer(objRet.GetType());
|
|
context.Response.ContentType = "application/json;charset=utf-8";
|
|
context.Response.AddHeader("Access-Control-Allow-Origin", "*");
|
|
authPermission objAuth = new authPermission();
|
|
|
|
string id = (context.Request["id"] == null) ? "" : context.Request["id"].ToString();
|
|
string pwd = (context.Request["pwd"] == null) ? "" : context.Request["pwd"].ToString();
|
|
|
|
string user_sql = string.Format("select * from users where user_id = '{0}'", id);
|
|
autoBindDataTable objUser = new autoBindDataTable(user_sql);
|
|
|
|
if (objUser.dataRows.Count == 0)
|
|
{
|
|
string elab_sql = string.Format("select * from new_userdata where userid = '{0}'", id);
|
|
autoBindElab objElabUser = new autoBindElab(elab_sql);
|
|
|
|
if (objElabUser.dataRows.Count == 0)
|
|
{
|
|
objRet.ret = "no";
|
|
objRet.err_code = "0001";
|
|
objRet.message = "無此帳號密碼!";
|
|
json.WriteObject(context.Response.OutputStream, objRet);
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
objRet.ret = "no";
|
|
objRet.err_code = "0002";
|
|
objRet.message = "此帳號尚未擁有權限,請專案管理者加入權限!";
|
|
json.WriteObject(context.Response.OutputStream, objRet);
|
|
return;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
//系統內建帳號
|
|
if (objUser.dataRows[0]["user_type"].ToString() == "Y")
|
|
{
|
|
if (objUser.dataRows[0]["user_onjob"].ToString() == "N")
|
|
{
|
|
objRet.ret = "no";
|
|
objRet.err_code = "0003";
|
|
objRet.message = "此帳號已經離職!";
|
|
json.WriteObject(context.Response.OutputStream, objRet);
|
|
return;
|
|
}
|
|
|
|
if (pwd != SHA256_Encode(objUser.dataRows[0]["user_pwd"].ToString()))
|
|
{
|
|
string test = SHA256_Encode(objUser.dataRows[0]["user_pwd"].ToString());
|
|
objRet.ret = "no";
|
|
objRet.err_code = "0004";
|
|
objRet.message = "密碼有誤!";
|
|
json.WriteObject(context.Response.OutputStream, objRet);
|
|
return;
|
|
}
|
|
}
|
|
|
|
//E白板帳號
|
|
if (objUser.dataRows[0]["user_type"].ToString() == "N")
|
|
{
|
|
string elab_sql = string.Format("select * from new_userdata where userid = '{0}'", id);
|
|
autoBindElab objElabUser = new autoBindElab(elab_sql);
|
|
|
|
if (objElabUser.dataRows.Count == 0)
|
|
{
|
|
objRet.ret = "no";
|
|
objRet.err_code = "0001";
|
|
objRet.message = "無此帳號密碼!";
|
|
json.WriteObject(context.Response.OutputStream, objRet);
|
|
return;
|
|
}
|
|
else
|
|
{
|
|
if (objElabUser.dataRows[0]["onjob"].ToString() == "1")
|
|
{
|
|
objUser.dataRows[0]["user_onjob"] = "N";
|
|
objUser.updateDataTable();
|
|
|
|
objRet.ret = "no";
|
|
objRet.err_code = "0003";
|
|
objRet.message = "此帳號已經離職!";
|
|
json.WriteObject(context.Response.OutputStream, objRet);
|
|
return;
|
|
}
|
|
|
|
if (pwd != SHA256_Encode(objElabUser.dataRows[0]["userpw"].ToString()))
|
|
{
|
|
objRet.ret = "no";
|
|
objRet.err_code = "0004";
|
|
objRet.message = "密碼有誤!";
|
|
json.WriteObject(context.Response.OutputStream, objRet);
|
|
return;
|
|
}
|
|
}
|
|
}
|
|
|
|
string shor_Code = globalClass.CreateCaseRandomCode(6);
|
|
Boolean isCheck = false;
|
|
|
|
while (isCheck == false)
|
|
{
|
|
string checkString = string.Format("select * from url where url_code Collate SQL_Latin1_General_CP1_CS_AS = '{0}'", shor_Code);
|
|
autoBindDataTable checkSQL = new autoBindDataTable(checkString);
|
|
|
|
if (checkSQL.dataRows.Count == 0)
|
|
{
|
|
isCheck = true;
|
|
}
|
|
else
|
|
{
|
|
shor_Code = globalClass.CreateCaseRandomCode(6);
|
|
}
|
|
}
|
|
|
|
objRet.ret = "yes";
|
|
objRet.shorCode = shor_Code;
|
|
|
|
json.WriteObject(context.Response.OutputStream, objRet);
|
|
return;
|
|
}
|
|
}
|
|
|
|
string SHA256_Encode(string value)
|
|
{
|
|
byte[] bytValue = System.Text.Encoding.UTF8.GetBytes(value);
|
|
try
|
|
{
|
|
SHA256 sha256 = new SHA256CryptoServiceProvider();
|
|
byte[] retVal = sha256.ComputeHash(bytValue);
|
|
StringBuilder sb = new StringBuilder();
|
|
for (int i = 0; i < retVal.Length; i++)
|
|
{
|
|
sb.Append(retVal[i].ToString("x2"));
|
|
}
|
|
return sb.ToString();
|
|
}
|
|
catch (Exception ex)
|
|
{
|
|
throw new Exception("GetSHA256HashFromString() fail,error:" + ex.Message);
|
|
}
|
|
|
|
}
|
|
|
|
public class result {
|
|
public string ret = "no";
|
|
public string err_code = "0000";
|
|
public string message = "";
|
|
public string shorCode = "";
|
|
public string urlHeader = HttpContext.Current.Request.Url.Scheme + "://" + HttpContext.Current.Request.Url.Authority + "/";
|
|
}
|
|
|
|
public bool IsReusable {
|
|
get {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
} |