public ActionResult LogIn()
{
string username = Request.Form["username"]; //获取用户名
string password = Request.Form["password"]; //获取密码
try
{
//表单验证
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(Content("<script> alert('用户名密码不得为空'); location.href = '" + Url.Action("Index", "Account") + "'</script>"));
}
else
{
if (username != "admin")
{
return(Content("<script> alert('该用户没有权限登录'); location.href = '" + Url.Action("Index", "Account") + "'</script>"));
}
List <Wheres> whs = new List <Wheres>()
{
new Wheres("username", "=", username)
};
var dir = bll.QuerySingleByWheres(whs);
if (dir != null)
{
string obj = (string)(dir.objectId);
string pas = (string)(dir.password);
//string li = "raw:" + password + " sql:" + pas + " jiami:" + (password + obj).Md5();
//string ss = (password + obj).Md5();
if ((password.Md5() + obj).Md5().Equals(pas))
{
string sessionToken = Guid.NewGuid().ToString();
bll.UpdateById(obj, new Dictionary <string, object> {
{ "sessionToken", sessionToken }
});
_User model = bll.QuerySingleById(obj);
Session["CurrentUser"] = username;
return(RedirectToAction("GetItems", "Items"));
//return ok(model);
}
else
{
return(Content("<script> alert('密码错误'); location.href = '" + Url.Action("Index", "Account") + "'</script>"));
// return notFound("密码错误" + li);
}
}
else
{
return(Content("<script> alert('用户不存在'); location.href = '" + Url.Action("Index", "Account") + "'</script>"));
//return notFound("用户不存在");
}
}
}
catch (Exception e)
{
return(Content("<script> alert('" + e.Message + "'); location.href = '" + Url.Action("Index", "Account") + "'</script>"));
//return execept(e.Message);
}
}
public IHttpActionResult GetAuthorization(string v1, string username, string password)
{
try
{
//表单验证
if (isNUll(username, password))
{
return(invildRequest("参数不能为空"));
}
List <Wheres> whs = new List <Wheres>()
{
new Wheres("username", "=", username)
};
var dir = bll.QuerySingleByWheres(whs);
if (dir != null)
{
string obj = (string)(dir.objectId);
string pas = (string)(dir.password);
//string li = "raw:" + password + " sql:" + pas + " jiami:" + (password + obj).Md5();
if ((password + obj).Md5().Equals(pas))
{
string sessionToken = Guid.NewGuid().ToString();
bll.UpdateById(obj, new Dictionary <string, object> {
{ "sessionToken", sessionToken }
});
_User model = bll.QuerySingleById(obj);
return(ok(model));
}
else
{
return(notFound("密码错误"));
}
}
else
{
return(notFound("用户不存在"));
}
}
catch (Exception e)
{
return(execept(e.Message));
}
}
public IHttpActionResult Post(string v1, [FromBody] order myOrder)
{
try {
//string objectId = myOrder.trade_no;
//RechargeHistory model = bll.QuerySingleById(objectId);
//HttpClint query = new HttpClint();
//RechargeHistory mm = new RechargeHistory();
//mm.createdAt = DateTime.Now;
//mm.updatedAt = DateTime.Now;
//mm.objectId = "11111111";
//bll.Update(mm);
string out_trade_no = myOrder.out_trade_no;
string response = HttpHelper.Get(@"https://api.bmob.cn/1/pay/" + out_trade_no, new { });
RechargeHistory model = JsonHelper.Deserialize <RechargeHistory>(response);
RechargeHistory modelX = bll.QuerySingleById(model.body);
model.updatedAt = DateTime.Now;
model.createdAt = modelX.createdAt;
model.objectId = model.body;
model.userId = modelX.userId;
model.trade_state = myOrder.trade_status;
model.out_trade_no = myOrder.out_trade_no;
bool result = bll.Update(model);
_UserBLL userbll = new _UserBLL();
_User userModel = userbll.QuerySingleById(model.userId);
userbll.UpdateById(model.userId, new Dictionary <string, object> {
{ "overage", userModel.overage + model.total_fee * 100 }
});
if (result)
{
return(ok("success"));
}
return(ok("failure"));
}
catch (Exception e) {
return(ok(e.Message));
}
}
private void changeCredit(string objectId, int addCredit)
{
_User user = userbll.QuerySingleById(objectId);
userbll.UpdateById(objectId, new Dictionary <string, Object>()
{
{ "credit", user.credit + addCredit },
});
CreditsHistoryBLL chBll = new CreditsHistoryBLL();
chBll.Insert(new CreditsHistory()
{
objectId = Guid.NewGuid().ToString(),
createdAt = DateTime.Now,
updatedAt = DateTime.Now,
userId = user.objectId,
type = 0,
change = addCredit,
credit = user.credit + addCredit
});
}
public IHttpActionResult PutTransactionPassword(string v1, String oldPassword, String newPassword)
{
try
{
string objectId = HttpContext.Current.Request.Headers["objectId"];
if (isNUll(oldPassword, newPassword))
{
return(invildRequest("参数不能为空"));
}
List <Wheres> whs = new List <Wheres>()
{
new Wheres("objectId", "=", objectId)
};
var dir = bll.QuerySingleByWheres(whs);
string transaction_password = dir.transaction_password;
if (!transaction_password.Equals((transaction_password + objectId).Md5()))
{
return(notFound("旧密码错误"));
}
DateTime dt = DateTime.Now;
bool result = bll.UpdateById(objectId, new Dictionary <string, object> {
{ "transaction_password", (newPassword + objectId).Md5() }, { "updatedAt", dt }
});
if (result)
{
create(new { updateAt = dt.ToString("yyyy-MM-dd HH:mm:ss") });
}
return(notFound("失败"));
}
catch (Exception e)
{
return(execept(e.Message));
}
}
public IHttpActionResult parseCreditConsume(
string uid,
long credits,
string appKey,
string timestamp,
string orderNum,
string type,
bool waitAudit,
string sign,
string description = null,
int facePrice = 0,
int actualPrice = 0,
string ip = null,
string @params = null
)
{
_User user = userBll.QuerySingleById(uid);
if (user == null)
{
return(creditError("no such user", 0));
}
long userCredit = user.credit;
if (!appKey.Equals(APP_KEY))
{
return(creditError("appKey not match", userCredit));
}
if (timestamp == null)
{
return(creditError("timestamp can't be null", userCredit));
}
Hashtable hshTable = duiba.GetUrlParams(HttpUtility.UrlDecode(Request.RequestUri.AbsoluteUri));
string newSign;
bool verify = duiba.SignVerify(APP_SECRET, hshTable, out newSign);
if (!verify)
{
return(creditError("sign verify fail", userCredit));
}
else
{
if (userCredit < credits)
{
return(creditError("credits not enough!", userCredit));
}
userBll.UpdateById(uid, new Dictionary <string, object> {
{ "credit", userCredit - credits }
});
CreditsHistory ch = new CreditsHistory();
ch.objectId = "test" + Guid.NewGuid().ToString();
ch.orderNum = orderNum;
ch.createdAt = DateTime.Now;
ch.updatedAt = DateTime.Now;
ch.userId = uid;
ch.type = getCreditType(type);
ch.change = (int)-credits;
ch.credit = userBll.QuerySingleById(uid).credit;
ch.orderNum = orderNum;
ch.bizId = duiba.GetMd5(orderNum);
bool flag = chBll.Insert(ch);
return(flag ? creditOK(ch.bizId, ch.credit) : creditError("Unexpected Error, data roll back", userCredit));;
}
}
