%@ WebHandler Language="C#" Class="CheckPriKey" %>
using System;
using System.Collections.Generic;
using System.Web;
using System.Data;
using System.IO;
using eMIS.Data;
using System.Data.Common;
using System.Web.SessionState;
using eMIS;
using System.Web.Security;
public class CheckPriKey : IHttpHandler, IRequiresSessionState
{
public void ProcessRequest (HttpContext context)
{
string menuid = context.Request.QueryString["mid"].ToString();
string userid = context.Request.QueryString["uid"].ToString();
string condition = context.Request.QueryString["c"].ToString();
if (context.Request.QueryString["con"] != null)
{
condition = context.Request.QueryString["con"].ToString();
condition = eMIS.Utility.JsSecurity.DecryptByAES(condition);
}
string varSign = context.Request.QueryString["rid"].ToString();
string page = context.Request.QueryString["page"].ToString();
DateTime d = DateTime.Parse(context.Request.QueryString["d"].ToString());
string token = context.Request.QueryString["t"].ToString();
string pwd = userid + menuid + condition + varSign + page + d.ToString("yyyyMMddHHmmss") + "here.sac";
pwd = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "MD5");
string errinfo="";
if (pwd == token)
{
if (ExecDateDiff(d, DateTime.Now) > 5)
{
errinfo = "凭证过期";
}
else
{
DataManager dm = new DataManager();
DataTable dt = dm.ExecuteTable("select id from com_yhb where login='"+userid+"'");
if (dt.Rows.Count != 0)
{
userid = dt.Rows[0][0].ToString();
LoginManager lm = new LoginManager(context);
lm.Login(userid);
condition = DataManager.Encrypt(condition);
context.Response.Redirect("Kernel.ashx?menuid="+menuid+"&page="+page+"&varSign=" + varSign + "&cond="+condition+"&" + DateTime.Now.Ticks.ToString());
}
else
{
errinfo = "用户不存在!";
}
}
}
else
{
errinfo = "验证凭证失败";
}
context.Response.Write(errinfo);
}
///
/// 程序执行时间测试
///
/// 开始时间
/// 结束时间
/// 返回(秒)单位,比如: 0.00239秒
public double ExecDateDiff(DateTime dateBegin, DateTime dateEnd)
{
TimeSpan ts1 = new TimeSpan(dateBegin.Ticks);
TimeSpan ts2 = new TimeSpan(dateEnd.Ticks);
TimeSpan ts3 = ts1.Subtract(ts2).Duration();
//你想转的格式
//return ts3.TotalSeconds;
return ts3.Minutes;
}
public bool IsReusable
{
get
{
return false;
}
}
}