<%@ WebHandler Language="C#" Class="CheckPriKey" %>

using System;
using System.Collections.Generic;
using System.Web;
using System.Data;
using System.IO;
using eMIS.Data;
using System.Data.Common;
using System.Web.SessionState;
using eMIS;
using System.Web.Security;


public class CheckPriKey : IHttpHandler, IRequiresSessionState
{

    public void ProcessRequest (HttpContext context)
    {
        string menuid = context.Request.QueryString["mid"].ToString();
        string userid = context.Request.QueryString["uid"].ToString();
        string condition = context.Request.QueryString["c"].ToString();

        if (context.Request.QueryString["con"] != null)
        {
            condition = context.Request.QueryString["con"].ToString();
            condition = eMIS.Utility.JsSecurity.DecryptByAES(condition);
        }
        
        string varSign = context.Request.QueryString["rid"].ToString();
        string page = context.Request.QueryString["page"].ToString();

        DateTime d = DateTime.Parse(context.Request.QueryString["d"].ToString());
        string token = context.Request.QueryString["t"].ToString();

        string pwd = userid + menuid + condition + varSign + page + d.ToString("yyyyMMddHHmmss") + "here.sac";

        pwd = FormsAuthentication.HashPasswordForStoringInConfigFile(pwd, "MD5");


        string errinfo="";

        if (pwd == token)
        {
            if (ExecDateDiff(d, DateTime.Now) > 5)
            {
                errinfo = "凭证过期";
            }
            else
            {
                DataManager dm = new DataManager();
                DataTable dt = dm.ExecuteTable("select id from com_yhb where login='"+userid+"'");

                if (dt.Rows.Count != 0)
                {
                    userid = dt.Rows[0][0].ToString();
                    LoginManager lm = new LoginManager(context);
                    lm.Login(userid);

                    condition = DataManager.Encrypt(condition);
                    
                    context.Response.Redirect("Kernel.ashx?menuid="+menuid+"&page="+page+"&varSign=" + varSign + "&cond="+condition+"&" + DateTime.Now.Ticks.ToString());

                }
                else
                {
                    errinfo = "用户不存在！";
                }
            }
        }
        else
        {
            errinfo = "验证凭证失败";
        }

        context.Response.Write(errinfo);



    }


    /// <summary>
    /// 程序执行时间测试
    /// </summary>
    /// <param name="dateBegin">开始时间</param>
    /// <param name="dateEnd">结束时间</param>
    /// <returns>返回(秒)单位，比如: 0.00239秒</returns>
    public double ExecDateDiff(DateTime dateBegin, DateTime dateEnd)
    {
        TimeSpan ts1 = new TimeSpan(dateBegin.Ticks);
        TimeSpan ts2 = new TimeSpan(dateEnd.Ticks);
        TimeSpan ts3 = ts1.Subtract(ts2).Duration();
        //你想转的格式
        //return ts3.TotalSeconds;
        return ts3.Minutes;
    }

    public bool IsReusable
    {
        get
        {
            return false;
        }
    }

}