SCP
/
SCPBJBQ
7
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

北汽scp 验证码 提示 权限漏洞 + 查看3000条

master
qian 1 year ago
parent
d4d3301ea0
commit
d0965f84d2
14 changed files with 494 additions and 165 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      北京北汽/Controller/SCP_LOGINNUMBER_CONTROLLER.cs
  2. 160
      北京北汽/SCP/Business/PageBase.cs
  3. 22
      北京北汽/SCP/Views/BasicData/Part.aspx.cs
  4. 34
      北京北汽/SCP/Views/BasicData/Price.aspx.cs
  5. 30
      北京北汽/SCP/Views/BasicData/PriceUpdate.aspx.cs
  6. 26
      北京北汽/SCP/Views/BasicData/SCP_RECIVE_PORT.aspx.cs
  7. 2
      北京北汽/SCP/Views/BasicData/SCP_TA_VEND_PART.aspx.cs
  8. 26
      北京北汽/SCP/Views/BasicData/SCP_TB_Address.aspx.cs
  9. 37
      北京北汽/SCP/Views/BasicData/Supplier.aspx.cs
  10. 7
      北京北汽/SCP/Views/SupplierData/SCP_RECEIVE_LIST.aspx
  11. 37
      北京北汽/SCP/Views/SupplierData/SCP_RECEIVE_LIST.aspx.cs
  12. 174
      北京北汽/SCP/default_hb.aspx
  13. 89
      北京北汽/SCP/default_hb.aspx.cs
  14. 13
      北京北汽/SCP/default_hb.aspx.designer.cs

2
北京北汽/Controller/SCP_LOGINNUMBER_CONTROLLER.cs
View File

@ -36,7 +36,7 @@ namespace CK.SCP.Controller
if (user == null)
{
_ret.MessageList.Add("用户名"+ username+"不存在,请输入正确用户名");
_ret.MessageList.Add("用户名或密码错误!");
}
else
{

160
北京北汽/SCP/Business/PageBase.cs
View File

@ -28,6 +28,9 @@ using NPOI.XSSF.UserModel;
using NPOI.SS.Util;
using static CK.SCP.Controller.SCP_COM_CONTROLLER;
using CK.SCP.Models.Enums;
using SCP.Common;
using System.Drawing.Imaging;
using System.Drawing;
namespace SCP
{
@ -151,7 +154,7 @@ namespace SCP
protected void BindVender(DropDownList p_dl)
{
var _entity = CurrentUser.FactoryList.FirstOrDefault();
var ls= SCP_TB_VENDER_CONTROLLER.Getlist(_entity);
var ls = SCP_TB_VENDER_CONTROLLER.Getlist(_entity);
if (!string.IsNullOrEmpty(_entity))
{
@ -159,7 +162,7 @@ namespace SCP
if (_entity == "CNS")
{
lsVender = ls.Where(p => p.VendId.Substring(0, 1) == "R" || p.VendId.Substring(0, 1) == "E").ToList();
}
lsVender.ForEach(p =>
{
@ -172,7 +175,7 @@ namespace SCP
p_dl.Items.Insert(0, new FineUI.ListItem("--无供应商--", string.Empty));
}
}
@ -198,11 +201,11 @@ namespace SCP
#endregion
#endregion
#region 表格相关
protected int GetSelectedDataKeyID(Grid grid)
protected int GetSelectedDataKeyID(Grid grid)
{
int id = -1;
int rowIndex = grid.SelectedRowIndex;
@ -440,9 +443,9 @@ namespace SCP
{
return q.SortBy(grid.SortField + " " + grid.SortDirection);
}
protected IQueryable<T> Sort<T>(IQueryable<T> q, FineUI.Grid grid,string p_asc)
protected IQueryable<T> Sort<T>(IQueryable<T> q, FineUI.Grid grid, string p_asc)
{
return q.SortBy(grid.SortField,p_asc);
return q.SortBy(grid.SortField, p_asc);
}
// 排序后分页
@ -457,14 +460,14 @@ namespace SCP
return Sort(q, grid).Skip(grid.PageIndex * grid.PageSize).Take(grid.PageSize);
}
protected IQueryable<T> SortAndPage<T>(IQueryable<T> q, FineUI.Grid grid,string p_asc)
protected IQueryable<T> SortAndPage<T>(IQueryable<T> q, FineUI.Grid grid, string p_asc)
{
if (grid.PageIndex >= grid.PageCount && grid.PageCount >= 1)
{
grid.PageIndex = grid.PageCount - 1;
}
return Sort(q, grid,p_asc).Skip(grid.PageIndex * grid.PageSize).Take(grid.PageSize);
return Sort(q, grid, p_asc).Skip(grid.PageIndex * grid.PageSize).Take(grid.PageSize);
}
protected DataSet SortAndPage(GridPageSearch p_search, FineUI.Grid grid)
@ -485,7 +488,7 @@ namespace SCP
//return Sort(q, grid, p_asc).Skip(grid.PageIndex * grid.PageSize).Take(grid.PageSize);
}
@ -635,7 +638,7 @@ namespace SCP
}
}
}
}
}
Session["CurrentUser"] = _currentUser;
}
return (User)Session["CurrentUser"];
@ -1232,7 +1235,7 @@ namespace SCP
/// <returns>返回实际语言翻译完成</returns>
protected string GetResourceKey(string p_key)
{
string _content = p_key;
if (!string.IsNullOrEmpty(p_key))
{
@ -1304,7 +1307,7 @@ namespace SCP
itm.HeaderText = GetResourceKey(itm.HeaderText);
}
}
if (p_crtl is Button)
{
Button _btn = p_crtl as Button;
@ -1334,7 +1337,7 @@ namespace SCP
itm.Text = GetResourceKey(itm.Text);
}
}
if(p_crtl is RadioButtonList)
if (p_crtl is RadioButtonList)
{
RadioButtonList _rb = p_crtl as RadioButtonList;
_rb.Label = GetResourceKey(_rb.Label);
@ -1348,22 +1351,22 @@ namespace SCP
DatePicker _date = p_crtl as DatePicker;
_date.Label = GetResourceKey(_date.Label);
}
if(p_crtl is CheckBoxList)
if (p_crtl is CheckBoxList)
{
CheckBoxList _cbl= p_crtl as CheckBoxList;
CheckBoxList _cbl = p_crtl as CheckBoxList;
_cbl.Label = GetResourceKey(_cbl.Label);
}
if (p_crtl is FineUI.Region)
{
FineUI.Region _region = p_crtl as FineUI.Region;
_region.Title = GetResourceKey(_region.Title);
_region.Title = GetResourceKey(_region.Title);
}
if (p_crtl is Tab)
{
Tab _tab= p_crtl as Tab;
Tab _tab = p_crtl as Tab;
_tab.Title = GetResourceKey(_tab.Title);
}
}
}
@ -1375,8 +1378,8 @@ namespace SCP
{
FormRow _formrow = p_crtl as FormRow;
foreach (var item in _formrow.Items)
{
TranslatorAgent(item);
{
TranslatorAgent(item);
}
}
if (p_crtl is Toolbar)
@ -1390,7 +1393,7 @@ namespace SCP
if (p_crtl is Panel)
{
var _toolbar = p_crtl as Panel;
_toolbar.Title= GetResourceKey(_toolbar.Title);
_toolbar.Title = GetResourceKey(_toolbar.Title);
foreach (var item in _toolbar.Items)
{
TranslatorAgent(item);
@ -1407,7 +1410,7 @@ namespace SCP
string[] allowedExtensions = { ".jpg", ".gif", ".jpeg", ".png", ".rar", ".zip", ".flv", ".doc", ".docx", ".xls", ".xlsx", ".pdf", ".cad", ".txt" };//允许上传的文件类型
string filename = ""; //MyWebString.GetOrderNumber();
bool fileOK = false;
string fileExtension = System.IO.Path.GetExtension(fUpload.FileName).ToLower();
for (int i = 0; i < allowedExtensions.Length; i++)
@ -1543,7 +1546,7 @@ namespace SCP
#endregion
public static string EntityListToExcel2003(Dictionary<string, string> cellHeard, IList enList, string sheetName,string title=null)
public static string EntityListToExcel2003(Dictionary<string, string> cellHeard, IList enList, string sheetName, string title = null)
{
try
{
@ -1561,7 +1564,7 @@ namespace SCP
ISheet sheet = workbook.CreateSheet(sheetName); // 工作表
List<string> keys = cellHeard.Keys.ToList();
if (title != null)
{
{
IRow row = sheet.CreateRow(0);
ICell cell = row.CreateCell(0);
ICellStyle style = workbook.CreateCellStyle();
@ -1576,13 +1579,13 @@ namespace SCP
_index++;
}
// 2.解析单元格头部,设置单元头的中文名称
IRow row1 = sheet.CreateRow(_index);
IRow row1 = sheet.CreateRow(_index);
for (int i = 0; i < keys.Count; i++)
{
row1.CreateCell(i).SetCellValue(cellHeard[keys[i]]); // 列名为Key的值
}
// 3.List对象的值赋值到Excel的单元格里
int rowIndex = _index+1; // 从第二行开始赋值(第一行已设置为单元头)
int rowIndex = _index + 1; // 从第二行开始赋值(第一行已设置为单元头)
foreach (var en in enList)
{
IRow rowTmp = sheet.CreateRow(rowIndex);
@ -1707,24 +1710,25 @@ namespace SCP
throw ex;
}
}
public static void DataSetToExcel(DataSet p_dataset, string sheetName,string title = null)
public static void DataSetToExcel(DataSet p_dataset, string sheetName, string title = null)
{
try
{
EpPlusHelper _helper = new EpPlusHelper();
_helper.ExportExcelCompleted += (filePath,fileName) => {
_helper.ExportExcelCompleted += (filePath, fileName) =>
{
Alert.Show($"<a href=\'/exportfiles/{fileName}\'>{fileName}</a>", "文件导出成功,请点击文件名下载", MessageBoxIcon.Information);
};
_helper.WriteDsToExcel(sheetName, p_dataset, title);
_helper.WriteDsToExcel(sheetName, p_dataset, title);
}
catch (Exception ex)
{
throw ex;
}
}
protected void DisplayColumn(Grid p_grid,bool p_visible, params string[] p_header)
protected void DisplayColumn(Grid p_grid, bool p_visible, params string[] p_header)
{
foreach (var itm in p_grid.Columns)
{
@ -1735,5 +1739,99 @@ namespace SCP
}
}
/// <summary>
/// 当前账号页面列表
/// </summary>
/// <param name="id"></param>
/// <returns></returns>
public static List<string> GetMenus(int Id)
{
List<string> Menus = new List<string>();
using (AppBoxContext db = EntitiesFactory.CreateAppBoxInstance())
{
StringBuilder _buffer = new StringBuilder();
_buffer.Append(" select Name from Menus where ViewPowerID in( ");
_buffer.Append(" select powerID from RolePowers where RoleID in( ");
_buffer.AppendFormat(" select RoleID from RoleUsers where UserID = '{0}' )) ", Id);
Menus = db.Database.SqlQuery<string>(_buffer.ToString()).ToList();
}
return Menus;
}
/// <summary>
/// 生成验证码
/// </summary>
/// <param name="lengths">长度</param>
/// <returns></returns>
public static string RandomVerificationCode(int lengths)
{
string[] chars = new string[] { "2", "3", "4", "5", "6", "7", "8", "9", "a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "P", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z" };
string code = "";
Random random = new Random();
for (int i = 0; i < lengths; i++)
{
code += chars[random.Next(chars.Length)];
}
return code;
}
/// <summary>
/// 绘制验证码
/// </summary>
/// <param name="code"></param>
/// <returns></returns>
public static Bitmap DrawImage(string code)
{
Color[] colors = {
Color.Red, Color.OrangeRed,Color.SaddleBrown,
Color.LimeGreen,Color.Green,Color.MediumAquamarine,
Color.Blue,Color.MediumOrchid,Color.Black,
Color.DarkBlue,Color.Orange,Color.Brown,
Color.DarkCyan,Color.Purple
};
string[] fonts = { "Verdana", "Microsoft Sans Serif", "Comic Sans MS", "Arial", "宋体" };
Random random = new Random();
// 创建一个 Bitmap 图片类型对象
Bitmap bitmap = new Bitmap(code.Length * 18, 32);
// 创建一个图形画笔
Graphics graphics = Graphics.FromImage(bitmap);
// 将图片背景填充成白色
graphics.Clear(Color.White);
// 绘制验证码噪点
for (int i = 0; i < random.Next(60, 80); i++)
{
int pointX = random.Next(bitmap.Width);
int pointY = random.Next(bitmap.Height);
graphics.DrawLine(new Pen(Color.LightGray, 1), pointX, pointY, pointX + 1, pointY);
}
// 绘制验证码
for (int i = 0; i < code.Length; i++)
{
graphics.DrawString(
code.Substring(i, 1),
new Font(fonts[random.Next(fonts.Length)], 15, FontStyle.Bold),
new SolidBrush(colors[random.Next(colors.Length)]),
16 * i + 1,
random.Next(0, 5)
);
}
return bitmap;
}
/// <summary>
/// 返回图片
/// </summary>
/// <param name="bitmap"></param>
/// <returns></returns>
public static string BitmapToBase64Str(Bitmap bitmap)
{
using (MemoryStream memoryStream = new MemoryStream())
{
bitmap.Save(memoryStream, ImageFormat.Jpeg);
byte[] bytes = memoryStream.ToArray();
return Convert.ToBase64String(memoryStream.ToArray());
}
}
}
}

22
北京北汽/SCP/Views/BasicData/Part.aspx.cs
View File

@ -28,7 +28,27 @@ namespace SCP.BasicData
{
if (!IsPostBack)
{
LoadData();
if (CurrentUser.ID != 0)
{
//读取 所有菜单列表
var mlist = GetMenus(CurrentUser.ID);
if (mlist.Count > 0 && mlist.Contains("零件档案"))
{
LoadData();
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
}
}
public void LoadData()

34
北京北汽/SCP/Views/BasicData/Price.aspx.cs
View File

@ -25,14 +25,32 @@ namespace SCP.BasicData
{
if (!IsPostBack)
{
CheckRolesMenu();
//DDL_IMPORT.DataSource = DB.Users.Where(p => p.Roles.Select(q => q.Name).Contains("采购人员")).Select(p=>p.Name);
//DDL_IMPORT.DataBind();
var site = CurrentUser.FactoryList.FirstOrDefault();
BindData();
BindFactory();
if (CurrentUser.ID != 0)
{
//读取 所有菜单列表
var mlist = GetMenus(CurrentUser.ID);
if (mlist.Count > 0 && mlist.Contains("价格表管理"))
{
CheckRolesMenu();
//DDL_IMPORT.DataSource = DB.Users.Where(p => p.Roles.Select(q => q.Name).Contains("采购人员")).Select(p=>p.Name);
//DDL_IMPORT.DataBind();
var site = CurrentUser.FactoryList.FirstOrDefault();
BindData();
BindFactory();
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
}
}
private void CheckRolesMenu()

30
北京北汽/SCP/Views/BasicData/PriceUpdate.aspx.cs
View File

@ -25,11 +25,31 @@ namespace SCP.BasicData
{
if (!IsPostBack)
{
CheckRolesMenu();
//DDL_IMPORT.DataSource = DB.Users.Where(p => p.Roles.Select(q => q.Name).Contains("采购人员")).Select(p=>p.Name);
//DDL_IMPORT.DataBind();
BindData();
BindFactory();
if (CurrentUser.ID != 0)
{
//读取 所有菜单列表
var mlist = GetMenus(CurrentUser.ID);
if (mlist.Count > 0 && mlist.Contains("价格单修改"))
{
CheckRolesMenu();
//DDL_IMPORT.DataSource = DB.Users.Where(p => p.Roles.Select(q => q.Name).Contains("采购人员")).Select(p=>p.Name);
//DDL_IMPORT.DataBind();
BindData();
BindFactory();
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
}
}
private void CheckRolesMenu()

26
北京北汽/SCP/Views/BasicData/SCP_RECIVE_PORT.aspx.cs
View File

@ -20,9 +20,29 @@ namespace SCP.BasicData
{
if (!IsPostBack)
{
BindData();
DDL_FACTORY.DataSource =ScpCache.FactoryList;
DDL_FACTORY.DataBind();
if (CurrentUser.ID != 0)
{
//读取 所有菜单列表
var mlist = GetMenus(CurrentUser.ID);
if (mlist.Count > 0 && mlist.Contains("收货口管理"))
{
BindData();
DDL_FACTORY.DataSource = ScpCache.FactoryList;
DDL_FACTORY.DataBind();
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
}
}

2
北京北汽/SCP/Views/BasicData/SCP_TA_VEND_PART.aspx.cs
View File

@ -146,7 +146,7 @@ namespace SCP.Views.BasicData
}
protected void LinkButton_Click(object sender, EventArgs e)
{
Alert.Show($"<a href=\'/uploadfiles/{".xls"}\'>{".xls"}</a>", "请点击文件名下载", MessageBoxIcon.Information);
Alert.Show($"<a href=\'/uploadfiles/{".xlsx"}\'>{".xlsx"}</a>", "请点击文件名下载", MessageBoxIcon.Information);
}
protected void Btn_Click(object sender, EventArgs e)

26
北京北汽/SCP/Views/BasicData/SCP_TB_Address.aspx.cs
View File

@ -20,9 +20,29 @@ namespace SCP.Views.BasicData
{
if (!IsPostBack)
{
BindData();
TranslatorAgent(Grid1);
TranslatorAgents(Toolbar1);
if (CurrentUser.ID != 0)
{
//读取 所有菜单列表
var mlist = GetMenus(CurrentUser.ID);
if (mlist.Count > 0 && mlist.Contains("收货信息管理(重庆专用)"))
{
BindData();
TranslatorAgent(Grid1);
TranslatorAgents(Toolbar1);
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
}
}
//

37
北京北汽/SCP/Views/BasicData/Supplier.aspx.cs
View File

@ -18,6 +18,7 @@ using NPOI.HSSF.UserModel;
using NPOI.SS.UserModel;
using CK.SCP.Models;
using CK.SCP.Models.ScpEntity.ExcelExportEnttity;
using System.Web.Security;
namespace SCP.BasicData
{
@ -29,23 +30,43 @@ namespace SCP.BasicData
{
if (!IsPostBack)
{
BindData();
if (CurrentUser.ID != 0)
{
//读取 所有菜单列表
var mlist = GetMenus(CurrentUser.ID);
if (mlist.Count > 0 && mlist.Contains("供应商档案"))
{
BindData();
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
}
else
{
Response.Write("当前用户没有操作该页面权限");
Response.End();
return;
}
// BtnAdd.OnClientClick = Window1.GetShowReference("/BasicData/SupplierEdit.aspx", "新增");
}
}
//
public void BindData()
{
var _ls = ScpCache.FactoryList;
_ls.Insert(0, new TB_FACTORY() { FactoryId = "", FactoryName = "" });
DPL_Factory.DataSource = _ls;
DPL_Factory.DataBind();
// _list = SCP_TB_VENDER_CONTROLLER.Getlist();
_list= SearchData();
var list = Sort<TA_VENDER>(_list.AsQueryable(), Grid1);
// _list = SCP_TB_VENDER_CONTROLLER.Getlist();
var list = new List<TA_VENDER>();
_list = SearchData();
list = Sort<TA_VENDER>(_list.AsQueryable(), Grid1).ToList();
Grid1.DataSource = list;
Grid1.RecordCount = list.Count();
Grid1.DataBind();
@ -186,7 +207,7 @@ namespace SCP.BasicData
where = where.And(p => p.Site.Contains(DPL_Factory.SelectedValue));
}
where = where.And(p => CurrentUser.FactoryList.Contains(p.Site));
// where = where.And(p => CurrentUser.VenderList.Contains(p.VendId));
// where = where.And(p => CurrentUser.VenderList.Contains(p.VendId));
List<TA_VENDER> list = SCPDB.TA_VENDER.Where(where.Compile()).ToList();
num = SCPDB.TA_VENDER.Where(where.Compile()).Count();
return list;
@ -209,7 +230,7 @@ namespace SCP.BasicData
protected void Grid1_OnSort(object sender, GridSortEventArgs e)
{
_list = SearchData();
var list = Sort<TA_VENDER>(_list.AsQueryable(), Grid1);
Grid1.DataSource = list;

7
北京北汽/SCP/Views/SupplierData/SCP_RECEIVE_LIST.aspx
View File

@ -165,10 +165,11 @@
<f:ListItem Text="200" Value="200" />
<f:ListItem Text="500" Value="500" />
<f:ListItem Text="1000" Value="1000" />
<f:ListItem Text="3000" Value="3000" />
</f:DropDownList>
</PageItems>
<Columns>
<f:RowNumberField runat="server" ID="chb" HeaderText="行号" />
<f:RowNumberField runat="server" ID="chb" HeaderText="行号" width="40" />
<%-- <f:TemplateField HeaderText="否可开票" Width="120px" ColumnID="IsCheck">
@ -271,6 +272,10 @@
var selection = grid.getSelectionModel().getSelection();
var store = grid.getStore();
var total = 0;
if (grid.getSelectionModel().getCount() > 1000) {
window.alert("选择发票条数" + grid.getSelectionModel().getCount() +",超过发票允许条数(1000条)");
return;
}
$.each(selection, function (index, item) {
var rowIndex = store.indexOf(item);
var row = $(grid.body.el.dom).find('.x-grid-item').eq(rowIndex);

37
北京北汽/SCP/Views/SupplierData/SCP_RECEIVE_LIST.aspx.cs
View File

@ -25,7 +25,7 @@ namespace SCP.SupplierData
{
protected void Page_Load(object sender, EventArgs e)
{
IsRoleRight();
//IsRoleRight();
if (!IsPostBack)
{
TranslatorAgents(Toolbar2);
@ -402,6 +402,16 @@ namespace SCP.SupplierData
// return;
// }
//}
if (Grid_V_TB_RECEIVE_LIST.SelectedRowIndexArray.Length == 0)
{
Alert.Show("请选择要创建发票的记录!");
return;
}
if (Grid_V_TB_RECEIVE_LIST.SelectedRowIndexArray.Length > 1000)
{
Alert.Show("选择发票条数" + Grid_V_TB_RECEIVE_LIST.SelectedRowIndexArray.Length + ",超过发票允许条数(1000条)");
return;
}
CreateInvoice("0");
}
private void CreateInvoice(string p_all)
@ -428,11 +438,16 @@ namespace SCP.SupplierData
SearchData((rs) =>
{
string IsCreate = "0";
if (Grid_V_TB_RECEIVE_LIST.SelectedRowIndexArray.Length == 0)
{
Alert.Show("请选择要创建发票的记录!");
return;
}
//if (Grid_V_TB_RECEIVE_LIST.SelectedRowIndexArray.Length == 0)
//{
// Alert.Show("请选择要创建发票的记录!");
// return;
//}
//if (Grid_V_TB_RECEIVE_LIST.SelectedRowIndexArray.Length > 1000)
//{
// Alert.Show("选择发票条数"+ Grid_V_TB_RECEIVE_LIST.SelectedRowIndexArray.Length + ",超过发票允许条数(1000条)");
// return;
//}
string IDS = "";
List<string> _list = new List<string>();
List<string> _projectList = new List<string>();
@ -720,6 +735,16 @@ namespace SCP.SupplierData
Alert.Show("收货月份不能为空!");
return;
}
if (Grid_V_TB_RECEIVE_LIST.SelectedRowIndexArray.Length == 0)
{
Alert.Show("请选择要创建发票的记录!");
return;
}
if (Grid_V_TB_RECEIVE_LIST.SelectedRowIndexArray.Length > 1000)
{
Alert.Show("选择发票条数" + Grid_V_TB_RECEIVE_LIST.SelectedRowIndexArray.Length + ",超过发票允许条数(1000条)");
return;
}
CreateInvoice("1");
}

174
北京北汽/SCP/default_hb.aspx
View File

@ -57,10 +57,16 @@
<label runat="server" id="lab2"><%= GetResourceKey("密码") %></label><input type="password" runat="server" class="text" id="textPassword" placeholder="密码" name="textPassword" tabindex="5" onkeydown="keyDown(event)">
</div>
<div class="yzm" id="div_20">
<label runat="server" id="Label2" style="font-size:14px;margin-top:4px;margin-left:4px"><%= GetResourceKey("验证码") %></label><input type="text" runat="server" class="text" id="inputValue" placeholder="验证码(不区分大小写)" name="textPassword" tabindex="5" onkeydown="keyDown(event)" style="width:120px;height:16px;margin-left:2px;margin-top:18px ">
<label runat="server" id="Label2" style="font-size:14px;margin-top:4px;margin-left:4px"><%= GetResourceKey("验证码") %></label>
<input type="text" runat="server" class="text" id="inputValue" placeholder="验证码(不区分大小写)" name="textPassword" tabindex="5" onkeydown="keyDown(event)" style="width:120px;height:16px;margin-left:2px;margin-top:18px ">
<%-- <canvas id="c1" style="border:1px solid black; position: absolute; width:20%;height:18%;font-size:30px" runat="server" ></canvas>--%>
<canvas id="c1" width="100" height="30" style="position: absolute;height:10%;width:24%; left:65%;top:70%; border:1px solid black;font-weight:bold" runat="server" ></canvas>
<br>
<%-- <canvas id="c1" width="100" height="30" style="position: absolute;height:10%;width:24%; left:65%;top:70%; border:1px solid black;font-weight:bold" runat="server" ></canvas>--%>
<f:Image runat="server" ID="img" />
<f:LinkButton CssStyle="float:left;margin-top:8px;" ID="btnRefresh" Text="看不清?"
runat="server" OnClick="btnRefresh_Click">
</f:LinkButton>
<br>
</div>
<input type="text" value="" id="Text1" placeholder="验证码是否正确" runat="server" style="display:none">
@ -120,100 +126,100 @@
<script type="text/javascript" src="res/js/fun.base.js"></script>
<script type="text/javascript" src="res/js/script.js"></script>
<script type="text/javascript">
$(function () {
// 存放随机的验证码
var showNum = []
//$(function () {
// // 存放随机的验证码
// var showNum = []
draw(showNum)
// draw(showNum)
$("#c1").click(function () {
draw(showNum)
})
$("#btn_Login").click(function () {
var s = $("#inputValue").val().toLowerCase()
var s1 = showNum.join("")
if (s != s1) {
$("#Text1").val('false')
alert("验证码错误")
} else {
$("#Text1").val('')
}
draw(showNum)
})
// $("#c1").click(function () {
// draw(showNum)
// })
// $("#btn_Login").click(function () {
// var s = $("#inputValue").val().toLowerCase()
// var s1 = showNum.join("")
// if (s != s1) {
// $("#Text1").val('false')
// alert("验证码错误")
// } else {
// $("#Text1").val('')
// }
// draw(showNum)
// })
// 封装一个把随机验证码放在画布上
function draw(showNum) {
// 获取canvas
var canvas = $("#c1")
var ctx = canvas[0].getContext("2d")
// 获取画布的宽高
var canvas_width = canvas.width()
var canvas_height = canvas.height()
// 清空之前绘制的内容
// 0,0清空的起始坐标
// 矩形的宽高
ctx.clearRect(0, 0, canvas_width, canvas_height)
// 开始绘制
var scode = "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,1,2,3,4,5,6,7,8,9,"
var arrCode = scode.split(",")
var arrLength = arrCode.length
for (var i = 0; i < 4; i++) {
var index = Math.floor(Math.random() * arrCode.length)
var txt = arrCode[index]//随机一个字符
showNum[i] = txt.toLowerCase()//转化为小写存入验证码数组
// 开始控制字符的绘制位置
var x = 10 + 20 * i //每一个验证码绘制的起始点x坐标
var y = 20 + Math.random() * 8// 起始点y坐标
// // 封装一个把随机验证码放在画布上
// function draw(showNum) {
// // 获取canvas
// var canvas = $("#c1")
// var ctx = canvas[0].getContext("2d")
// // 获取画布的宽高
// var canvas_width = canvas.width()
// var canvas_height = canvas.height()
// // 清空之前绘制的内容
// // 0,0清空的起始坐标
// // 矩形的宽高
// ctx.clearRect(0, 0, canvas_width, canvas_height)
// // 开始绘制
// var scode = "a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,1,2,3,4,5,6,7,8,9,"
// var arrCode = scode.split(",")
// var arrLength = arrCode.length
// for (var i = 0; i < 4; i++) {
// var index = Math.floor(Math.random() * arrCode.length)
// var txt = arrCode[index]//随机一个字符
// showNum[i] = txt.toLowerCase()//转化为小写存入验证码数组
// // 开始控制字符的绘制位置
// var x = 10 + 20 * i //每一个验证码绘制的起始点x坐标
// var y = 20 + Math.random() * 8// 起始点y坐标
ctx.font = "bold 20px 微软雅黑"
// 开始旋转字符
var deg = Math.random * -0.5
// canvas 要实现绘制内容具有倾斜的效果,必须先平移,目的是把旋转点移动到绘制内容的地方
ctx.translate(x, y)
ctx.rotate(deg)
// 设置绘制的随机颜色
ctx.fillStyle = randomColor()
ctx.fillText(txt, 0, 0)
// ctx.font = "bold 20px 微软雅黑"
// // 开始旋转字符
// var deg = Math.random * -0.5
// // canvas 要实现绘制内容具有倾斜的效果,必须先平移,目的是把旋转点移动到绘制内容的地方
// ctx.translate(x, y)
// ctx.rotate(deg)
// // 设置绘制的随机颜色
// ctx.fillStyle = randomColor()
// ctx.fillText(txt, 0, 0)
// 把canvas复原
ctx.rotate(-deg)
ctx.translate(-x, -y)
// // 把canvas复原
// ctx.rotate(-deg)
// ctx.translate(-x, -y)
}
for (var i = 0; i < 30; i++) {
if (i < 5) {
// 绘制线
ctx.strokeStyle = randomColor()
ctx.beginPath()
//ctx.moveTo(Math.random() * canvas_width, Math.random() * canvas_height)
//ctx.lineTo(Math.random() * canvas_width, Math.random() * canvas_height)
ctx.stroke()
}
// 绘制点
ctx.strokeStyle = randomColor()
ctx.beginPath()
//var x = Math.random() * canvas_width
//var y = Math.random() * canvas_height
//ctx.moveTo(x, y)
//ctx.lineTo(x + 1, y + 1)
ctx.stroke()
// }
// for (var i = 0; i < 30; i++) {
// if (i < 5) {
// // 绘制线
// ctx.strokeStyle = randomColor()
// ctx.beginPath()
// //ctx.moveTo(Math.random() * canvas_width, Math.random() * canvas_height)
// //ctx.lineTo(Math.random() * canvas_width, Math.random() * canvas_height)
// ctx.stroke()
// }
// // 绘制点
// ctx.strokeStyle = randomColor()
// ctx.beginPath()
// //var x = Math.random() * canvas_width
// //var y = Math.random() * canvas_height
// //ctx.moveTo(x, y)
// //ctx.lineTo(x + 1, y + 1)
// ctx.stroke()
}
// }
}
// }
// 随机颜色
function randomColor() {
var r = Math.floor(Math.random() * 256)
var g = Math.floor(Math.random() * 256)
var b = Math.floor(Math.random() * 256)
return `rgb(${r},${g},${b})`
// // 随机颜色
// function randomColor() {
// var r = Math.floor(Math.random() * 256)
// var g = Math.floor(Math.random() * 256)
// var b = Math.floor(Math.random() * 256)
// return `rgb(${r},${g},${b})`
}
// }
})
//})
var _factoryValue = '<%= factoryValue.ClientID %>';
window.onload = function ()
{

89
北京北汽/SCP/default_hb.aspx.cs
View File

@ -16,6 +16,8 @@ using CK.SCP.Common;
using System.Configuration;
using SCP.Code;
using CK.SCP.Models.Enums;
using System.Drawing;
namespace SCP
{
public partial class default_hb : PageBase
@ -62,13 +64,14 @@ namespace SCP
}
}
private void LoadData()
private void LoadData( int? a =0)
{
// 如果用户已经登录,则重定向到管理首页
if (User.Identity.IsAuthenticated)
if (User.Identity.IsAuthenticated && a == 0)
{
Response.Redirect(FormsAuthentication.DefaultUrl);
}
img.ImageUrl = DrawToBase64(4);
}
protected string GetFactoryName()
{
@ -106,7 +109,6 @@ namespace SCP
{
string userName = textUserName.Value.Trim();
string password = textPassword.Value.Trim();
LoadResouce();
Login(userName, password);
}
@ -115,11 +117,30 @@ namespace SCP
}
private void Login(string p_userName, string p_password)
{
HttpCookie cookie_checkingcode = Request.Cookies["ImageV"];
if (string.IsNullOrEmpty(textUserName.Value) || string.IsNullOrEmpty(textPassword.Value))
{
Alert.Show(GetResourceKey("用户名或密码不能为空!"));
cookie_checkingcode.Expires = DateTime.Now;
img.ImageUrl = DrawToBase64(4);
return;
}
if (string.IsNullOrEmpty(inputValue.Value))
{
Alert.Show(GetResourceKey("验证码不能为空!"));
cookie_checkingcode.Expires = DateTime.Now;
img.ImageUrl = DrawToBase64(4);
return;
}
if (inputValue.Value.Trim().ToLower() != (cookie_checkingcode.Value.ToLower().ToString()))
{
Alert.Show(GetResourceKey("验证码错误!"));
cookie_checkingcode.Expires = DateTime.Now;
img.ImageUrl = DrawToBase64(4);
return;
}
User user = DB.Users.Where(u => u.Name == p_userName).FirstOrDefault();
if (user != null)
@ -127,6 +148,8 @@ namespace SCP
if (!user.Enabled)
{
Alert.Show(GetResourceKey("用户未启用,请联系管理员!"));
cookie_checkingcode.Expires = DateTime.Now;
img.ImageUrl = DrawToBase64(4);
return;
}
if (PasswordUtil.ComparePasswords(user.Password, p_password))
@ -134,18 +157,19 @@ namespace SCP
String pattern = "(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])(?=.*[~!@#$%^&*_.]).{8,}";
if (!Regex.IsMatch(p_password, pattern))
{
//PageContext.RegisterStartupScript(Window1.GetShowReference(string.Format("Change_password.aspx")));
this.div_4.Style.Add("visibility", "visible");
this.div_5.Style.Add("visibility", "visible");
this.div_5.Style.Add("visibility", "visible");
if (!string.IsNullOrEmpty(this.textPassword1.Value))
{
if (this.textPassword1.Value.Trim() != textConfim.Value.Trim())
{
Alert.Show(GetResourceKey("新密码与确认密码不一致!"));
cookie_checkingcode.Expires = DateTime.Now;
img.ImageUrl = DrawToBase64(4);
return;
}
else
@ -153,6 +177,8 @@ namespace SCP
if (!Regex.IsMatch(this.textPassword1.Value.Trim(), pattern))
{
Alert.Show(GetResourceKey("新密码必须包含大小写字母,英文特殊符号~!@#$%^&*_中的一个和数字且不能少于8位!"));
cookie_checkingcode.Expires = DateTime.Now;
img.ImageUrl = DrawToBase64(4);
return;
}
@ -163,6 +189,8 @@ namespace SCP
else
{
Alert.Show(GetResourceKey("您的密码过于简单,请修改密码,新密码必须包含大小写字母,英文特殊符号~!@#$%^&*_中的一个和数字且不能少于8位!"));
cookie_checkingcode.Expires = DateTime.Now;
img.ImageUrl = DrawToBase64(4);
return;
}
}
@ -173,12 +201,17 @@ namespace SCP
{
string date = DateTime.Now.ToShortDateString();
var ret = SCP_LOGINNUMBER_CONTROLLER.Save_TA_LOGINNUMBER(p_userName, LoginNumer.Sussess, date);
// 成功就失效
cookie_checkingcode.Expires = DateTime.Now;
// 登录成功
LoginSuccess(user);
}
else
{
Alert.Show("不是选定工厂下供应商");
cookie_checkingcode.Expires = DateTime.Now;
img.ImageUrl = DrawToBase64(4);
return;
}
return;
@ -194,13 +227,16 @@ namespace SCP
}
else
{
Alert.Show(GetResourceKey("用户名或密码错误!"));
cookie_checkingcode.Expires = DateTime.Now;
img.ImageUrl = DrawToBase64(4);
var number = SCP_LOGINNUMBER_CONTROLLER.GetlistUserNumber(p_userName);
if (number != null)
{
if (number.Number < 5)
{
Text2.Value = "密码错误" + number.Number + "次24小时内错误5次账号将变为未启用状态!";
Text2.Value = "用户名或密码错误" + number.Number + "次24小时内错误5次账号将变为未启用状态!";
}
}
@ -222,12 +258,14 @@ namespace SCP
else
{
Alert.Show(GetResourceKey("用户名或密码错误!"));
cookie_checkingcode.Expires = DateTime.Now;
img.ImageUrl = DrawToBase64(4);
var number = SCP_LOGINNUMBER_CONTROLLER.GetlistUserNumber(p_userName);
if (number != null)
{
if (number.Number < 5)
{
Text2.Value = "密码错误" + number.Number + "次24小时内错误五次账号将变为未启用状态!";
Text2.Value = "用户名或密码错误" + number.Number + "次24小时内错误五次账号将变为未启用状态!";
}
}
}
@ -262,16 +300,15 @@ namespace SCP
roleIDs = String.Join(",", user.Roles.Select(r => r.ID).ToArray());
}
bool isPersistent = true;
DateTime expiration = DateTime.Now.AddMinutes(double.Parse(ConfigurationManager.AppSettings["SCP_TIME_OUT"]));
DateTime expiration = DateTime.Now.AddSeconds(double.Parse(ConfigurationManager.AppSettings["SCP_TIME_OUT"]));
CreateFormsAuthenticationTicket(user.Name, roleIDs, isPersistent, expiration, user.UsedDomain);
var first = DB.Users.Where(p => p.Name == user.Name).FirstOrDefault();
if (first != null)
{
first.Remark = user.UsedDomain;
DB.SaveChanges();
}
img.ImageUrl = DrawToBase64(4);
// 重定向到登陆后首页
Response.Redirect(FormsAuthentication.DefaultUrl);
}
@ -418,6 +455,36 @@ namespace SCP
btn_pass.Attributes["value"] = "Forgot Password";
}
#region
/// <summary>
/// 返回参数
/// </summary>
/// <param name="lengths"></param>
/// <returns></returns>
public string DrawToBase64(int lengths)
{
string code = RandomVerificationCode(lengths);
HttpCookie a = new HttpCookie("ImageV", code);
Response.Cookies.Add(a);
Bitmap png = DrawImage(code);
string r = "data:image/jpg;base64," + BitmapToBase64Str(png);
return r;
}
/// <summary>
/// 刷新验证码
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnRefresh_Click(object sender, EventArgs e)
{
LoadData(1);
}
#endregion
}
}

13
北京北汽/SCP/default_hb.aspx.designer.cs
View File

@ -213,13 +213,22 @@ namespace SCP
protected global::System.Web.UI.HtmlControls.HtmlInputText inputValue;
/// <summary>
/// c1 控件。
/// img 控件。
/// </summary>
/// <remarks>
/// 自动生成的字段。
/// 若要进行修改,请将字段声明从设计器文件移到代码隐藏文件。
/// </remarks>
protected global::System.Web.UI.HtmlControls.HtmlGenericControl c1;
protected global::FineUI.Image img;
/// <summary>
/// btnRefresh 控件。
/// </summary>
/// <remarks>
/// 自动生成的字段。
/// 若要进行修改,请将字段声明从设计器文件移到代码隐藏文件。
/// </remarks>
protected global::FineUI.LinkButton btnRefresh;
/// <summary>
/// Text1 控件。

Write Preview
Loading…
Cancel
Save