private static UserConnectInfo LoadUserConnectInfo(IDataReader reader)
{
UserConnectInfo userConnectInfo = new UserConnectInfo();
userConnectInfo.OpenId = reader["openid"].ToString();
userConnectInfo.Uid = TypeConverter.ObjectToInt(reader["uid"]);
userConnectInfo.Token = reader["token"].ToString();
userConnectInfo.Secret = reader["secret"].ToString();
userConnectInfo.AllowVisitQQUserInfo = TypeConverter.ObjectToInt(reader["allowvisitqquserinfo"]);
userConnectInfo.AllowPushFeed = TypeConverter.ObjectToInt(reader["allowpushfeed"]);
userConnectInfo.IsSetPassword = TypeConverter.ObjectToInt(reader["issetpassword"]);
userConnectInfo.CallbackInfo = reader["callbackinfo"].ToString();
return userConnectInfo;
}
protected override void ShowPage()
{
if (!DiscuzCloud.GetCloudServiceEnableStatus("connect"))
{
AddErrLine("QQ登录功能已关闭");
return;
}
switch (action)
{
case "access":
if (!CheckCallbackSignature(DNTRequest.GetString("con_sig")))
{
AddErrLine("非法请求");
return;
}
OAuthAccessTokenInfo tokenInfo = DiscuzCloud.GetConnectAccessTokenInfo();
if (tokenInfo == null)
{
AddErrLine("QQ登录过程中出现异常,请尝试再次登录");
return;
}
userconnectinfo = DiscuzCloud.GetUserConnectInfo(tokenInfo.Openid);
if (userconnectinfo == null)
{
userconnectinfo = new UserConnectInfo();
userconnectinfo.OpenId = tokenInfo.Openid;
userconnectinfo.Token = tokenInfo.Token;
userconnectinfo.Secret = tokenInfo.Secret;
userconnectinfo.AllowVisitQQUserInfo = DNTRequest.GetInt("con_is_user_info", 0);
userconnectinfo.AllowPushFeed = DNTRequest.GetInt("con_is_feed", 0) == 1 ? 3 : 0;
userconnectinfo.CallbackInfo = usedusernames + "&" + birthday + "&" + gender + "&" + email;
DiscuzCloud.CreateUserConnectInfo(userconnectinfo);
}
else if (userconnectinfo.Uid > 0)
{
if (userid > 0)
{
SetBackLink("index.aspx");
AddErrLine(userconnectinfo.Uid != userid ? "该QQ已经绑定了其他帐号" : "该QQ用户已登录");
return;
}
ShortUserInfo userInfo = Users.GetShortUserInfo(userconnectinfo.Uid);
string redirectUrl = "";
//如果userInfo==null,可能是管理员后台删除了这个帐号,则用户的ConnnectInfo也需要被解绑重置
if (userInfo == null)
{
DiscuzCloud.UnbindUserConnectInfo(userconnectinfo.OpenId);
redirectUrl = HttpContext.Current.Request.RawUrl;
}
else
{
redirectUrl = forumpath + "index.aspx";
//如果云端的token和Secret发生改变,则更新本地保存的token和Secret
if (tokenInfo.Token != userconnectinfo.Token || tokenInfo.Secret != userconnectinfo.Secret)
{
userconnectinfo.Token = tokenInfo.Token;
userconnectinfo.Secret = tokenInfo.Secret;
DiscuzCloud.UpdateUserConnectInfo(userconnectinfo);
}
LoginUser(userInfo);
}
HttpContext.Current.Response.Redirect(redirectUrl);
HttpContext.Current.ApplicationInstance.CompleteRequest();
}
else
{
string[] callbackInfo = userconnectinfo.CallbackInfo.Split('&');
if (callbackInfo.Length == 4)
{
usedusernames = string.IsNullOrEmpty(usedusernames) ? callbackInfo[0] : usedusernames;
birthday = string.IsNullOrEmpty(birthday) ? callbackInfo[1] : birthday;
gender = gender == 0 ? Utils.StrToInt(callbackInfo[2], 0) : gender;
email = string.IsNullOrEmpty(email) ? callbackInfo[3] : email;
}
}
UserBindConnectLog userBindLog = DiscuzCloud.GetUserConnectBindLog(userconnectinfo.OpenId);
isbindoverflow = userBindLog != null && cloudconfig.Maxuserbindcount > 0 && userBindLog.BindCount >= cloudconfig.Maxuserbindcount;
allowreg = config.Regstatus != 0 && cloudconfig.Allowconnectregister == 1 && !isbindoverflow;
connectswitch = allowreg && userid < 0 ? 1 : 2;
#region convert used username list
byte[] bt = Convert.FromBase64String(usedusernames);
usedusernames = System.Text.Encoding.Default.GetString(bt);
#endregion
avatarurl = string.Format("http://avatar.connect.discuz.qq.com/{0}/{1}", DiscuzCloudConfigs.GetConfig().Connectappid, userconnectinfo.OpenId);
openid = userconnectinfo.OpenId;
break;
case "bind":
if (ispost)
{
if (DNTRequest.GetString("bind_type") == "new")
RegisterAndBind();
else
{
if (userid < 0)
BindForumExistedUser();
else
BindLoginedUser();
}
}
break;
case "unbind":
if (userid < 1)
{
AddErrLine("未登录用户无法进行该操作");
return;
}
userconnectinfo = DiscuzCloud.GetUserConnectInfo(userid);
if (userconnectinfo == null)
{
AddErrLine("您并没有绑定过QQ,不需要执行该操作");
return;
}
if (ispost)
{
if (userconnectinfo.IsSetPassword == 0)
{
string passwd = DNTRequest.GetString("newpasswd");
if (string.IsNullOrEmpty(passwd))
{
AddErrLine("您必须为帐号设置新密码才能解除绑定");
return;
}
if (passwd.Length < 6)
{
AddErrLine("密码不得少于6个字符");
return;
}
if (passwd != DNTRequest.GetString("confirmpasswd"))
{
AddErrLine("两次输入的新密码不一致");
return;
}
UserInfo userInfo = Users.GetUserInfo(userid);
userInfo.Password = passwd;
Users.ResetPassword(userInfo);
//同步其他应用密码
Sync.UpdatePassword(userInfo.Username, userInfo.Password, "");
if (!Utils.StrIsNullOrEmpty(DNTRequest.GetString("changesecques")))
Users.UpdateUserSecques(userid, DNTRequest.GetInt("question", 0), DNTRequest.GetString("answer"));
ForumUtils.WriteCookie("password", ForumUtils.SetCookiePassword(userInfo.Password, config.Passwordkey));
OnlineUsers.UpdatePassword(olid, userInfo.Password);
}
DiscuzCloud.UnbindUserConnectInfo(userconnectinfo.OpenId);
UserBindConnectLog bindLog = DiscuzCloud.GetUserConnectBindLog(userconnectinfo.OpenId);
if (bindLog != null)
{
bindLog.Type = 2;
DiscuzCloud.UpdateUserConnectBindLog(bindLog);
}
AddMsgLine("解绑成功");
string reurl = Utils.UrlDecode(ForumUtils.GetReUrl());
SetUrl(reurl.IndexOf("register.aspx") < 0 ? reurl : forumpath + "index.aspx");
SetMetaRefresh();
}
break;
default:
if (isbindconnect)
{
AddErrLine("用户已登录");
return;
}
HttpContext.Current.Response.Redirect(DiscuzCloud.GetConnectLoginPageUrl(userid));
HttpContext.Current.ApplicationInstance.CompleteRequest();
break;
}
}
/// <summary>
/// 生成通知云平台的js脚本
/// </summary>
/// <param name="connectInfo"></param>
/// <param name="userName"></param>
/// <param name="birthday"></param>
/// <param name="gender"></param>
/// <param name="email"></param>
/// <param name="isPublicEmail"></param>
/// <param name="isUsedQQAvatar"></param>
/// <param name="type"></param>
/// <returns></returns>
private string GetNotifyScript(UserConnectInfo connectInfo, string userName, string birthday, int gender,
string email, int isPublicEmail, int isUsedQQAvatar, string type)
{
return string.Format("<script type=\"text/javascript\" src=\"{0}\" ></script>", DiscuzCloud.GetBindUserNotifyUrl(connectInfo, userName, birthday
, gender, email, isPublicEmail == 1 ? 1 : 2, isUsedQQAvatar, type));
}
/// <summary>
/// 在论坛注册一个新用户并绑定
/// </summary>
private void RegisterAndBind()
{
if (userid > 0)
{
AddErrLine("当前已有用户登录,无法注册");
return;
}
if (config.Regstatus < 1 || cloudconfig.Allowconnectregister == 0)
{
AddErrLine("论坛当前禁止新的QQ会员登录");
return;
}
string tmpUserName = DNTRequest.GetString(config.Antispamregisterusername);
string email = DNTRequest.GetString(config.Antispamregisteremail).Trim().ToLower();
string tmpBday = DNTRequest.GetString("bday").Trim();
string errorMessage = "";
if (!Users.PageValidateUserName(tmpUserName, out errorMessage) || !Users.PageValidateEmail(email, false, out errorMessage))
{
AddErrLine(errorMessage);
return;
}
//用户注册模板中,生日可以单独用一个名为bday的文本框, 也可以分别用bday_y bday_m bday_d三个文本框, 用户可不填写
if (!Utils.IsDateString(tmpBday) && !string.IsNullOrEmpty(tmpBday))
{
AddErrLine("生日格式错误, 如果不想填写生日请置空");
return;
}
//如果用户名符合注册规则, 则判断是否已存在
if (Users.GetUserId(tmpUserName) > 0)
{
AddErrLine("请不要重复提交!");
return;
}
//读取当前用户的OPENID信息
userconnectinfo = DiscuzCloud.GetUserConnectInfo(openid);
if (userconnectinfo == null || userconnectinfo.Uid > 0)
{
AddErrLine("Connect信息异常,登录失败,请尝试再次登录");
return;
}
UserBindConnectLog bindLog = DiscuzCloud.GetUserConnectBindLog(userconnectinfo.OpenId);
if (cloudconfig.Maxuserbindcount != 0 && bindLog != null && (bindLog.Type != 1 && bindLog.BindCount >= cloudconfig.Maxuserbindcount))
{
AddErrLine("当前QQ用户解绑次数过多,无法绑定新注册的用户");
return;
}
UserInfo userInfo = CreateUser(tmpUserName, email, tmpBday);
userconnectinfo.Uid = userInfo.Uid;
DiscuzCloud.UpdateUserConnectInfo(userconnectinfo);
if (bindLog == null)
{
bindLog = new UserBindConnectLog();
bindLog.OpenId = userconnectinfo.OpenId;
bindLog.Uid = userconnectinfo.Uid;
bindLog.Type = 1;
bindLog.BindCount = 1;
DiscuzCloud.CreateUserConnectBindLog(bindLog);
}
else
{
bindLog.BindCount++;
bindLog.Uid = userconnectinfo.Uid;
bindLog.Type = 1;
DiscuzCloud.UpdateUserConnectBindLog(bindLog);
}
#region 发送欢迎信息
if (config.Welcomemsg == 1)
{
// 收件箱
PrivateMessageInfo privatemessageinfo = new PrivateMessageInfo();
privatemessageinfo.Message = config.Welcomemsgtxt;
privatemessageinfo.Subject = "欢迎您的加入! (请勿回复本信息)";
privatemessageinfo.Msgto = userInfo.Username;
privatemessageinfo.Msgtoid = userInfo.Uid;
privatemessageinfo.Msgfrom = PrivateMessages.SystemUserName;
privatemessageinfo.Msgfromid = 0;
privatemessageinfo.New = 1;
privatemessageinfo.Postdatetime = Utils.GetDateTime();
privatemessageinfo.Folder = 0;
PrivateMessages.CreatePrivateMessage(privatemessageinfo, 0);
}
#endregion
//发送同步数据给应用程序
Sync.UserRegister(userInfo.Uid, userInfo.Username, userInfo.Password, "");
//如果用户选择使用QZone头像
if (cloudconfig.Allowuseqzavater == 1 && DNTRequest.GetString("use_qzone_avatar") == "1")
{
QZoneAvatar qz = new QZoneAvatar();
qz.AsyncGetAvatar(userconnectinfo);
}
SetUrl("index.aspx");
SetShowBackLink(false);
//如果不是需要管理员审核的注册,页面延时刷新为2秒,否则是5秒
SetMetaRefresh(config.Regverify != 2 ? 2 : 5);
Statistics.ReSetStatisticsCache();
if (config.Regverify != 2)
{
CreditsFacade.UpdateUserCredits(userInfo.Uid);
ForumUtils.WriteUserCookie(userInfo, -1, config.Passwordkey);
Utils.WriteCookie("bindconnect", "true");//将当前登录用户是否绑定QQ互联的状态设置为true
OnlineUsers.UpdateAction(olid, UserAction.Register.ActionID, 0, config.Onlinetimeout);
AddMsgLine("QQ登录成功,继续浏览");
}
else
{
AddMsgLine("QQ数据绑定完成, 但需要系统管理员审核您的帐户后才可登录使用");
}
notifyscript = GetNotifyScript(userconnectinfo, userInfo.Username, userInfo.Bday, userInfo.Gender,
userInfo.Email, userInfo.Showemail, DNTRequest.GetInt("useqqavatar", 2), "register");
}
/// <summary>
/// 绑定论坛已存在的用户
/// </summary>
private void BindForumExistedUser()
{
if (LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), false) >= 5)
{
AddErrLine("您已经多次输入密码错误, 请15分钟后再登录");
return;
}
if (config.Emaillogin == 1 && Utils.IsValidEmail(postusername))
{
DataTable dt = Users.GetUserInfoByEmail(postusername);
if (dt.Rows.Count == 0)
{
AddErrLine("用户不存在");
return;
}
if (dt.Rows.Count > 1)
{
AddErrLine("您所使用Email不唯一,请使用用户名登陆");
return;
}
if (dt.Rows.Count == 1)
{
postusername = dt.Rows[0]["username"].ToString();
}
}
if (config.Emaillogin == 0)
{
if ((Users.GetUserId(postusername) == 0))
AddErrLine("用户不存在");
}
if (string.IsNullOrEmpty(postpassword))
AddErrLine("密码不能为空");
if (IsErr()) return;
ShortUserInfo userInfo = GetShortUserInfo();
if (userInfo != null)
{
#region 当前用户所在用户组为"禁止访问"或"等待激活"时
if ((userInfo.Groupid == 4 || userInfo.Groupid == 5) && userInfo.Groupexpiry != 0 && userInfo.Groupexpiry <= Utils.StrToInt(DateTime.Now.ToString("yyyyMMdd"), 0))
{
//根据当前用户的积分获取对应积分用户组
UserGroupInfo groupInfo = CreditsFacade.GetCreditsUserGroupId(userInfo.Credits);
usergroupid = groupInfo.Groupid != 0 ? groupInfo.Groupid : usergroupid;
userInfo.Groupid = usergroupid;
Users.UpdateUserGroup(userInfo.Uid, usergroupid);
}
if (userInfo.Groupid == 5)// 5-禁止访问
{
AddErrLine("该用户已经被禁止访问,无法绑定");
return;
}
#endregion
//读取当前用户的OPENID信息
userconnectinfo = DiscuzCloud.GetUserConnectInfo(openid);
if (userconnectinfo == null || userconnectinfo.Uid > 0)
{
AddErrLine("Connect信息异常,登录失败,请尝试再次登录");
return;
}
if (DiscuzCloud.IsBindConnect(userInfo.Uid))
{
AddErrLine("该用户已经绑定了QQ,无法再次绑定");
return;
}
userconnectinfo.Uid = userInfo.Uid;
userconnectinfo.IsSetPassword = 1;
DiscuzCloud.UpdateUserConnectInfo(userconnectinfo);
UserBindConnectLog bindLog = DiscuzCloud.GetUserConnectBindLog(userconnectinfo.OpenId);
if (bindLog == null)
{
bindLog = new UserBindConnectLog();
bindLog.OpenId = userconnectinfo.OpenId;
bindLog.Uid = userconnectinfo.Uid;
bindLog.Type = 1;
bindLog.BindCount = 1;
DiscuzCloud.CreateUserConnectBindLog(bindLog);
}
else
{
bindLog.Uid = userconnectinfo.Uid;
bindLog.Type = 1;
DiscuzCloud.UpdateUserConnectBindLog(bindLog);
}
if (userInfo.Groupid != 8)
{
LoginUser(userInfo);
AddMsgLine("QQ登录成功,继续浏览");
}
else
{
AddMsgLine("帐号绑定成功,但需要管理员审核通过才能登录");
}
SetUrl("index.aspx");
SetMetaRefresh();
SetShowBackLink(false);
notifyscript = GetNotifyScript(userconnectinfo, userInfo.Username, userInfo.Bday, userInfo.Gender,
userInfo.Email, userInfo.Showemail, DNTRequest.GetInt("useqqavatar", 2), "registerbind");
return;
}
else
{
int errcount = LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), true);
if (errcount > 5)
AddErrLine("您已经输入密码5次错误, 请15分钟后再试");
else
AddErrLine(string.Format("密码或安全提问第{0}次错误, 您最多有5次机会重试", errcount));
}
if (IsErr()) return;
}
/// <summary>
/// 绑定当前在线用户
/// </summary>
private void BindLoginedUser()
{
userconnectinfo = DiscuzCloud.GetUserConnectInfo(openid);
if (userconnectinfo == null || userconnectinfo.Uid > 0)
{
AddErrLine("Connect信息异常,登录失败,请尝试再次登录");
return;
}
if (DiscuzCloud.IsBindConnect(userid))
{
AddErrLine("该用户已经绑定了QQ,无法再次绑定");
return;
}
userconnectinfo.Uid = userid;
userconnectinfo.IsSetPassword = 1;
DiscuzCloud.UpdateUserConnectInfo(userconnectinfo);
UserBindConnectLog bindLog = DiscuzCloud.GetUserConnectBindLog(userconnectinfo.OpenId);
if (bindLog == null)
{
bindLog = new UserBindConnectLog();
bindLog.OpenId = userconnectinfo.OpenId;
bindLog.Uid = userconnectinfo.Uid;
bindLog.Type = 1;
bindLog.BindCount = 1;
DiscuzCloud.CreateUserConnectBindLog(bindLog);
}
else
{
bindLog.Uid = userconnectinfo.Uid;
bindLog.Type = 1;
DiscuzCloud.UpdateUserConnectBindLog(bindLog);
}
SetUrl("index.aspx");
SetMetaRefresh();
SetShowBackLink(false);
AddMsgLine("QQ绑定成功,继续浏览");
Utils.WriteCookie("bindconnect", "true");//将当前登录用户是否绑定QQ互联的状态设置为true
ShortUserInfo userInfo = Users.GetShortUserInfo(userid);
notifyscript = GetNotifyScript(userconnectinfo, userInfo.Username, userInfo.Bday, userInfo.Gender,
userInfo.Email, userInfo.Showemail, DNTRequest.GetInt("useqqavatar", 2), "loginbind");
}
/// <summary>
/// 更新用户的互联信息
/// </summary>
/// <param name="userConnectInfo"></param>
/// <returns></returns>
public static int UpdateUserConnectInfo(UserConnectInfo userConnectInfo)
{
return DatabaseProvider.GetInstance().UpdateUserConnectInfo(userConnectInfo);
}
protected override void ShowPage()
{
pagetitle = "用户控制面板";
if (!IsLogin()) return;
UserConnectInfo connectInfo = new UserConnectInfo();
if (isbindconnect)
{
connectInfo = DiscuzCloud.GetUserConnectInfo(userid);
isconnectsetpassword = connectInfo != null && connectInfo.IsSetPassword == 0;
}
if (DNTRequest.IsPost())
{
UserInfo userInfo = Users.GetUserInfo(userid);
string newpassword = DNTRequest.GetString("newpassword");
if (!isconnectsetpassword)
{
//第三方加密验证模式
if (config.Passwordmode > 1 && PasswordModeProvider.GetInstance() != null)
{
if (!PasswordModeProvider.GetInstance().CheckPassword(userInfo, DNTRequest.GetString("oldpassword")))
{
AddErrLine("您的原密码错误");
return;
}
}
else if (Users.CheckPassword(userid, DNTRequest.GetString("oldpassword"), true) == -1)
{
AddErrLine("您的原密码错误");
return;
}
}
if (newpassword != DNTRequest.GetString("newpassword2"))
{
AddErrLine("新密码两次输入不一致");
return;
}
if (Utils.StrIsNullOrEmpty(newpassword))
{
newpassword = DNTRequest.GetString("oldpassword");
}
if (newpassword.Length < 6)
{
AddErrLine("密码不得少于6个字符");
return;
}
userInfo.Password = newpassword;
Users.ResetPassword(userInfo);
//同步其他应用密码
Sync.UpdatePassword(userInfo.Username, userInfo.Password, "");
if (!Utils.StrIsNullOrEmpty(DNTRequest.GetString("changesecques")))
Users.UpdateUserSecques(userid, DNTRequest.GetInt("question", 0), DNTRequest.GetString("answer"));
ForumUtils.WriteCookie("password", ForumUtils.SetCookiePassword(userInfo.Password, config.Passwordkey));
OnlineUsers.UpdatePassword(olid, userInfo.Password);
if (isconnectsetpassword && connectInfo.Uid == userid)
{
connectInfo.IsSetPassword = 1;
DiscuzCloud.UpdateUserConnectInfo(connectInfo);
}
SetUrl("usercpnewpassword.aspx");
SetMetaRefresh();
SetShowBackLink(true);
AddMsgLine("修改密码完毕, 同时已经更新了您的登录信息");
}
}
/// <summary>
/// 更新用户的互联信息
/// </summary>
/// <param name="userConnectInfo"></param>
/// <returns></returns>
public int UpdateUserConnectInfo(UserConnectInfo userConnectInfo)
{
DbParameter[] parms = {
DbHelper.MakeInParam("@openid",(DbType)SqlDbType.Char,32,userConnectInfo.OpenId),
DbHelper.MakeInParam("@uid",(DbType)SqlDbType.Int,4,userConnectInfo.Uid),
DbHelper.MakeInParam("@token",(DbType)SqlDbType.Char,16,userConnectInfo.Token),
DbHelper.MakeInParam("@secret",(DbType)SqlDbType.Char,16,userConnectInfo.Secret),
DbHelper.MakeInParam("@allowvisitqquserinfo",(DbType)SqlDbType.Int,4,userConnectInfo.AllowVisitQQUserInfo),
DbHelper.MakeInParam("@allowpushfeed",(DbType)SqlDbType.Int,4,userConnectInfo.AllowPushFeed),
DbHelper.MakeInParam("@issetpassword",(DbType)SqlDbType.Int,4,userConnectInfo.IsSetPassword),
DbHelper.MakeInParam("@callbackinfo",(DbType)SqlDbType.NVarChar,100,userConnectInfo.CallbackInfo)
};
return DbHelper.ExecuteNonQuery(CommandType.StoredProcedure, string.Format("{0}updateuserconnect", BaseConfigs.GetTablePrefix), parms);
}