public override void OnActionExecuting(ActionExecutingContext filterContext) { User u = (User)filterContext.ActionParameters["u"]; if (u.NAME == null || u.CUSTOMERCODE == null) { return; } UserChangePWD ucp = new UserChangePWD(); ucp.NAME = u.NAME; ucp.PASSWORD = u.PASSWORD; ucp.CUSTOMERCODE = u.CUSTOMERCODE; bool valid = filterContext.Controller.ValidateRequest; if (valid) { DataTable dt_user = new DataTable(); dt_user = DBMgr.GetDataTable("select a.*,b.code from sys_user a inner join cusdoc.sys_customer b on a.customerid=b.id where lower(a.name) = '" + u.NAME.ToLower() + "' and lower(b.code)='" + u.CUSTOMERCODE.ToLower() + "'"); if (dt_user.Rows.Count > 0) { if (dt_user.Rows[0]["TYPE"] + "" != "4" && dt_user.Rows[0]["ENABLED"] + "" == "1") { DataTable dt_superpwd = new DataTable(); dt_superpwd = DBMgr.GetDataTable("select * from sys_superpwd where PWD='" + u.PASSWORD + "'"); if (dt_superpwd.Rows.Count <= 0)//超级管理员 { if (dt_user.Rows[0]["POINTS"] + "" != "1") { //filterContext.Result = new RedirectResult("/Home/Modpwd"); //ViewEngineCollection vec = new ViewEngineCollection(); //RazorViewEngine razorViewEngine=new RazorViewEngine(); //razorViewEngine.ViewLocationFormats = new[] { "~/Views/Home/Modpwd.cshtml" }; //vec.Add(razorViewEngine); filterContext.Result = new ViewResult { ViewName = "Modpwd", ViewData = new ViewDataDictionary <UserChangePWD>(ucp) // ViewEngineCollection = vec }; if (ucp.PASSWORD != null) { string sql = @"select a.*,b.code from sys_user a inner join cusdoc.sys_customer b on a.customerid=b.id where lower(a.name) = '" + u.NAME.ToLower() + "' and a.password = '******' and lower(b.code)='" + u.CUSTOMERCODE.ToLower() + "'"; DataTable dt = DBMgr.GetDataTable(sql); if (dt.Rows.Count <= 0) { ucp.PASSWORD = string.Empty; } } } } } } } }
public ActionResult ChangePassword(string obj) { BaseResult br = new BaseResult(); try { UserChangePWD model = JSON.Deserialize <UserChangePWD>(obj); if (string.IsNullOrEmpty(model.oldPassword)) { br.Success = false; br.Message.Add("原密码不能为空!"); br.Data = null; return(Json(br)); } if (string.IsNullOrEmpty(model.newPassword)) { br.Success = false; br.Message.Add("新密码不能为空!"); br.Data = null; return(Json(br)); } model.id_user = GetLoginInfo <string>("id_user"); model.id_edit = GetLoginInfo <string>("id_user"); br = BusinessFactory.Account.ChangePassword(model); if (br.Success) { WriteDBLog(LogFlag.Base, br.Message); } } catch (CySoftException ex) { throw ex; } catch (Exception ex) { throw ex; } return(Json(br)); }
public ActionResult Modpwd(UserChangePWD ucp) { if (ModelState.IsValid) { string sql = @"select a.*,b.code from sys_user a inner join cusdoc.sys_customer b on a.customerid=b.id where lower(a.name) = '" + ucp.NAME.ToLower() + "' and a.password = '******' and lower(b.code)='" + ucp.CUSTOMERCODE.ToLower() + "'"; DataTable dt = DBMgr.GetDataTable(sql); if (dt.Rows.Count > 0) { if (ucp.NEWPASSWORD == ucp.CONFIRMPASSWORD) { if (ucp.NEWPASSWORD == ucp.PASSWORD) { ModelState.AddModelError("ERROR", "新旧密码不能相同!"); return(View(ucp)); } else { UpPassword(ucp.NAME, ucp.NEWPASSWORD, ucp.CUSTOMERCODE); Response.Write(@"<script Language=Javascript> alert('密码修改成功,请重新登陆!');window.location.href='/Account/Login'; </script>"); // Response.Redirect("/Account/Login"); } } else { ModelState.AddModelError("ERROR", "两次密码不一致!"); return(View(ucp)); } } else { ModelState.AddModelError("OLD_ERROR", "原密码错误!"); return(View(ucp)); } } return(View(ucp)); }