private static UserConnectInfo LoadUserConnectInfo(IDataReader reader) { UserConnectInfo userConnectInfo = new UserConnectInfo(); userConnectInfo.OpenId = reader["openid"].ToString(); userConnectInfo.Uid = TypeConverter.ObjectToInt(reader["uid"]); userConnectInfo.Token = reader["token"].ToString(); userConnectInfo.Secret = reader["secret"].ToString(); userConnectInfo.AllowVisitQQUserInfo = TypeConverter.ObjectToInt(reader["allowvisitqquserinfo"]); userConnectInfo.AllowPushFeed = TypeConverter.ObjectToInt(reader["allowpushfeed"]); userConnectInfo.IsSetPassword = TypeConverter.ObjectToInt(reader["issetpassword"]); userConnectInfo.CallbackInfo = reader["callbackinfo"].ToString(); return userConnectInfo; }
protected override void ShowPage() { if (!DiscuzCloud.GetCloudServiceEnableStatus("connect")) { AddErrLine("QQ登录功能已关闭"); return; } switch (action) { case "access": if (!CheckCallbackSignature(DNTRequest.GetString("con_sig"))) { AddErrLine("非法请求"); return; } OAuthAccessTokenInfo tokenInfo = DiscuzCloud.GetConnectAccessTokenInfo(); if (tokenInfo == null) { AddErrLine("QQ登录过程中出现异常,请尝试再次登录"); return; } userconnectinfo = DiscuzCloud.GetUserConnectInfo(tokenInfo.Openid); if (userconnectinfo == null) { userconnectinfo = new UserConnectInfo(); userconnectinfo.OpenId = tokenInfo.Openid; userconnectinfo.Token = tokenInfo.Token; userconnectinfo.Secret = tokenInfo.Secret; userconnectinfo.AllowVisitQQUserInfo = DNTRequest.GetInt("con_is_user_info", 0); userconnectinfo.AllowPushFeed = DNTRequest.GetInt("con_is_feed", 0) == 1 ? 3 : 0; userconnectinfo.CallbackInfo = usedusernames + "&" + birthday + "&" + gender + "&" + email; DiscuzCloud.CreateUserConnectInfo(userconnectinfo); } else if (userconnectinfo.Uid > 0) { if (userid > 0) { SetBackLink("index.aspx"); AddErrLine(userconnectinfo.Uid != userid ? "该QQ已经绑定了其他帐号" : "该QQ用户已登录"); return; } ShortUserInfo userInfo = Users.GetShortUserInfo(userconnectinfo.Uid); string redirectUrl = ""; //如果userInfo==null,可能是管理员后台删除了这个帐号,则用户的ConnnectInfo也需要被解绑重置 if (userInfo == null) { DiscuzCloud.UnbindUserConnectInfo(userconnectinfo.OpenId); redirectUrl = HttpContext.Current.Request.RawUrl; } else { redirectUrl = forumpath + "index.aspx"; //如果云端的token和Secret发生改变,则更新本地保存的token和Secret if (tokenInfo.Token != userconnectinfo.Token || tokenInfo.Secret != userconnectinfo.Secret) { userconnectinfo.Token = tokenInfo.Token; userconnectinfo.Secret = tokenInfo.Secret; DiscuzCloud.UpdateUserConnectInfo(userconnectinfo); } LoginUser(userInfo); } HttpContext.Current.Response.Redirect(redirectUrl); HttpContext.Current.ApplicationInstance.CompleteRequest(); } else { string[] callbackInfo = userconnectinfo.CallbackInfo.Split('&'); if (callbackInfo.Length == 4) { usedusernames = string.IsNullOrEmpty(usedusernames) ? callbackInfo[0] : usedusernames; birthday = string.IsNullOrEmpty(birthday) ? callbackInfo[1] : birthday; gender = gender == 0 ? Utils.StrToInt(callbackInfo[2], 0) : gender; email = string.IsNullOrEmpty(email) ? callbackInfo[3] : email; } } UserBindConnectLog userBindLog = DiscuzCloud.GetUserConnectBindLog(userconnectinfo.OpenId); isbindoverflow = userBindLog != null && cloudconfig.Maxuserbindcount > 0 && userBindLog.BindCount >= cloudconfig.Maxuserbindcount; allowreg = config.Regstatus != 0 && cloudconfig.Allowconnectregister == 1 && !isbindoverflow; connectswitch = allowreg && userid < 0 ? 1 : 2; #region convert used username list byte[] bt = Convert.FromBase64String(usedusernames); usedusernames = System.Text.Encoding.Default.GetString(bt); #endregion avatarurl = string.Format("http://avatar.connect.discuz.qq.com/{0}/{1}", DiscuzCloudConfigs.GetConfig().Connectappid, userconnectinfo.OpenId); openid = userconnectinfo.OpenId; break; case "bind": if (ispost) { if (DNTRequest.GetString("bind_type") == "new") RegisterAndBind(); else { if (userid < 0) BindForumExistedUser(); else BindLoginedUser(); } } break; case "unbind": if (userid < 1) { AddErrLine("未登录用户无法进行该操作"); return; } userconnectinfo = DiscuzCloud.GetUserConnectInfo(userid); if (userconnectinfo == null) { AddErrLine("您并没有绑定过QQ,不需要执行该操作"); return; } if (ispost) { if (userconnectinfo.IsSetPassword == 0) { string passwd = DNTRequest.GetString("newpasswd"); if (string.IsNullOrEmpty(passwd)) { AddErrLine("您必须为帐号设置新密码才能解除绑定"); return; } if (passwd.Length < 6) { AddErrLine("密码不得少于6个字符"); return; } if (passwd != DNTRequest.GetString("confirmpasswd")) { AddErrLine("两次输入的新密码不一致"); return; } UserInfo userInfo = Users.GetUserInfo(userid); userInfo.Password = passwd; Users.ResetPassword(userInfo); //同步其他应用密码 Sync.UpdatePassword(userInfo.Username, userInfo.Password, ""); if (!Utils.StrIsNullOrEmpty(DNTRequest.GetString("changesecques"))) Users.UpdateUserSecques(userid, DNTRequest.GetInt("question", 0), DNTRequest.GetString("answer")); ForumUtils.WriteCookie("password", ForumUtils.SetCookiePassword(userInfo.Password, config.Passwordkey)); OnlineUsers.UpdatePassword(olid, userInfo.Password); } DiscuzCloud.UnbindUserConnectInfo(userconnectinfo.OpenId); UserBindConnectLog bindLog = DiscuzCloud.GetUserConnectBindLog(userconnectinfo.OpenId); if (bindLog != null) { bindLog.Type = 2; DiscuzCloud.UpdateUserConnectBindLog(bindLog); } AddMsgLine("解绑成功"); string reurl = Utils.UrlDecode(ForumUtils.GetReUrl()); SetUrl(reurl.IndexOf("register.aspx") < 0 ? reurl : forumpath + "index.aspx"); SetMetaRefresh(); } break; default: if (isbindconnect) { AddErrLine("用户已登录"); return; } HttpContext.Current.Response.Redirect(DiscuzCloud.GetConnectLoginPageUrl(userid)); HttpContext.Current.ApplicationInstance.CompleteRequest(); break; } }
/// <summary> /// 生成通知云平台的js脚本 /// </summary> /// <param name="connectInfo"></param> /// <param name="userName"></param> /// <param name="birthday"></param> /// <param name="gender"></param> /// <param name="email"></param> /// <param name="isPublicEmail"></param> /// <param name="isUsedQQAvatar"></param> /// <param name="type"></param> /// <returns></returns> private string GetNotifyScript(UserConnectInfo connectInfo, string userName, string birthday, int gender, string email, int isPublicEmail, int isUsedQQAvatar, string type) { return string.Format("<script type=\"text/javascript\" src=\"{0}\" ></script>", DiscuzCloud.GetBindUserNotifyUrl(connectInfo, userName, birthday , gender, email, isPublicEmail == 1 ? 1 : 2, isUsedQQAvatar, type)); }
/// <summary> /// 在论坛注册一个新用户并绑定 /// </summary> private void RegisterAndBind() { if (userid > 0) { AddErrLine("当前已有用户登录,无法注册"); return; } if (config.Regstatus < 1 || cloudconfig.Allowconnectregister == 0) { AddErrLine("论坛当前禁止新的QQ会员登录"); return; } string tmpUserName = DNTRequest.GetString(config.Antispamregisterusername); string email = DNTRequest.GetString(config.Antispamregisteremail).Trim().ToLower(); string tmpBday = DNTRequest.GetString("bday").Trim(); string errorMessage = ""; if (!Users.PageValidateUserName(tmpUserName, out errorMessage) || !Users.PageValidateEmail(email, false, out errorMessage)) { AddErrLine(errorMessage); return; } //用户注册模板中,生日可以单独用一个名为bday的文本框, 也可以分别用bday_y bday_m bday_d三个文本框, 用户可不填写 if (!Utils.IsDateString(tmpBday) && !string.IsNullOrEmpty(tmpBday)) { AddErrLine("生日格式错误, 如果不想填写生日请置空"); return; } //如果用户名符合注册规则, 则判断是否已存在 if (Users.GetUserId(tmpUserName) > 0) { AddErrLine("请不要重复提交!"); return; } //读取当前用户的OPENID信息 userconnectinfo = DiscuzCloud.GetUserConnectInfo(openid); if (userconnectinfo == null || userconnectinfo.Uid > 0) { AddErrLine("Connect信息异常,登录失败,请尝试再次登录"); return; } UserBindConnectLog bindLog = DiscuzCloud.GetUserConnectBindLog(userconnectinfo.OpenId); if (cloudconfig.Maxuserbindcount != 0 && bindLog != null && (bindLog.Type != 1 && bindLog.BindCount >= cloudconfig.Maxuserbindcount)) { AddErrLine("当前QQ用户解绑次数过多,无法绑定新注册的用户"); return; } UserInfo userInfo = CreateUser(tmpUserName, email, tmpBday); userconnectinfo.Uid = userInfo.Uid; DiscuzCloud.UpdateUserConnectInfo(userconnectinfo); if (bindLog == null) { bindLog = new UserBindConnectLog(); bindLog.OpenId = userconnectinfo.OpenId; bindLog.Uid = userconnectinfo.Uid; bindLog.Type = 1; bindLog.BindCount = 1; DiscuzCloud.CreateUserConnectBindLog(bindLog); } else { bindLog.BindCount++; bindLog.Uid = userconnectinfo.Uid; bindLog.Type = 1; DiscuzCloud.UpdateUserConnectBindLog(bindLog); } #region 发送欢迎信息 if (config.Welcomemsg == 1) { // 收件箱 PrivateMessageInfo privatemessageinfo = new PrivateMessageInfo(); privatemessageinfo.Message = config.Welcomemsgtxt; privatemessageinfo.Subject = "欢迎您的加入! (请勿回复本信息)"; privatemessageinfo.Msgto = userInfo.Username; privatemessageinfo.Msgtoid = userInfo.Uid; privatemessageinfo.Msgfrom = PrivateMessages.SystemUserName; privatemessageinfo.Msgfromid = 0; privatemessageinfo.New = 1; privatemessageinfo.Postdatetime = Utils.GetDateTime(); privatemessageinfo.Folder = 0; PrivateMessages.CreatePrivateMessage(privatemessageinfo, 0); } #endregion //发送同步数据给应用程序 Sync.UserRegister(userInfo.Uid, userInfo.Username, userInfo.Password, ""); //如果用户选择使用QZone头像 if (cloudconfig.Allowuseqzavater == 1 && DNTRequest.GetString("use_qzone_avatar") == "1") { QZoneAvatar qz = new QZoneAvatar(); qz.AsyncGetAvatar(userconnectinfo); } SetUrl("index.aspx"); SetShowBackLink(false); //如果不是需要管理员审核的注册,页面延时刷新为2秒,否则是5秒 SetMetaRefresh(config.Regverify != 2 ? 2 : 5); Statistics.ReSetStatisticsCache(); if (config.Regverify != 2) { CreditsFacade.UpdateUserCredits(userInfo.Uid); ForumUtils.WriteUserCookie(userInfo, -1, config.Passwordkey); Utils.WriteCookie("bindconnect", "true");//将当前登录用户是否绑定QQ互联的状态设置为true OnlineUsers.UpdateAction(olid, UserAction.Register.ActionID, 0, config.Onlinetimeout); AddMsgLine("QQ登录成功,继续浏览"); } else { AddMsgLine("QQ数据绑定完成, 但需要系统管理员审核您的帐户后才可登录使用"); } notifyscript = GetNotifyScript(userconnectinfo, userInfo.Username, userInfo.Bday, userInfo.Gender, userInfo.Email, userInfo.Showemail, DNTRequest.GetInt("useqqavatar", 2), "register"); }
/// <summary> /// 绑定论坛已存在的用户 /// </summary> private void BindForumExistedUser() { if (LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), false) >= 5) { AddErrLine("您已经多次输入密码错误, 请15分钟后再登录"); return; } if (config.Emaillogin == 1 && Utils.IsValidEmail(postusername)) { DataTable dt = Users.GetUserInfoByEmail(postusername); if (dt.Rows.Count == 0) { AddErrLine("用户不存在"); return; } if (dt.Rows.Count > 1) { AddErrLine("您所使用Email不唯一,请使用用户名登陆"); return; } if (dt.Rows.Count == 1) { postusername = dt.Rows[0]["username"].ToString(); } } if (config.Emaillogin == 0) { if ((Users.GetUserId(postusername) == 0)) AddErrLine("用户不存在"); } if (string.IsNullOrEmpty(postpassword)) AddErrLine("密码不能为空"); if (IsErr()) return; ShortUserInfo userInfo = GetShortUserInfo(); if (userInfo != null) { #region 当前用户所在用户组为"禁止访问"或"等待激活"时 if ((userInfo.Groupid == 4 || userInfo.Groupid == 5) && userInfo.Groupexpiry != 0 && userInfo.Groupexpiry <= Utils.StrToInt(DateTime.Now.ToString("yyyyMMdd"), 0)) { //根据当前用户的积分获取对应积分用户组 UserGroupInfo groupInfo = CreditsFacade.GetCreditsUserGroupId(userInfo.Credits); usergroupid = groupInfo.Groupid != 0 ? groupInfo.Groupid : usergroupid; userInfo.Groupid = usergroupid; Users.UpdateUserGroup(userInfo.Uid, usergroupid); } if (userInfo.Groupid == 5)// 5-禁止访问 { AddErrLine("该用户已经被禁止访问,无法绑定"); return; } #endregion //读取当前用户的OPENID信息 userconnectinfo = DiscuzCloud.GetUserConnectInfo(openid); if (userconnectinfo == null || userconnectinfo.Uid > 0) { AddErrLine("Connect信息异常,登录失败,请尝试再次登录"); return; } if (DiscuzCloud.IsBindConnect(userInfo.Uid)) { AddErrLine("该用户已经绑定了QQ,无法再次绑定"); return; } userconnectinfo.Uid = userInfo.Uid; userconnectinfo.IsSetPassword = 1; DiscuzCloud.UpdateUserConnectInfo(userconnectinfo); UserBindConnectLog bindLog = DiscuzCloud.GetUserConnectBindLog(userconnectinfo.OpenId); if (bindLog == null) { bindLog = new UserBindConnectLog(); bindLog.OpenId = userconnectinfo.OpenId; bindLog.Uid = userconnectinfo.Uid; bindLog.Type = 1; bindLog.BindCount = 1; DiscuzCloud.CreateUserConnectBindLog(bindLog); } else { bindLog.Uid = userconnectinfo.Uid; bindLog.Type = 1; DiscuzCloud.UpdateUserConnectBindLog(bindLog); } if (userInfo.Groupid != 8) { LoginUser(userInfo); AddMsgLine("QQ登录成功,继续浏览"); } else { AddMsgLine("帐号绑定成功,但需要管理员审核通过才能登录"); } SetUrl("index.aspx"); SetMetaRefresh(); SetShowBackLink(false); notifyscript = GetNotifyScript(userconnectinfo, userInfo.Username, userInfo.Bday, userInfo.Gender, userInfo.Email, userInfo.Showemail, DNTRequest.GetInt("useqqavatar", 2), "registerbind"); return; } else { int errcount = LoginLogs.UpdateLoginLog(DNTRequest.GetIP(), true); if (errcount > 5) AddErrLine("您已经输入密码5次错误, 请15分钟后再试"); else AddErrLine(string.Format("密码或安全提问第{0}次错误, 您最多有5次机会重试", errcount)); } if (IsErr()) return; }
/// <summary> /// 绑定当前在线用户 /// </summary> private void BindLoginedUser() { userconnectinfo = DiscuzCloud.GetUserConnectInfo(openid); if (userconnectinfo == null || userconnectinfo.Uid > 0) { AddErrLine("Connect信息异常,登录失败,请尝试再次登录"); return; } if (DiscuzCloud.IsBindConnect(userid)) { AddErrLine("该用户已经绑定了QQ,无法再次绑定"); return; } userconnectinfo.Uid = userid; userconnectinfo.IsSetPassword = 1; DiscuzCloud.UpdateUserConnectInfo(userconnectinfo); UserBindConnectLog bindLog = DiscuzCloud.GetUserConnectBindLog(userconnectinfo.OpenId); if (bindLog == null) { bindLog = new UserBindConnectLog(); bindLog.OpenId = userconnectinfo.OpenId; bindLog.Uid = userconnectinfo.Uid; bindLog.Type = 1; bindLog.BindCount = 1; DiscuzCloud.CreateUserConnectBindLog(bindLog); } else { bindLog.Uid = userconnectinfo.Uid; bindLog.Type = 1; DiscuzCloud.UpdateUserConnectBindLog(bindLog); } SetUrl("index.aspx"); SetMetaRefresh(); SetShowBackLink(false); AddMsgLine("QQ绑定成功,继续浏览"); Utils.WriteCookie("bindconnect", "true");//将当前登录用户是否绑定QQ互联的状态设置为true ShortUserInfo userInfo = Users.GetShortUserInfo(userid); notifyscript = GetNotifyScript(userconnectinfo, userInfo.Username, userInfo.Bday, userInfo.Gender, userInfo.Email, userInfo.Showemail, DNTRequest.GetInt("useqqavatar", 2), "loginbind"); }
/// <summary> /// 更新用户的互联信息 /// </summary> /// <param name="userConnectInfo"></param> /// <returns></returns> public static int UpdateUserConnectInfo(UserConnectInfo userConnectInfo) { return DatabaseProvider.GetInstance().UpdateUserConnectInfo(userConnectInfo); }
protected override void ShowPage() { pagetitle = "用户控制面板"; if (!IsLogin()) return; UserConnectInfo connectInfo = new UserConnectInfo(); if (isbindconnect) { connectInfo = DiscuzCloud.GetUserConnectInfo(userid); isconnectsetpassword = connectInfo != null && connectInfo.IsSetPassword == 0; } if (DNTRequest.IsPost()) { UserInfo userInfo = Users.GetUserInfo(userid); string newpassword = DNTRequest.GetString("newpassword"); if (!isconnectsetpassword) { //第三方加密验证模式 if (config.Passwordmode > 1 && PasswordModeProvider.GetInstance() != null) { if (!PasswordModeProvider.GetInstance().CheckPassword(userInfo, DNTRequest.GetString("oldpassword"))) { AddErrLine("您的原密码错误"); return; } } else if (Users.CheckPassword(userid, DNTRequest.GetString("oldpassword"), true) == -1) { AddErrLine("您的原密码错误"); return; } } if (newpassword != DNTRequest.GetString("newpassword2")) { AddErrLine("新密码两次输入不一致"); return; } if (Utils.StrIsNullOrEmpty(newpassword)) { newpassword = DNTRequest.GetString("oldpassword"); } if (newpassword.Length < 6) { AddErrLine("密码不得少于6个字符"); return; } userInfo.Password = newpassword; Users.ResetPassword(userInfo); //同步其他应用密码 Sync.UpdatePassword(userInfo.Username, userInfo.Password, ""); if (!Utils.StrIsNullOrEmpty(DNTRequest.GetString("changesecques"))) Users.UpdateUserSecques(userid, DNTRequest.GetInt("question", 0), DNTRequest.GetString("answer")); ForumUtils.WriteCookie("password", ForumUtils.SetCookiePassword(userInfo.Password, config.Passwordkey)); OnlineUsers.UpdatePassword(olid, userInfo.Password); if (isconnectsetpassword && connectInfo.Uid == userid) { connectInfo.IsSetPassword = 1; DiscuzCloud.UpdateUserConnectInfo(connectInfo); } SetUrl("usercpnewpassword.aspx"); SetMetaRefresh(); SetShowBackLink(true); AddMsgLine("修改密码完毕, 同时已经更新了您的登录信息"); } }
/// <summary> /// 更新用户的互联信息 /// </summary> /// <param name="userConnectInfo"></param> /// <returns></returns> public int UpdateUserConnectInfo(UserConnectInfo userConnectInfo) { DbParameter[] parms = { DbHelper.MakeInParam("@openid",(DbType)SqlDbType.Char,32,userConnectInfo.OpenId), DbHelper.MakeInParam("@uid",(DbType)SqlDbType.Int,4,userConnectInfo.Uid), DbHelper.MakeInParam("@token",(DbType)SqlDbType.Char,16,userConnectInfo.Token), DbHelper.MakeInParam("@secret",(DbType)SqlDbType.Char,16,userConnectInfo.Secret), DbHelper.MakeInParam("@allowvisitqquserinfo",(DbType)SqlDbType.Int,4,userConnectInfo.AllowVisitQQUserInfo), DbHelper.MakeInParam("@allowpushfeed",(DbType)SqlDbType.Int,4,userConnectInfo.AllowPushFeed), DbHelper.MakeInParam("@issetpassword",(DbType)SqlDbType.Int,4,userConnectInfo.IsSetPassword), DbHelper.MakeInParam("@callbackinfo",(DbType)SqlDbType.NVarChar,100,userConnectInfo.CallbackInfo) }; return DbHelper.ExecuteNonQuery(CommandType.StoredProcedure, string.Format("{0}updateuserconnect", BaseConfigs.GetTablePrefix), parms); }