本文整理汇总了C#中Connector.Logging_Queries方法的典型用法代码示例。如果您正苦于以下问题:C# Connector.Logging_Queries方法的具体用法?C# Connector.Logging_Queries怎么用?C# Connector.Logging_Queries使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Connector
的用法示例。
在下文中一共展示了Connector.Logging_Queries方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: requestEnd
public static void requestEnd(string pluginid, Connector conn, ref Misc.PageElements pageElements, HttpRequest request, HttpResponse response)
{
// Check no query has been injected
const string REGEX_ANTI_INJECTION_TEST = @"(([a-zA-Z0-9]+).(password|\*)(?:.+)(bsa_users AS (\2(?:.+)|\2$)))|((.+[^.])(password|\*)(?:.+)FROM(?:.+)bsa_users)";
if (!pageElements.containsFlag(FLAG_PASSWORD_ACCESSED))
{
foreach (string query in conn.Logging_Queries())
if (query.Contains("bsa_users") && query.Contains("password") && Regex.IsMatch(query, REGEX_ANTI_INJECTION_TEST, RegexOptions.Multiline | RegexOptions.IgnoreCase))
{
// Uh oh...injection occurred...SHUT DOWN EVERYTHING.
AdminPanel.addAlert(conn, "Following query has been detected as an injection:\n" + query);
conn.Disconnect();
response.Write("Your request has been terminated due to a security concern; please try again or contact the site administrator!");
response.End();
}
}
// Check the users session is still valid
if (HttpContext.Current.User.Identity.IsAuthenticated)
{
// Set base flag(s)
pageElements.setFlag("AUTHENTICATED");
// Select username and check for bans
Result data = conn.Query_Read("SELECT u.userid, u.username, COUNT(b.banid) AS active_bans, g.title, g.access_login FROM bsa_users AS u LEFT OUTER JOIN bsa_user_bans AS b ON (b.userid=u.userid AND ((b.unban_date IS NULL) OR (b.unban_date > NOW()) )) LEFT OUTER JOIN bsa_user_groups AS g ON g.groupid=u.groupid WHERE u.userid='" + Utils.Escape(HttpContext.Current.User.Identity.Name) + "'");
if (data.Rows.Count != 1 || int.Parse(data[0]["active_bans"]) > 0 || !data[0]["access_login"].Equals("1"))
{
// Dispose the current session - now invalid
FormsAuthentication.SignOut();
HttpContext.Current.Session.Abandon();
// Redirect to logout page to inform the user -- this will cause a 404 but also ensure the session has been disposed because it's invalid
response.Redirect(pageElements["URL"] + "/logout/banned", true);
}
else
{
pageElements["USERNAME"] = data[0]["username"];
pageElements["USERID"] = data[0]["userid"];
}
// Set group flag
pageElements.setFlag("GROUP_" + data[0]["title"]);
}
}