Ejemplo n.º 1
0
        public ActionResult Login(LoginModel model)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }
            //ToDo:有漏洞跟验证码有关
            string verifyCode = model.VerifyCode;

            //验证码错误
            if (verifyCode != (string)TempData["verifyCode"])
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "验证码错误"
                }));
            }
            bool result = userService.CheckLogin(model.PhoneNum, model.Password);

            if (result)
            {
                //把当前登录用户的Id存到Session,给后面检查“当前Session登录的这个用户有没有***的权限”
                Session["LoginUserId"] = userService.GetByPhoneNum(model.PhoneNum).Id;
                return(Json(new AjaxResult {
                    Status = "ok"
                }));
            }
            else
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "用户名或密码错误"
                }));
            }
        }
Ejemplo n.º 2
0
        public ActionResult Login(LoginModel model)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }

            //if (model.VerifyCode != (string)TempData["verifyCode"])
            //{
            //    return Json(new AjaxResult { Status = "error", ErrorMsg = "验证码错误" });
            //}

            bool result = UserService.CheckLogin(model.UserName, model.Password);

            if (result)
            {
                //Session中保存当前登录用户Id
                //Session["LoginUserId"]
                //    = UserService.GetByUserName(model.UserName).Id;
                Session["LoginUserId"]
                    = UserService.GetByPhoneNum(model.UserName).Id;
                //给后面检查“当前Session登录的这个用户有没有***的权限”
                return(Json(new AjaxResult {
                    Status = "ok"
                }));
            }
            else
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "用户名或者密码错误"
                }));
            }
        }
Ejemplo n.º 3
0
        public ActionResult Add(AdminUserAddModel model)
        {
            if (!ModelState.IsValid)
            {
                string msg = MVCHelper.GetValidMsg(ModelState);
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = msg
                }));
            }
            //服务器端的校验必不可少
            bool exists = userService.GetByPhoneNum(model.PhoneNum) != null;

            if (exists)
            {
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = "手机号已经存在"
                }));
            }
            long?cityId = null;

            if (model.CityId != 0)//cityId=0的时候为“总部”
            {
                cityId = model.CityId;
            }
            long userId = userService.AddAdminUser(model.Name,
                                                   model.PhoneNum, model.Password, model.Email, cityId);

            roleService.AddRoleIds(userId, model.RoleIds);
            return(Json(new AjaxResult {
                Status = "ok"
            }));
        }
Ejemplo n.º 4
0
 public ActionResult Login(LoginModel model)
 {
     if (!ModelState.IsValid)
     {
         return(Json(new AjaxResult {
             Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
         }));
     }
     if (model.VerifyCode != (string)TempData["verifyCode"])
     {
         return(Json(new AjaxResult {
             Status = "error", ErrorMsg = "验证码错误"
         }));
     }
     if (userService.CheckLogin(model.PhoneNum, model.Password))
     {
         Session["AdminUserId"] = userService.GetByPhoneNum(model.PhoneNum).Id;
         return(Json(new AjaxResult {
             Status = "ok"
         }));
     }
     else
     {
         return(Json(new AjaxResult {
             Status = "error", ErrorMsg = "手机号密码错误"
         }));
     }
 }
Ejemplo n.º 5
0
 public ActionResult Login(AdminLogin adminLogin)
 {
     if (ModelState.IsValid)
     {
         if (adminLogin.Code == TempData["code"].ToString())
         {
             bool i = Logins.Login(adminLogin.PhoneNum, adminLogin.Pwd);
             if (i)
             {
                 Session["LoginId"] = adminUserService.GetPhoneUpdate(adminLogin.PhoneNum);
                 return(Json(new AjaxReault {
                     Statin = "ok"
                 }));
             }
             else
             {
                 return(Json(new AjaxReault {
                     Msg = "用户名或密码不正确"
                 }));
             }
         }
         else
         {
             return(Json(new AjaxReault {
                 Msg = "验证码不一致!"
             }));
         }
     }
     else
     {
         return(Json(new AjaxReault {
             Statin = "no", Msg = MVCHelper.GetValidMsg(ModelState)
         }));
     }
 }
Ejemplo n.º 6
0
        public ActionResult Add(UserAddDTO dto)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }

            var data = userService.AddUser(dto);

            if (data > 0)
            {
                return(Json(new AjaxResult {
                    Status = "ok"
                }));
            }
            else
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "添加失败!"
                }));
            }
        }
Ejemplo n.º 7
0
 public ActionResult Login(LoginModel model)
 {
     if (!ModelState.IsValid)
     {
         return(Json(new AjaxResult
         {
             Status = "error",
             ErrorMsg = MVCHelper.GetValidMsg(ModelState)
         }));
     }
     if (model.Code != (string)TempData["verifyCode"])
     {
         return(Json(new AjaxResult {
             Status = "error", ErrorMsg = "验证码错误!"
         }));
     }
     if (adminUserService.CheckLogin(model.Name, model.PassWord))
     {
         Session["LoginAdminId"] = adminUserService.GetByName(model.Name).Id;
         return(Json(new AjaxResult {
             Status = "ok"
         }));
     }
     else
     {
         return(Json(new AjaxResult {
             Status = "error", ErrorMsg = "账号密码错误!"
         }));
     }
 }
        public ActionResult Login(string username, string password, string Verify)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }
            var yzm = (string)TempData["verifyCodeHome"];

            if (Verify != yzm)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "验证码错误!"
                }));
            }

            if (userService.CheckLogin(username, password))
            {
                var user = userService.GetAll().FirstOrDefault(e => e.UserName == username);
                CommonHelper.WriteCookie("UserLogin", DESEncrypt.Encrypt(JsonConvert.SerializeObject(user)), 7200);
                return(Json(new AjaxResult {
                    Status = "ok"
                }));
            }
            else
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "账号密码错误!"
                }));
            }
        }
Ejemplo n.º 9
0
        public ActionResult Login(LoginModel model)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }
            if (TempData["VarifyCode"] == null || model.VarifyCode != (string)TempData["VarifyCode"])
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "验证码错误"
                }));
            }
            bool result = AdminUserService.CheckLogin(model.PhoneNum, model.Password);

            if (result)
            {
                Session["LoginUserId"] = AdminUserService.GetByPhoneNum(model.PhoneNum).Id;
                return(Json(new AjaxResult {
                    Status = "ok", Data = "/Main/Index"
                }));
            }
            else
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "用户名或密码错误"
                }));
            }
        }
Ejemplo n.º 10
0
        public JsonResult Login(AdminLoginModel model)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }
            if ((string)TempData["VerifyCode"] != model.VerifyCode)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "验证码错误"
                }));
            }
            bool result = AdminUserService.CheckLogin(model.PhoneNum, model.Password);

            if (result)
            {
                Session["LoginUserId"] = AdminUserService.GetByPhoneNum(model.PhoneNum).Id;
                return(Json(new AjaxResult {
                    Status = "ok"
                }));
            }
            else
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "用户名或者密码错误"
                }));
            }
        }
Ejemplo n.º 11
0
        public ActionResult Login(UserLoginModel model)
        {
            //提交表单合法性验证
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }
            var user = userService.GetByPhoneNum(model.PhoneNum);

            if (user != null)
            {
                //判断
                if (userService.IsLocked(user.Id))
                {
                    //TimeSpan代表时间段,日期相减就代表相差的时间段(30分钟-(当前时间-最后一次登录错误时间))
                    TimeSpan?leftTimeSpan =
                        TimeSpan.FromMinutes(30) - (DateTime.Now - user.LastLoginErrorDateTime);
                    return(Json(new AjaxResult
                    {
                        Status = "error",
                        ErrorMsg = "账号已被锁定,请"
                                   + (int)leftTimeSpan.Value.TotalMinutes + "分钟后再试"
                    }));
                }
            }

            bool isOK = userService.CheckLogin(model.PhoneNum, model.Password);

            if (isOK)
            {
                //一旦登录成功,就重置所有登录错误信息,避免影响下一次登录
                userService.ResetLoginError(user.Id);

                //把当前登录用户信息存入Session
                Session["UserId"] = user.Id;
                Session["CityId"] = user.CityId;

                return(Json(new AjaxResult
                {
                    Status = "ok"
                }));
            }
            else
            {
                if (user != null)//存在这个手机号
                {
                    //登入失败增加登录错误次数
                    userService.IncrLoginError(user.Id);
                }
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = "用户名或者密码错误"
                }));
            }
        }
Ejemplo n.º 12
0
        public ActionResult Login(AdminUserLoginModel model)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }

            //settingService.UpdateValue("前端奖品图片地址", "http://104.151.50.99:8225");

            if (adminService.CheckLogin(model.Name, model.Password))
            {
                Session["AdminUserId"] = adminService.GetByName(model.Name).Id;
                return(Json(new AjaxResult {
                    Status = "redirect", Data = "/home/index"
                }));
            }
            else
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "用户名密码错误"
                }));
            }
        }
Ejemplo n.º 13
0
        public ActionResult Login(UserLoginModel model)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }
            var user = userService.GetByPhoneNum(model.PhoneNum);

            //手机号存在再判断是否已经被锁定
            if (user != null)
            {
                if (userService.IsLocked(user.Id))//被锁定
                {
                    TimeSpan?leftTimeSpan = TimeSpan.FromMinutes(30) - (DateTime.Now - user.LastLoginErrorDateTime);
                    return(Json(new AjaxResult
                    {
                        Status = "error",
                        ErrorMsg = "账号已被锁定,请"
                                   + (int)leftTimeSpan.Value.TotalMinutes + "分钟后再试"
                    }));
                }
            }

            //检查用户名密码对不对
            bool isOK = userService.CheckLogin(model.PhoneNum, model.Password);

            if (isOK)
            {
                //一旦登录成功,就重置所有登录错误信息,避免影响下一次登录
                userService.ResetLoginError(user.Id);

                //2017-06-26
                //登录成功后把当前登录用户信息存入Session
                Session["UserId"] = user.Id;
                Session["CityId"] = user.CityId;
                //cityId可能为null

                return(Json(new AjaxResult {
                    Status = "ok"
                }));
            }
            else
            {
                //只有手机号正确的时候才记录错误次数
                if (user != null)
                {
                    userService.IncrLoginError(user.Id);
                }

                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "用户名或密码错误"
                }));
            }
        }
Ejemplo n.º 14
0
 public ActionResult Data(TestModel model)
 {
     if (!ModelState.IsValid)
     {
         //return Json(new AjaxResult { Status = "ok", Msg =MVCHelper.GetValidMsg(ModelState)});
         return(Content(MVCHelper.GetValidMsg(ModelState)));
     }
     //return Json(new AjaxResult { Status = "ok"});
     return(Content("成功"));
 }
Ejemplo n.º 15
0
 public ActionResult TestDataValidation(Person person)
 {
     if (ModelState.IsValid)
     {
         return(Content(person.Name + "," + person.Age));
     }
     else
     {
         string errorMsg = MVCHelper.GetValidMsg(ModelState);
         return(Content(errorMsg));
     }
 }
Ejemplo n.º 16
0
 public ActionResult V1(Person p)
 {
     if (ModelState.IsValid)
     {
         return(Content(p.Age.ToString()));
     }
     else
     {
         string errorMsg = MVCHelper.GetValidMsg(ModelState);
         return(Content("验证失败,具体原因" + errorMsg));
     }
 }
Ejemplo n.º 17
0
 // GET: Val1
 public ActionResult Index(IndexModel model)
 {
     //参数校验是否通过
     if (ModelState.IsValid)
     {
         return(Content("Age=" + model.Age));
     }
     else
     {
         string msg = MVCHelper.GetValidMsg(ModelState);
         return(Content("验证失败" + msg));
     }
 }
Ejemplo n.º 18
0
 public ActionResult Edit(PermissionEditModel model)
 {
     if (!ModelState.IsValid)
     {
         return(Json(new AjaxResult {
             Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
         }));
     }
     PerSer.UpdatePermission(model.Id, model.Name, model.Description);
     return(Json(new AjaxResult {
         Status = "ok"
     }));
 }
Ejemplo n.º 19
0
 public ActionResult Edit(RoleEditPostModel model)
 {
     if (!ModelState.IsValid)
     {
         return(Json(new AjaxResult {
             Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
         }));
     }
     roleService.Update(model.Id, model.Name);
     perService.UpdatePermIds(model.Id, model.PermissionIds);
     return(Json(new AjaxResult {
         Status = "ok"
     }));
 }
Ejemplo n.º 20
0
        public ActionResult Create(RoleCreateModel model)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }
            long roleId = RoleService.AddNew(model.Name);

            PermService.AddPermIds(roleId, model.permissionIds);
            return(Json(new AjaxResult {
                Status = "ok"
            }));
        }
Ejemplo n.º 21
0
        public ActionResult Add()
        {
            //检查Model验证是否通过
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = MVCHelper.GetValidMsg(ModelState),
                }));
            }
            var perms = perService.GetAll();

            return(View(perms));
        }
Ejemplo n.º 22
0
        public ActionResult Add(RoleAddModel model)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }
            long id = roleService.AddNew(model.Name);

            perService.AddPermIds(id, model.PermissionIds);
            return(Json(new AjaxResult {
                Status = "ok"
            }));
        }
Ejemplo n.º 23
0
        public ActionResult Add(RoleAddModel model)
        {
            //TransactionScope
            //检查Model验证是否通过
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }
            long roleId = roleService.AddNew(model.Name);

            permService.AddPermIds(roleId, model.PermissionIds); //为roleId这个角色添加权限
            return(Json(new  { status = "ok" }));
        }
Ejemplo n.º 24
0
        public async Task <ActionResult> Add(AdminUserAddModel model)
        {
            if (!ModelState.IsValid)
            {
                string msg = MVCHelper.GetValidMsg(ModelState);
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = msg
                }));
            }
            int id = adminUserService.AddAdminUser(model.Name, model.UserName, model.Password, model.Email, model.PhoneNum);

            roleService.AddRoles(id, model.RoleIds);
            return(Json(new AjaxResult {
                Status = "ok"
            }));
        }
Ejemplo n.º 25
0
        public ActionResult MakeAppointment(HouseMakeAppointment model)
        {
            if (!ModelState.IsValid)
            {
                string msg = MVCHelper.GetValidMsg(ModelState);
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = msg
                }));
            }
            long?userId = FrontHelper.GetUserId(HttpContext);

            appointmentService.AddNew(userId, model.Name, model.PhoneNum, model.HouseId, model.VisitDate);
            return(Json(new AjaxResult {
                Status = "ok"
            }));
        }
Ejemplo n.º 26
0
        public ActionResult Register(UserRegModel model)
        {
            if (ModelState.IsValid == false)
            {
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }
            //比较输入验证码与服务器的验证码是否一致
            string serverSmsCode = TempData["smsCode"].ToString();

            if (model.SmsCode != serverSmsCode)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "短信验证码错误"
                }));
            }
            //比较电话号码是否一致
            string serverPhoneNum = (string)TempData["RegphoneNum"];

            if (serverPhoneNum != model.PhoneNum)
            {
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = "注册的手机号和获取验证码手机号不同"
                }));
            }


            //漏洞
            if (userService.GetByPhoneNum(model.PhoneNum) != null)
            {
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = "此手机号已经被注册"
                }));
            }

            userService.AddNew(model.PhoneNum, model.PassWord);
            return(Json(new AjaxResult {
                Status = "ok"
            }));
        }
Ejemplo n.º 27
0
        public ActionResult Login(UserLoginModel model)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = MVCHelper.GetValidMsg(ModelState),
                }));
            }
            var user = userService.GetByPhoneNum(model.Password);

            if (user != null)
            {
                if (userService.IsLocked(user.Id))
                {
                    return(Json(new AjaxResult {
                        Status = "error", ErrorMsg = "账号被锁定"
                    }));
                }
            }
            var isOk = userService.CheckLogin(model.PhoneNum, model.Password);

            if (isOk)
            {
                //一旦登陆成功,就重置登陆失败信息
                userService.ResetLoginError(user.Id);

                //把当前登录用户信息存入session
                Session["UserId"] = user.Id;
                Session["CityId"] = user.CityId;

                return(Json(new AjaxResult {
                    Status = "ok"
                }));
            }
            else
            {
                if (user != null)
                {
                    userService.IncrLoginError(user.Id);
                }
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "用户名或密码错误"
                }));
            }
        }
Ejemplo n.º 28
0
        public ActionResult Add(RoleAddModel model)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }

            //transactionScope
            int roleId = (int)roleService.AddNew(model.Name);

            perService.AddPermids(roleId, model.PermissionIds);
            return(Json(new AjaxResult {
                Status = "ok"
            }));
        }
Ejemplo n.º 29
0
        public ActionResult Add(LongAdminUserAddModel longAdminUserAddModel)
        {
            if (!ModelState.IsValid)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }

            long id = adminUserService.AddAdminUser(longAdminUserAddModel.Name, longAdminUserAddModel.PhoneNum,
                                                    longAdminUserAddModel.Password, longAdminUserAddModel.Email, longAdminUserAddModel.CityId);

            roleService.AddRoleIds(id, longAdminUserAddModel.RoleIds);
            return(Json(new AjaxResult {
                Status = "ok"
            }));
        }
Ejemplo n.º 30
0
        public ActionResult Register(UserRegModel model)
        {
            //提交表单合法性验证
            if (ModelState.IsValid == false)
            {
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = MVCHelper.GetValidMsg(ModelState)
                }));
            }

            //检查一下注册时候的手机号是不是被改掉了。防止漏洞
            string serverPhoneNum = (string)TempData["RegPhoneNum"];

            if (serverPhoneNum != model.PhoneNum)
            {
                return(Json(new AjaxResult
                {
                    Status = "error",
                    ErrorMsg = "注册的手机号和刚才验证短信验证码的手机号不一致"
                }));
            }

            //比较输入的短信验证码和服务器端保存的正确的验证码是否一致
            string serverSmsCode = (string)TempData["smsCode"];

            if (model.SmsCode != serverSmsCode)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "短信验证码错误"
                }));
            }
            //漏洞(可以随便编一个手机号也能通过注册)
            //检查手机号是不是已经存在
            if (userService.GetByPhoneNum(model.PhoneNum) != null)
            {
                return(Json(new AjaxResult {
                    Status = "error", ErrorMsg = "此手机号已经被注册"
                }));
            }
            userService.AddNew(model.PhoneNum, model.Password);
            return(Json(new AjaxResult {
                Status = "ok"
            }));
        }