protected override void ShowPage()
{
pagetitle = "用户登录";
postusername = Utils.UrlDecode(DNTRequest.GetString("postusername")).Trim();
if (this.userid != -1)
{
//SetUrl("/Forum/");
SetMetaRefresh();
SetShowBackLink(false);
AddMsgLine("您已经登录,无须重复登录");
ispost = true;
SetLeftMenuRefresh();
APIConfigInfo apiInfo = APIConfigs.GetConfig();
if (apiInfo.Enable)
{
APILogin(apiInfo);
}
}
/*
* if (LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), false) >= 5)
* {
* AddMsgLine("您已经多次输入密码错误, 请15分钟后再登录");
* loginsubmit = false;
* return;
* }
*/
//未提交或跨页提交时
if (!DNTRequest.IsPost() || referer != "")
{
string r = "";
if (referer != "")
{
r = referer;
}
else
{
if ((DNTRequest.GetUrlReferrer() == "") || (DNTRequest.GetUrlReferrer().IndexOf("login") > -1) ||
DNTRequest.GetUrlReferrer().IndexOf("logout") > -1)
{
r = "index.aspx";
}
else
{
r = DNTRequest.GetUrlReferrer();
}
}
Utils.WriteCookie("reurl", (DNTRequest.GetQueryString("reurl") == "" || DNTRequest.GetQueryString("reurl").IndexOf("login.aspx") > -1) ? r : DNTRequest.GetQueryString("reurl"));
}
//如果提交...
if (DNTRequest.IsPost())
{
StringBuilder builder = new StringBuilder();
foreach (string key in System.Web.HttpContext.Current.Request.QueryString.AllKeys)
{
if (key != "postusername")
{
builder.Append("&");
builder.Append(key);
builder.Append("=");
builder.Append(DNTRequest.GetQueryString(key));
}
}
base.SetBackLink("login.aspx?postusername="******"username")) + builder.ToString());
//如果没输入验证码就要求用户填写
if (isseccode && DNTRequest.GetString("vcode") == "")
{
postusername = DNTRequest.GetString("username");
loginauth = DES.Encode(DNTRequest.GetString("password"), config.Passwordkey).Replace("+", "[");
loginsubmit = true;
return;
}
bool isExistsUserByName = Discuz.Forum.Users.Exists(DNTRequest.GetString("username"));
if (!isExistsUserByName)
{
Discuz.Data.DatabaseProvider.GetInstance().ClubLoginLog(1, -1, System.Web.HttpContext.Current.Request.UserHostAddress, 7);
AddErrLine("用户不存在");
}
if (DNTRequest.GetString("password").Equals("") && DNTRequest.GetString("loginauth") == "")
{
AddErrLine("密码不能为空");
}
if (IsErr())
{
return;
}
if (!Utils.StrIsNullOrEmpty(loginauth))
{
postpassword = DES.Decode(loginauth.Replace("[", "+"), config.Passwordkey);
}
else
{
postpassword = DNTRequest.GetString("password");
}
if (postusername == "")
{
postusername = DNTRequest.GetString("username");
}
int uid = -1;
if (config.Passwordmode == 1)
{
if (config.Secques == 1 && (!Utils.StrIsNullOrEmpty(loginauth) || !loginsubmit))
{
uid = Discuz.Forum.Users.CheckDvBbsPasswordAndSecques(postusername,
postpassword,
DNTRequest.GetInt("question", 0),
DNTRequest.GetString("answer"));
}
else
{
uid = Discuz.Forum.Users.CheckDvBbsPassword(postusername, postpassword);
}
}
else
{
if (config.Secques == 1 && (!Utils.StrIsNullOrEmpty(loginauth) || !loginsubmit))
{
uid = Discuz.Forum.Users.CheckPasswordAndSecques(postusername,
postpassword,
true,
DNTRequest.GetInt("question", 0),
DNTRequest.GetString("answer"));
}
else
{
uid = Discuz.Forum.Users.CheckPassword(postusername, postpassword, true);
}
}
if (uid != -1)
{
ShortUserInfo userinfo = Discuz.Forum.Users.GetShortUserInfo(uid);
if (userinfo.Groupid == 8)
{
AddErrLine("抱歉, 您的用户身份尚未得到验证");
if (config.Regverify == 1)
{
AddMsgLine("请您到您的邮箱中点击激活链接来激活您的帐号");
}
if (config.Regverify == 2)
{
AddMsgLine("您需要等待一些时间, 待系统管理员审核您的帐户后才可登录使用");
}
loginsubmit = false;
}
else
{
if (!Utils.StrIsNullOrEmpty(userinfo.Secques) && loginsubmit && Utils.StrIsNullOrEmpty(DNTRequest.GetString("loginauth")))
{
loginauth = DES.Encode(DNTRequest.GetString("password"), config.Passwordkey).Replace("+", "[");
}
else
{
LoginLogs.DeleteLoginLog(DNTRequest.GetIP());
UserCredits.UpdateUserCredits(uid);
ForumUtils.WriteUserCookie(
uid,
Utils.StrToInt(DNTRequest.GetString("expires"), -1),
config.Passwordkey,
DNTRequest.GetInt("templateid", 0),
DNTRequest.GetInt("loginmode", -1));
OnlineUsers.UpdateAction(olid, UserAction.Login.ActionID, 0);
//无延迟更新在线信息
oluserinfo = OnlineUsers.UpdateInfo(config.Passwordkey, config.Onlinetimeout);
olid = oluserinfo.Olid;
Discuz.Forum.Users.UpdateUserLastvisit(uid, DNTRequest.GetIP());
string reurl = Utils.UrlDecode(ForumUtils.GetReUrl());
if (reurl.IndexOf("register.aspx") < 0)
{
SetUrl(reurl);
}
else
{
SetUrl("index.aspx");
}
APIConfigInfo apiInfo = APIConfigs.GetConfig();
if (apiInfo.Enable)
{
APILogin(apiInfo);
}
Discuz.Forum.Users.SaveUserIDToCookie(uid);
Discuz.Data.DatabaseProvider.GetInstance().ClubLoginLog(1, uid, System.Web.HttpContext.Current.Request.UserHostAddress, 5);
AddMsgLine("登录成功, 返回登录前页面");
userid = uid;
usergroupinfo = UserGroups.GetUserGroupInfo(userinfo.Groupid);
// 根据用户组得到相关联的管理组id
useradminid = usergroupinfo.Radminid;
SetMetaRefresh();
SetShowBackLink(false);
SetLeftMenuRefresh();
loginsubmit = false;
}
}
}
else
{
int errcount = LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), true);
if (errcount > 5)
{
AddErrLine("您已经输入密码5次错误, 请15分钟后再试");
}
else
{
if (isExistsUserByName)
{
uid = Discuz.Data.DatabaseProvider.GetInstance().GetuidByusername(postusername);
}
Discuz.Data.DatabaseProvider.GetInstance().ClubLoginLog(1, uid, System.Web.HttpContext.Current.Request.UserHostAddress, 6);
AddErrLine(string.Format("密码或安全提问第{0}次错误, 您最多有5次机会重试", errcount.ToString()));
}
}
}
}
private void BindExisted()
{
if (LoginLogs.UpdateLoginLog(WebHelper.UserHost, false) >= 5)
{
base.AddErrLine("您已经多次输入密码错误, 请15分钟后再登录");
return;
}
if (this.config.Emaillogin == 1 && Utils.IsValidEmail(this.postusername))
{
var list = BBX.Entity.User.FindAllByEmail(postusername);
if (list.Count == 0)
{
base.AddErrLine("用户不存在");
return;
}
if (list.Count > 1)
{
base.AddErrLine("您所使用Email不唯一,请使用用户名登陆");
return;
}
if (list.Count == 1)
{
this.postusername = list[0].Name;
}
}
if (this.config.Emaillogin == 0 && Users.GetUserId(this.postusername) == 0)
{
base.AddErrLine("用户不存在");
}
if (string.IsNullOrEmpty(this.postpassword))
{
base.AddErrLine("密码不能为空");
}
if (base.IsErr())
{
return;
}
var user = this.GetShortUserInfo();
if (user == null)
{
int num = LoginLogs.UpdateLoginLog(WebHelper.UserHost, true);
if (num > 5)
{
base.AddErrLine("您已经输入密码5次错误, 请15分钟后再试");
}
else
{
base.AddErrLine(string.Format("密码或安全提问第{0}次错误, 您最多有5次机会重试", num));
}
base.IsErr();
return;
}
if ((user.GroupID == 4 || user.GroupID == 5) && user.GroupExpiry != 0 && user.GroupExpiry <= DateTime.Now.ToString("yyyyMMdd").ToInt(0))
{
var creditsUserGroupId = CreditsFacade.GetCreditsUserGroupId((float)user.Credits);
this.usergroupid = ((creditsUserGroupId.ID != 0) ? creditsUserGroupId.ID : this.usergroupid);
user.GroupID = this.usergroupid;
//Users.UpdateUserGroup(user.ID, this.usergroupid);
user.GroupID = usergroupid;
(user as IEntity).Save();
}
if (user.GroupID == 5)
{
base.AddErrLine("该用户已经被禁止访问,无法绑定");
return;
}
var connect = QzoneConnectContext.Current;
connect.Token.Uid = user.ID;
connect.Token.Save();
//QzoneConnectToken.Insert(connect.Token);
XTrace.WriteLine("BindExisted -> success, uid=" + connect.Token.Uid);
if (user.GroupID != 8)
{
this.LoginUser(user);
base.AddMsgLine("QQ登录成功,继续浏览");
}
else
{
base.AddMsgLine("帐号绑定成功,但需要管理员审核通过才能登录");
}
base.SetUrl(connect.Callback);
base.SetMetaRefresh();
base.SetShowBackLink(false);
}
protected override void ShowPage()
{
this.pagetitle = "用户登录";
this.inapi = DNTRequest.GetInt("inapi", 0);
if (this.userid != -1)
{
base.SetUrl(BaseConfigs.GetForumPath);
base.AddMsgLine("您已经登录,无须重复登录");
this.ispost = true;
this.SetLeftMenuRefresh();
if (APIConfigInfo.Current.Enable)
{
this.APILogin(APIConfigInfo.Current);
}
}
if (LoginLogs.UpdateLoginLog(WebHelper.UserHost, false) >= 5)
{
base.AddErrLine("您已经多次输入密码错误, 请15分钟后再登录");
this.loginsubmit = false;
return;
}
this.SetReUrl();
var username = DNTRequest.GetString("username");
if (DNTRequest.IsPost())
{
this.SetBackLink();
if (this.isseccode && String.IsNullOrEmpty(DNTRequest.GetString("vcode")))
{
this.postusername = username;
this.loginauth = DES.Encode(DNTRequest.GetString("password"), this.config.Passwordkey).Replace("+", "[");
this.loginsubmit = true;
return;
}
if (this.config.Emaillogin == 1 && Utils.IsValidEmail(username))
{
//var userInfoByEmail = Users.GetUserInfoByEmail(username);
var list = BBX.Entity.User.FindAllByEmail(username);
//if (userInfoByEmail.Rows.Count == 0)
if (list.Count == 0)
{
base.AddErrLine("用户不存在");
return;
}
if (list.Count > 1)
{
base.AddErrLine("您所使用Email不唯一,请使用用户名登陆");
return;
}
if (list.Count == 1)
{
this.postusername = list[0].Name;
}
}
if (this.config.Emaillogin == 0 && Users.GetUserId(username) == 0)
{
base.AddErrLine("用户不存在");
}
if (Utils.StrIsNullOrEmpty(DNTRequest.GetString("password")) && Utils.StrIsNullOrEmpty(DNTRequest.GetString("loginauth")))
{
base.AddErrLine("密码不能为空");
}
if (base.IsErr())
{
return;
}
IUser user = this.GetShortUserInfo();
if (user != null)
{
if ((user.GroupID == 4 || user.GroupID == 5) && user.GroupExpiry != 0 && user.GroupExpiry <= DateTime.Now.ToString("yyyyMMdd").ToInt(0))
{
var creditsUserGroupId = CreditsFacade.GetCreditsUserGroupId((float)user.Credits);
this.usergroupid = ((creditsUserGroupId.ID != 0) ? creditsUserGroupId.ID : this.usergroupid);
user.GroupID = this.usergroupid;
//Users.UpdateUserGroup(user.ID, this.usergroupid);
//XUser user = XUser.FindByID(postInfo.Posterid);
user.GroupID = 6;
(user as IEntity).Save();
}
if (user.GroupID == 5)
{
base.AddErrLine("您所在的用户组,已经被禁止访问");
return;
}
if (user.GroupID == 8)
{
if (this.config.Regverify == 1)
{
this.needactiveuid = user.ID;
this.email = user.Email;
this.timestamp = DateTime.Now.Ticks.ToString();
this.authstr = Utils.MD5(user.Password + this.config.Passwordkey + this.timestamp);
base.AddMsgLine("请您到您的邮箱中点击激活链接来激活您的帐号");
}
else
{
if (this.config.Regverify == 2)
{
base.AddMsgLine("您需要等待一些时间, 待系统管理员审核您的帐户后才可登录使用");
}
else
{
base.AddErrLine("抱歉, 您的用户身份尚未得到验证");
}
}
this.loginsubmit = false;
return;
}
if (!user.Secques.IsNullOrEmpty() && this.loginsubmit && Utils.StrIsNullOrEmpty(DNTRequest.GetString("loginauth")))
{
this.loginauth = DES.Encode(DNTRequest.GetString("password"), this.config.Passwordkey).Replace("+", "[");
}
else
{
base.AddMsgLine("登录成功, 返回登录前页面");
ForumUtils.WriteUserCookie(user.ID, DNTRequest.GetInt("expires", -1), this.config.Passwordkey, DNTRequest.GetInt("templateid", 0), DNTRequest.GetInt("loginmode", -1));
this.oluserinfo = Online.UpdateInfo(user.ID, "");
this.olid = this.oluserinfo.ID;
this.username = username;
this.userid = user.ID;
this.usergroupinfo = UserGroup.FindByID(user.GroupID);
this.useradminid = this.usergroupinfo.RadminID;
Online.UpdateAction(this.olid, UserAction.Login, 0);
LoginLogs.DeleteLoginLog(WebHelper.UserHost);
Users.UpdateUserCreditsAndVisit(user, WebHelper.UserHost);
if (APIConfigInfo.Current.Enable)
{
this.APILogin(APIConfigInfo.Current);
}
this.loginsubmit = false;
string text = Utils.UrlDecode(ForumUtils.GetReUrl());
base.SetUrl((text.IndexOf("register.aspx") < 0) ? text : (this.forumpath + "index.aspx"));
this.SetLeftMenuRefresh();
if (APIConfigInfo.Current.Enable)
{
base.AddMsgLine(Sync.GetLoginScript(this.userid, this.username));
}
if (!APIConfigInfo.Current.Enable || !Sync.NeedAsyncLogin())
{
base.MsgForward("login_succeed", true);
}
}
}
else
{
int num = LoginLogs.UpdateLoginLog(WebHelper.UserHost, true);
if (num > 5)
{
base.AddErrLine("您已经输入密码5次错误, 请15分钟后再试");
}
else
{
base.AddErrLine(string.Format("密码或安全提问第{0}次错误, 您最多有5次机会重试", num));
}
}
if (base.IsErr())
{
return;
}
ForumUtils.WriteUserCreditsCookie(user, this.usergroupinfo.GroupTitle);
}
}
protected override void ShowPage()
{
pagetitle = "用户登录";
inapi = DNTRequest.GetInt("inapi", 0);
if (userid != -1)
{
SetUrl(BaseConfigs.GetForumPath);
AddMsgLine("您已经登录,无须重复登录");
ispost = true;
SetLeftMenuRefresh();
if (APIConfigs.GetConfig().Enable)
{
APILogin(APIConfigs.GetConfig());
}
}
if (LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), false) >= 5)
{
AddErrLine("您已经多次输入密码错误, 请15分钟后再登录");
loginsubmit = false;
return;
}
SetReUrl();
//如果提交...
if (DNTRequest.IsPost())
{
SetBackLink();
//如果没输入验证码就要求用户填写
if (isseccode && DNTRequest.GetString("vcode") == "")
{
postusername = DNTRequest.GetString("username");
loginauth = DES.Encode(DNTRequest.GetString("password"), config.Passwordkey).Replace("+", "[");
loginsubmit = true;
return;
}
if (config.Emaillogin == 1 && Utils.IsValidEmail(DNTRequest.GetString("username")))
{
DataTable dt = Users.GetUserInfoByEmail(DNTRequest.GetString("username"));
if (dt.Rows.Count == 0)
{
AddErrLine("用户不存在");
return;
}
if (dt.Rows.Count > 1)
{
AddErrLine("您所使用Email不唯一,请使用用户名登陆");
return;
}
if (dt.Rows.Count == 1)
{
postusername = dt.Rows[0]["username"].ToString();
}
}
if (config.Emaillogin == 0)
{
if ((Users.GetUserId(DNTRequest.GetString("username")) == 0))
{
AddErrLine("用户不存在");
}
}
if (Utils.StrIsNullOrEmpty(DNTRequest.GetString("password")) && Utils.StrIsNullOrEmpty(DNTRequest.GetString("loginauth")))
{
AddErrLine("密码不能为空");
}
if (IsErr())
{
return;
}
ShortUserInfo userInfo = GetShortUserInfo();
if (userInfo != null)
{
#region 当前用户所在用户组为"禁止访问"或"等待激活"时
if ((userInfo.Groupid == 4 || userInfo.Groupid == 5) && userInfo.Groupexpiry != 0 && userInfo.Groupexpiry <= Utils.StrToInt(DateTime.Now.ToString("yyyyMMdd"), 0))
{
//根据当前用户的积分获取对应积分用户组
UserGroupInfo groupInfo = UserCredits.GetCreditsUserGroupId(userInfo.Credits);
usergroupid = groupInfo.Groupid != 0 ? groupInfo.Groupid : usergroupid;
userInfo.Groupid = usergroupid;
Users.UpdateUserGroup(userInfo.Uid, usergroupid);
}
if (userInfo.Groupid == 5)// 5-禁止访问
{
AddErrLine("您所在的用户组,已经被禁止访问");
return;
}
if (userInfo.Groupid == 8)
{
if (config.Regverify == 1)
{
needactiveuid = userInfo.Uid;
email = userInfo.Email;
timestamp = DateTime.Now.Ticks.ToString();
authstr = Utils.MD5(string.Concat(userInfo.Password, config.Passwordkey, timestamp));
AddMsgLine("请您到您的邮箱中点击激活链接来激活您的帐号");
}
else if (config.Regverify == 2)
{
AddMsgLine("您需要等待一些时间, 待系统管理员审核您的帐户后才可登录使用");
}
else
{
AddErrLine("抱歉, 您的用户身份尚未得到验证");
}
loginsubmit = false;
return;
}
#endregion
if (!Utils.StrIsNullOrEmpty(userInfo.Secques) && loginsubmit && Utils.StrIsNullOrEmpty(DNTRequest.GetString("loginauth")))
{
loginauth = DES.Encode(DNTRequest.GetString("password"), config.Passwordkey).Replace("+", "[");
}
else
{
//通过api整合的程序登录
if (APIConfigs.GetConfig().Enable)
{
APILogin(APIConfigs.GetConfig());
}
AddMsgLine("登录成功, 返回登录前页面");
#region 无延迟更新在线信息和相关用户信息
ForumUtils.WriteUserCookie(userInfo.Uid, TypeConverter.StrToInt(DNTRequest.GetString("expires"), -1),
config.Passwordkey, DNTRequest.GetInt("templateid", 0), DNTRequest.GetInt("loginmode", -1));
//oluserinfo = OnlineUsers.UpdateInfo(config.Passwordkey, config.Onlinetimeout);
oluserinfo = OnlineUsers.UpdateInfo(config.Passwordkey, config.Onlinetimeout, userInfo.Uid, "");
olid = oluserinfo.Olid;
username = DNTRequest.GetString("username");
userid = userInfo.Uid;
usergroupinfo = UserGroups.GetUserGroupInfo(userInfo.Groupid);
useradminid = usergroupinfo.Radminid; // 根据用户组得到相关联的管理组id
OnlineUsers.UpdateAction(olid, UserAction.Login.ActionID, 0);
LoginLogs.DeleteLoginLog(DNTRequest.GetIP());
Users.UpdateUserCreditsAndVisit(userInfo.Uid, DNTRequest.GetIP());
#endregion
loginsubmit = false;
string reurl = Utils.UrlDecode(ForumUtils.GetReUrl());
SetUrl(reurl.IndexOf("register.aspx") < 0 ? reurl : forumpath + "index.aspx");
SetLeftMenuRefresh();
//同步登录到第三方应用
if (APIConfigs.GetConfig().Enable)
{
AddMsgLine(Sync.GetLoginScript(userid, username));
}
if (!APIConfigs.GetConfig().Enable || !Sync.NeedAsyncLogin())
{
MsgForward("login_succeed", true);
}
}
}
else
{
int errcount = LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), true);
if (errcount > 5)
{
AddErrLine("您已经输入密码5次错误, 请15分钟后再试");
}
else
{
AddErrLine(string.Format("密码或安全提问第{0}次错误, 您最多有5次机会重试", errcount));
}
}
if (IsErr())
{
return;
}
ForumUtils.WriteUserCreditsCookie(userInfo, usergroupinfo.Grouptitle);
}
}
/// <summary>
/// 绑定论坛已存在的用户
/// </summary>
private void BindForumExistedUser()
{
if (LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), false) >= 5)
{
AddErrLine("您已经多次输入密码错误, 请15分钟后再登录");
return;
}
if (config.Emaillogin == 1 && Utils.IsValidEmail(postusername))
{
DataTable dt = Users.GetUserInfoByEmail(postusername);
if (dt.Rows.Count == 0)
{
AddErrLine("用户不存在");
return;
}
if (dt.Rows.Count > 1)
{
AddErrLine("您所使用Email不唯一,请使用用户名登陆");
return;
}
if (dt.Rows.Count == 1)
{
postusername = dt.Rows[0]["username"].ToString();
}
}
if (config.Emaillogin == 0)
{
if ((Users.GetUserId(postusername) == 0))
{
AddErrLine("用户不存在");
}
}
if (string.IsNullOrEmpty(postpassword))
{
AddErrLine("密码不能为空");
}
if (IsErr())
{
return;
}
ShortUserInfo userInfo = GetShortUserInfo();
if (userInfo != null)
{
#region 当前用户所在用户组为"禁止访问"或"等待激活"时
if ((userInfo.Groupid == 4 || userInfo.Groupid == 5) && userInfo.Groupexpiry != 0 && userInfo.Groupexpiry <= Utils.StrToInt(DateTime.Now.ToString("yyyyMMdd"), 0))
{
//根据当前用户的积分获取对应积分用户组
UserGroupInfo groupInfo = CreditsFacade.GetCreditsUserGroupId(userInfo.Credits);
usergroupid = groupInfo.Groupid != 0 ? groupInfo.Groupid : usergroupid;
userInfo.Groupid = usergroupid;
Users.UpdateUserGroup(userInfo.Uid, usergroupid);
}
if (userInfo.Groupid == 5)// 5-禁止访问
{
AddErrLine("该用户已经被禁止访问,无法绑定");
return;
}
#endregion
//读取当前用户的OPENID信息
userconnectinfo = DiscuzCloud.GetUserConnectInfo(openid);
if (userconnectinfo == null || userconnectinfo.Uid > 0)
{
AddErrLine("Connect信息异常,登录失败,请尝试再次登录");
return;
}
if (DiscuzCloud.IsBindConnect(userInfo.Uid))
{
AddErrLine("该用户已经绑定了QQ,无法再次绑定");
return;
}
userconnectinfo.Uid = userInfo.Uid;
userconnectinfo.IsSetPassword = 1;
DiscuzCloud.UpdateUserConnectInfo(userconnectinfo);
UserBindConnectLog bindLog = DiscuzCloud.GetUserConnectBindLog(userconnectinfo.OpenId);
if (bindLog == null)
{
bindLog = new UserBindConnectLog();
bindLog.OpenId = userconnectinfo.OpenId;
bindLog.Uid = userconnectinfo.Uid;
bindLog.Type = 1;
bindLog.BindCount = 1;
DiscuzCloud.CreateUserConnectBindLog(bindLog);
}
else
{
bindLog.Uid = userconnectinfo.Uid;
bindLog.Type = 1;
DiscuzCloud.UpdateUserConnectBindLog(bindLog);
}
if (userInfo.Groupid != 8)
{
LoginUser(userInfo);
AddMsgLine("QQ登录成功,继续浏览");
}
else
{
AddMsgLine("帐号绑定成功,但需要管理员审核通过才能登录");
}
SetUrl("index.aspx");
SetMetaRefresh();
SetShowBackLink(false);
notifyscript = GetNotifyScript(userconnectinfo, userInfo.Username, userInfo.Bday, userInfo.Gender,
userInfo.Email, userInfo.Showemail, DNTRequest.GetInt("useqqavatar", 2), "registerbind");
return;
}
else
{
int errcount = LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), true);
if (errcount > 5)
{
AddErrLine("您已经输入密码5次错误, 请15分钟后再试");
}
else
{
AddErrLine(string.Format("密码或安全提问第{0}次错误, 您最多有5次机会重试", errcount));
}
}
if (IsErr())
{
return;
}
}
public override bool Run(CommandParameter commandParam, ref string result)
{
if (commandParam.AppInfo.ApplicationType == (int)ApplicationType.WEB)
{
result = Util.CreateErrorMessage(ErrorType.API_EC_PERMISSION_DENIED, commandParam.ParamList);
return(false);
}
if (commandParam.LocalUid > 0)
{
result = Util.CreateErrorMessage(ErrorType.API_EC_USER_ONLINE, commandParam.ParamList);
return(false);
}
if (!commandParam.CheckRequiredParams("user_name,password"))
{
result = Util.CreateErrorMessage(ErrorType.API_EC_PARAM, commandParam.ParamList);
return(false);
}
if (LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), false) >= 5)
{
result = Util.CreateErrorMessage(ErrorType.API_EC_MORE_LOGIN_FAILED, commandParam.ParamList);
return(false);
}
string loginName = commandParam.GetDNTParam("user_name").ToString();
string password = commandParam.GetDNTParam("password").ToString();
string passwordFormat = commandParam.CheckRequiredParams("password_format") ? commandParam.GetDNTParam("password_format").ToString() : "";
int expires = commandParam.GetIntParam("expires");
expires = expires > 0 ? expires : 999;
int userId = -1;
ShortUserInfo userInfo = new ShortUserInfo();
if (commandParam.GeneralConfig.Emaillogin == 1 && Utils.IsValidEmail(loginName))
{
DataTable dt = Users.GetUserInfoByEmail(loginName);
if (dt.Rows.Count == 0)
{
result = Util.CreateErrorMessage(ErrorType.API_EC_USER_NOT_EXIST, commandParam.ParamList);
return(false);
}
if (dt.Rows.Count > 1)
{
result = Util.CreateErrorMessage(ErrorType.API_EC_SAME_USER_EMAIL, commandParam.ParamList);
return(false);
}
loginName = dt.Rows[0]["username"].ToString();
userId = TypeConverter.ObjectToInt(dt.Rows[0]["uid"]);
userInfo.Uid = userId;
userInfo.Username = loginName;
userInfo.Groupid = TypeConverter.ObjectToInt(dt.Rows[0]["groupid"]);
userInfo.Groupexpiry = TypeConverter.ObjectToInt(dt.Rows[0]["groupexpiry"]);
userInfo.Credits = TypeConverter.ObjectToInt(dt.Rows[0]["credits"]);
userInfo.Email = dt.Rows[0]["email"].ToString();
userInfo.Password = dt.Rows[0]["password"].ToString();
}
else
{
userId = Users.GetUserId(loginName);
if (userId < 1)
{
result = Util.CreateErrorMessage(ErrorType.API_EC_USER_NOT_EXIST, commandParam.ParamList);
return(false);
}
userInfo = Users.GetShortUserInfo(userId);
}
int uid = -1;
if (passwordFormat == "")
{
switch (commandParam.GeneralConfig.Passwordmode)
{
case 0: //默认模式
{
uid = Users.CheckPassword(loginName, password, true);
break;
}
case 1: //动网兼容模式
{
uid = Users.CheckDvBbsPassword(loginName, password);
break;
}
}
}
else
{
uid = userInfo.Password == password ? userInfo.Uid : -1;
}
if (uid != userInfo.Uid)
{
LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), true);
result = Util.CreateErrorMessage(ErrorType.API_EC_WRONG_PASSWORD, commandParam.ParamList);
return(false);
}
#region 当前用户所在用户组为"禁止访问"或"等待激活"时
if ((userInfo.Groupid == 4 || userInfo.Groupid == 5) && userInfo.Groupexpiry != 0 && userInfo.Groupexpiry <= Utils.StrToInt(DateTime.Now.ToString("yyyyMMdd"), 0))
{
//根据当前用户的积分获取对应积分用户组
UserGroupInfo groupInfo = CreditsFacade.GetCreditsUserGroupId(userInfo.Credits);
Users.UpdateUserGroup(userInfo.Uid, userInfo.Groupid);
}
#endregion
if (userInfo.Groupid == 5 || userInfo.Groupid == 8)// 5-禁止访问或者需要激活帐号的用户
{
result = Util.CreateErrorMessage(ErrorType.API_EC_BANNED_USERGROUP, commandParam.ParamList);
return(false);
}
#region 无延迟更新在线信息和相关用户信息
ForumUtils.WriteUserCookie(userInfo.Uid, expires, commandParam.GeneralConfig.Passwordkey, 0, -1);
OnlineUserInfo oluserinfo = OnlineUsers.UpdateInfo(commandParam.GeneralConfig.Passwordkey, commandParam.GeneralConfig.Onlinetimeout, userInfo.Uid, "");
OnlineUsers.UpdateAction(oluserinfo.Olid, UserAction.Login.ActionID, 0);
LoginLogs.DeleteLoginLog(DNTRequest.GetIP());
Users.UpdateUserCreditsAndVisit(userInfo.Uid, DNTRequest.GetIP());
#endregion
result = "success";
result = commandParam.Format == FormatType.JSON ? string.Format("\"{0}\"", result) : SerializationHelper.Serialize(result);
return(true);
}
/// <summary>
/// 验证用户 // Edit By Cyrano
/// </summary>
/// <returns></returns>
public string Validate()
{
string returnStr = string.Empty;
if (Signature != GetParam("sig").ToString())
{
ErrorCode = (int)ErrorType.API_EC_SIGNATURE;
return(returnStr);
}
if (CallId <= LastCallId)
{
ErrorCode = (int)ErrorType.API_EC_CALLID;
return(returnStr);
}
if (!CheckRequiredParams("user_name,password"))
{
ErrorCode = (int)ErrorType.API_EC_PARAM;
return(returnStr);
}
if (this.App.ApplicationType == (int)ApplicationType.DESKTOP)//如果是桌面程序则不允许此方法
{
if (Uid < 1 || Discuz.Forum.UserGroups.GetUserGroupInfo(Discuz.Forum.Users.GetShortUserInfo(Uid).Groupid).Radminid != 1)
{
ErrorCode = (int)ErrorType.API_EC_PERMISSION_DENIED;
return("");
}
}
else if (Uid > 0)//已经登录的用户不能再验证
{
ErrorCode = (int)ErrorType.API_EC_USER_ONLINE;
return(returnStr);
}
string username = GetParam("user_name").ToString();
string password = GetParam("password").ToString();
bool isMD5Passwd = GetParam("password_format") != null && GetParam("password_format").ToString() == "md5" ? true : false;
//用户名不符合规范
//if (!CheckUsername(username))
//{
// ErrorCode = (int)ErrorType.API_EC_USERNAME_ILLEGAL;
// return returnStr;
//}
if (Discuz.Forum.Users.GetUserId(username) == 0)//如果用户名符合注册规则, 则判断是否已存在
{
ErrorCode = (int)ErrorType.API_EC_USER_NONEXIST;
return(returnStr);
}
if (!isMD5Passwd && password.Length < 6)
{
ErrorCode = (int)ErrorType.API_EC_PARAM;
return(returnStr);
}
ShortUserInfo userInfo = new ShortUserInfo();
var postpassword = password;
var postusername = username;
int uid = -1;
uid = Discuz.Forum.Users.CheckPassword(postusername, postpassword, !isMD5Passwd);
userInfo = uid > 0 ? Discuz.Forum.Users.GetShortUserInfo(uid) : null;
if (userInfo != null)
{
#region 当前用户所在用户组为"禁止访问"或"等待激活"时
if (userInfo.Groupid == 5 || userInfo.Groupid == 8)// 5-禁止访问, 8-等待激活
{
ErrorCode = (int)ErrorType.API_EC_USERNAME_ILLEGAL;
return(returnStr);
}
#endregion
}
else
{
int errcount = LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), true);
if (errcount > 5)
{
//AddErrLine("您已经输入密码5次错误, 请15分钟后再试");
}
else
{
//AddErrLine(string.Format("密码或安全提问第{0}次错误, 您最多有5次机会重试", errcount));
}
}
//ForumUtils.WriteUserCreditsCookie(userInfo, usergroupinfo.Grouptitle);
if (Format == FormatType.JSON)
{
return(string.Format("\"{0}\"", userInfo.Uid));
}
ValidateResponse vr = new ValidateResponse();
vr.Uid = userInfo.Uid;
return(SerializationHelper.Serialize(vr));
}
private void BindForumExistedUser()
{
if (LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), false) >= 5)
{
base.AddErrLine("您已经多次输入密码错误, 请15分钟后再登录");
return;
}
if (this.config.Emaillogin == 1 && Utils.IsValidEmail(this.postusername))
{
var list = Discuz.Entity.User.FindAllByEmail(postusername);
if (list.Count == 0)
{
base.AddErrLine("用户不存在");
return;
}
if (list.Count > 1)
{
base.AddErrLine("您所使用Email不唯一,请使用用户名登陆");
return;
}
if (list.Count == 1)
{
this.postusername = list[0].Name;
}
}
if (this.config.Emaillogin == 0 && Users.GetUserId(this.postusername) == 0)
{
base.AddErrLine("用户不存在");
}
if (string.IsNullOrEmpty(this.postpassword))
{
base.AddErrLine("密码不能为空");
}
if (base.IsErr())
{
return;
}
IUser shortUserInfo = this.GetShortUserInfo();
if (shortUserInfo == null)
{
int num = LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), true);
if (num > 5)
{
base.AddErrLine("您已经输入密码5次错误, 请15分钟后再试");
}
else
{
base.AddErrLine(string.Format("密码或安全提问第{0}次错误, 您最多有5次机会重试", num));
}
base.IsErr();
return;
}
if ((shortUserInfo.GroupID == 4 || shortUserInfo.GroupID == 5) && shortUserInfo.GroupExpiry != 0 && shortUserInfo.GroupExpiry <= Utils.StrToInt(DateTime.Now.ToString("yyyyMMdd"), 0))
{
var creditsUserGroupId = CreditsFacade.GetCreditsUserGroupId((float)shortUserInfo.Credits);
this.usergroupid = ((creditsUserGroupId.ID != 0) ? creditsUserGroupId.ID : this.usergroupid);
shortUserInfo.GroupID = this.usergroupid;
Users.UpdateUserGroup(shortUserInfo.ID, this.usergroupid);
}
if (shortUserInfo.GroupID == 5)
{
base.AddErrLine("该用户已经被禁止访问,无法绑定");
return;
}
this.userconnectinfo = DiscuzCloud.GetUserConnectInfo(this.openid);
if (this.userconnectinfo == null || this.userconnectinfo.Uid > 0)
{
base.AddErrLine("Connect信息异常,登录失败,请尝试再次登录");
return;
}
if (DiscuzCloud.IsBindConnect(shortUserInfo.ID))
{
base.AddErrLine("该用户已经绑定了QQ,无法再次绑定");
return;
}
this.userconnectinfo.Uid = shortUserInfo.ID;
this.userconnectinfo.IsSetPassword = true;
DiscuzCloud.UpdateUserConnectInfo(this.userconnectinfo);
ConnectbindLog userConnectBindLog = DiscuzCloud.GetUserConnectBindLog(this.userconnectinfo.OpenId);
if (userConnectBindLog == null)
{
DiscuzCloud.CreateUserConnectBindLog(new ConnectbindLog
{
OpenID = this.userconnectinfo.OpenId,
Uid = this.userconnectinfo.Uid,
Type = 1,
BindCount = 1
});
}
else
{
userConnectBindLog.Uid = this.userconnectinfo.Uid;
userConnectBindLog.Type = 1;
DiscuzCloud.UpdateUserConnectBindLog(userConnectBindLog);
}
if (shortUserInfo.GroupID != 8)
{
this.LoginUser(shortUserInfo);
base.AddMsgLine("QQ登录成功,继续浏览");
}
else
{
base.AddMsgLine("帐号绑定成功,但需要管理员审核通过才能登录");
}
base.SetUrl("index.aspx");
base.SetMetaRefresh();
base.SetShowBackLink(false);
this.notifyscript = this.GetNotifyScript(this.userconnectinfo, shortUserInfo.Name, shortUserInfo.Bday, shortUserInfo.Gender, shortUserInfo.Email, shortUserInfo.ShowEmail, DNTRequest.GetInt("useqqavatar", 2), "registerbind");
}
protected override void ShowPage()
{
pagetitle = "用户登录";
inapi = DNTRequest.GetInt("inapi", 0);
if (userid != -1)
{
SetUrl(BaseConfigs.GetForumPath);
AddMsgLine("您已经登录,无须重复登录");
ispost = true;
SetLeftMenuRefresh();
if (APIConfigs.GetConfig().Enable)
{
APILogin(APIConfigs.GetConfig());
}
}
if (LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), false) >= 5)
{
AddErrLine("您已经多次输入密码错误, 请15分钟后再登录");
loginsubmit = false;
return;
}
SetReUrl();
//如果提交...
if (DNTRequest.IsPost())
{
SetBackLink();
//如果没输入验证码就要求用户填写
if (isseccode && DNTRequest.GetString("vcode") == "")
{
postusername = DNTRequest.GetString("username");
loginauth = DES.Encode(DNTRequest.GetString("password"), config.Passwordkey).Replace("+", "[");
loginsubmit = true;
return;
}
if (Utils.StrIsNullOrEmpty(DNTRequest.GetString("username")) &&
Utils.StrIsNullOrEmpty(DNTRequest.GetString("password")) &&
Utils.StrIsNullOrEmpty(DNTRequest.GetString("loginauth"))
)
{
AddErrLine("用户名不能为空");
AddErrLine("密码不能为空");
return;
}
if (config.Emaillogin == 1 && Utils.IsValidEmail(DNTRequest.GetString("username")))//允许邮箱登录
{
DataTable dt = Users.GetUserInfoByEmail(DNTRequest.GetString("username"));
if (dt.Rows.Count == 0)
{
AddErrLine("用户不存在");
return;
}
if (dt.Rows.Count > 1)
{
AddErrLine("您所使用Email不唯一,请使用用户名登陆");
return;
}
if (dt.Rows.Count == 1)
{
postusername = dt.Rows[0]["username"].ToString();
}
}
//json字符串反序列化成实体对象
Discuz.Entity.feipiao_userinfo_response feipiaoXmlModel = null;
if (config.Emaillogin == 0)//禁止邮箱登录
{
postusername = DNTRequest.GetString("username");
postpassword = DNTRequest.GetString("password");
#region 测试主机头
//string strPath = HttpContext.Current.Server.MapPath("~/Log");
//strPath = strPath + "\\" + "FeiPiao_UserLoginAPI" + "_" + DateTime.Now.ToString().Replace(":", "") + ".txt";
//StreamWriter fs = new StreamWriter(strPath, false, System.Text.Encoding.Default);
//fs.Write("API地址" + Discuz.Common.ConfigOperator.ConfigReadValue("FeiPiao_UserLoginAPI"));
//fs.Close();
#endregion
#region 调用官网接口登陆
//调用官网接口登陆
string htmlText = Discuz.Common.SendData.Intsance.SendRequest(Discuz.Common.ConfigOperator.ConfigReadValue("FeiPiao_UserLoginAPI"), "UTF-8", "action=act_login&login_type=myfeipiao&username="******"&password="******"utf-8"));
if (!string.IsNullOrEmpty(htmlText))
{
htmlText = htmlText.Substring(htmlText.IndexOf("_myfeipiao_") + 11);
feipiaoXmlModel = (Discuz.Entity.feipiao_userinfo_response)JavaScriptConvert.DeserializeObject(htmlText, typeof(Discuz.Entity.feipiao_userinfo_response));
//官网登陆成功
if (feipiaoXmlModel.result.id == "0000")
{
}
else
{
AddErrLine("用户和密码不匹配");
}
}
#endregion
}
if (IsErr())
{
return;
}
//正常获取用户信息
ShortUserInfo userInfo = GetShortUserInfo(feipiaoXmlModel.userinfo.UserAccount, postpassword, feipiaoXmlModel.userinfo.Mobile, feipiaoXmlModel.userinfo.Email);
//通过官网接口获取用户信息
if (userInfo != null)
{
#region 当前用户所在用户组为"禁止访问"或"等待激活"时
if ((userInfo.Groupid == 4 || userInfo.Groupid == 5) && userInfo.Groupexpiry != 0 && userInfo.Groupexpiry <= Utils.StrToInt(DateTime.Now.ToString("yyyyMMdd"), 0))
{
//根据当前用户的积分获取对应积分用户组
UserGroupInfo groupInfo = UserCredits.GetCreditsUserGroupId(userInfo.Credits);
usergroupid = groupInfo.Groupid != 0 ? groupInfo.Groupid : usergroupid;
userInfo.Groupid = usergroupid;
Users.UpdateUserGroup(userInfo.Uid, usergroupid);
}
if (userInfo.Groupid == 5)// 5-禁止访问
{
AddErrLine("您所在的用户组,已经被禁止访问");
return;
}
if (userInfo.Groupid == 8)
{
if (config.Regverify == 1)
{
needactiveuid = userInfo.Uid;
email = userInfo.Email;
timestamp = DateTime.Now.Ticks.ToString();
authstr = Utils.MD5(string.Concat(userInfo.Password, config.Passwordkey, timestamp));
AddMsgLine("请您到您的邮箱中点击激活链接来激活您的帐号");
}
else if (config.Regverify == 2)
{
AddMsgLine("您需要等待一些时间, 待系统管理员审核您的帐户后才可登录使用");
}
else
{
AddErrLine("抱歉, 您的用户身份尚未得到验证");
}
loginsubmit = false;
return;
}
#endregion
if (!Utils.StrIsNullOrEmpty(userInfo.Secques) && loginsubmit && Utils.StrIsNullOrEmpty(DNTRequest.GetString("loginauth")))
{
loginauth = DES.Encode(DNTRequest.GetString("password"), config.Passwordkey).Replace("+", "[");
}
else
{
//通过api整合的程序登录
if (APIConfigs.GetConfig().Enable)
{
APILogin(APIConfigs.GetConfig());
}
AddMsgLine("登录成功, 返回登录前页面");
#region 无延迟更新在线信息和相关用户信息
ForumUtils.WriteUserCookie(userInfo.Uid, TypeConverter.StrToInt(DNTRequest.GetString("expires"), -1),
config.Passwordkey, DNTRequest.GetInt("templateid", 0), DNTRequest.GetInt("loginmode", -1));
//oluserinfo = OnlineUsers.UpdateInfo(config.Passwordkey, config.Onlinetimeout);
oluserinfo = OnlineUsers.UpdateInfo(config.Passwordkey, config.Onlinetimeout, userInfo.Uid, "");
olid = oluserinfo.Olid;
username = feipiaoXmlModel.userinfo.UserAccount;
userid = userInfo.Uid;
usergroupinfo = UserGroups.GetUserGroupInfo(userInfo.Groupid);
useradminid = usergroupinfo.Radminid; // 根据用户组得到相关联的管理组id
OnlineUsers.UpdateAction(olid, UserAction.Login.ActionID, 0);
LoginLogs.DeleteLoginLog(DNTRequest.GetIP());
Users.UpdateUserCreditsAndVisit(userInfo.Uid, DNTRequest.GetIP());
#endregion
loginsubmit = false;
string reurl = Utils.UrlDecode(ForumUtils.GetReUrl());
SetUrl(reurl.IndexOf("register.aspx") < 0 ? reurl : forumpath + "index.aspx");
SetLeftMenuRefresh();
//同步登录到第三方应用
if (APIConfigs.GetConfig().Enable)
{
AddMsgLine(Sync.GetLoginScript(userid, username));
}
if (!APIConfigs.GetConfig().Enable || !Sync.NeedAsyncLogin())
{
MsgForward("login_succeed", true);
}
}
}
else
{
int errcount = LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), true);
if (errcount > 5)
{
AddErrLine("您已经输入密码5次错误, 请15分钟后再试");
}
else
{
AddErrLine(string.Format("密码或安全提问第{0}次错误, 您最多有5次机会重试", errcount));
}
}
if (IsErr())
{
return;
}
ForumUtils.WriteUserCreditsCookie(userInfo, usergroupinfo.Grouptitle);
}
}