📄 dv_api_serv.aspx.cs
字号:
using System;
using System.Collections;
using System.Collections.Specialized;
using System.Data;
using System.IO;
using System.Xml;
using System.Web;
using Dvbbs.Utils;
namespace Dvbbs.Api.Web
{
public class ServicePage : Dvbbs.Utils.Origin
{
private readonly string __AppId = string.Empty, __SysKey = string.Empty;
private readonly string[] __ReqAppIdList = new string[]{"dvbbs", "powereasy", "oblog", "other"};
private string __ResponseBodyMessage = "操作成功!";
private bool __IsSuccess = true, __Finished = false;
// 客户端发送过来的请求数据
private NameValueCollection __RequestData, __ResponseChoiceList;
public ServicePage()
{
Config cfg = new Config(Server.MapPath("./pdo.config"));
__SysKey = cfg["SYSKEY"];
__AppId = cfg["APPID"];
}
protected override void OnInit(EventArgs e)
{
try
{
// 保存 Cookie (用来实现跨域登录和注销)
if (Fetch.Get("syskey").Length > 0 && Fetch.Get("username").Length > 0)
{
this.__SaveCookie();
}
else
{
// 初始化操作
__Initialize();
// 此行代码用于调试
#if (DEBUG)
ResponseChoiceList["MD5_SysKey"] = this.__MD5(__RequestData["username"] + __SysKey);
#endif
// 主体代码,响应/处理请求
__ProcessRequest();
}
}
catch (Exception ex)
{
// 操作失败,有异常产生
__ProcessException(ex);
}
finally
{
// 请求结束,收尾工作
__Finish();
}
}
// 初始化操作
private void __Initialize()
{
// 设置 HTTP 头
Response.ContentType = "text/xml";
Response.ContentEncoding = System.Text.Encoding.GetEncoding("gb2312");
// 初始化 __RequestData
__RequestData = new NameValueCollection();
// 分析请求中的数据并将它们加载到 __RequestData 中
XmlTextReader reader = null;
try
{
reader = new XmlTextReader(Request.InputStream);
reader.WhitespaceHandling = WhitespaceHandling.None;
reader.MoveToContent();
string value = string.Empty;
while (reader.Read())
{
if (1 == reader.Depth && reader.IsStartElement())
{
value = reader.ReadString();
if (null == value || 0 == value.Length)
{
__RequestData[reader.Name] = string.Empty;
}
else
{
__RequestData[reader.Name] = Server.UrlDecode(value);
}
}
}
}
finally
{
if (null != reader)
{
reader.Close();
reader = null;
}
}
}
// 主体代码,响应/处理请求
private void __ProcessRequest()
{
// 验证程序标识 appid
if (!__CheckAppId())
{
this.__Throw("程序标识 “" + __RequestData["appid"] + "”不合法!");
return;
}
// 验证安全码 syskey
if (!__CheckSysKey())
{
this.__Throw("安全码不正确!");
// this.__Throw("安全码不正确!" + Text.MD5("admin" + __SysKey, 8, 16));
return;
}
switch (__RequestData["action"])
{
case "checkname": // 检查用户名、邮箱是否可以注册
__CheckUser();
break;
case "reguser": // 注册用户
__RegisterUser();
break;
case "login": // 用户登录
__UserLogin();
break;
case "update": // 更新用户资料
__UpdateUserInfo();
break;
case "delete": // 删除用户
__DeleteUser();
break;
case "getinfo": // 查询用户信息
__GetUserInfo();
break;
default:
this.__Throw("未指定的操作类型!");
return;
}
}
private void __ProcessException(Exception ex)
{
this.__Throw(ex.ToString());
}
// 请求结束,收尾工作
private void __Finish()
{
if (__Finished)
{
return;
}
__Finished = true;
base.Finish();
XmlTextWriter writer = null;
try
{
writer = new XmlTextWriter(Response.Output);
writer.Formatting = Formatting.Indented;
writer.WriteStartDocument();
writer.WriteStartElement("root");
writer.WriteStartElement("appid");
writer.WriteString(__AppId);
writer.WriteEndElement();
writer.WriteStartElement("status");
writer.WriteString(__IsSuccess ? "0" : "1");
writer.WriteEndElement();
writer.WriteStartElement("needcookie");
if (null != __RequestData)
{
writer.WriteString("1" == __RequestData["needcookie"] ? "1" : "0");
}
writer.WriteEndElement();
writer.WriteStartElement("body");
writer.WriteStartElement("message");
writer.WriteString(__ResponseBodyMessage);
writer.WriteEndElement();
// 将可选的列表追加进来
if (null != __ResponseChoiceList && __ResponseChoiceList.Count > 0)
{
string key = null;
for (int i = 0; i < __ResponseChoiceList.Count; i++)
{
key = __ResponseChoiceList.GetKey(i);
if (null != key && key.Length > 0)
{
writer.WriteStartElement(key);
writer.WriteString(__ResponseChoiceList[i]);
writer.WriteEndElement();
}
}
}
writer.WriteEndElement();
writer.WriteEndElement();
writer.WriteEndDocument();
}
finally
{
if (null != writer)
{
writer.Close();
writer = null;
}
}
#if DEBUG
using (StreamWriter fwriter = new StreamWriter(Server.MapPath("./api.log"), false))
{
if (0 == Fetch.Get("syskey").Length && 0 == Fetch.Get("username").Length && null != __RequestData)
{
foreach (string key in __RequestData.Keys)
{
fwriter.Write("<" + key + ">" + __RequestData[key] + "</" + key + ">\r\n");
}
fwriter.Write("\r\n\r\n");
}
fwriter.Write("Request.QueryString:\r\n");
foreach (string key in Request.QueryString.Keys)
{
fwriter.Write("" + key + "=" + Request.QueryString[key] + "\r\n");
}
fwriter.Write("Request.Form:\r\n");
foreach (string key in Request.Form.Keys)
{
fwriter.Write("" + key + "=" + Request.Form[key] + "\r\n");
}
}
#endif
}
// 同步 Cookie
private void __SaveCookie()
{
// 初始化 __RequestData
__RequestData = new NameValueCollection();
// 对请求中提供的用户名进行验证,检查是否符合注册要求。
string user_name = Fetch.Get("username");
__RequestData["username"] = user_name;
if (!__CheckUser(user_name))
{
return;
}
// 检查安全码
string sys_key = Fetch.Get("syskey");
if (null == sys_key || 0 == sys_key.Length)
{
this.__Throw("安全码不能为空!");
return;
}
if ((sys_key != this.__MD5(user_name + this.__SysKey) && sys_key != Text.MD5(user_name + this.__SysKey)))
{
this.__Throw("安全码不正确!");
return;
}
// 用一个变量存储密码
string user_pwd = Fetch.Get("password");
// user_pwd 为空,表明要注销用户
if (0 == user_pwd.Length)
{
// 从在线表删除用户数据
HttpCookie c_session = Dvbbs.Utils.Cookie.Get("session");
if (null == c_session)
{
conn.ExecuteNonQuery(
"UPDATE " + Fetch.TablePrefix + "online SET power=0, username='游客' WHERE username=@UserName",
conn.CreateParameter("@UserName", DbType.String, user_name)
);
}
else
{
conn.ExecuteNonQuery(
"UPDATE " + Fetch.TablePrefix + "online SET power=0, username='游客' WHERE id=@Id",
conn.CreateParameter("@Id", DbType.String, c_session.Values["sessionid"])
);
}
// 删除用户的 Cookies
Dvbbs.Utils.Cookie.Remove("user");
// 删除在线缓存
Caching.Remove("OnlineList");
SessionState.Set("pop_strategy", null);
SessionState.Set("exp_strategy", null);
SessionState.Set("mng_strategy", null);
}
else // user_pwd 不为空,表明这是一个登录请求
{
__RequestData["action"] = "login";
__RequestData["syskey"] = Fetch.Get("syskey");
__RequestData["password"] = user_pwd;
__RequestData["savecookie"] = Fetch.Get("savecookie");
// 调用登录方法
this.__UserLogin();
}
// 指示禁止调用 this.__Finish()
this.__Finished = true;
// 释放资源
Finish();
}
// 验证程序标识 appid
private bool __CheckAppId()
{
string appid = __RequestData["appid"];
if (null == appid || 0 == appid.Length)
{
return false;
}
for (int i = 0; i < __ReqAppIdList.Length; i++)
{
if (-1 != appid.IndexOf(__ReqAppIdList[i]))
{
return true;
}
}
return false;
}
// 验证安全码 syskey
private bool __CheckSysKey()
{
string username = __RequestData["username"];
if (null == username || 0 == username.Length)
{
return false;
}
string syskey = __RequestData["syskey"];
if (null == syskey || 0 == syskey.Length || (syskey != this.__MD5(username + __SysKey) && syskey != Text.MD5(username + __SysKey)))
{
return false;
}
return true;
}
private void __Throw(string errorMessage)
{
this.__IsSuccess = false;
this.__ResponseBodyMessage = "Dvbbs.Net Api 错误提示:" + errorMessage;
this.__Finish();
Response.End();
}
private void __SetSuccessMessage(string errorMessage)
{
this.__IsSuccess = true;
this.__ResponseBodyMessage = errorMessage;
}
private string __MD5(string str)
{
return Text.MD5(str, 8, 16);
}
//-------------------------------------------------------------
// 对请求中提供的用户名及email(如果有的话)进行验证,检查是否符合注册要求。
private bool __CheckUser()
{
return this.__CheckUser(__RequestData["username"]);
}
private bool __CheckUser(string userName)
{
if (null == userName || 0 == userName.Length)
{
this.__Throw("用户名未设置!");
return false;
}
int limit = int.Parse(config["LengthOfName"]);
// 检查用户名长度
if(bool.Parse(Config.Settings["ChineseNameOnly"].ToString()) && !RegExp.isChinese(userName))
{
this.__Throw("对不起,用户名只能是2-" + (limit / 2).ToString() + "个汉字,不能包含字母或数字!");
return false;
}
if (base.Len(userName.Trim()) < 3 || base.Len(userName.Trim()) > limit)
{
this.__Throw("用户名必须是长度为3-" + limit.ToString() + "个字母及数字或者2-" + (limit / 2).ToString() + "个汉字!");
return false;
}
// 检查用户名是否包含特殊字符
string chars = @"!@#$%^&*()+=|\/?<>,.:;'""`[]{}";
for (int i = 0; i < chars.Length; i++)
{
if (-1 != userName.IndexOf(chars[i]))
{
this.__Throw("用户名只能是字母、数字或中文,不允许包含特殊字符");
return false;
}
}
// 检查电子邮件格式
string email = __RequestData["email"];
if (null != email && email.Length > 0)
{
if (-1 == email.IndexOf("@") || -1 == email.IndexOf("."))
{
this.__Throw("请正确输入电子信箱");
return false;
}
// 当请求的是注册用户模块时,检查用户名是否已被注册,电子邮件是否已被使用
if ("reguser" == __RequestData["action"])
{
// 检查电子邮件是否已被使用
int count = int.Parse(conn.GetScalar("SELECT COUNT(1) FROM " + Fetch.TablePrefix + "user WHERE UserEmail=@UserEmail", conn.CreateParameter("@UserEmail", DbType.String, email)).ToString());
if (count > 0)
{
this.__Throw("电子邮件“" + email + "”已被使用!");
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -