/// <summary>
/// 修改密码.
/// </summary>
/// <returns>
/// The <see cref="JsonResult"/>.
/// </returns>
public JsonResult ModifyPassword()
{
try
{
var userID = this.GetUserID();
if (userID == 0)
{
return this.Json(new AjaxResponse(0, "未登录!"));
}
var oldpwd = Request.Form["op"];
var newpwd = Request.Form["np"];
if (string.IsNullOrEmpty(oldpwd))
{
return this.Json(new AjaxResponse(0, "原密码不能为空"));
}
if (string.IsNullOrEmpty(newpwd))
{
return this.Json(new AjaxResponse(0, "新密码不能为空"));
}
var rsa = new RSACryptoServiceProvider();
rsa.FromXmlString((string)Session["private_key"]);
byte[] oldResult = rsa.Decrypt(HexStringToBytes(oldpwd), false); // 用私钥将密码解密出来
byte[] newResult = rsa.Decrypt(HexStringToBytes(newpwd), false); // 用私钥将密码解密出来
var enc = new ASCIIEncoding();
oldpwd = enc.GetString(oldResult);
newpwd = enc.GetString(newResult);
var userService = new UserService();
var user = userService.QueryUserByID(userID);
if (user == null)
{
return this.Json(new AjaxResponse(0, "用户名不存在"));
}
if (string.Compare(oldpwd, user.LoginPassword, StringComparison.OrdinalIgnoreCase) == 0
|| string.Compare(
Encrypt.HashByMD5(oldpwd),
user.LoginPassword,
StringComparison.OrdinalIgnoreCase) == 0)
{
userService.ModifyPassword(userID, newpwd);
return this.Json(new AjaxResponse(1, "修改完成"));
}
return this.Json(new AjaxResponse(0, "密码不正确"));
}
catch (Exception exception)
{
return this.Json(new AjaxResponse(0, exception.Message));
}
}