Exemplo n.º 1
0
        public static long Decrypt(string userIdCookie, string controllerName)
        {
            string text = Instance <ISiteSettingService> .Create.GetSiteSettings().UserCookieKey;

            if (string.IsNullOrEmpty(text))
            {
                text = SecureHelper.MD5(Guid.NewGuid().ToString());
                Instance <ISiteSettingService> .Create.SaveSetting("UserCookieKey", text);
            }
            string text2 = string.Empty;

            try
            {
                if (!string.IsNullOrWhiteSpace(userIdCookie))
                {
                    userIdCookie = HttpUtility.UrlDecode(userIdCookie);
                    userIdCookie = SecureHelper.DecodeBase64(userIdCookie);
                    text2        = SecureHelper.AESDecrypt(userIdCookie, text);
                    text2        = text2.Replace(controllerName + ",", "");
                }
            }
            catch (Exception exception)
            {
                Log.Error(string.Format("解密用户标识Cookie出错,Cookie密文:{0}", userIdCookie), exception);
            }
            long result = 0L;

            long.TryParse(text2, out result);
            return(result);
        }
Exemplo n.º 2
0
        private bool CheckCertificate(string certificate)
        {
            var  identity = SecureHelper.AESDecrypt(certificate, _encryptKey);
            long managerId;

            return(long.TryParse(identity, out managerId) && managerId == CurrentUser.Id);
        }
Exemplo n.º 3
0
        /// <summary>
        /// 安全更新
        /// </summary>
        public ActionResult SafeUpdate()
        {
            string v = WebHelper.GetQueryString("v");
            //解密字符串
            string realV = SecureHelper.AESDecrypt(v, WorkContext.ShopConfig.SecretKey);

            //数组第一项为uid,第二项为动作,第三项为验证时间,第四项为随机值
            string[] result = StringHelper.SplitString(realV);
            if (result.Length != 4)
            {
                return(HttpNotFound());
            }

            int      uid    = TypeHelper.StringToInt(result[0]);
            string   action = result[1];
            DateTime time   = TypeHelper.StringToDateTime(result[2]);

            //判断当前用户是否为验证用户
            if (uid != WorkContext.Uid)
            {
                return(HttpNotFound());
            }
            //判断验证时间是否过时
            if (DateTime.Now.AddMinutes(-30) > time)
            {
                return(PromptView("此链接已经失效,请重新验证"));
            }

            SafeUpdateModel model = new SafeUpdateModel();

            model.Action = action;
            model.V      = WebHelper.UrlEncode(v);

            return(View(model));
        }
Exemplo n.º 4
0
        public static long Decrypt(string userIdCookie, string controllerName)
        {
            string userCookieKey = Instance <ISiteSettingService> .Create.GetSiteSettings().UserCookieKey;

            if (string.IsNullOrEmpty(userCookieKey))
            {
                Guid guid = Guid.NewGuid();
                userCookieKey = SecureHelper.MD5(guid.ToString());
                Instance <ISiteSettingService> .Create.SaveSetting("UserCookieKey", userCookieKey);
            }
            string empty = string.Empty;

            try
            {
                if (!string.IsNullOrWhiteSpace(userIdCookie))
                {
                    userIdCookie = HttpUtility.UrlDecode(userIdCookie);
                    userIdCookie = SecureHelper.DecodeBase64(userIdCookie);
                    empty        = SecureHelper.AESDecrypt(userIdCookie, userCookieKey);
                    empty        = empty.Replace(string.Concat(controllerName, ","), "");
                }
            }
            catch (Exception exception)
            {
                Log.Error(string.Format("解密用户标识Cookie出错,Cookie密文:{0}", userIdCookie), exception);
            }
            long num = 0;

            long.TryParse(empty, out num);
            return(num);
        }
Exemplo n.º 5
0
 static void Main(string[] args)
 {
     /*Console.WriteLine("正在启动");
      * string _categoryName = "MQ_Process";
      * string _counterTPSName = "TPS";
      * Console.WriteLine("创建性能计数器");
      * if (PerformanceCounterCategory.Exists(_categoryName))
      * {
      *  PerformanceCounterCategory.Delete(_categoryName);
      * }
      * CounterCreationDataCollection ccdc = new CounterCreationDataCollection
      * {
      *  new CounterCreationData(_counterTPSName, "TPS", PerformanceCounterType.RateOfCountsPerSecond32)
      * };
      *
      * PerformanceCounterCategory.Create(_categoryName, "MQ_Process", PerformanceCounterCategoryType.MultiInstance,
      *  ccdc);
      *
      * Console.WriteLine("创建MQ监听服务");
      * PageViewProcess mp = new PageViewProcess("PVListener");
      * EventProcess ep = new EventProcess("EventListener");
      * Task t1 = Task.Factory.StartNew(delegate { mp.Receive(); });
      * Task t2 = Task.Factory.StartNew(delegate { ep.Receive(); });
      * Console.WriteLine("开始处理消息");
      * Task.WaitAll(t1, t2);
      * Console.Read();*/
     Console.WriteLine(SecureHelper.AESDecrypt(SecureHelper.DecodeBase64("dWRPVnh2bnVwYXVmYmIwSytIdEd3QT09"), "d1b31e1b3176cf3aa8993428061c8af2"));
 }
Exemplo n.º 6
0
        public JsonResult ApplyWithDrawSubmit(string openid, string nickname, decimal amount, string pwd, int applyType = 1)
        {
            if (!MemberApplication.VerificationPayPwd(base.CurrentUser.Id, pwd))
            {
                throw new HimallException("支付密码不对,请重新输入!");
            }
            if (!((applyType != UserWithdrawType.ALiPay.GetHashCode()) || base.CurrentSiteSetting.Withdraw_AlipayEnable))
            {
                throw new HimallException("不支持支付宝提现方式!");
            }
            CapitalInfo capitalInfo = this._iMemberCapitalService.GetCapitalInfo(base.CurrentUser.Id);

            if (amount > capitalInfo.Balance)
            {
                throw new HimallException("提现金额不能超出可用金额!");
            }
            if (amount <= 0M)
            {
                throw new HimallException("提现金额不能小于等于0!");
            }
            if (string.IsNullOrWhiteSpace(openid) && (applyType == UserWithdrawType.WeiChat.GetHashCode()))
            {
                openid = WebHelper.GetCookie("Himall-User_OpenId");
            }
            if (string.IsNullOrWhiteSpace(nickname) && (applyType == UserWithdrawType.ALiPay.GetHashCode()))
            {
                throw new HimallException("数据异常,真实姓名不可为空!");
            }
            if (!string.IsNullOrWhiteSpace(openid) && (applyType == UserWithdrawType.WeiChat.GetHashCode()))
            {
                openid = SecureHelper.AESDecrypt(openid, "Mobile");
                SiteSettingsInfo siteSettings = this._iSiteSettingService.GetSiteSettings();
                if (!string.IsNullOrWhiteSpace(siteSettings.WeixinAppId) && !string.IsNullOrWhiteSpace(siteSettings.WeixinAppSecret))
                {
                    WeixinUserInfoResult userInfo = CommonApi.GetUserInfo(AccessTokenContainer.TryGetToken(siteSettings.WeixinAppId, siteSettings.WeixinAppSecret, false), openid);
                    if (userInfo != null)
                    {
                        nickname = userInfo.nickname;
                    }
                }
            }
            if (string.IsNullOrWhiteSpace(openid))
            {
                throw new HimallException("数据异常,OpenId或收款账号不可为空!");
            }
            ApplyWithDrawInfo model = new ApplyWithDrawInfo
            {
                ApplyAmount = amount,
                ApplyStatus = ApplyWithDrawInfo.ApplyWithDrawStatus.WaitConfirm,
                ApplyTime   = DateTime.Now,
                MemId       = base.CurrentUser.Id,
                OpenId      = openid,
                NickName    = nickname,
                ApplyType   = new UserWithdrawType?((UserWithdrawType)applyType)
            };

            this._iMemberCapitalService.AddWithDrawApply(model);
            return(base.Json(new { success = true }));
        }
Exemplo n.º 7
0
        /// <summary>
        /// 发送更新手机确认短信
        /// </summary>
        public ActionResult SendUpdateMobile()
        {
            string v = WebHelper.GetQueryString("v");
            //解密字符串
            string realV = SecureHelper.AESDecrypt(v, WorkContext.ShopConfig.SecretKey);

            //数组第一项为uid,第二项为动作,第三项为验证时间,第四项为随机值
            string[] result = StringHelper.SplitString(realV);
            if (result.Length != 4)
            {
                return(AjaxResult("noauth", "您的权限不足"));
            }

            int      uid    = TypeHelper.StringToInt(result[0]);
            string   action = result[1];
            DateTime time   = TypeHelper.StringToDateTime(result[2]);

            //判断当前用户是否为验证用户
            if (uid != WorkContext.Uid)
            {
                return(AjaxResult("noauth", "您的权限不足"));
            }
            //判断验证时间是否过时
            if (DateTime.Now.AddMinutes(-30) > time)
            {
                return(AjaxResult("expired", "密钥已过期,请重新验证"));
            }

            string mobile = WebHelper.GetFormString("mobile");

            //检查手机号
            if (string.IsNullOrWhiteSpace(mobile))
            {
                return(AjaxResult("mobile", "手机号不能为空"));
            }
            if (!ValidateHelper.IsMobile(mobile))
            {
                return(AjaxResult("mobile", "手机号格式不正确"));
            }
            int tempUid = Users.GetUidByMobile(mobile);

            if (tempUid > 0 && tempUid != WorkContext.Uid)
            {
                return(AjaxResult("mobile", "手机号已经存在"));
            }

            string mobileCode = Randoms.CreateRandomValue(6);

            //发送短信
            SMSes.SendSCUpdateSMS(mobile, mobileCode);
            //将验证值保存在session中
            Sessions.SetItem(WorkContext.Sid, "ucsuMobile", mobile);
            Sessions.SetItem(WorkContext.Sid, "ucsuMobileCode", mobileCode);

            return(AjaxResult("success", "短信已发送,请查收"));
        }
Exemplo n.º 8
0
        public JsonResult ApplyWithDrawSubmit(string nickname, decimal amount, string pwd)
        {
            if (ServiceHelper.Create <IMemberCapitalService>().GetMemberInfoByPayPwd(base.CurrentUser.Id, pwd) == null)
            {
                throw new HimallException("支付密码不对,请重新输入!");
            }
            CapitalInfo capitalInfo = ServiceHelper.Create <IMemberCapitalService>().GetCapitalInfo(base.CurrentUser.Id);
            decimal     num         = amount;
            decimal?    balance     = capitalInfo.Balance;

            if ((num <= balance.GetValueOrDefault() ? false : balance.HasValue))
            {
                throw new HimallException("提现金额不能超出可用金额!");
            }
            string cookie = WebHelper.GetCookie("Himall-User_OpenId");
            string empty  = string.Empty;

            if (string.IsNullOrWhiteSpace(cookie))
            {
                throw new HimallException("数据异常,OpenId不能为空!");
            }
            cookie = SecureHelper.AESDecrypt(cookie, "Mobile");
            SiteSettingsInfo siteSettings = ServiceHelper.Create <ISiteSettingService>().GetSiteSettings();

            if (!string.IsNullOrWhiteSpace(siteSettings.WeixinAppId) && !string.IsNullOrWhiteSpace(siteSettings.WeixinAppSecret))
            {
                //string str = AccessTokenContainer.TryGetToken(siteSettings.WeixinAppId, siteSettings.WeixinAppSecret, false);
                string str = CommonApi.GetToken(siteSettings.WeixinAppId, siteSettings.WeixinAppSecret).access_token;
                //
                WeixinUserInfoResult userInfo = CommonApi.GetUserInfo(str, cookie);
                if (userInfo != null)
                {
                    empty = userInfo.nickname;
                }
            }
            ApplyWithDrawInfo applyWithDrawInfo = new ApplyWithDrawInfo()
            {
                ApplyAmount = amount,
                ApplyStatus = ApplyWithDrawInfo.ApplyWithDrawStatus.WaitConfirm,
                ApplyTime   = DateTime.Now,
                MemId       = base.CurrentUser.Id,
                OpenId      = cookie,
                NickName    = empty
            };

            ServiceHelper.Create <IMemberCapitalService>().AddWithDrawApply(applyWithDrawInfo);
            return(Json(new { success = true }));
        }
Exemplo n.º 9
0
 public ActionResult PostWithdraw(DistributionApplyWithdraw post)
 {
     post.MemberId = CurrentUser.Id;
     if (post.Type == DistributionWithdrawType.WeChat) //获取用户微信账户
     {
         var openid = WebHelper.GetCookie(CookieKeysCollection.Mall_USER_OpenID);
         post.WithdrawAccount = openid = SecureHelper.AESDecrypt(openid, "Mobile");
         if (!(string.IsNullOrWhiteSpace(SiteSettings.WeixinAppId) || string.IsNullOrWhiteSpace(SiteSettings.WeixinAppSecret)))
         {
             string token = AccessTokenContainer.TryGetAccessToken(SiteSettings.WeixinAppId, SiteSettings.WeixinAppSecret);
             var    user  = CommonApi.GetUserInfo(token, openid);
             post.WithdrawName = user?.nickname ?? string.Empty;
         }
     }
     DistributionApplication.ApplyWithdraw(post);
     return(Json(new { success = true }, true));
 }
Exemplo n.º 10
0
        protected override object ChangePassowrdByCertificate(string certificate, string password)
        {
            if (string.IsNullOrWhiteSpace(password))
            {
                return(ErrorResult("密码不能为空"));
            }

            certificate = SecureHelper.AESDecrypt(certificate, _encryptKey);
            long userId = long.TryParse(certificate.Split(':')[0], out userId) ? userId : 0;

            if (userId == 0)
            {
                throw new HimallException("数据异常");
            }

            ShopBranchApplication.SetManagerPassword(userId, password);
            return(SuccessResult("密码修改成功"));
        }
Exemplo n.º 11
0
        protected override JsonResult <Result <int> > ChangePassowrdByCertificate(string certificate, string password)
        {
            if (string.IsNullOrWhiteSpace(password))
            {
                return(Json(ErrorResult <int>("密码不能为空")));
            }

            certificate = SecureHelper.AESDecrypt(certificate, _encryptKey);
            long userId = long.TryParse(certificate.Split(':')[0], out userId) ? userId : 0;

            if (userId == 0)
            {
                throw new HimallException("数据异常");
            }

            MemberApplication.ChangePassword(userId, password);
            return(JsonResult <int>(msg: "密码修改成功"));
        }
Exemplo n.º 12
0
        /// <summary>
        /// 更新邮箱
        /// </summary>
        public ActionResult UpdateEmail()
        {
            string v = WebHelper.GetQueryString("v");
            //解密字符串
            string realV = SecureHelper.AESDecrypt(v, WorkContext.ShopConfig.SecretKey);

            //数组第一项为uid,第二项为邮箱名,第三项为验证时间,第四项为随机值
            string[] result = StringHelper.SplitString(realV);
            if (result.Length != 4)
            {
                return(HttpNotFound());
            }

            int      uid   = TypeHelper.StringToInt(result[0]);
            string   email = result[1];
            DateTime time  = TypeHelper.StringToDateTime(result[2]);

            //判断当前用户是否为验证用户
            if (uid != WorkContext.Uid)
            {
                return(HttpNotFound());
            }
            //判断验证时间是否过时
            if (DateTime.Now.AddMinutes(-30) > time)
            {
                return(PromptView("此链接已经失效,请重新验证"));
            }
            int tempUid = Users.GetUidByEmail(email);

            if (tempUid > 0 && tempUid != WorkContext.Uid)
            {
                return(PromptView("此链接已经失效,邮箱已经存在"));
            }

            //更新邮箱名
            Users.UpdateUserEmailByUid(WorkContext.Uid, email);
            //发放验证邮箱积分
            Credits.SendVerifyEmailCredits(ref WorkContext.PartUserInfo, DateTime.Now);

            return(RedirectToAction("safesuccess", new RouteValueDictionary {
                { "act", "updateEmail" }, { "remark", email }
            }));
        }
Exemplo n.º 13
0
        private static string[] ParserUser(string user)
        {
            if (String.IsNullOrWhiteSpace(user))
            {
                return(new[] { string.Empty, "-1" });
            }
            string u = SecureHelper.AESDecrypt(SecureHelper.DecodeBase64(user), ConfigurationManager.AppSettings["UserCookieDecryptKey"]);

            string[] us = u.Split(',');
            if (us.Length == 2)
            {
                long l;
                if (Int64.TryParse(us[1], out l))
                {
                    return(u.Split(','));
                }
                return(new[] { string.Empty, "-1" });
            }
            return(new[] { string.Empty, "-1" });
        }
Exemplo n.º 14
0
        protected override JsonResult <Result <int> > ChangePayPwdByCertificate(string certificate, string password)
        {
            if (string.IsNullOrWhiteSpace(password))
            {
                return(Json(ErrorResult <int>("密码不能为空")));
            }

            certificate = SecureHelper.AESDecrypt(certificate, _encryptKey);
            long userId = long.TryParse(certificate.Split(':')[0], out userId) ? userId : 0;

            if (userId == 0)
            {
                throw new HimallException("数据异常");
            }

            var _iMemberCapitalService = ServiceProvider.Instance <IMemberCapitalService> .Create;

            _iMemberCapitalService.SetPayPwd(userId, password);
            return(JsonResult <int>(msg: "支付密码修改成功"));
        }
Exemplo n.º 15
0
        public JsonResult Charge(string pluginId, decimal amount)
        {
            amount = Math.Round(amount, 2);
            if (amount <= 0M)
            {
                return(base.Json(new { success = false, msg = "请输入正确的金额" }));
            }
            Plugin <IPaymentPlugin> plugin = PluginsManagement.GetPlugin <IPaymentPlugin>(pluginId);
            ChargeDetail            model  = new ChargeDetail
            {
                ChargeAmount = amount,
                ChargeStatus = ChargeDetailInfo.ChargeDetailStatus.WaitPay,
                ChargeWay    = plugin.PluginInfo.DisplayName,
                CreateTime   = DateTime.Now,
                MemId        = base.CurrentUser.Id
            };
            long   num    = MemberCapitalApplication.AddChargeApply(model);
            string cookie = WebHelper.GetCookie("Himall-User_OpenId");

            if (!string.IsNullOrWhiteSpace(cookie))
            {
                cookie = SecureHelper.AESDecrypt(cookie, "Mobile");
            }
            else
            {
                MemberOpenId id = MemberApplication.GetMemberOpenIdInfoByuserId(base.CurrentUser.Id, MemberOpenIdInfo.AppIdTypeEnum.Payment, "");
                if (id != null)
                {
                    cookie = id.OpenId;
                }
            }
            string str2      = base.Request.Url.Scheme + "://" + base.Request.Url.Authority;
            string notifyUrl = string.Concat(new object[] { str2, "/m-", base.PlatformType, "/Payment/CapitalChargeNotify/", plugin.PluginInfo.PluginId.Replace(".", "-") });
            string returnUrl = string.Concat(new object[] { str2, "/m-", base.PlatformType, "/Capital/Index" });
            string str5      = plugin.Biz.GetRequestUrl(returnUrl, notifyUrl, num.ToString(), amount, "会员充值", cookie);

            return(base.Json(new { href = str5, success = true }));
        }
        /// <summary>
        /// 根据用户名 密码 获取用户信息
        /// </summary>
        /// <param name="username"></param>
        /// <param name="password"></param>
        /// <param name="msg"></param>
        /// <returns></returns>
        public SYS_USER_INFO GetLoginModel(string username, string password, ref string msg)
        {
            SYS_USER_INFO model = null;

            try
            {
                //判断admin是否存在
                DynamicParameters param = new DynamicParameters();

                param.Add("UserName", username);
                string querysql = @"SELECT * FROM SYS_USER_INFO WHERE UserName=@UserName";

                SYS_USER_INFO temp = idal.FindOne <SYS_USER_INFO>(querysql, param, false);

                if (temp == null)
                {
                    msg = "用户名不存在";
                }
                else
                {
                    if (SecureHelper.AESDecrypt(temp.PassWord) == password)
                    {
                        msg   = "登录成功";
                        model = temp;
                    }
                    else
                    {
                        msg = "密码错误";
                    }
                }
            }
            catch (Exception ex)
            {
                Logger.Error(string.Format("【{0}】登录异常,异常信息:{1}", username, ex.ToString()));
            }
            return(model);
        }
Exemplo n.º 17
0
        /// <summary>
        /// 重置密码
        /// </summary>
        public ActionResult ResetPwd()
        {
            string v = WebHelper.GetQueryString("v");
            //解密字符串
            string realV = SecureHelper.AESDecrypt(v, WorkContext.ShopConfig.SecretKey);

            //数组第一项为uid,第二项为验证时间,第三项为随机值
            string[] result = StringHelper.SplitString(realV);
            if (result.Length != 3)
            {
                return(HttpNotFound());
            }

            int      uid  = TypeHelper.StringToInt(result[0]);
            DateTime time = TypeHelper.StringToDateTime(result[1]);

            PartUserInfo partUserInfo = Users.GetPartUserById(uid);

            if (partUserInfo == null)
            {
                return(PromptView("用户不存在"));
            }
            //判断验证时间是否过时
            if (DateTime.Now.AddMinutes(-30) > time)
            {
                return(PromptView("此链接已经失效,请重新验证"));
            }

            //get请求
            if (WebHelper.IsGet())
            {
                ResetPwdModel model = new ResetPwdModel();
                model.V = v;
                return(View(model));
            }

            //ajax请求
            string password   = WebHelper.GetFormString("password");
            string confirmPwd = WebHelper.GetFormString("confirmPwd");

            StringBuilder errorList = new StringBuilder("[");

            //验证
            if (string.IsNullOrWhiteSpace(password))
            {
                errorList.AppendFormat("{0}\"key\":\"{1}\",\"msg\":\"{2}\"{3},", "{", "password", "密码不能为空", "}");
            }
            else if (password.Length < 4 || password.Length > 32)
            {
                errorList.AppendFormat("{0}\"key\":\"{1}\",\"msg\":\"{2}\"{3},", "{", "password", "密码必须大于3且不大于32个字符", "}");
            }
            else if (password != confirmPwd)
            {
                errorList.AppendFormat("{0}\"key\":\"{1}\",\"msg\":\"{2}\"{3},", "{", "confirmPwd", "两次输入的密码不一样", "}");
            }

            if (errorList.Length == 1)
            {
                //生成用户新密码
                string p = Users.CreateUserPassword(password, partUserInfo.Salt);
                //设置用户新密码
                Users.UpdateUserPasswordByUid(uid, p);
                //清空当前用户信息
                WebHelper.DeleteCookie("bsp");
                Sessions.RemoverSession(WorkContext.Sid);
                OnlineUsers.DeleteOnlineUserBySid(WorkContext.Sid);

                return(AjaxResult("success", Url.Action("login")));
            }
            else
            {
                return(AjaxResult("error", errorList.Remove(errorList.Length - 1, 1).Append("]").ToString(), true));
            }
        }
Exemplo n.º 18
0
        /// <summary>
        /// 更新密码
        /// </summary>
        public ActionResult UpdatePassword()
        {
            string v = WebHelper.GetQueryString("v");
            //解密字符串
            string realV = SecureHelper.AESDecrypt(v, WorkContext.ShopConfig.SecretKey);

            //数组第一项为uid,第二项为动作,第三项为验证时间,第四项为随机值
            string[] result = StringHelper.SplitString(realV);
            if (result.Length != 4)
            {
                return(AjaxResult("noauth", "您的权限不足"));
            }

            int      uid    = TypeHelper.StringToInt(result[0]);
            string   action = result[1];
            DateTime time   = TypeHelper.StringToDateTime(result[2]);

            //判断当前用户是否为验证用户
            if (uid != WorkContext.Uid)
            {
                return(AjaxResult("noauth", "您的权限不足"));
            }
            //判断验证时间是否过时
            if (DateTime.Now.AddMinutes(-30) > time)
            {
                return(AjaxResult("expired", "密钥已过期,请重新验证"));
            }

            string password   = WebHelper.GetFormString("password");
            string confirmPwd = WebHelper.GetFormString("confirmPwd");
            string verifyCode = WebHelper.GetFormString("verifyCode");

            //检查验证码
            if (string.IsNullOrWhiteSpace(verifyCode))
            {
                return(AjaxResult("verifycode", "验证码不能为空"));
            }
            if (verifyCode.ToLower() != Sessions.GetValueString(WorkContext.Sid, "verifyCode"))
            {
                return(AjaxResult("verifycode", "验证码不正确"));
            }

            //检查密码
            if (string.IsNullOrWhiteSpace(password))
            {
                return(AjaxResult("password", "密码不能为空"));
            }
            if (password.Length < 4 || password.Length > 32)
            {
                return(AjaxResult("password", "密码必须大于3且不大于32个字符"));
            }
            if (password != confirmPwd)
            {
                return(AjaxResult("confirmpwd", "两次密码不相同"));
            }

            string p = Users.CreateUserPassword(password, WorkContext.PartUserInfo.Salt);

            //设置新密码
            Users.UpdateUserPasswordByUid(WorkContext.Uid, p);
            //同步cookie中密码
            ShopUtils.SetCookiePassword(p);

            string url = Url.Action("safesuccess", new RouteValueDictionary {
                { "act", "updatePassword" }
            });

            return(AjaxResult("success", url));
        }
Exemplo n.º 19
0
        public JsonResult Get(string orderIds)
        {
            string str;
            IEnumerable <Plugin <IPaymentPlugin> > plugins =
                from item in PluginsManagement.GetPlugins <IPaymentPlugin>(true)
                where item.Biz.SupportPlatforms.Contains <Himall.Core.PlatformType>(base.PlatformType)
                select item;
            string scheme = base.Request.Url.Scheme;
            string host   = base.HttpContext.Request.Url.Host;

            if (base.HttpContext.Request.Url.Port == 80)
            {
                str = "";
            }
            else
            {
                int port = base.HttpContext.Request.Url.Port;
                str = string.Concat(":", port.ToString());
            }
            string str1 = string.Concat(scheme, "://", host, str);

            object[]      platformType  = new object[] { str1, "/m-", base.PlatformType, "/Payment/" };
            string        str2          = string.Concat(platformType);
            IOrderService orderService  = ServiceHelper.Create <IOrderService>();
            IOrderService orderService1 = orderService;

            char[] chrArray = new char[] { ',' };
            IEnumerable <OrderInfo> list = orderService1.GetOrders(
                from t in orderIds.Split(chrArray)
                select long.Parse(t)).ToList();
            decimal num = list.Sum <OrderInfo>((OrderInfo t) => t.OrderTotalAmount);
            string  productNameDescriptionFromOrders = GetProductNameDescriptionFromOrders(list);
            string  cookie = WebHelper.GetCookie("Himall-User_OpenId");

            if (string.IsNullOrWhiteSpace(cookie))
            {
                MemberOpenIdInfo memberOpenIdInfo = ServiceHelper.Create <IMemberService>().GetMember(base.CurrentUser.Id).MemberOpenIdInfo.FirstOrDefault((MemberOpenIdInfo item) => item.AppIdType == MemberOpenIdInfo.AppIdTypeEnum.Payment);
                if (memberOpenIdInfo != null)
                {
                    cookie = memberOpenIdInfo.OpenId;
                }
            }
            else
            {
                cookie = SecureHelper.AESDecrypt(cookie, "Mobile");
            }
            string[] strArrays = orderIds.Split(new char[] { ',' });
            string   str3      = string.Concat(str2, "Notify/");

            object[] objArray = new object[] { str1, "/m-", base.PlatformType, "/Member/PaymentToOrders?ids=", orderIds };
            string   str4     = string.Concat(objArray);
            IEnumerable <OrderPayInfo> orderPayInfo =
                from item in strArrays
                select new OrderPayInfo()
            {
                PayId   = 0,
                OrderId = long.Parse(item)
            };
            string str5       = orderService.SaveOrderPayInfo(orderPayInfo, Himall.Core.PlatformType.PC).ToString();
            var    collection = plugins.ToArray <Plugin <IPaymentPlugin> >().Select((Plugin <IPaymentPlugin> item) => {
                string empty = string.Empty;
                try
                {
                    empty = item.Biz.GetRequestUrl(str4, string.Concat(str3, item.PluginInfo.PluginId.Replace(".", "-")), str5, num, productNameDescriptionFromOrders, cookie);
                }
                catch (Exception exception)
                {
                    Log.Error("获取支付方式错误:", exception);
                }
                return(new { id = item.PluginInfo.PluginId, name = item.PluginInfo.DisplayName, logo = item.Biz.Logo, url = empty });
            });

            collection =
                from item in collection
                where !string.IsNullOrWhiteSpace(item.url)
                select item;

            return(Json(collection));
        }
Exemplo n.º 20
0
        /// <summary>
        /// 更新手机号
        /// </summary>
        public ActionResult UpdateMobile()
        {
            string v = WebHelper.GetQueryString("v");
            //解密字符串
            string realV = SecureHelper.AESDecrypt(v, WorkContext.ShopConfig.SecretKey);

            //数组第一项为uid,第二项为动作,第三项为验证时间,第四项为随机值
            string[] result = StringHelper.SplitString(realV);
            if (result.Length != 4)
            {
                return(AjaxResult("noauth", "您的权限不足"));
            }

            int      uid    = TypeHelper.StringToInt(result[0]);
            string   action = result[1];
            DateTime time   = TypeHelper.StringToDateTime(result[2]);

            //判断当前用户是否为验证用户
            if (uid != WorkContext.Uid)
            {
                return(AjaxResult("noauth", "您的权限不足"));
            }
            //判断验证时间是否过时
            if (DateTime.Now.AddMinutes(-30) > time)
            {
                return(AjaxResult("expired", "密钥已过期,请重新验证"));
            }

            string mobile     = WebHelper.GetFormString("mobile");
            string moibleCode = WebHelper.GetFormString("moibleCode");
            string verifyCode = WebHelper.GetFormString("verifyCode");

            //检查验证码
            if (string.IsNullOrWhiteSpace(verifyCode))
            {
                return(AjaxResult("verifycode", "验证码不能为空"));
            }
            if (verifyCode.ToLower() != Sessions.GetValueString(WorkContext.Sid, "verifyCode"))
            {
                return(AjaxResult("verifycode", "验证码不正确"));
            }

            //检查手机号
            if (string.IsNullOrWhiteSpace(mobile))
            {
                return(AjaxResult("mobile", "手机号不能为空"));
            }
            if (Sessions.GetValueString(WorkContext.Sid, "ucsuMobile") != mobile)
            {
                return(AjaxResult("mobile", "接收手机不一致"));
            }

            //检查手机码
            if (string.IsNullOrWhiteSpace(moibleCode))
            {
                return(AjaxResult("moiblecode", "手机码不能为空"));
            }
            if (Sessions.GetValueString(WorkContext.Sid, "ucsuMobileCode") != moibleCode)
            {
                return(AjaxResult("moiblecode", "手机码不正确"));
            }

            //更新手机号
            Users.UpdateUserMobileByUid(WorkContext.Uid, mobile);
            //发放验证手机积分
            Credits.SendVerifyMobileCredits(ref WorkContext.PartUserInfo, DateTime.Now);

            string url = Url.Action("safesuccess", new RouteValueDictionary {
                { "act", "updateMobile" }
            });

            return(AjaxResult("success", url));
        }
Exemplo n.º 21
0
        /// <summary>
        /// 发送更新邮箱确认邮件
        /// </summary>
        public ActionResult SendUpdateEmail()
        {
            string v = WebHelper.GetQueryString("v");
            //解密字符串
            string realV = SecureHelper.AESDecrypt(v, WorkContext.ShopConfig.SecretKey);

            //数组第一项为uid,第二项为动作,第三项为验证时间,第四项为随机值
            string[] result = StringHelper.SplitString(realV);
            if (result.Length != 4)
            {
                return(AjaxResult("noauth", "您的权限不足"));
            }

            int      uid    = TypeHelper.StringToInt(result[0]);
            string   action = result[1];
            DateTime time   = TypeHelper.StringToDateTime(result[2]);

            //判断当前用户是否为验证用户
            if (uid != WorkContext.Uid)
            {
                return(AjaxResult("noauth", "您的权限不足"));
            }
            //判断验证时间是否过时
            if (DateTime.Now.AddMinutes(-30) > time)
            {
                return(AjaxResult("expired", "密钥已过期,请重新验证"));
            }

            string email      = WebHelper.GetFormString("email");
            string verifyCode = WebHelper.GetFormString("verifyCode");

            //检查验证码
            if (string.IsNullOrWhiteSpace(verifyCode))
            {
                return(AjaxResult("verifycode", "验证码不能为空"));
            }
            if (verifyCode.ToLower() != Sessions.GetValueString(WorkContext.Sid, "verifyCode"))
            {
                return(AjaxResult("verifycode", "验证码不正确"));
            }

            //检查邮箱
            if (string.IsNullOrWhiteSpace(email))
            {
                return(AjaxResult("email", "邮箱不能为空"));
            }
            if (!ValidateHelper.IsEmail(email))
            {
                return(AjaxResult("email", "邮箱格式不正确"));
            }
            if (!SecureHelper.IsSafeSqlString(email, false))
            {
                return(AjaxResult("email", "邮箱已经存在"));
            }
            int tempUid = Users.GetUidByEmail(email);

            if (tempUid > 0 && tempUid != WorkContext.Uid)
            {
                return(AjaxResult("email", "邮箱已经存在"));
            }


            string v2  = ShopUtils.AESEncrypt(string.Format("{0},{1},{2},{3}", WorkContext.Uid, email, DateTime.Now, Randoms.CreateRandomValue(6)));
            string url = string.Format("http://{0}{1}", Request.Url.Authority, Url.Action("updateemail", new RouteValueDictionary {
                { "v", v2 }
            }));

            //发送验证邮件
            Emails.SendSCUpdateEmail(email, WorkContext.UserName, url);
            return(AjaxResult("success", "邮件已经发送,请前往你的邮箱进行验证"));
        }
Exemplo n.º 22
0
 /// <summary>
 /// AES解密
 /// </summary>
 /// <param name="decryptStr">解密字符串</param>
 public static string AESDecrypt(string decryptStr)
 {
     return(SecureHelper.AESDecrypt(decryptStr, BSPConfig.ShopConfig.SecretKey));
 }
Exemplo n.º 23
0
 /// <summary>
 /// AES解密
 /// </summary>
 /// <param name="decryptStr">解密字符串</param>
 public static string AESDecrypt(string decryptStr)
 {
     return(SecureHelper.AESDecrypt(decryptStr, HaConfig.MallConfig.SecretKey));
 }