/// <summary> /// 修改密码. /// </summary> /// <returns> /// The <see cref="JsonResult"/>. /// </returns> public JsonResult ModifyPassword() { try { var userID = this.GetUserID(); if (userID == 0) { return this.Json(new AjaxResponse(0, "未登录!")); } var oldpwd = Request.Form["op"]; var newpwd = Request.Form["np"]; if (string.IsNullOrEmpty(oldpwd)) { return this.Json(new AjaxResponse(0, "原密码不能为空")); } if (string.IsNullOrEmpty(newpwd)) { return this.Json(new AjaxResponse(0, "新密码不能为空")); } var rsa = new RSACryptoServiceProvider(); rsa.FromXmlString((string)Session["private_key"]); byte[] oldResult = rsa.Decrypt(HexStringToBytes(oldpwd), false); // 用私钥将密码解密出来 byte[] newResult = rsa.Decrypt(HexStringToBytes(newpwd), false); // 用私钥将密码解密出来 var enc = new ASCIIEncoding(); oldpwd = enc.GetString(oldResult); newpwd = enc.GetString(newResult); var userService = new UserService(); var user = userService.QueryUserByID(userID); if (user == null) { return this.Json(new AjaxResponse(0, "用户名不存在")); } if (string.Compare(oldpwd, user.LoginPassword, StringComparison.OrdinalIgnoreCase) == 0 || string.Compare( Encrypt.HashByMD5(oldpwd), user.LoginPassword, StringComparison.OrdinalIgnoreCase) == 0) { userService.ModifyPassword(userID, newpwd); return this.Json(new AjaxResponse(1, "修改完成")); } return this.Json(new AjaxResponse(0, "密码不正确")); } catch (Exception exception) { return this.Json(new AjaxResponse(0, exception.Message)); } }