*!* 19.05.2009 *!* marius.mutu *!* gnewcryptxml = .T. nu mai exista fisiere roa_security.xml cu criptarea veche (windows api) *!* 21.06.2012 *!* marius.mutu *!* VERIFICA_UTILIZATOR *!* tratare utilizatori ADMIN -1, SUPER -2 #DEFINE CRLF CHR(13) + CHR(10) *** osecurity ********************* INCEPUT Getcrssecurity ********************** * PROCEDURE Getcrssecurity( ) * Date : 04/05/05, 11:25:56 * author : marius.mutu * description: PROCEDURE GetcrsSecurity LPARAMETERS tcSecurityFile *!* SECURITY.TXT - NECRIPTAT *!* SECURITY.XML - CRIPTAT *!* DACA EXISTA SECURITY.XML - PARSEZ XML, ALTFEL PARSEZ TXT *!* gnewcryptxml - daca roa_security.xml are criptare noua(blowfish) *!* gnewcryptfll - daca exista vfpencryption.fll IF TYPE("gnewcryptxml")="U" PUBLIC gnewcryptxml ENDIF *!* 19.05.2009 *!* nu mai exista fisiere roa_security.xml cu criptarea veche (windows api) *!* gnewcryptxml=.F. gnewcryptxml = .T. IF TYPE("gnewcryptfll")="U" PUBLIC gnewcryptfll ENDIF gnewcryptfll=.T. LOCAL lnAt,lcDirMare IF TYPE("gcComunPath")="U" PUBLIC gcComunPath lnAt=RAT("\",gcAppPath,2) lcDirMare=LEFT(gcAppPath,lnAt) gcComunPath=ADDBS(lcDirMare)+"COMUNROA\" ENDIF LOCAL loex AS EXCEPTION TRY lcEncryptionFile = gcComunPath+"vfpencryption.fll" IF !"vfpencryption"$LOWER(SET("Library")) SET LIBRARY TO (lcEncryptionFile) ADDITIVE ENDIF CATCH TO loex gnewcryptfll=.F. ENDTRY LOCAL lcSecurityFile,lcSecurityPath, lcCursor, lcLinie, lcMode LOCAL lcSecurityFileXML lcSecurityFileXML = FORCEEXT(tcSecurityFile,'xml') lcCursor = "crsHost" lcSecurityFile = tcSecurityFile lcSecurityPath = ADDBS(JUSTPATH(lcSecurityFile)) lnValid = 0 llSucces = .T. IF !DIRECTORY(lcSecurityPath) TRY MD (lcSecurityPath) CATCH aMESSAGEBOX('Nu se poate crea directorul ' + lcSecurityPath + '!',0+16,'Atentie') ENDTRY ENDIF IF !(FILE(lcSecurityFile) OR FILE(lcSecurityFileXML)) CD (lcSecurityPath) IF !FILE(lcSecurityFileXML) lcSecurityText = 'ROA;CONTAFIN_ORACLE;123;' lcSecurityText = INPUTBOX('Host(DSN);SCHEMA;SCHEMA_PASSWORD;1;','Server',lcSecurityText) lcSecurityText = ALLTRIM(lcSecurityText) IF !EMPTY(lcSecurityText) IF RIGHT(lcSecurityText,1) # ';' lcSecurityText = lcSecurityText + ';' ENDIF ELSE llSucces = .F. ENDIF ENDIF IF llSucces TRY IF !(FILE(lcSecurityFileXML) OR FILE(lcSecurityFile)) *!* SECURITY.TXT STRTOFILE(lcSecurityText, lcSecurityFile) *!* SECURITY.TXT ^ ENDIF *!* SECURITY.XML IF !FILE(lcSecurityFileXML) CREATE CURSOR cXML (HOST c(50), schema c(50), pwd c(50)) INSERT INTO cXML (HOST, schema, pwd) VALUES("ROA","CONTAFIN_ORACLE","ENCRYPTED PWD") CURSORTOXML("cXML",lcSecurityFileXML, 1, 512, 0, "1") USE IN cXML ENDIF *!* SECURITY.XML ^ CATCH aMESSAGEBOX('Nu s-a putut crea fisierul ' + lcSecurityFile,0+16,'Atentie') llSucces = .F. ENDTRY ENDIF ENDIF IF llSucces IF !FILE(lcSecurityFile) AND !FILE(lcSecurityFileXML) aMESSAGEBOX('Nu exista fisierul ' + lcSecurityFile,0+16,'Atentie') llSucces = .F. ENDIF ENDIF IF llSucces IF USED(lcCursor) USE IN (lcCursor) ENDIF && daca exista security.xml - il transform in cursorul cXML si completez crsHost CREATE CURSOR (lcCursor)(HOST c(100), schema c(100), pwd v(100), IsEncrypted c(1)) IF FILE(lcSecurityFileXML) TRY lcSecurityText = FILETOSTR(lcSecurityFileXML) XMLTOCURSOR(lcSecurityFileXML, "cXML", 512) SELECT cXML GO TOP SCATTER NAME lofirstrecord IF lofirstrecord.HOST="ENCRYPTION" gnewcryptxml=.T. DELETE ENDIF INSERT INTO (lcCursor) (HOST, schema, pwd, IsEncrypted) ; SELECT HOST, schema, pwd, "1" AS IsEncrypted ; FROM cXML lnValid = RECCOUNT('cXML') USE IN cXML CATCH TO loex *!* Local loEx As Exception aMESSAGEBOX('Mesaj: ' + loex.MESSAGE + CRLF + ; 'Eroare nr: ' + ALLTRIM(TRANSFORM(loex.ERRORNO)) + CRLF + ; 'Cod: ' + loex.LINECONTENTS + CRLF + 'Procedura: ' + loex.PROCEDURE + CRLF + ; 'Linia nr: ' + ALLTRIM(TRANSFORM(loex.LINENO)),0+16,'Eroare') FINALLY USE IN (SELECT('cXML')) ENDTRY ELSE * CREATE CURSOR (lcCursor)(HOST c(100), Schema c(100), Pwd v(100), IsEncrypted c(1)) lcSecurityText = FILETOSTR(lcSecurityFile) LOCAL laHost DIMENSION laHost[1] lnLen = ALINES(laHost, lcSecurityText) IF lnLen > 0 FOR i = 1 TO lnLen lcLinie = laHost[i] lcHost = GETWORDNUM(lcLinie, 1, ';') lcSchema = GETWORDNUM(lcLinie, 2, ';') lcPassword = GETWORDNUM(lcLinie, 3, ';') lcMode = "0" && necriptat - security.txt IF EMPTY(lcHost) OR EMPTY(lcSchema) OR EMPTY(lcPassword) LOOP ENDIF lnValid = lnValid + 1 INSERT INTO &lcCursor (HOST, schema, pwd, IsEncrypted) VALUES (lcHost, lcSchema, lcPassword, IIF(EMPTY(lcMode), '0', lcMode)) ENDFOR ENDIF ENDIF ENDIF RETURN lnValid ENDPROC ********************* SFARSIT Getcrssecurity ********************** ************************************************************************************************************* FUNCTION verifica_utilizator LPARAMETERS tcNumeUtilizator,tcParola LOCAL lnVerificare,lnRezultat,lnSuma,lnCkSum glAdministrator = .F. glSupervizor = .F. lnRezultat = -1 TRY lcSql = [SELECT pack_drepturi.verificautilizator(']+ALLTRIM(tcNumeUtilizator)+[',']+; ALLTRIM(tcParola)+[') as id_util from dual] lcCursor = [v_verificare] lnSucces = goExecutor.oExecute(lcSql,lcCursor) goExecutor.oReset() IF USED('v_verificare') AND RECCOUNT('v_verificare')>0 SELECT v_verificare lnVerificare = id_util USE IN v_verificare ENDIF IF m.lnVerificare = -1 glAdministrator = .F. glSupervizor = .F. RETURN m.lnRezultat ENDIF IF lnVerificare < -1000000 && ADMIN, SUPER, SERVER lnRezultat = lnVerificare + 1000000 DO case CASE lnRezultat = -1 && ADMIN glAdministrator = .T. CASE lnRezultat = -2 && SUPER glSupervizor = .T. ENDCASE ELSE lnSuma = 0 lnRezultat = INT(lnVerificare/100) && id_util lnVerificare = ABS(m.lnVerificare) && pentru cazul in care am id_util (-1,-2,-3) i = lnRezultat lnCkSum = MOD(lnVerificare,100) DO WHILE i > 0 lnSuma = lnSuma+MOD(i,10) i = INT(i/10) ENDDO IF MOD(lnSuma+lnCkSum, 13) = 0 glAdministrator = .T. && GRUP ADMINISTRARE ID = 0 ELSE IF MOD(lnSuma+lnCkSum, 11) = 0 glSupervizor = .T. && GRUP SUPERVIZARE ID = -1 ENDIF ENDIF ENDIF CATCH lnRezultat = -1 ENDTRY RETURN lnRezultat ENDFUNC ************************************************************************************************************* FUNCTION verifica_id_util LPARAMETERS tnIdUtil LOCAL lcRezultat lcRezultat=[] lcSql = [SELECT pack_drepturi.verificaidutil(]+; ALLTRIM(STR(tnIdUtil))+[) as utilizator from dual] lcCursor = [v_cursor_verif] lnSucces = goExecutor.oExecute(lcSql,lcCursor) goExecutor.oReset() IF USED('v_cursor_verif') AND RECCOUNT('v_cursor_verif')>0 SELECT v_cursor_verif lcRezultat=utilizator USE IN v_cursor_verif ENDIF RETURN lcRezultat ENDFUNC *************************************************************************************************************