Exemplo n.º 1
0
    protected void btnGoEmail_Click(object sender, EventArgs e)
    {
        string passWord = Shove._Web.Utility.FilteSqlInfusion(tbPassWord.Text.ToString());
        string Email = _User.Email;
        string RealityName = Shove._Web.Utility.FilteSqlInfusion(tbRealityName.Text.ToString());
        string Question = _User.SecurityQuestion;
        string Answer = _User.SecurityAnswer;
        string userName = _User.Name;
        int ValidedCount = 0;
        if (RealityName == "")
        {
            Shove._Web.JavaScript.Alert(this.Page, "请输入真实姓名。");

            return;
        }

        if (RealityName != _User.RealityName)
        {
            Shove._Web.JavaScript.Alert(this.Page, "真实姓名输入有误,请核实。");

            return;
        }

        if (passWord == "")
        {
            Shove._Web.JavaScript.Alert(this.Page, "请输入密码。");

            return;
        }

        if (PF.EncryptPassword(passWord) != _User.Password)
        {
            Shove._Web.JavaScript.Alert(this.Page, "您输入的密码有误,请核实。");

            return;
        }

        if (Question == "" || Answer == "")
        {
            Shove._Web.JavaScript.Alert(this.Page, "您还未设置安全问题,无需重置。");

            return;
        }

        DataTable dt = new DAL.Tables.T_UserEditQuestionAnswer().Open("", "UserID=" + _User.ID, "");
        //实例化T_UserEditQuestionAnswer表
        DAL.Tables.T_UserEditQuestionAnswer T_QF = new DAL.Tables.T_UserEditQuestionAnswer();
        long Result = -1;
        string ReturnDescription = "";
        if (dt.Rows.Count > 0)
        {
            if (Shove._Convert.StrToDateTime(dt.Rows[0]["DateTime"].ToString(), "0000-00-00").ToString("yyyyMMdd") == DateTime.Now.ToString("yyyyMMdd"))
            {
                if (dt.Rows[0]["ValidedCount"].ToString() == "2")
                {
                    Shove._Web.JavaScript.Alert(this.Page, "您今天已重置两次安全问题了,请明天再来吧", "AccountDetail.aspx");

                    return;
                }
                else
                {
                    ValidedCount = Shove._Convert.StrToInt(dt.Rows[0]["ValidedCount"].ToString(), 1) + 1;
                }

            }
            else
            {
                ValidedCount = 1;
            }
            T_QF.ValidedCount.Value = ValidedCount;
            T_QF.QuestionAnswerState.Value = 0;
            Result = T_QF.Update("UserID=" + _User.ID);
            if (Result < 0)
            {
                PF.GoError(-1, ReturnDescription, this.GetType().FullName);

                return;
            }
        }
        else
        {
            T_QF.UserID.Value = _User.ID;
            T_QF.QuestionAnswerState.Value = 0;
            T_QF.ValidedCount.Value = 1;
            Result = T_QF.Insert();
            if (Result < 0)
            {
                PF.GoError(-1, ReturnDescription, this.GetType().FullName);

                return;
            }
        }

        string key = Shove._Security.Encrypt.EncryptString(PF.GetCallCert(), _User.ID.ToString() + "," + DateTime.Now.ToString() + "," + Question + "," + Answer + "," + userName + "," + T_QF.QuestionAnswerState.Value);
        MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
        string sign = BitConverter.ToString(md5.ComputeHash(Encoding.UTF8.GetBytes(key))).Replace("-", "");
        key = sign.Substring(0, 16) + key + sign.Substring(16, 16);
        string url = Shove._Web.Utility.GetUrl() + "/Home/Room/SafeSet.aspx?Qkey="+key;
        StringBuilder sb = new StringBuilder();

        sb.Append("<div style='font-weight:bold;'>尊敬的"+_Site.Name+"客户(").Append(_User.Name).Append("):</div>")
            .Append("<div>您好!</div>")
            .Append("<div>系统已收到您的安全问题重置,请点击链接<a href='").Append(url).Append("' target='_top'>").Append(url).Append("</a>校验您的身份。</div>")
            .Append("<div>为了您的安全,该邮件通知地址将在 24 小时后失效,谢谢合作。</div>")
            .Append("<div>此邮件由系统发出,请勿直接回复!</div>")
            .Append("<div>").Append(Shove._Web.Utility.GetUrlWithoutHttp()).Append(" 版权所有(C) 2008-2009</div>");

        if (PF.SendEmail(_Site, Email, "安全问题找回", sb.ToString()) == 0)
        {

            tbPassWord.Enabled = false;
            tbRealityName.Enabled = false;
            btnGoEmail.Enabled = false;
            lblTips.Text = "&nbsp;&nbsp;&nbsp;&nbsp;您好,系统已经发送一封验证邮件您的邮箱,请到您的信箱确认。";
        }
        else
        {
            new Log("System").Write(this.GetType().FullName + "发送邮件失败");
        }

    }
Exemplo n.º 2
0
 protected void btnGoEmail_Click(object sender, EventArgs e)
 {
     string input = Utility.FilteSqlInfusion(this.tbPassWord.Text.ToString());
     string email = base._User.Email;
     string str3 = Utility.FilteSqlInfusion(this.tbRealityName.Text.ToString());
     string securityQuestion = base._User.SecurityQuestion;
     string securityAnswer = base._User.SecurityAnswer;
     string name = base._User.Name;
     int num = 0;
     if (str3 == "")
     {
         JavaScript.Alert(this.Page, "请输入真实姓名。");
     }
     else if (str3 != base._User.RealityName)
     {
         JavaScript.Alert(this.Page, "真实姓名输入有误,请核实。");
     }
     else if (input == "")
     {
         JavaScript.Alert(this.Page, "请输入密码。");
     }
     else if (PF.EncryptPassword(input) != base._User.Password)
     {
         JavaScript.Alert(this.Page, "您输入的密码有误,请核实。");
     }
     else if ((securityQuestion == "") || (securityAnswer == ""))
     {
         JavaScript.Alert(this.Page, "您还未设置安全问题,无需重置。");
     }
     else
     {
         DataTable table = new Tables.T_UserEditQuestionAnswer().Open("", "UserID=" + base._User.ID, "");
         Tables.T_UserEditQuestionAnswer answer = new Tables.T_UserEditQuestionAnswer();
         string tip = "";
         if (table.Rows.Count > 0)
         {
             if (_Convert.StrToDateTime(table.Rows[0]["DateTime"].ToString(), "0000-00-00").ToString("yyyyMMdd") == DateTime.Now.ToString("yyyyMMdd"))
             {
                 if (table.Rows[0]["ValidedCount"].ToString() == "2")
                 {
                     JavaScript.Alert(this.Page, "您今天已重置两次安全问题了,请明天再来吧", "AccountDetail.aspx");
                     return;
                 }
                 num = _Convert.StrToInt(table.Rows[0]["ValidedCount"].ToString(), 1) + 1;
             }
             else
             {
                 num = 1;
             }
             answer.ValidedCount.Value = num;
             answer.QuestionAnswerState.Value = 0;
             if (answer.Update("UserID=" + base._User.ID) < 0L)
             {
                 PF.GoError(-1, tip, base.GetType().FullName);
                 return;
             }
         }
         else
         {
             answer.UserID.Value = base._User.ID;
             answer.QuestionAnswerState.Value = 0;
             answer.ValidedCount.Value = 1;
             if (answer.Insert() < 0L)
             {
                 PF.GoError(-1, tip, base.GetType().FullName);
                 return;
             }
         }
         string s = Encrypt.EncryptString(PF.GetCallCert(), string.Concat(new object[] { base._User.ID.ToString(), ",", DateTime.Now.ToString(), ",", securityQuestion, ",", securityAnswer, ",", name, ",", answer.QuestionAnswerState.Value }));
         MD5CryptoServiceProvider provider = new MD5CryptoServiceProvider();
         string str9 = BitConverter.ToString(provider.ComputeHash(Encoding.UTF8.GetBytes(s))).Replace("-", "");
         s = str9.Substring(0, 0x10) + s + str9.Substring(0x10, 0x10);
         string str10 = Utility.GetUrl() + "/Home/Room/SafeSet.aspx?Qkey=" + s;
         StringBuilder builder = new StringBuilder();
         builder.Append("<div style='font-weight:bold;'>尊敬的" + base._Site.Name + "客户(").Append(base._User.Name).Append("):</div>").Append("<div>您好!</div>").Append("<div>系统已收到您的安全问题重置,请点击链接<a href='").Append(str10).Append("' target='_top'>").Append(str10).Append("</a>校验您的身份。</div>").Append("<div>为了您的安全,该邮件通知地址将在 24 小时后失效,谢谢合作。</div>").Append("<div>此邮件由系统发出,请勿直接回复!</div>").Append("<div>上海福彩投诉电话:021-64175077</div>").Append("<div>意见收集与提交:[email protected]</div>").Append("<div>").Append(Utility.GetUrlWithoutHttp()).Append(" 版权所有(C) 2008-2009</div>");
         if (PF.SendEmail(base._Site, email, "安全问题找回", builder.ToString()) == 0)
         {
             this.tbPassWord.Enabled = false;
             this.tbRealityName.Enabled = false;
             this.btnGoEmail.Enabled = false;
             this.lblTips.Text = "&nbsp;&nbsp;&nbsp;&nbsp;您好,系统已经发送一封验证邮件您的邮箱,请到您的信箱确认。";
         }
         else
         {
             new Log("System").Write(base.GetType().FullName + "发送邮件失败");
         }
     }
 }