public bool ValidOldpwd(AccountEditModels accountEditModels) { string sql = "select * from tb_user where wor_num=@wor_num"; SqlDataReader dr = DBCommon.SqlHelper.ExecuteReader(DBCommon.SqlHelper.ConntionString, CommandType.Text, sql , new SqlParameter("@wor_num", accountEditModels.UserId)); bool isValid = false; while (dr.Read()) { string oldPwd = FormsAuthentication.HashPasswordForStoringInConfigFile(accountEditModels.Password,"SHA1"); isValid = oldPwd == dr["pwd"].ToString(); } return isValid; }
public bool UpdatePwd(AccountEditModels accountEditModels) { string pwd = FormsAuthentication.HashPasswordForStoringInConfigFile(accountEditModels.Newpwd, "SHA1"); string sql = "update tb_user set pwd=@pwd where wor_num=@wor_num"; bool ret = DBCommon.SqlHelper.ExecuteNonQuery(DBCommon.SqlHelper.ConntionString, CommandType.Text, sql , new SqlParameter("@wor_num", accountEditModels.UserId) , new SqlParameter("pwd", pwd))>=1; return ret; }
public JsonResult Chgpwd(AccountEditModels accountModels) { if (Session["userid"] == null) { return Json(new {result = "0", errmsg = "登陸超時請重新登陸!"}); } bool ret = false; string errmsg = ""; if (ModelState.IsValid) { if (ValidOldpwd(accountModels)) { ret = UpdatePwd(accountModels); } } return Json(new {result = ret, errmsg = ret ? "修改成功" : "修改密碼失敗"}); }