Du kan inte välja fler än 25 ämnen Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.

692 rader
24 KiB

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Data.SqlClient;
using System.Linq;
using System.Text;
using System.Management; //在工程(project)的引用中,右键,添加引用
using System.DirectoryServices; //在工程(project)的引用中,右键,添加引用
using Microsoft.JScript; //获取脚本解释引擎用
using System.Diagnostics; //速度测试用
using System.IO;
/// <summary>
/// Summary description for BasicPage
/// </summary>
///
namespace Basic
{
public class BasicPage : System.Web.UI.Page
{
public string newString;//返回被截取的字符串
public string connstring;
public string strSql;
public SqlConnection myconn;
public SqlCommand mycommand;
public SqlDataReader myreader;
public SqlDataAdapter myadapter;
public DataSet ds;
public DataView dv;
public DataTable tzDataTable;
//
public string strTitle = null;
public string strDescription = null;
public string strKeys = null;
//参数设置开始
public string strServer = System.Configuration.ConfigurationManager.AppSettings["Server"].ToString();
public string strDatabase = System.Configuration.ConfigurationManager.AppSettings["Database"].ToString();
public string strUid = System.Configuration.ConfigurationManager.AppSettings["UID"].ToString();
public string strPwd = System.Configuration.ConfigurationManager.AppSettings["PWD"].ToString();
public void connection()
{
connstring = System.Configuration.ConfigurationManager.AppSettings["ConnectionString"].ToString();
myconn = new SqlConnection(connstring);
}
public void dbOpen()
{
connection();
myconn.Open();
}
public void dbClose()
{
myconn.Close();
}
public void MessageBox(string url, string message, int type)
{
if (type == 0)
{
System.Web.HttpContext.Current.Response.Write("<script>alert('" + message + "');location.href='" + url + "';</script>");
}
else if (type == 1)
{
System.Web.HttpContext.Current.Response.Write("<script>alert('" + message + "');parent.location.href='" + url + "';</script>");
}
}
/// <summary>
///返回数据集DataSet
/// </summary>
/// <param name="tableName"></param>
/// <param name="tempStrSQL"></param>
/// <returns></returns>
public DataSet SelectDataBase(string tableName, string tempStrSQL)
{
connection();
ds = new DataSet();
this.myadapter = new SqlDataAdapter(tempStrSQL, this.myconn);
this.myadapter.Fill(ds, tableName);
return ds;
}
/// <summary>
///返回数据集DataTable
/// </summary>
/// <param name="tableName"></param>
/// <param name="tempStrSQL"></param>
/// <returns></returns>
public DataTable SelectDataTable(string tempStrSQL)
{
connection();
myconn.Open();
SqlCommand cmd = new SqlCommand(tempStrSQL, this.myconn);
SqlDataReader reader = cmd.ExecuteReader(CommandBehavior.CloseConnection);
DataTable dt = new DataTable();
dt.Load(reader);
reader.Dispose();
return dt;
}
/// <summary>
/// 返回单条数据
/// </summary>
/// <param name="tempStrSql"></param>
/// <returns></returns>
public SqlDataReader getRead(string tempStrSql)
{
connection();
SqlCommand mycommand = new SqlCommand(tempStrSql, myconn);
myconn.Open();
SqlDataReader myreader = mycommand.ExecuteReader(CommandBehavior.CloseConnection);
return myreader;
}
/// <summary>
/// 执行更新操作
/// </summary>
/// <param name="tempStrSql"></param>
/// <returns></returns>
public bool doExecute(string tempStrSql)
{
connection();
SqlCommand mycommand = new SqlCommand(tempStrSql, myconn);
myconn.Open();
try
{
mycommand.ExecuteNonQuery();
return true;
}
finally
{
mycommand.Dispose();
myconn.Close();
myconn.Dispose();
}
}
/// <summary>
/// 截取字符串
/// </summary>
/// <param name="str"></param>
/// <param name="length"></param>
/// <returns></returns>
public string CutString(string str, int length)
{
if (str != "")
{
if (str.Length > length)
{
newString = str.Substring(0, length) + "...";
}
else
{
newString = str;
}
}
return newString;
}
/// <summary>
/// 清空浏览器客户端的缓存
/// </summary>
public bool ClearClientPageCache()
{
HttpContext.Current.Response.Buffer = true;
HttpContext.Current.Response.Expires = 0;
HttpContext.Current.Response.ExpiresAbsolute = DateTime.Now.AddDays(-1);
HttpContext.Current.Response.AddHeader("pragma", "no-cache");
HttpContext.Current.Response.AddHeader("cache-control", "private");
HttpContext.Current.Response.CacheControl = "no-cache";
return true;
}
/// <summary>
/// 检测Jmail4.3邮箱组件或FSO文本读写
/// </summary>
/// <param name="_obj"></param>
/// <returns></returns>
public bool IsObjInstalled(string _obj)
{
bool IsFSOInstalled = false;
try
{
Server.CreateObject(_obj);
IsFSOInstalled = true;
}
catch (Exception ex)
{
IsFSOInstalled = false;
}
return IsFSOInstalled;
}
/// <summary>
/// 获取脚本解释引擎
/// </summary>
/// <returns></returns>
public string JiaoBenYinqing()
{
return GlobalObject.ScriptEngine() + "/" + GlobalObject.ScriptEngineMajorVersion() + "." + GlobalObject.ScriptEngineMinorVersion() + "." + GlobalObject.ScriptEngineBuildVersion();
}
/// <summary>
/// 获取服务器ip
/// </summary>
/// <returns></returns>
public string ServerIp()
{
string stringMAC = "";
string stringIP = "";
ManagementClass MC = new ManagementClass("Win32_NetworkAdapterConfiguration");
ManagementObjectCollection MOC = MC.GetInstances();
foreach (ManagementObject MO in MOC)
{
if ((bool)MO["IPEnabled"] == true)
{
stringMAC += MO["MACAddress"].ToString();
//TextMAC.Text = stringMAC.ToString();
string[] IPAddresses = (string[])MO["IPAddress"];
if (IPAddresses.Length > 0) stringIP = IPAddresses[0];
}
}
return stringIP;
}
/// <summary>
/// 获取操作系统
/// </summary>
/// <returns></returns>
public string ServerOS()
{
return System.Environment.OSVersion.ToString();
}
/// <summary>
/// 整数运算速度测试
/// </summary>
/// <returns></returns>
public string IntTest()
{
string Value;
Stopwatch timer = new Stopwatch();
long total = 0;
timer.Start();
for (int i = 1; i <= 500000; i++)
{
total += i;
}
timer.Stop();
decimal micro = timer.Elapsed.Ticks / 10m;
Value = "整数运算测试,正在进行50万次加法运算......已完成!<font color=red>" + micro.ToString() + "微妙" + "</font>";
return Value;
}
/// <summary>
/// 实数运算速度测试
/// </summary>
/// <returns></returns>
public string FloatTest()
{
string Value;
Stopwatch timer = new Stopwatch();
long total = 0;
timer.Start();
for (int i = 1; i <= 200000; i++)
{
total *= total;
}
timer.Stop();
decimal micro = timer.Elapsed.Ticks / 10m;
Value = "浮点数运算测试,正在进行20万次乘法运算......已完成!<font color=red>" + micro.ToString() + "微妙" + "</font>";
return Value;
}
/// <summary>
/// 备份数据库
/// </summary>
/// <param name="strDbName"></param>
/// <param name="strFileName"></param>
/// <param name="strRname"></param>
/// <returns></returns>
public string DbBackup(string strDbName, string strFileName, string strRname)
{
try
{
SQLDMO.Backup oBackup = new SQLDMO.BackupClass();
SQLDMO.SQLServer oSQLServer = new SQLDMO.SQLServerClass();
oSQLServer.LoginSecure = false;
oSQLServer.Connect(strServer, strUid, strPwd);
oBackup.Action = SQLDMO.SQLDMO_BACKUP_TYPE.SQLDMOBackup_Database;
oBackup.Database = strDbName;
string Path = strFileName + strRname;
oBackup.Files = Path;
oBackup.BackupSetName = strRname;
oBackup.BackupSetDescription = "备份数据库";
oBackup.Initialize = true;
oBackup.SQLBackup(oSQLServer);
oSQLServer.DisConnect();
return "ok";
}
catch (Exception ex)
{
return ex.Message;
}
}
/// <summary>
/// 还原数据库
/// </summary>
/// <param name="strDbName"></param>
/// <param name="strFileName"></param>
/// <param name="strRname"></param>
/// <returns></returns>
public bool DbRestore(string strDbName, string strFileName, string strRname)
{
strDbName = strDatabase;
strFileName = "";
SQLDMO.Restore oRestore = new SQLDMO.RestoreClass();
SQLDMO.SQLServer oSQLServer = new SQLDMO.SQLServerClass();
try
{
oSQLServer.LoginSecure = false;
oSQLServer.Connect(strServer, strUid, strPwd);
oRestore.Action = SQLDMO.SQLDMO_RESTORE_TYPE.SQLDMORestore_Database;
oRestore.Database = strDbName;
oRestore.Files = strFileName + strRname;
oRestore.FileNumber = 1;
oRestore.ReplaceDatabase = true;
oRestore.SQLRestore(oSQLServer);
return true;
}
catch
{
return false;
}
}
/// <summary>
/// 获取系统使用者名称
/// </summary>
/// <returns></returns>
public string readConame()
{
string strConame;
SqlDataReader Myreader;
Myreader = getRead("select webname from tbset where id=1");
if (Myreader.Read())
{
strConame = Myreader["webname"].ToString();
}
else
{
strConame = "<font color=red>暂无数据(请先进行系统基本设置)</font>";
}
Myreader.Close();
return strConame;
}
/// <summary>
/// 统计服务器空间占用情况
/// </summary>
/// <param name="dirPath"></param>
/// <returns></returns>
public long GetDirectoryLength(string dirPath)
{
//判断给定的路径是否存在,如果不存在则退出
if (!Directory.Exists(dirPath))
return 0;
long len = 0;
//定义一个DirectoryInfo对象
DirectoryInfo di = new DirectoryInfo(dirPath);
//通过GetFiles方法,获取di目录中的所有文件的大小
foreach (FileInfo fi in di.GetFiles())
{
len += fi.Length;
}
//获取di中所有的文件夹,并存到一个新的对象数组中,以进行递归
DirectoryInfo[] dis = di.GetDirectories();
if (dis.Length > 0)
{
for (int i = 0; i < dis.Length; i++)
{
len += GetDirectoryLength(dis[i].FullName);
}
}
return len;
}
/// <summary>
/// 添加要锁定的IP
/// </summary>
/// <param name="strAddIp"></param>
/// <returns></returns>
public int lockip(string strAddIp)
{
int returnId = 0;
int intId = 1;
bool bsign = false;
string strIpGroup;
string strIp = strAddIp;
SqlDataReader myreader = getRead("select ip from TbIp where id=1");
if (myreader.Read())
{
string[] strIPzu = myreader["ip"].ToString().Split('|');
for (int i = 0; i < strIPzu.Length; i++)
{
if (strIp == strIPzu[i])
{
bsign = true;
}
}
strIpGroup = myreader["ip"].ToString();
myreader.Close();
if (bsign == false)
{
if (strIpGroup == "")
{
strIpGroup = strIp;
}
else
{
strIpGroup = strIpGroup + "|" + strIp;
}
if (doExecute("update tbIp set ip='" + strIpGroup + "' where id=1"))
{
//Response.Redirect("Success.aspx?message=IP锁定成功!&url=IpManage.aspx");
returnId = 1;
}
}
else if (bsign == true)
{
//Response.Redirect("Error.aspx?message=锁定失败,该IP已被锁定!&url=IpManage.aspx");
returnId = 2;
}
}
else
{
myreader.Close();
if (doExecute("insert into tbIp(id,ip)values(" + intId + ",'" + strIp + "')"))
{
//Response.Redirect("Success.aspx?message=IP锁定成功!&url=IpManage.aspx");
returnId = 3;
}
}
return returnId;
}
/// <summary>
/// 显示被锁定IP
/// </summary>
/// <returns></returns>
public string showLockIp()
{
string strIp = "";
SqlDataReader myreader = getRead("select ip from tbIp where id=1");
if (myreader.Read())
{
strIp = myreader["ip"].ToString();
}
myreader.Close();
return strIp.Trim();
}
/// <summary>
/// 更新锁定的IP列表
/// </summary>
/// <param name="strIps"></param>
/// <returns></returns>
public bool updateIp(string strIps)
{
bool sign = false;
SqlDataReader myreader = getRead("select * from tbIp where id=1");
if (myreader.Read())
{
if (doExecute("update tbIp set ip='" + strIps + "' where id=1"))
{
sign = true;
}
}
else
{
int id = 1;
if (doExecute("insert into tbIp(id,ip)values(" + id + ",'" + strIps + "')"))
{
sign = true;
}
}
myreader.Close();
return sign;
}
/// <summary>
/// 判断是否关闭网站
/// </summary>
/// <returns></returns>
public void ShowWebState()
{
string state = "1";
SqlDataReader myreader = getRead("select state from TBset where id=1");
if (myreader.Read())
{
state = myreader["state"].ToString();
if (state == "0")
{
System.Web.HttpContext.Current.Response.Write("<script>parent.location.href='Close.htm'</script>");
}
}
myreader.Close();
}
/// <summary>
/// 读取Title,Description,Keys
/// </summary>
public void showWebTitle()
{
int intId = 1;
SqlDataReader Myreader = getRead("select * from TBset where id=" + intId + "");
if (Myreader.Read())
{
strTitle = Myreader["webname"].ToString();
strDescription = Myreader["webdescription"].ToString();
strKeys = Myreader["webkeys"].ToString();
}
Myreader.Close();
StartProcessRequest();//分析用户请求是否正常
ShowWebState();//判断网站是否关闭
}
/// <summary>
/// 分析用户请求是否正常
/// </summary>
///
public static void StartProcessRequest()
{
try
{
string getkeys = "";
//string sqlErrorPage = System.Configuration.ConfigurationSettings.AppSettings["CustomErrorPage"].ToString();
if (System.Web.HttpContext.Current.Request.QueryString != null)
{
for (int i = 0; i < System.Web.HttpContext.Current.Request.QueryString.Count; i++)
{
getkeys = System.Web.HttpContext.Current.Request.QueryString.Keys[i];
if (!ProcessSqlStr(System.Web.HttpContext.Current.Request.QueryString[getkeys], 0))
{
//System.Web.HttpContext.Current.Response.Redirect (sqlErrorPage+"?errmsg=sqlserver&sqlprocess=true");
System.Web.HttpContext.Current.Response.Write("<script>alert('请勿非法提交!');history.back();</script>");
System.Web.HttpContext.Current.Response.End();
}
}
}
if (System.Web.HttpContext.Current.Request.Form != null)
{
for (int i = 0; i < System.Web.HttpContext.Current.Request.Form.Count; i++)
{
getkeys = System.Web.HttpContext.Current.Request.Form.Keys[i];
if (!ProcessSqlStr(System.Web.HttpContext.Current.Request.Form[getkeys], 1))
{
//System.Web.HttpContext.Current.Response.Redirect (sqlErrorPage+"?errmsg=sqlserver&sqlprocess=true");
System.Web.HttpContext.Current.Response.Write("<script>alert('请勿非法提交!');history.back();</script>");
System.Web.HttpContext.Current.Response.End();
}
}
}
}
catch
{
// 错误处理: 处理用户提交信息!
}
}
/**/
/// <summary>
/// 分析用户请求是否正常
/// </summary>
/// <param name="Str">传入用户提交数据</param>
/// <returns>返回是否含有SQL注入式攻击代码</returns>
private static bool ProcessSqlStr(string Str, int type)
{
string SqlStr;
if (type == 1)
SqlStr = "exec|insert|select|delete|update|count|chr|mid|master|truncate|char|declare";
else
SqlStr = "'|and|exec|insert|select|delete|update|count|*|chr|mid|master|truncate|char|declare|>|<";
bool ReturnValue = true;
try
{
if (Str != "")
{
string[] anySqlStr = SqlStr.Split('|');
foreach (string ss in anySqlStr)
{
if (Str.IndexOf(ss) >= 0)
{
ReturnValue = false;
}
}
}
}
catch
{
ReturnValue = false;
}
return ReturnValue;
}
/// <summary>
/// 判断是否是数字
/// </summary>
/// <param name="oText"></param>
/// <returns>bool</returns>
public bool IsNumberic(string oText)//判断是否是数字
{
try
{
int var1 = System.Convert.ToInt32(oText);
if (var1 < 0)
{
return false;
}
return true;
}
catch
{
return false;
}
}
/// <summary>
/// 截取字符串
/// </summary>
/// <param name="inputString"></param>
/// <param name="length"></param>
/// <returns>string</returns>
public string SubString(string inputString, int length)
{
if (Encoding.UTF8.GetByteCount(inputString) <= length * 2)
{
return inputString;
}
ASCIIEncoding ascii = new ASCIIEncoding();
int tempLen = 0;
string tempString = "";
byte[] s = ascii.GetBytes(inputString);
for (int i = 0; i < s.Length; i++)
{
if ((int)s[i] == 63)
{
tempLen += 2;
}
else
{
tempLen += 1;
}
tempString += inputString.Substring(i, 1);
if (tempLen >= (length - 1) * 2)
break;
}
//如果截过则加上半个省略号
if (System.Text.Encoding.Default.GetBytes(inputString).Length > length)
tempString += "";
return tempString;
}
/// <summary>
/// 显示登录状态
/// </summary>
public void ShowLoginState()
{
if (Session["j95fn3839vfn93h9n29n"] == null)
{
System.Web.HttpContext.Current.Response.Write("<script>parent.location.href='Default.aspx'</script>");
}
}
#region JS提示============================================
/// <summary>
/// 添加编辑删除提示
/// </summary>
/// <param name="msgtitle">提示文字</param>
/// <param name="url">返回地址</param>
/// <param name="msgcss">CSS样式</param>
public void JscriptMsg(string msgtitle, string url, string msgcss)
{
string msbox = "parent.jsprint(\"" + msgtitle + "\", \"" + url + "\", \"" + msgcss + "\")";
ClientScript.RegisterClientScriptBlock(Page.GetType(), "JsPrint", msbox, true);
}
/// <summary>
/// 带回传函数的添加编辑删除提示
/// </summary>
/// <param name="msgtitle">提示文字</param>
/// <param name="url">返回地址</param>
/// <param name="msgcss">CSS样式</param>
/// <param name="callback">JS回调函数</param>
public void JscriptMsg(string msgtitle, string url, string msgcss, string callback)
{
string msbox = "parent.jsprint(\"" + msgtitle + "\", \"" + url + "\", \"" + msgcss + "\", " + callback + ")";
ClientScript.RegisterClientScriptBlock(Page.GetType(), "JsPrint", msbox, true);
}
#endregion
}
}