📄 dv_api_serv.aspx.cs
字号:
return false;
}
// 检查用户名是否已被注册
if (int.Parse(conn.GetScalar("SELECT COUNT(1) FROM " + Fetch.TablePrefix + "user WHERE username=@UserName", conn.CreateParameter("@UserName", DbType.String, userName)).ToString()) > 0)
{
this.__Throw("用户名“" + userName + "”已被注册!");
return false;
}
}
}
return true;
}
// 注册用户
private void __RegisterUser()
{
// 检查当前论坛是否允许注册新会员
if (!bool.Parse(config["EnableUserRegistration"]))
{
this.__Throw("论坛暂时不允许注册新会员!");
return;
}
// 对请求中提供的用户名进行验证,检查是否符合注册要求。
if (!__CheckUser())
{
return;
}
//检查密码
string user_pwd = __RequestData["password"];
if (null == user_pwd || user_pwd.Length < 6 || user_pwd.Length > 20)
{
this.__Throw("密码应为6-20位");
return;
}
string question = __RequestData["question"];
if (null == question || 0 == question.Length)
{
this.__Throw("请填写找回密码的问题!");
return;
}
string answer = __RequestData["answer"];
if (null == answer || 0 == answer.Length)
{
this.__Throw("请填写找回密码的问题答案!");
return;
}
string user_sex = __RequestData["gender"];
if (null == user_sex || 0 == user_sex.Length || "1" == user_sex)
{
user_sex = "false"; // 性别: 男
}
else
{
user_sex = "true"; // 性别: 女
}
// 将用户信息插入数据库
int effected_rows = conn.ExecuteNonQuery(
"INSERT INTO " + Fetch.TablePrefix + "user(username, [UserPassword], UserEP, UserSex, UserEmail, UserQuesion, UserAnswer, UserFace, UserInfo, usergroupid) VALUES(@UserName, @UserPassword, 0, @UserSex, @UserEmail, @UserQuesion, @UserAnswer, '1.gif', '', 9)",
conn.CreateParameter("@UserName", DbType.String, __RequestData["username"]),
conn.CreateParameter("@UserPassword", DbType.String, this.__MD5(__RequestData["password"])),
// Dvbbs.Net.dv_user.usersex=0为男
conn.CreateParameter("@UserSex", DbType.Boolean, user_sex),
conn.CreateParameter("@UserEmail", DbType.String, __RequestData["email"]),
conn.CreateParameter("@UserQuesion", DbType.String, question),
conn.CreateParameter("@UserAnswer", DbType.String, answer)
);
if (effected_rows > 0)
{
this.__SetSuccessMessage("成功注册!");
}
else
{
this.__Throw("注册失败!错误信息:未知的原因!");
}
}
// 用户登录
private void __UserLogin()
{
// 检查用户名
string user_name = __RequestData["username"];
if (null == user_name || 0 == user_name.Length)
{
this.__Throw("请输入用户名!");
return;
}
// 检查密码
string user_pwd = __RequestData["password"];
if (null == user_pwd || 0 == user_pwd.Length)
{
this.__Throw("请输入密码!");
return;
}
// 检查目标 IP 是否被拒绝登录
if (Dvbbs.bbs.Handlers.UserHandler.IsDeniedIp(conn))
{
this.__Throw("对不起,你所在的IP段已被拒绝登录本论坛。");
return;
}
// 从数据库中取出该用户的数据
DataTable dt = conn.GetDataTable("SELECT TOP 1 UserLastIP, randpass, buycredit, sellcredit,trafutong, UserTopic, UserPost, userisclassical, UserDel, UserLogins, UserFace, LastLogin, UserGroupID, UserPower, LockUser, unlocktime, UserPassword,truepassword, UserEP, [UserMoney], UserID, UserName, JoinDate, isactivated, albumtotal, favalbumtotal, favphotototal FROM " + Fetch.TablePrefix + "user WHERE username=@UserName and isdelete=0", conn.CreateParameter("@UserName", DbType.String, user_name));
// 检查数据为中是否存在此用户
if (null == dt || 0 == dt.Rows.Count)
{
Cookie.Remove("user");
this.__Throw("登录失败,用户名不存在!");
return;
}
DataRow dr = dt.Rows[0];
// 检查用户是否已被锁定
if (bool.Parse(dr["LockUser"].ToString()) && !(dr["unlocktime"] is DBNull))
{
if ((DateTime)dr["unlocktime"] > DateTime.Today)
{
Cookie.Remove("user");
string unlockDay = ((DateTime)dr["unlocktime"]).ToString("D");
this.__Throw("该帐号已经被冻结,暂时不能使用,解除期限为: " + unlockDay);
return;
}
}
// 检查密码是否正确
string encrypt_password = Text.MD5(user_pwd);
if (!Text.ComparePassword(dr["UserPassword"].ToString(), encrypt_password))
{
Cookie.Remove("user");
this.__Throw("登录失败,密码不正确!");
return;
}
// 检查用户是否已被激活
if (!bool.Parse(dr["isactivated"].ToString()))
{
Cookie.Remove("user");
this.__Throw("对不起,您的注册帐号尚未被管理员激活。论坛目前设置新注册会员需要审核通过才能使用,请牢记注册信息,待管理员审核激活后才可登录。");
return;
}
// 登录信息检验通过,将用户登录状态保存在 Cookies 里
HttpCookie cUser = Cookie.Get("user");
string isFade = "0";
string randpass = Text.MD5(new Random().Next(6000,90000).ToString());
if (null == cUser)
{
cUser = Cookie.Set("user");
}
else
{
isFade = cUser.Values["fade"];
}
cUser.Values["name"] = HttpContext.Current.Server.UrlEncode(user_name.Trim());
cUser.Values["userid"] = dr["userid"].ToString();
cUser.Values["roleid"] = dr["usergroupid"].ToString();
cUser.Values["power"] = dr["usergroupid"].ToString();
cUser.Values["experience"] = dr["UserEP"].ToString();
cUser.Values["money"] = dr["UserMoney"].ToString();
cUser.Values["token1"] = Text.GenerateToken(dr["usergroupid"].ToString() + encrypt_password + user_name + ((DateTime)dr["joindate"]).ToString("yyyy-MM-dd H:mm:ss"));
cUser.Values["token2"] = encrypt_password;
cUser.Values["jointime"] = ((DateTime)dr["joindate"]).ToString("G");
cUser.Values["fade"] = isFade;
cUser.Values["face"] = Dvbbs.Utils.Text.TextEncode(dr["UserFace"].ToString());
cUser.Values["userpost"] = dr["UserPost"].ToString();
cUser.Values["userisclassical"] = dr["userisclassical"].ToString();
cUser.Values["userdel"] = dr["UserDel"].ToString();
cUser.Values["userlogins"] = dr["UserLogins"].ToString();
cUser.Values["usertopic"] = dr["UserTopic"].ToString();
cUser.Values["trafutong"] = dr["trafutong"].ToString();
cUser.Values["buycredit"] = dr["buycredit"].ToString();
cUser.Values["sellcredit"] = dr["sellcredit"].ToString();
cUser.Values["albumtotal"] = dr["albumtotal"].ToString();
cUser.Values["favalbumtotal"] = dr["favalbumtotal"].ToString();
cUser.Values["favphotototal"] = dr["favphotototal"].ToString();
cUser.Values["randpass"] = randpass;
cUser.Values["logdate"] = System.DateTime.Now.ToString();
cUser.Values["UserLastIP"] = dr["UserLastIP"].ToString();
cUser.Values["dv_truepassword"] = randpass;
int save_days = 0;
if (null != __RequestData["savecookie"] && __RequestData["savecookie"].Length > 0)
{
save_days = int.Parse(__RequestData["savecookie"]);
}
if (save_days > 0)
{
cUser.Expires = DateTime.Today.AddDays(save_days);
cUser.Values["expires"] = DateTime.Today.AddDays(save_days).ToString("G");
}
else
{
if (cUser.Values["expires"] != string.Empty && cUser.Values["expires"] != null)
{
cUser.Expires = DateTime.Parse(cUser.Values["expires"]);
}
}
Cookie.Save(cUser);
SessionState.Set("pop_strategy" + Fetch.UrlEncode(user_name), null);
SessionState.Set("exp_strategy" + Fetch.UrlEncode(user_name), null);
SessionState.Set("mng_strategy" + Fetch.UrlEncode(user_name), null);
// 设置用户状态
conn.ExecuteNonQuery(
"UPDATE " + Fetch.TablePrefix + "user SET LockUser=0, isonline=1, randpass=@RandPass, LastLogin=" + conn.DbDateFunc + ", UserLogins=UserLogins+1, UserLastIP=@UserLastIp, truepassword=@TruePassword WHERE username=@UserName",
conn.CreateParameter("@RandPass", DbType.String, randpass),
conn.CreateParameter("@UserLastIp", DbType.String, Fetch.UserIp),
conn.CreateParameter("@UserName", DbType.String, user_name),
conn.CreateParameter("@TruePassword", DbType.String, randpass)
);
// 删除不需要的 Cookies
Caching.Remove("OnlineList");
this.__SetSuccessMessage("登录成功!");
}
// 更新用户资料
private void __UpdateUserInfo()
{
// 对请求中提供的用户名进行验证,检查是否符合要求。(如果有电子邮件,此方法也会对电子邮件进行检查)
if (!__CheckUser())
{
return;
}
// // 检查密码
// if (null != __RequestData["password"] && 0 == __RequestData["password"].Length)
// {
// this.__Throw("更新用户资料时发生错误:请填写密码!");
// return;
// }
//
// // 检查找回密码的问题
// if (null != __RequestData["question"] && 0 == __RequestData["question"].Length)
// {
// this.__Throw("更新用户资料时发生错误:如果要修改找回密码的问题,请填写!");
// return;
// }
//
// // 检查找回密码的问题答案
// if (null != __RequestData["answer"] && 0 == __RequestData["answer"].Length)
// {
// this.__Throw("更新用户资料时发生错误:如果要修改找回密码的问题答案,请填写!");
// return;
// }
System.Text.StringBuilder sb = new System.Text.StringBuilder ("UPDATE " + Fetch.TablePrefix + "user SET username=username");
// Start 拼接 SQL 语句
// 更新密码
if (null != __RequestData["password"] && __RequestData["password"].Length > 0)
{
sb.Append(", UserPassword='" + Text.SqlEncode(this.__MD5(__RequestData["password"])) + "'");
}
// 更新电子邮件
if (null != __RequestData["email"] && __RequestData["email"].Length > 0)
{
sb.Append(", UserEmail='" + Text.SqlEncode(__RequestData["email"]) + "'");
}
// 更新找回密码的问题
if (null != __RequestData["question"] && __RequestData["question"].Length > 0)
{
sb.Append(", UserQuesion='" + Text.SqlEncode(__RequestData["question"]) + "'");
}
// 更新找回密码的问题答案
if (null != __RequestData["answer"] && __RequestData["answer"].Length > 0)
{
sb.Append(", UserAnswer='" + Text.SqlEncode(this.__MD5(__RequestData["answer"])) + "'");
}
// 更新真实姓名
if (null != __RequestData["truename"] && __RequestData["truename"].Length > 0)
{
sb.Append(", truename='" + Text.SqlEncode(__RequestData["truename"]) + "'");
}
// 更新性别
if (null != __RequestData["gender"] && __RequestData["gender"].Length > 0)
{
sb.Append(", UserSex=" + ("0" == __RequestData["gender"] ? "1" : "0"));
}
// 更新生日
if (null != __RequestData["birthday"] && __RequestData["birthday"].Length > 0)
{
// Nothing to do
}
// 更新 QQ
if (null != __RequestData["qq"] && __RequestData["qq"].Length > 0)
{
// Nothing to do
}
// 更新 MSN
if (null != __RequestData["msn"] && __RequestData["msn"].Length > 0)
{
// Nothing to do
}
// 更新移动电话
if (null != __RequestData["mobile"] && __RequestData["mobile"].Length > 0)
{
// Nothing to do
}
// 更新普通电话
if (null != __RequestData["telephone"] && __RequestData["telephone"].Length > 0)
{
// Nothing to do
}
// 更新用户联系地址
if (null != __RequestData["address"] && __RequestData["address"].Length > 0)
{
// Nothing to do
}
// 更新用户邮政编码
if (null != __RequestData["zipcode"] && __RequestData["zipcode"].Length > 0)
{
// Nothing to do
}
// 更新用户个人主页
if (null != __RequestData["homepage"] && __RequestData["homepage"].Length > 0)
{
// Nothing to do
}
// 更新用户注册时所在的IP
if (null != __RequestData["userip"] && __RequestData["userip"].Length > 0)
{
// Nothing to do
}
// 更新用户的注册时间
if (null != __RequestData["jointime"] && __RequestData["jointime"].Length > 0)
{
// Nothing to do
}
// 更新用户的发帖量
if (null != __RequestData["posts"] && __RequestData["posts"].Length > 0)
{
// Nothing to do
}
// sb.Append(" WHERE username='" + Text.SqlEncode(__RequestData["username"]) + "' AND UserPassword='" + Text.SqlEncode(this.__MD5(__RequestData["password"])) + "'");
sb.Append(" WHERE username='" + Text.SqlEncode(__RequestData["username"]) + "'");
// End 拼接 SQL 语句
// 执行 SQL 语句
conn.ExecuteNonQuery(sb.ToString());
this.__SetSuccessMessage("用户资料更新成功!");
}
// 删除用户
private void __DeleteUser()
{
// 对请求中提供的用户名进行验证,检查是否符合要求。(如果有电子邮件,此方法也会对电子邮件进行检查)
string req_user_name = __RequestData["username"];
if (null == req_user_name || 0 == req_user_name.Length)
{
this.__Throw("删除用户资料失败,原因是:未设置用户名!");
return;
}
string[] user_name_list = req_user_name.Split(',');
if (null == user_name_list || 0 == user_name_list.Length)
{
this.__Throw("删除用户资料失败,原因是:用户名格式不合法!");
return;
}
// 检查每一个要删除的用户名是否合法
for (int i = 0; i < user_name_list.Length; i++)
{
if (!__CheckUser(user_name_list[i]))
{
return;
}
}
System.Text.StringBuilder sb = new System.Text.StringBuilder("' '");
for (int i = 0; i < user_name_list.Length; i++)
{
sb.Append(", '" + Text.SqlEncode(user_name_list[i]) + "'");
}
conn.ExecuteNonQuery("UPDATE " + Fetch.TablePrefix + "user SET isdelete=1 WHERE username IN(" + sb.ToString() + ")");
this.__SetSuccessMessage("已成功地删除了指定的用户!");
}
// 查询用户信息
private void __GetUserInfo()
{
// 对请求中提供的用户名进行验证,检查是否符合要求。(如果有电子邮件,此方法也会对电子邮件进行检查)
if (!__CheckUser())
{
return;
}
// 从数据库中取出用户数据
string fld_list = null;
if (conn.Provider == DbProviderEnum.Access)
{
fld_list = "username, UserEmail AS email, UserQuesion AS question, UserAnswer AS answer, truename, IIF(UserSex=0, 1, 0) AS gender, '' AS birthday, '' AS qq, '' AS msn, '' AS mobile, '' AS telephone, '' AS address, '' AS zipcode, '' AS homepage, firstip AS userip, JoinDate AS jointime, '' AS experience, '' AS ticket, '' AS valuation, UserMoney AS balance, UserPost AS posts, LockUser AS userstatus";
}
else
{
fld_list = "username, UserEmail AS email, UserQuesion AS question, UserAnswer AS answer, truename, (CASE WHEN UserSex=0 THEN 1 ELSE 0 END) AS gender, '' AS birthday, '' AS qq, '' AS msn, '' AS mobile, '' AS telephone, '' AS address, '' AS zipcode, '' AS homepage, firstip AS userip, JoinDate AS jointime, '' AS experience, '' AS ticket, '' AS valuation, UserMoney AS balance, UserPost AS posts, LockUser AS userstatus";
}
DataTable dt = conn.GetDataTable(
"SELECT " + fld_list + " FROM " + Fetch.TablePrefix + "user WHERE username=@UserName",
conn.CreateParameter("@UserName", DbType.String, __RequestData["username"])
);
if (null == dt || 0 == dt.Rows.Count)
{
this.__Throw("您要查找的用户不存在!");
return;
}
DataRow dr = dt.Rows[0];
// 设置可选的 XML 列表
ResponseChoiceList["savecookie"] = "0";
for (int i = 0; i < dt.Columns.Count; i++)
{
ResponseChoiceList[dt.Columns[i].ColumnName] = dr[dt.Columns[i]].ToString();
}
}
// Properties
private NameValueCollection ResponseChoiceList
{
get
{
if (null == __ResponseChoiceList)
{
__ResponseChoiceList = new NameValueCollection();
}
return __ResponseChoiceList;
}
}
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -