/// <summary>
/// 校验验证码
/// </summary>
private bool ValidateVerifyCode()
{
if (DNTRequest.GetString("vcode") == "")
{
if (pagename == "showforum.aspx")
{
//版块如不设置密码,必无校验码
//return;
}
else if (pagename.EndsWith("ajax.aspx"))
{
if (DNTRequest.GetString("t") == "quickreply")
{
ResponseAjaxVcodeError();
return(false);
}
}
else
{
if (DNTRequest.GetString("loginsubmit") == "true" && pagename == "login.aspx")//添加快捷登陆方式的验证码判断
{
//快速登录时不报错
}
else if (DNTRequest.GetFormString("agree") == "true" && pagename == "register.aspx")
{
//同意注册协议也不受此限制
}
else
{
AddErrLine("验证码错误");
return(false);
}
}
}
else
{
if (!OnlineUsers.CheckUserVerifyCode(olid, DNTRequest.GetString("vcode")))
{
if (pagename.EndsWith("ajax.aspx"))
{
ResponseAjaxVcodeError();
return(false);
}
else
{
AddErrLine("验证码错误");
return(false);
}
}
}
return(true);
}
private void Submit_CategoryInfo()
{
if (!OnlineUsers.CheckUserVerifyCode(olid, DNTRequest.GetString("vcode")))
{
completeinfo = "验证码错误,请重新输入";
return;
}
if (commentcontent == "")
{
completeinfo = "请输入评论内容";
return;
}
SpacePostInfo __spacepostinfo = BlogProvider.GetSpacepostsInfo(Space.Data.DbProvider.GetInstance().GetSpacePost(postid));
if (__spacepostinfo.CommentStatus == 1)
{
completeinfo = "当前日志不允许评论";
return;
}
if ((__spacepostinfo.CommentStatus == 2) && (userid < 1))
{
completeinfo = "当前日志仅允许注册用户评论";
return;
}
SpaceCommentInfo __spacecommentinfo = new SpaceCommentInfo();
__spacecommentinfo.PostID = postid;
__spacecommentinfo.Author = Utils.HtmlEncode(commentauthor != ""?commentauthor:"匿名");
__spacecommentinfo.Email = Utils.HtmlEncode(commentemail);
__spacecommentinfo.Url = commenturl;
__spacecommentinfo.Ip = DNTRequest.GetIP();
__spacecommentinfo.PostDateTime = DateTime.Now;
__spacecommentinfo.Content = Utils.HtmlEncode(ForumUtils.BanWordFilter(commentcontent));
__spacecommentinfo.ParentID = 0;
__spacecommentinfo.Uid = (commentauthor == username) ? userid: -1;
__spacecommentinfo.PostTitle = Utils.HtmlEncode(ForumUtils.BanWordFilter(__spacepostinfo.Title));
Space.Data.DbProvider.GetInstance().AddSpaceComment(__spacecommentinfo);
Space.Data.DbProvider.GetInstance().CountUserSpaceCommentCountByUserID(__spacepostinfo.Uid, 1);
Space.Data.DbProvider.GetInstance().CountSpaceCommentCountByPostID(postid, 1);
if (DNTRequest.GetString("notice") == "true")
{
SendSpaceCommentNotice(__spacecommentinfo);
}
}
public void VerifyLoginInf()
{
if (!OnlineUsers.CheckUserVerifyCode(olid, DNTRequest.GetString("vcode")))
{
Response.Redirect("syslogin.aspx?result=3");
return;
}
DataTable dt = new DataTable();
if (config.Passwordmode == 1)
{
int uid = Discuz.Forum.Users.CheckDvBbsPassword(DNTRequest.GetString("username"), DNTRequest.GetString("password"));
dt = DatabaseProvider.GetInstance().GetUserInfo(uid);
}
else
{
dt = DatabaseProvider.GetInstance().GetUserInfo(UserName.Text.Trim(), Utils.MD5(PassWord.Text.Trim()));
}
if (dt.Rows.Count > 0)
{
UserGroupInfo usergroupinfo = AdminUserGroups.AdminGetUserGroupInfo(Convert.ToInt32(dt.Rows[0]["groupid"].ToString()));
if (usergroupinfo.Radminid == 1)
{
ForumUtils.WriteUserCookie(Convert.ToInt32(dt.Rows[0]["uid"].ToString().Trim()), 1440, GeneralConfigs.GetConfig().Passwordkey);
int userid = Convert.ToInt32(dt.Rows[0]["uid"].ToString().Trim());
string username = UserName.Text.Trim();
int usergroupid = Convert.ToInt16(dt.Rows[0]["groupid"].ToString().Trim());
string secques = dt.Rows[0]["secques"].ToString().Trim();
string ip = DNTRequest.GetIP();
UserGroupInfo __usergroupinfo = AdminUserGroups.AdminGetUserGroupInfo(usergroupid);
string grouptitle = __usergroupinfo.Grouptitle;
HttpCookie cookie = new HttpCookie("dntadmin");
cookie.Values["key"] = ForumUtils.SetCookiePassword(Utils.MD5(PassWord.Text.Trim()) + secques + userid.ToString(), config.Passwordkey);
cookie.Expires = DateTime.Now.AddMinutes(30);
HttpContext.Current.Response.AppendCookie(cookie);
AdminVistLogs.InsertLog(userid, username, usergroupid, grouptitle, ip, "后台管理员登陆", "");
try
{
SoftInfo.LoadSoftInfo();
}
catch
{
Response.Write("<script type=\"text/javascript\">top.location.href='index.aspx';</script>");
Response.End();
}
//升级general.config文件
try
{
GeneralConfigs.Serialiaze(GeneralConfigs.GetConfig(), Server.MapPath("../config/general.config"));
}
catch { }
Response.Write("<script type=\"text/javascript\">top.location.href='index.aspx';</script>");
Response.End();
return;
}
else
{
Response.Redirect("syslogin.aspx?result=2");
return;
}
}
else
{
Response.Redirect("syslogin.aspx?result=1");
return;
}
}
